acosell
asked on
Multiple system application errors
Yesterday I was using my computer when the power suddenly disconnected. Upon restarting and logging back in I was prompted with an error titled "winlogon.exe - Application error". The prompt gave me two options, debug or terminate. I tried to select one of those options, but I couldn't because everything was frozen. I restarted numerous times, and continued to get that error. Some times it would load a few programs, then give me that error. I also occasionally got "svchost.exe - Application error" in addition to the winlogon.exe error. After my computer freezes I get a blue screen that says "Unknown Hard Error" and some numbers I am able to boot in safe mode, and I tried a system restore that didn't work. In safe mode I haven't had any of the two above application errors, but I just received a "vsmon.exe - Application error".
I am currently running Windows XP SP2 on a Dell XPS M170.
I am currently running Windows XP SP2 on a Dell XPS M170.
ASKER
I ran chkdsk and nothing happened. I won't be able to take it in to get looked at for quite some time so I am hoping for some sort of at home solution. The actual error is:
Winlogon.exe - Application error
The instruction at "*numbers*" referenced memory at "*same numbers*". The memory could not be read.
Click OK to terminate the program
Click cancel to debug the program
Winlogon.exe - Application error
The instruction at "*numbers*" referenced memory at "*same numbers*". The memory could not be read.
Click OK to terminate the program
Click cancel to debug the program
Check the ram out
http://www.memtest.org/
If its all good dig out your xp cd and try a repair install
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/doug92.mspx
http://www.memtest.org/
If its all good dig out your xp cd and try a repair install
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/doug92.mspx
"Unknown Hard Error" << this could be the MBR has been damaged, please understand that a hard shutdown verses a power brown out as it is termed is way more serious.
BSOD means the HDD is not reading correctly
without that number there is a few possible causes of this "Unknown Hard Error" at a guess
"STOP: C0000221 unknown hard error" or "STOP: C0000221 STATUS_IMAGE_CHECKSUM_MISM
http://support.microsoft.com/kb/314474
You can begin the troublehoot by removing as many components as possible including ram testing as mentioned
Removing 1 stick of ram and reseat it please fully discharge any electricity from your body first and unpower by removing the actual power supply plug
also the modem card network card these often get hit first, if you had the router and phone line plugged in could be the network card and router.
You can also slave your hdd to another desktop using its cdrom ide and power connector.
you can run a chkdsk /r from recovery you will need the full xpsp2 setup disc. at the cmd prompt in recovery high light C drive then type in the cmd prompt chkdsk /r
press enter it will run a full scan and repair the hdd.
once its done take out the xp disc then type in exit press enter.
set the boot order bak to hdo first again.
If you had xpsp1 installed and have only this disc then its not appropiate to repair as sp2 is an add on
Can you boot to safemode at all?
try a system restore.
--------------------------
Rebuild configuration thru recovery
Boot from a Windows XP CD.
2. At the next screen press "R" to repair using the Recovery Console.
3. Press the number correlated with the Windows installation you want to fix. Typically this will be #1.
4. In the Administrator password press [ENTER] if you have not set a password for it.
5. Type bootcfg /list to see all the entries in the boot.ini file.
You could get the message:
“There are currently no boot entries available to display”
6. Type bootcfg /rebuild to fix it.
You will be prompted to answer the question
“Add installation to boot list (Yes/No/All)” press “Y”
7. Under “Enter Load Identifier:” type the name of your operating system (i.e. Microsoft Windows XP Home Edition).
8. For “Enter OS Load Options:” usually the value is “/fastdetect” (without quotation marks).
9. Take out the Windows XP CD and type exit.
Suggestion 2:
hal.dll file missing
1. Boot from a Windows XP CD.
2. At the next screen press “R” to repair using the Recovery Console.
3. Press the number correlated with the Windows installation you want to fix. Typically this will be #1.
4. In the “Administrator password” press [ENTER] if you have not set a password for it.
5. Type:
expand x:\i386\hal.dl_ y:\windows\system32\hall.d
where “x” is the letter of your CD-ROM and “y” the letter of the drive your operating system is installed on.
6. Take out the Windows XP CD and type exit
==========================
second choice REPAIR:
perform a reinstallation of Windows XP, sometimes called a repair installation?
Configure your computer to start from the CD-ROM drive. Then insert your Windows XP Setup CD, and restart your computer.
When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD.
Press ENTER when you see the message To setup Windows XP now, and then press ENTER displayed on the Welcome to Setup screen.
Do not choose the option to press R to use the Recovery Console.
In the Windows XP Licensing Agreement, press F8 to agree to the license agreement.
Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP.
Follow the instructions on the screen to complete Setup.
Here is some extra help illustrating the steps look below the typing.
http://www.webtree.ca/windowsxp/repair_xp.htm
BSOD means the HDD is not reading correctly
without that number there is a few possible causes of this "Unknown Hard Error" at a guess
"STOP: C0000221 unknown hard error" or "STOP: C0000221 STATUS_IMAGE_CHECKSUM_MISM
http://support.microsoft.com/kb/314474
You can begin the troublehoot by removing as many components as possible including ram testing as mentioned
Removing 1 stick of ram and reseat it please fully discharge any electricity from your body first and unpower by removing the actual power supply plug
also the modem card network card these often get hit first, if you had the router and phone line plugged in could be the network card and router.
You can also slave your hdd to another desktop using its cdrom ide and power connector.
you can run a chkdsk /r from recovery you will need the full xpsp2 setup disc. at the cmd prompt in recovery high light C drive then type in the cmd prompt chkdsk /r
press enter it will run a full scan and repair the hdd.
once its done take out the xp disc then type in exit press enter.
set the boot order bak to hdo first again.
If you had xpsp1 installed and have only this disc then its not appropiate to repair as sp2 is an add on
Can you boot to safemode at all?
try a system restore.
--------------------------
Rebuild configuration thru recovery
Boot from a Windows XP CD.
2. At the next screen press "R" to repair using the Recovery Console.
3. Press the number correlated with the Windows installation you want to fix. Typically this will be #1.
4. In the Administrator password press [ENTER] if you have not set a password for it.
5. Type bootcfg /list to see all the entries in the boot.ini file.
You could get the message:
“There are currently no boot entries available to display”
6. Type bootcfg /rebuild to fix it.
You will be prompted to answer the question
“Add installation to boot list (Yes/No/All)” press “Y”
7. Under “Enter Load Identifier:” type the name of your operating system (i.e. Microsoft Windows XP Home Edition).
8. For “Enter OS Load Options:” usually the value is “/fastdetect” (without quotation marks).
9. Take out the Windows XP CD and type exit.
Suggestion 2:
hal.dll file missing
1. Boot from a Windows XP CD.
2. At the next screen press “R” to repair using the Recovery Console.
3. Press the number correlated with the Windows installation you want to fix. Typically this will be #1.
4. In the “Administrator password” press [ENTER] if you have not set a password for it.
5. Type:
expand x:\i386\hal.dl_ y:\windows\system32\hall.d
where “x” is the letter of your CD-ROM and “y” the letter of the drive your operating system is installed on.
6. Take out the Windows XP CD and type exit
==========================
second choice REPAIR:
perform a reinstallation of Windows XP, sometimes called a repair installation?
Configure your computer to start from the CD-ROM drive. Then insert your Windows XP Setup CD, and restart your computer.
When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD.
Press ENTER when you see the message To setup Windows XP now, and then press ENTER displayed on the Welcome to Setup screen.
Do not choose the option to press R to use the Recovery Console.
In the Windows XP Licensing Agreement, press F8 to agree to the license agreement.
Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP.
Follow the instructions on the screen to complete Setup.
Here is some extra help illustrating the steps look below the typing.
http://www.webtree.ca/windowsxp/repair_xp.htm
ASKER
Here is the exact hard error:
STOP: d0000144 Unknown Hard Error
Unknown Hard Error
I have tried a repair installation. I also manged to find some diagnostics that came with my computer. It was a pre-boot diagnostic, and my memory failed a couple times. It also passed a couple times. I have ordered replacement RAM. Is it still possible that other components are damaged? What does that hard error mean?
STOP: d0000144 Unknown Hard Error
Unknown Hard Error
I have tried a repair installation. I also manged to find some diagnostics that came with my computer. It was a pre-boot diagnostic, and my memory failed a couple times. It also passed a couple times. I have ordered replacement RAM. Is it still possible that other components are damaged? What does that hard error mean?
ASKER
I should also mention that I am able to boot in safe mode. I also recently reinstalled zone alarm and deleted some viruses. Is it possible that is contributing to the problem?
zone itself could be your problem plus the viruses great you can access safemode
uninstall zone alarm..
what was the viruse?
How to troubleshoot a "STOP 0xC000021A" error
http://support.microsoft.com/default.aspx?scid=kb;en-us;156669
--------------------------
in safemode:
go to start run type in msconfig press enter
look firt in teh boot.ini please have no ticks in the boot options
then look in the startup group and uncheck as much as possible.
--------------------------
To have a look at the boot.ini r/click my computer properties advanced startup and recovery settings this my boot.ini for xp pro sp2.
does your boot.ini have any extra edit that shoudl not be there?
[boot loader]
timeout=30
default=multi(0)disk(0)rdi
[operating systems]
multi(0)disk(0)rdisk(0)par
uninstall zone alarm..
what was the viruse?
How to troubleshoot a "STOP 0xC000021A" error
http://support.microsoft.com/default.aspx?scid=kb;en-us;156669
--------------------------
in safemode:
go to start run type in msconfig press enter
look firt in teh boot.ini please have no ticks in the boot options
then look in the startup group and uncheck as much as possible.
--------------------------
To have a look at the boot.ini r/click my computer properties advanced startup and recovery settings this my boot.ini for xp pro sp2.
does your boot.ini have any extra edit that shoudl not be there?
[boot loader]
timeout=30
default=multi(0)disk(0)rdi
[operating systems]
multi(0)disk(0)rdisk(0)par
Someone explains the same problem you are having.
They are infested with spyware and viruses
These programs have corrupted their system files as well.
After removing all of the spyware/viruses, the problem still persists.
The final fix was to do a repair installation of Windows XP.
To scan for spyware and viruses, download and use Ad-Aware from
www.lavasoftusa.com
hijackthis
download HijackThis 1.99.1,from the direct link top right corner
http://www.hijackthis.de/
save it to a folder on your desktop and then install to that.
run the scan and save a log but dont fix
copy the entire log and paste it there as well>> http://www.hijackthis.de/
below the panel hit analyze, now just scroll down to
have a look at the results of the analyzed log.
Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection
http://vil.nai.com/vil/stinger/
To repair XP, boot off your Windows XP CD, choose to Install Windows, must be a full xpsp2 setup disc.
it will find your existing installation and offer to repair it, press R to
repair and let Windows Setup fix things for you.
memtest
http://hcidesign.com/
They are infested with spyware and viruses
These programs have corrupted their system files as well.
After removing all of the spyware/viruses, the problem still persists.
The final fix was to do a repair installation of Windows XP.
To scan for spyware and viruses, download and use Ad-Aware from
www.lavasoftusa.com
hijackthis
download HijackThis 1.99.1,from the direct link top right corner
http://www.hijackthis.de/
save it to a folder on your desktop and then install to that.
run the scan and save a log but dont fix
copy the entire log and paste it there as well>> http://www.hijackthis.de/
below the panel hit analyze, now just scroll down to
have a look at the results of the analyzed log.
Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection
http://vil.nai.com/vil/stinger/
To repair XP, boot off your Windows XP CD, choose to Install Windows, must be a full xpsp2 setup disc.
it will find your existing installation and offer to repair it, press R to
repair and let Windows Setup fix things for you.
memtest
http://hcidesign.com/
ASKER
Logfile of HijackThis v1.99.1
Scan saved at 9:50:14 PM, on 4/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\system32\svchos
C:\Program Files\Intel\Wireless\Bin\Z
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
C:\WINDOWS\system32\ZoneLa
C:\WINDOWS\system32\ZoneLa
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\ZONELA~1\ZONEA
C:\WINDOWS\system32\ZoneLa
C:\PROGRA~1\MI3AA1~1\rapim
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\rundll
C:\WINDOWS\system32\NOTEPA
C:\Documents and Settings\Ian\Desktop\hjt\H
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-B
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-1
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\Update
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\i
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_07\bi
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quicks
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\P
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\L
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrot
O4 - HKLM\..\Run: [SRFirstRun] rundll32 srclient.dll,CreateFirstRu
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXco
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-0
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-0
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-9
O16 - DPF: {2917297F-F02B-4B9D-81DF-4
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2
O16 - DPF: {507404D4-7AC3-4D63-9922-4
O16 - DPF: {6E32070A-766D-4EE6-879C-D
O16 - DPF: {8E0D4DE5-3180-4024-A327-4
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-5
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-2
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\L
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLog
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-9
O23 - Service: Active Common Service - Unknown owner - C:\WINDOWS\system32\actsrv
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.
O23 - Service: DirectX multi version - Unknown owner - C:\WINDOWS\system32\dxcomb
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\E
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: IWin service - Unknown owner - C:\WINDOWS\system32\iwinap
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCE
O23 - Service: Neth - Unknown owner - C:\WINDOWS\system32\netid.
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NI
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc3
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\R
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLa
O23 - Service: Win Common module - Unknown owner - C:\WINDOWS\system32\servic
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winver
O23 - Service: WinTrust32 - Unknown owner - C:\WINDOWS\system32\wintru
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\W
Scan saved at 9:50:14 PM, on 4/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\system32\svchos
C:\Program Files\Intel\Wireless\Bin\Z
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
C:\WINDOWS\system32\ZoneLa
C:\WINDOWS\system32\ZoneLa
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\ZONELA~1\ZONEA
C:\WINDOWS\system32\ZoneLa
C:\PROGRA~1\MI3AA1~1\rapim
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\rundll
C:\WINDOWS\system32\NOTEPA
C:\Documents and Settings\Ian\Desktop\hjt\H
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-B
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-1
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\Update
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\i
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_07\bi
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quicks
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\P
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\L
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrot
O4 - HKLM\..\Run: [SRFirstRun] rundll32 srclient.dll,CreateFirstRu
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXco
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-0
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-0
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-9
O16 - DPF: {2917297F-F02B-4B9D-81DF-4
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2
O16 - DPF: {507404D4-7AC3-4D63-9922-4
O16 - DPF: {6E32070A-766D-4EE6-879C-D
O16 - DPF: {8E0D4DE5-3180-4024-A327-4
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-5
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-2
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\L
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLog
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-9
O23 - Service: Active Common Service - Unknown owner - C:\WINDOWS\system32\actsrv
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.
O23 - Service: DirectX multi version - Unknown owner - C:\WINDOWS\system32\dxcomb
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\E
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: IWin service - Unknown owner - C:\WINDOWS\system32\iwinap
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCE
O23 - Service: Neth - Unknown owner - C:\WINDOWS\system32\netid.
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NI
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc3
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\R
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLa
O23 - Service: Win Common module - Unknown owner - C:\WINDOWS\system32\servic
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winver
O23 - Service: WinTrust32 - Unknown owner - C:\WINDOWS\system32\wintru
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\W
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sorry I missed posting this excellent guide for you please try this in safemode
How to remove vsmon error
http://www.file.net/process/vsmon.exe.html
How to remove vsmon error
http://www.file.net/process/vsmon.exe.html
ASKER
I already uninstalled ZA, and rebooted with the last known good config, and that seems to have done the trick. Thanks so much!
excellent. I bought zone alone pro as well and found unfortunately in recent it has become a very intense program not that that is a bad thing, its very thorough, however because it keeps such an intense monitoring of all your system files a bad shutdown can render the system unbootable, also it is very strict with networking now almost to the point our lan experience is just too difficult so I removed it.
Have great day
thank you
Merete
Have great day
thank you
Merete
You can start with a chkdsk, to see if there is any damage there.
but it sounds like a hdd problem realistic my best suggestion is take your computer in and have it checked out.
power supply surges or damage can carry significant problems starting from the PSU thru to ram the mobo prcessor chip HDD. Video card. As the system is fully electronic any minor change on the mainboard can cause your system to be fried. Lets hope not, better to let the experts check it before any more damage
Regards Merete