Solved

Microsoft Application Error Reporting

Posted on 2004-10-20
16
1,550 Views
Last Modified: 2008-01-09
I run Windows XP Professional Service Pack II.
From time to time dwwin.exe (Microsoft Application Error Reporting )locks up the computer. I find it loading ELEVEN times in Task Manager! Some are consuming 85% of the CPU time while others add up to the complement: the CPU load remains 100% and the computer is locked up.

Deleting them manually does not help. They reappear a little time later. Finally, I have to reboot;

What is going wrong?

dbessis
0
Comment
Question by:dbessis
16 Comments
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12364150
What is seen in your Event Logs?  Likely something to do with svchost; concurrent processes or the like,
Asta
0
 

Author Comment

by:dbessis
ID: 12365385
How do I access Event Logs?
Thank you for your help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12365429
Once you access the event logs and see problems, most allow you to access the MS site for more if not; this link helps.
http://www.microsoft.com/technet/support/ee/search.aspx?DisplayName=Windows+XP+Professional&ProdName=Windows+Operating+System&MajorMinor=5.1&LCID=1033

You can go there directly from the run command or right-click My Computer icon in desktop and choose Manage....  Do you have Adminstrator access
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12365572
How To View and Manage Event Logs in Event Viewer in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308427&Product=winxp
0
 

Author Comment

by:dbessis
ID: 12370158
I did not write down the precise time when the lock up occurred. There are many errors at different time and days and I am confused; I shall wait until next time and immediately read the Event Logs after the lock up occurs.

Thank you for your help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12370582
Error Reporting process often saves file to your default temp directory, if not already cleared.  Also, found that much of the Error Reporting that is analyzed by Microsoft deals with Add-Ons.... here's a brief excerpt and link for more detail in this regard.
Windows Error Reporting data has shown that add-ons are a major cause of stability issues in Internet Explorer. These add-ons significantly affect the reliability of Internet Explorer. These add-ons can also pose a security risk, because they might contain malicious and unknown code.

Many users are unaware of the add-ons they have installed on their computer. Some add-ons are loaded whenever Internet Explorer is started, but cannot be detected unless the user searches the registry. When users experienced crashes, there was no easy way to diagnose whether the issue was related to an add-on. Even if they suspected that the problem stemmed from recently-installed software, it was difficult to isolate the cause and often impossible to resolve if the software did not provide an uninstall option.
Source for more:  http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx

If I were in your shoes, given all the problems you've been having, I'd be sure to get my Viruscan program updated and run a full scan.  I'd also check for Spyware intrusions using some good tools.  My preferences are what I call a great combo... AdAware SE Pro and Spybot S&D and configure the first to do deep scanning including the HOSTS file, the second I use the Immunize function to block about 2344 spyware intrusions.  More about those tools as well as HijackThis guidance below:
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html
http://www.experts-exchange.com/Web/Browser_Issues/Q_21149514.html

Happy to try and help you resolve this.
":0) Asta

0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12370633
Description and availability of Internet Explorer Error Reporting tool
http://support.microsoft.com/default.aspx?scid=kb;en-us;276550

A great overview and also includes additional hyperlinks for:
310116 How to disable or redirect Internet Explorer Error Reporting
To troubleshoot this issue, see the following Microsoft Knowledge Base articles to repair Internet Explorer:
194177 Description of the Internet Explorer Repair tool
318378 How to reinstall or repair Internet Explorer and Outlook Express in Windows XP

Good luck, back to work.
0
 
LVL 12

Expert Comment

by:alandc
ID: 12372325
I suggest Disabling IE error reporting.  They don't help you anyway - just Microsoft.

http://support.microsoft.com/kb/310116
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 27

Expert Comment

by:Asta Cu
ID: 12372708
That may help you, but do feel that it is important to let Microsoft know the problems we have ... they do actually use that information cummulatively to size problems and roll out service packs and patches, IMHO.
0
 

Author Comment

by:dbessis
ID: 12377234
astaec,
Indded, the problem occurs ONLY while using Internet Explorer 6.0. on certain Web sites, the CPU starts to run 100% for ever and I have to reboot. I am going to try to get rid of the hidden add-ons. I have run Spyboot 3.0 and Adaware Professional 1.05 (the last version). Only unwanted cookies were found.
Any suggestion to find these hidden addons welcome.
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12377319
That's good news (so far).  When you ran AdAware with updates (your version is current) .... you did deep scanning and configured to include the HOSTS file?  Important.  Then using Spybot S&D, included the Immunize function after checking for updates?  If your still running at 100% cpu, could be a memory leak on a running process, multiple interfaces to the svchost or a number of other possibilities.  What all is running at the time when this occurs?  ALT+CTRL+DEL and check processes ... or check start-run-msconfig the services tab and start up tab.  Anything listed in the Event logs?  Start-run-services.msc.

Have you tried using the HijackThis exe and posting the log to the analyzer to rule out hidden intrusions?  It's ideal to rule out the potential intrusions, in my humble opinion.  
http://www.majorgeeks.com/download3155.html
Analyzer of the log results should be pasted here and then click the Analyze function.  http://www.hijackthis.de/index.php?langselect=english
0
 

Author Comment

by:dbessis
ID: 12385757
Here is the file to analyze. Let me know if you see anything suspicious.
Thanks,
dbessis
Logfile of HijackThis v1.98.2
Scan saved at 12:05:28 PM, on 10/22/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\FanGui\i8kfangui.exe
E:\Program Files\The Weather Channel\The Weather Channel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\EscapeClosePro\EscapeClosePro.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\TurboNote\tbnote.exe
E:\Program Files\Active SMART\ActiveSMART.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Dillobits Software\YATS32\yats32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ntvdm.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel\Desktop\Security\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lefigaro.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\system32\BhoCitUS.dll
O2 - BHO: PeoplePC FixedBandBHO - {3DE88907-3E38-11D4-BEB2-CBE76C0598DD} - C:\Program Files\PeoplePC Online\bin\BandObject.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Bridge Class - {E479EDE1-923E-11D3-B82B-00E09871521B} - E:\Program Files\Compass\CompassIE.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 6\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HP Software Update] "E:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe  /dontopenmycards
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] E:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [i8kfangui] C:\FanGui\i8kfangui.exe /startup
O4 - HKCU\..\Run: [Desktop Weather 3] E:\Program Files\The Weather Channel\The Weather Channel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EscapeClose] C:\Program Files\EscapeClosePro\EscapeClosePro.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: TurboNote.lnk = C:\Program Files\TurboNote\tbnote.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: Afficher l'image non compressée - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.exe/227
O8 - Extra context menu item: Afficher toutes les images non compressées - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.exe/250
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: QuickDefine - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\eddefine.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
O9 - Extra button: Girafa - {78A7D3B4-23E3-11D4-A682-0050DA502650} - C:\Program Files\Girafa\GirafaBar.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - E:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O15 - Trusted Zone: bannerweb.cau.edu
O15 - Trusted Zone: http://forums.us.dell.com
O15 - Trusted Zone: http://www.dell.com
O15 - Trusted Zone: http://Download.Windowsupdate.com
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4//teleir_cert.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {340FBD92-B7BB-11D2-8299-00104B27F81B} (ScanCtl Class) - http://outpost.zdnet.com/updates/resources/updates.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} - http://objects.compuserve.com/chat/RTCChat.cab
O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://wcs00180.egain.net/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1997c19cc9ed6c451e03/netzip/RdxIE601.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/deleon/1.1.46-deleon/GoogleNav.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {763C10EE-E4C6-49AA-9325-F15ABF1C52B0} (X1 DownloadControl Class) - http://www.x1.com/download/X1WebInstall.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - https://www.lifescan.com/otdms/isetup.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://rtc.webresponse.microsoft.com/media/XP/TLIEFlash.CAB
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/WRActiveX/FileXfer.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

0
 
LVL 27

Accepted Solution

by:
Asta Cu earned 125 total points
ID: 12385878
Ideally, we prefer having you paste the log directly into the analyzer link I gave above due to 1) the size 2) often there are yellow items that only you typically could decide about.  Others, which are shown as Red and Nasty, are often ones that HijackThis can remove but even some of those removals may cause problems, also as noted in the instructions above.

However, since you have already pasted here, took a look and these look like problems; many of which HiackThis can fix if you agree you didn't purposely install related items and use/need them.  If/when you use HijackThis to fix things, only check those items you're sure about.  These do look like problems, though.

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie/button/search.html    
Nasty   Entries with this kind of homepages should always be fixed.   This entry should be fixed by HijackThis!

  O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08    
Nasty   This entry should be fixed immediately!   Must be fixed!

O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)    
Unnecessarily   Entries found in this registry zone are potentially nasty. This application ([62999427-33FC-4baf-9C9C-BCE6BD127F08] - Result: 62999427-33FC-4baf-9C9C-BCE6BD127F08) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %  
Unnecessary (deactivated) entry that can be fixed

  O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe    
Nasty   The entered application 'Active SMART.lnk (ActiveSMART.exe)' was identified: 'MS Decryption Software (active.exe)'. Hit rate: 48 % (result)   Must be fixed!

  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)    
Unnecessarily   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)    
Unnecessarily   The entry Sun Java Console has been identified as safe.   If the entry 'Sun Java Console ' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.
 O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)    
Unnecessarily   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Net2Phone ' is unknown.
Unnecessary (deactivated) entry that can be fixed.
  O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)    
Unnecessarily   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Net2Phone ' is unknown.
Unnecessary (deactivated) entry that can be fixed.

  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)    
Unnecessarily   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.

Many others are listed as "possibly nasty", so really would paste the log into the analyzer link above and check it directly, rather than my adding more volume here, making this thread too slow to load.

To EDIT the HOSTS file (no extension), you can back it up, if you like and edit/save it using Notepad.

Alternatively, I like to use AdAware SE Pro and configure it to do deep scanning as well as including the HOSTS file; also choose Spybot S&D and the Immunize function to block @ 2344 spywares from intruding.  All, only good after getting the most current updates.
0
 

Author Comment

by:dbessis
ID: 12390156
Thank you so much fo ryour help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12390498
My pleasure, dbessis.  The best of luck to you in keeping the intrusions out; they are such a gigantic unpleasantness (to say the least).
":0) Asta
0
 

Expert Comment

by:Degelman
ID: 23540321
I am trying to open up an access 2007 report and end up crashing getting event error id 7001 with the following description:
 
"ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6237.1003. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash."

I don't know what to do. Any suggestions?
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Can you find a fax from a vendor you saved a decade ago in seconds? Have you ever cursed your PC under your breath during an audit because you couldn’t find the requested statement or driver history?  If you answered no to the first question or yes …
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now