# where to find link causing error opening IE



## Lindee (Jan 10, 2002)

Everytime I open Internet Explorer I get an error message (see below). Where can I find this link to delete it so I don't keep having this problem? I say to debug it, but it continues each time to display the error.



C:\DOCUME~1\Lindee\LOCALS~1\Temp\eaab_appcompat.txt

AppName: iexplore.exe AppVer: 6.0.2900.2180 ModName: unknown
ModVer: 0.0.0.0 Offset: 10019790

Thanks


----------



## valis (Sep 24, 2004)

Please download *ATF Cleaner* by Atribune.
*This program is for XP and Windows 2000 only*

Double-click *ATF-Cleaner.exe* to run the program.
Under *Main* choose: *Select All*
Click the *Empty Selected* button.
If you use Firefox browser
Click *Firefox* at the top and choose: *Select All*
Click the *Empty Selected* button.
*NOTE:* If you would like to keep your saved passwords, please click *No* at the prompt.
If you use Opera browser
Click *Opera* at the top and choose: *Select All*
Click the *Empty Selected* button.
*NOTE:* If you would like to keep your saved passwords, please click *No* at the prompt.
Click *Exit* on the Main menu to close the program.
For *Technical Support*, double-click the e-mail address located at the bottom of each menu.


----------



## valis (Sep 24, 2004)

atf stands for 'all temp files'. That will delete it; if the problem persists, let me know, and we'll move up from there.


----------



## Lindee (Jan 10, 2002)

I downloaded ATF as you asked, went through all the motions, rebooted and still have the problem. Where to from here?


----------



## valis (Sep 24, 2004)

go to start > run > eventvwr.msc > enter

right click on apps, choose 'clear', say no to export or save or whatever it says, then try to start the app. when it errors out, go back to the app folder in eventvwr and see what the error is. to open it, double click on the error in the right panel, then click the two pieces of paper to copy them to your clipboard, then come back here and paste it.


----------



## Lindee (Jan 10, 2002)

Here you go!

Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

The Windows Security Center Service has started.


The description for Event ID ( 19011 ) in Source ( MSSQL$MICROSOFTBCM ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: (SpnRegister) : Error 1355.

Service started

Windows saved user D820GY61\Lindee registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. 

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.


----------



## valis (Sep 24, 2004)

do you have a firewall other than Microsofts on this machine, such as zonealarm or something else? also, is this a home machine or a business machine?


----------



## Lindee (Jan 10, 2002)

No other firewalls. I even got rid of Norton a couple of months ago and have AVG.


----------



## valis (Sep 24, 2004)

Is this a business or personal pc?

Please do this:

•Click here to download HJTsetup.exe
•	Save HJTsetup.exe to your desktop.
•	Doubleclick on the HJTsetup.exe icon on your desktop.
•	By default it will install to C:\Program Files\Hijack This.
•	Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
•	Put a check by Create a desktop icon then click Next again.
•	Continue to follow the rest of the prompts from there.
•	At the final dialogue box click Finish and it will launch Hijack This.
•	Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
•	Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
•	Come back here to this thread and Paste the log in your next reply.
•	DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


----------



## Lindee (Jan 10, 2002)

Sorry, it is a personal/business computer. I am the only one on it. 

I didn't have a chance to do your last request. I will do it tomorrow.


----------



## Lindee (Jan 10, 2002)

Logfile of HijackThis v1.99.1
Scan saved at 3:06:01 PM, on 1/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\inception\Inception.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~4\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


----------



## Lindee (Jan 10, 2002)

Sorry, the title wasn't completed, here is the info:

Logfile of HijackThis v1.99.1
Scan saved at 3:06:01 PM, on 1/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\inception\Inception.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~4\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


----------



## valis (Sep 24, 2004)

good news and bad news, kid. You're machine is infected. That's the bad. The good is that I will request a mod move it to security for a faster response time for you; doing so now. Do NOT fix anything until an expert (has a gold badge next to their name, or is flavallee) tells you to.

Thanks, 

v


----------



## Cookiegal (Aug 27, 2003)

What version of Office are you using?

Is this XP Pro or Home?


----------



## valis (Sep 24, 2004)

thanks cookie! switching to lurker/learner mode now.


----------



## Cookiegal (Aug 27, 2003)

valis said:


> thanks cookie! switching to lurker/learner mode now.


:up:


----------



## Lindee (Jan 10, 2002)

I am using Win XP Home

I seemed to have this problem after I switched from Norton to AVG, at least aI think that is when it was.


----------



## Cookiegal (Aug 27, 2003)

> What version of Office are you using?


Please answer my other question as well.


----------



## Lindee (Jan 10, 2002)

Hi Cookiegal, 

sorry, it has been a long day. I am using Microsoft Office 2003


----------



## Cookiegal (Aug 27, 2003)

That's OK.  

You mentioned you were the only one on this computer but that it is for business and personal. Is it networked to other computers?


----------



## Lindee (Jan 10, 2002)

No. We are a small office, just my husband and me. I transferred tons of files from our old computer to this laptop and may have transferred a bug, eventhough I always did disk clean up and defrag and had Norton anti-virus.

I use it primarily for business now. I had minimal files on it prior to using it for business.


----------



## Cookiegal (Aug 27, 2003)

Download *AVG Anti-Spyware* from *HERE* and save that file to your desktop.

When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.


Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.
Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
On the main screen select the icon "*Update*" then select the "*Update now*" link.
Next select the "*Start Update*" button. The update will start and a progress bar will show the updates being installed.

Once the update has completed, select the "*Scanner*" icon at the top of the screen, then select the "*Settings*" tab.
Once in the Settings screen click on "*Recommended actions*" and then select "*Quarantine*".
Under "*Reports*"
Select "*Automatically generate report after every scan*"
Un-Select "*Only if threats were found*"

Close AVG Anti-Spyware. Do Not run a scan just yet, we will run it in safe mode.
Reboot your computer into *Safe Mode*. You can do this by restarting your computer and continually tapping the *F8* key until a menu appears. Use your up arrow key to highlight *Safe Mode* then hit enter.

*IMPORTANT:* Do not open any other windows or programs while AVG Anti-Spyware is scanning as it may interfere with the scanning process:

Launch AVG Anti-Spyware by double clicking the icon on your desktop.
Select the "*Scanner*" icon at the top and then the "*Scan*" tab then click on "*Complete System Scan*".
AVG will now begin the scanning process. Please be patient as this may take a little time.
*Once the scan is complete, do the following:*
If you have any infections you will be prompted. Then select "*Apply all actions.*"
Next select the "*Reports*" icon at the top.
Select the "*Save report as*" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved that file. This is important).
Close AVG Anti-Spyware and reboot your system back into Normal Mode.

Please go *HERE* to run Panda's ActiveScan
You need to use IE to run this scan
Once you are on the Panda site click the *Scan your PC* button
A new window will open...click the *Check Now* button
Enter your *Country*
Enter your *State/Province*
Enter your *e-mail address* and click *send*
Select either *Home User* or *Company*
Click the big *Scan Now* button
If it wants to install an ActiveX component allow it
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on *My Computer* to start the scan
When the scan completes, if anything malicious is detected, click the *See Report* button, *then Save Report* and save it to a convenient location. Post the contents of the ActiveScan report

*Come back here and post a new HijackThis log along with the logs from the AVG and Panda scans.*


----------



## Lindee (Jan 10, 2002)

Cookiegal:

Here is the info I downloaded from the info you suggested to do. It took all night to do and had to leave my computer at the office. There was an error message window on the screen that said: "managed MAPI catastrophic failure." I clicked OK and it continued to finish the scan.

Incident Status Location

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][2].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][2].txt 
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][2].txt 
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][2].txt 
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Lindee\Cookies\[email protected][1].txt 
Adware:Adware/Trymedia Not disinfected C:\Downloads\PedalToTheMetalSetup-dm[1].exe


----------



## Cookiegal (Aug 27, 2003)

Did you run AVG-AS?

Also, are you using Business Contact Manager with your Outlook?


----------



## Lindee (Jan 10, 2002)

Yes, I ran AVG-AS. I am not using the Business Contact Mgr, at least aI don't think I am. How do I find out if I am? I am using Outlook


----------



## Cookiegal (Aug 27, 2003)

I need to see the report from AVG-AS please.


If you're running Business Contact Manager, you would see it in the list of folders, as in the attached image.


----------



## Lindee (Jan 10, 2002)

It said there was no report to view


----------



## Lindee (Jan 10, 2002)

I ran it twice


----------



## Cookiegal (Aug 27, 2003)

Did it find anything?


Are you definitely not running the Business Contact Manager?


----------



## Lindee (Jan 10, 2002)

In the window where there was to be the report, it said there was nothing to view.

how can I check to see if I am using the Businss Contact Manager? I'm not even sure what it is. I just use Outlook.


----------



## Cookiegal (Aug 27, 2003)

Download *WinPFind.exe* to your desktop and double click on it open it and then select extract to extract the files. This will create a folder named *WinPFind* on your desktop.

*Start in Safe Mode Using the F8 method:*


Restart the computer.
As soon as the BIOS is loaded begin tapping the *F8* key until the boot menu appears.
Use the arrow keys to select the *Safe Mode* menu item.
Press the *Enter* key.

Double click on the WinPFind folder on your desktop to open it and then double click on the *WinPFind.exe* file to start the program.


Click Configure scan options
Under Run AdOns select the following:
Policies.def
Security.def

Click apply
Click "*Start Scan*"
*It will scan the entire System, so please be patient and let it complete.*

When the scan is complete reboot normally and post the *WinPFind.txt* file (located in the WinPFind folder) back here along with a new HijackThis log.


----------



## Lindee (Jan 10, 2002)

Cookiegal: I started the computer in safe mode to do the winpfind, but could not get to the part of the screen where you wanted me to be. The window will not open further for me to get to it. I can get to it in normal mode. Is it okay to do this in normal mode?


----------



## Cookiegal (Aug 27, 2003)

You can if you must but if you look at the program in normal mode then you should be able to see where you choose the add-ons and where the "apply" button is in safe mode. I know it's a problem but if you can do it in safe mode it would be better.


----------



## Lindee (Jan 10, 2002)

I will try it in Safe Mode if you can tell me how to get the page to open further to the right. I tried resizing it, but it would only go so far. You are unable to read the menu under that section.


----------



## Cookiegal (Aug 27, 2003)

Can you not see a portion of it on the right-hand side? Do you not see boxes to check to the far right? If not, you may have a smaller screen so then run it in normal mode.


----------



## Lindee (Jan 10, 2002)

FINALLY!!! I was able to get these reports you requested. I hope it helps. am going to have to send it to you in a couple of posts, since it kept getting rejected because the file was too big.

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Logfile created on: 1/23/2007 10:05:31 AM
WinPFind v1.5.0	Folder = C:\Documents and Settings\Lindee\Desktop\WinPFind\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Checking %System% folder...
PEC2 8/4/2004 3:00:00 AM 41397 C:\WINDOWS\SYSTEM32\DFRG.MSC ()
PTech 6/19/2006 3:19:42 PM 571184 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll (Microsoft Corporation)
PECompact2 1/2/2007 3:19:44 PM 10980776 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 1/2/2007 3:19:44 PM 10980776 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 8/4/2004 3:00:00 AM 708096 C:\WINDOWS\SYSTEM32\NTDLL.DLL (Microsoft Corporation)
WSUD 8/4/2004 3:00:00 AM 257024 C:\WINDOWS\SYSTEM32\NUSRMGR.CPL (Microsoft Corporation)
Umonitor 8/4/2004 3:00:00 AM 657920 C:\WINDOWS\SYSTEM32\RASDLG.DLL (Microsoft Corporation)
winsync 8/4/2004 3:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\WBDBASE.DEU ()
PTech 6/19/2006 3:19:26 PM 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe (Microsoft Corporation)

Checking %System%\Drivers folder and sub-folders...
UPX! 11/15/2006 9:59:54 AM 816672 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
FSG! 11/15/2006 9:59:54 AM 816672 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
PEC2 11/15/2006 9:59:54 AM 816672 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)
aspack 11/15/2006 9:59:54 AM 816672 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.)

Items found in C:\WINDOWS\SYSTEM32\drivers\ETC\HOSTS


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
1/23/2007 10:04:02 AM S 2048 C:\WINDOWS\BOOTSTAT.DAT ()
12/7/2006 5:30:20 PM S 9057 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923689.cat ()
12/19/2006 11:09:32 AM S 8847 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat ()
1/23/2007 10:03:50 AM H 8192 C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG ()
1/23/2007 10:04:26 AM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG ()
1/23/2007 10:04:06 AM H 16384 C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG ()
1/23/2007 10:04:28 AM H 106496 C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG ()
1/23/2007 10:04:20 AM H 1118208 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG ()
1/11/2007 6:05:26 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG ()
1/1/2007 6:36:58 AM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\94f8bee8-aa65-497c-9f56-a7c669289468 ()
1/1/2007 6:36:58 AM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\Preferred ()
1/10/2007 2:47:56 PM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\e9c75375-cf2c-4fc1-9751-eafab45677d0 ()
1/10/2007 2:47:56 PM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred ()
1/23/2007 10:02:52 AM H 6 C:\WINDOWS\Tasks\SA.DAT ()

Checking for CPL files...
8/4/2004 3:00:00 AM 68608 C:\WINDOWS\SYSTEM32\ACCESS.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 549888 C:\WINDOWS\SYSTEM32\APPWIZ.CPL (Microsoft Corporation)
10/28/2003 5:33:36 PM 24576 C:\WINDOWS\SYSTEM32\BACSCPL.cpl ()
12/6/2004 12:45:12 PM 1491053 C:\WINDOWS\SYSTEM32\BCMWLCPL.CPL (Dell Inc)
10/7/2003 11:39:00 AM 184320 C:\WINDOWS\SYSTEM32\bdeadmin.cpl (Borland Software Corporation)
8/4/2004 3:00:00 AM 110592 C:\WINDOWS\SYSTEM32\BTHPROPS.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 135168 C:\WINDOWS\SYSTEM32\DESK.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 80384 C:\WINDOWS\SYSTEM32\FIREWALL.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 155136 C:\WINDOWS\SYSTEM32\HDWWIZ.CPL (Microsoft Corporation)
8/20/2004 1:53:06 PM 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl (Intel Corporation)
8/4/2004 3:00:00 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation)
8/4/2004 3:00:00 AM 129536 C:\WINDOWS\SYSTEM32\INTL.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 380416 C:\WINDOWS\SYSTEM32\IRPROPS.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 68608 C:\WINDOWS\SYSTEM32\JOY.CPL (Microsoft Corporation)
11/10/2005 1:03:50 PM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.)
8/4/2004 3:00:00 AM 187904 C:\WINDOWS\SYSTEM32\MAIN.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 618496 C:\WINDOWS\SYSTEM32\MMSYS.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 35840 C:\WINDOWS\SYSTEM32\NCPA.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 25600 C:\WINDOWS\SYSTEM32\NETSETUP.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 257024 C:\WINDOWS\SYSTEM32\NUSRMGR.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 32768 C:\WINDOWS\SYSTEM32\ODBCCP32.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 114688 C:\WINDOWS\SYSTEM32\POWERCFG.CPL (Microsoft Corporation)
3/9/2005 7:50:36 PM 24576 C:\WINDOWS\SYSTEM32\prefscpl.cpl (RealNetworks, Inc.)
1/6/2004 2:02:36 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl (Apple Computer, Inc.)
7/20/2004 8:14:06 AM 102481 C:\WINDOWS\SYSTEM32\stac97.cpl (SigmaTel Inc.)
8/4/2004 3:00:00 AM 298496 C:\WINDOWS\SYSTEM32\SYSDM.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 28160 C:\WINDOWS\SYSTEM32\TELEPHON.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 94208 C:\WINDOWS\SYSTEM32\TIMEDATE.CPL (Microsoft Corporation)
8/4/2004 3:00:00 AM 148480 C:\WINDOWS\SYSTEM32\WSCUI.CPL (Microsoft Corporation)
5/26/2005 3:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation)
5/26/2005 3:16:30 AM 174360 C:\WINDOWS\SYSTEM32\DLLCACHE\wuaucpl.cpl (Microsoft Corporation)
More to come...


----------



## Lindee (Jan 10, 2002)

More....

Checking for Downloaded Program Files...
{166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - Java Plug-in 1.5.0_02 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
11/8/2006 10:11:26 AM 986 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ()
1/17/2007 9:02:00 AM 1757 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ()
8/10/2004 11:04:12 AM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI ()
3/9/2005 7:37:52 PM 493 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk ()
10/9/2006 11:50:24 AM 1808 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ()
10/9/2006 12:04:10 PM 798 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk ()

Checking files in %ALLUSERSPROFILE%\Application Data folder...
8/10/2004 10:57:42 AM HS 62 C:\Documents and Settings\All Users\Application Data\DESKTOP.INI ()
10/9/2006 1:51:24 PM 5034 C:\Documents and Settings\All Users\Application Data\hpzinstall.log ()

Checking files in %USERPROFILE%\Startup folder...
8/10/2004 11:04:12 AM HS 84 C:\Documents and Settings\Lindee\Start Menu\Programs\Startup\DESKTOP.INI ()

Checking files in %USERPROFILE%\Application Data folder...
8/10/2004 10:57:42 AM HS 62 C:\Documents and Settings\Lindee\Application Data\DESKTOP.INI ()
8/2/2006 10:41:44 AM 5373 C:\Documents and Settings\Lindee\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log ()
3/18/2005 1:39:16 PM 12358 C:\Documents and Settings\Lindee\Application Data\PFP120JCM.{PB ()
3/18/2005 1:39:16 PM 61678 C:\Documents and Settings\Lindee\Application Data\PFP120JPR.{PB ()
3/9/2005 7:37:06 PM 4 C:\Documents and Settings\Lindee\Application Data\QSPMShare ()

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

>>> Internet Explorer Settings <<<

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.dell4me.com/mywaybiz
\\Search Page - http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
\\Default_Page_URL - http://www.dell4me.com/mywaybiz
\\Default_Search_URL - http://www.google.com/ie
\\Local Page - %SystemRoot%\system32\blank.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.google.com/
\\Search Bar - http://www.google.com/ie
\\Search Page - http://www.google.com
\\Default_Page_URL - http://www.dell4me.com/mywaybiz
\\Local Page - C:\WINDOWS\system32\blank.htm

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
\\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
\\SearchAssistant - http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
\\SearchAssistant - http://www.google.com/ie

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - = C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)

>>> BHO's <<<
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - = ()
\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - eBay Toolbar Helper = C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll ()
\{4D25F921-B9FE-4682-BF72-8AB8210D6D75} - = C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (MyWay.com)
\{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
\{AA58ED58-01DD-4d91-8333-CF10577473F7} - Google Toolbar Helper = c:\program files\google\googletoolbar1.dll (Google Inc.)

>>> Internet Explorer Bars, Toolbars and Extensions <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
\{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)
\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - Real.com = C:\WINDOWS\system32\Shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
\{EFA24E61-B078-11D0-89E4-00C04FC9E26E} - Favorites Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)
\{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
\\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar = C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll ()
\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar1.dll (Google Inc.)


----------



## Lindee (Jan 10, 2002)

Of course, it didn't occur to me to attach a file, which would have been easier for you

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar1.dll (Google Inc.)
\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{40D41A8B-D79B-43D7-99A7-9EE0F344C385} - AIM Search = C:\Program Files\AIM Toolbar\AIMBar.dll ()
\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google = c:\program files\google\googletoolbar1.dll (Google Inc.)
\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
\WebBrowser\\{F2CF5485-4E02-4F68-819C-B92DE9277049} - = ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping]
\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 = Sun Java Console
\\NEXTID - 8202
\\{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8193 = Windows Messenger
\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - 8194 = 
\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8195 = 
\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - 8196 = 
\\{e2e2dd38-d088-4134-82b7-f2ba38496583} - 8201 = @xpsp3res.dll,-20001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.)
\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Console = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)(HKCU CLSID)
\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Research = 
\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - ButtonText: AIM = C:\Program Files\AIM\aim.exe (America Online, Inc.)
\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - ButtonText: Real.com = 
\{e2e2dd38-d088-4134-82b7-f2ba38496583} - MenuText: @xpsp3res.dll,-20001 = ()
\{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

>>> Approved Shell Extensions (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
\\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll ()
\\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = ()
\\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = ()
\\{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.)
\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = ()
\\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = ()
\\{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = ()
\\{2F603045-309F-11CF-9774-0020AFD0CFF6} - Synaptics Control Panel = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics, Inc.)
\\{DEE12703-6333-4D4E-8F34-738C4DCC2E04} - RecordNow! SendToExt = C:\Program Files\Sonic\RecordNow!\shlext.dll ()
\\{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
\\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar = C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll ()
\\{506F4668-F13E-4AA1-BB04-B43203AB3CC0} - {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = C:\Program Files\Microsoft Office\Visio10\VisShe.dll ()
\\{D66DC78C-4F61-447F-942B-3FB6980118CF} - {D66DC78C-4F61-447F-942B-3FB6980118CF} = C:\Program Files\Microsoft Office\Visio10\VisShe.dll ()
\\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - AVG7 Shell Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o.)
\\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - AVG7 Find Extension = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

>>> Context Menu Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers]
\AVG Anti-Spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll (Anti-Malware Development a.s.)
\AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o.)

[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers]

[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers]
\AVG Anti-Spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll (Anti-Malware Development a.s.)

[HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers]
\igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = C:\WINDOWS\system32\igfxpph.dll (Intel Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers]
\AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll (GRISOFT, s.r.o.)

>>> Column Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
\{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.)

>>> Registry Run Keys <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
IgfxTray - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
HotKeysCmds - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
SynTPLpr - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
SynTPEnh - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
DVDLauncher - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
- Reg Data missing or invalid ()
DadApp - C:\Program Files\Dell\AccessDirect\dadapp.exe ()
Dell QuickSet - C:\Program Files\Dell\QuickSet\quickset.exe ()
Dell Wireless Manager UI - C:\WINDOWS\system32\WLTRAY.exe (Dell Inc)
UpdateManager - C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
MMTray - C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
dla - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
HP Software Update - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
eBayToolbar - C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe (eBay)
AVG7_CC - C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe (GRISOFT, s.r.o.)
!AVG Anti-Spyware - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (Anti-Malware Development a.s.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL	Installed = 1
MAPI	Installed = 1
MSFS	Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
swg - C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe (Google Inc.)
Aim6 - C:\Program Files\AIM6\aim6.exe (AOL LLC)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

>>> Startup Links <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI ()
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup]
C:\Documents and Settings\Lindee\Start Menu\Programs\Startup\DESKTOP.INI ()

>>> MSConfig Disabled Items <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk
path	C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup	C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
location	Common Startup
command	C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE 
item	Adobe Reader Speed Launch


----------



## Lindee (Jan 10, 2002)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk
path	C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup	C:\WINDOWS\pss\HotSync Manager.lnkCommon Startup
location	Common Startup
command	C:\Palm\hotsync.exe 
item	HotSync Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	ctfmon
hkey	HKCU
command	C:\WINDOWS\system32\ctfmon.exe
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	DSAgnt
hkey	HKCU
command	"C:\Program Files\Dell Support\DSAgnt.exe" /startup
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelliPoint
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	point32
hkey	HKLM
command	"C:\Program Files\Microsoft IntelliPoint\point32.exe"
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mmtask
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	mmtask
hkey	HKLM
command	C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPFExe
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	MpfTray
hkey	HKLM
command	C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	msmsgs
hkey	HKCU
command	"C:\Program Files\Messenger\msmsgs.exe" /background
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealTray
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	RealPlay
hkey	HKLM
command	C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	jusched
hkey	HKLM
command	C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\type32
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	type32
hkey	HKLM
command	"C:\Program Files\Microsoft IntelliType Pro\type32.exe"
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirusScan Online
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	mcvsshld
hkey	HKLM
command	"c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VSOCheckTask
key	SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item	mcmnhdlr
hkey	HKLM
command	"c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
inimapping	0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini	0
win.ini	0
bootini	0
services	0
startup	2

[All Users Startup Folder Disabled Items]

[Current User Startup Folder Disabled Items]

>>> User Agent Post Platform <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
\\SV1 -

>>> AppInit Dll's <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs]

>>> Image File Execution Options <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
\Your Image File Name Here without a path - Debugger = ntsd -d

>>> Shell Service Object Delay Load <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
\\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation)
\\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

>>> Shell Execute Hooks <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
\\{57B86673-276A-48B2-BAE7-C6DBB3020EB8} - CShellExecuteHookImpl Object = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (Anti-Malware Development a.s.)

>>> Shared Task Scheduler <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
\\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)
\\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation)


----------



## Lindee (Jan 10, 2002)

Winlogon <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
\\UserInit = C:\WINDOWS\system32\userinit.exe,
\\Shell = Explorer.exe
\\System =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
\crypt32chain - crypt32.dll = (Microsoft Corporation)
\cryptnet - cryptnet.dll = (Microsoft Corporation)
\cscdll - cscdll.dll = (Microsoft Corporation)
\igfxcui - igfxsrvc.dll = (Intel Corporation)
\ScCertProp - wlnotify.dll = (Microsoft Corporation)
\Schedule - wlnotify.dll = (Microsoft Corporation)
\sclgntfy - sclgntfy.dll = (Microsoft Corporation)
\SensLogn - WlNotify.dll = (Microsoft Corporation)
\termsrv - wlnotify.dll = (Microsoft Corporation)
\WgaLogon - WgaLogon.dll = (Microsoft Corporation)
\wlballoon - wlnotify.dll = (Microsoft Corporation)

>>> DNS Name Servers <<<
{2364719B-BC79-4C82-90B3-483EC6431528} - (Dell Wireless 1350 WLAN Mini-PCI Card)
{FCC774D7-3EA3-42BF-93EF-6D02F9E32DA9} - (Broadcom 440x 10/100 Integrated Controller)

>>> All Winsock2 Catalogs <<<
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries]
\000000000001\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
\000000000002\\LibraryPath - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation)
\000000000003\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries]
\000000000001\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000002\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000003\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000004\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000005\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000006\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000007\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000008\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000009\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000010\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000011\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000012\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000013\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)

>>> Protocol Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler]
\ipp - ()
\msdaipp - ()

>>> Protocol Filters (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter]

>>> Selected AddOn's <<<

>>>>Output for AddOn file Policies.def<<<<
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} - 1
policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - 1073741857
policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - 32
policies\system\\dontdisplaylastusername - 0
policies\system\\legalnoticecaption - 
policies\system\\legalnoticetext - 
policies\system\\shutdownwithoutlogon - 1
policies\system\\undockwithoutlogon - 1

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies - Include SUBKEYS
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
policies\Explorer\\NoDriveTypeAutoRun - 145
policies\System\\DisableRegistryTools - 0

>>>>Output for AddOn file Security.def<<<<
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
Security Center\\FirstRunDisabled - 1
Security Center\\AntiVirusDisableNotify - 0
Security Center\\FirewallDisableNotify - 0
Security Center\\UpdatesDisableNotify - 0
Security Center\\AntiVirusOverride - 0
Security Center\\FirewallOverride - 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS]
BITS\\Type - 32
BITS\\Start - 2
BITS\\ErrorControl - 1
BITS\\ImagePath - %SystemRoot%\system32\svchost.exe -k netsvcs
BITS\\DisplayName - Background Intelligent Transfer Service
BITS\\DependOnService - RpcSs;
BITS\\DependOnGroup - 
BITS\\ObjectName - LocalSystem
BITS\\Description - Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
BITS\\FailureActions - 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 E3 0C 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 
BITS\Parameters\\ServiceDll - C:\WINDOWS\system32\qmgr.dll
BITS\Security\\Security - 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 
BITS\Enum\\0 - Root\LEGACY_BITS\0000
BITS\Enum\\Count - 1
BITS\Enum\\NextInstance - 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess]
SharedAccess\\DependOnGroup - 
SharedAccess\\DependOnService - Netman;WinMgmt;
SharedAccess\\Description - Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
SharedAccess\\DisplayName - Windows Firewall/Internet Connection Sharing (ICS)
SharedAccess\\ErrorControl - 1
SharedAccess\\ImagePath - %SystemRoot%\system32\svchost.exe -k netsvcs
SharedAccess\\ObjectName - LocalSystem
SharedAccess\\Start - 2
SharedAccess\\Type - 32
SharedAccess\Epoch\\Epoch - 2901
SharedAccess\Parameters\\ServiceDll - %SystemRoot%\System32\ipnathlp.dll
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe - %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLDial.exe - C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\America Online 9.0\waol.exe - C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\AIM\aim.exe - C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe - %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000
SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP - 139:TCP:*:Enabledxpsp2res.dll,-22004
SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP - 445:TCP:*:Enabledxpsp2res.dll,-22005
SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP - 137:UDP:*:Enabledxpsp2res.dll,-22001
SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP - 138:UDP:*:Enabledxpsp2res.dll,-22002
SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall - 1
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe - %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLDial.exe - C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\America Online 9.0\waol.exe - C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Games\Links 2003\LinksMMIII.exe - C:\Program Files\Microsoft Games\Links 2003\LinksMMIII.exe:*:Enabled:Links 2003
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AIM\aim.exe - C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe - %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avginet.exe - C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avgamsvr.exe - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Grisoft\AVG Free\avgcc.exe - C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe
SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\AOL\Loader\aolload.exe - C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP - 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP - 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP - 139:TCP:LocalSubNetisabledxpsp2res.dll,-22004
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP - 445:TCP:LocalSubNetisabledxpsp2res.dll,-22005
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP - 137:UDP:LocalSubNetisabledxpsp2res.dll,-22001
SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP - 138:UDP:LocalSubNetisabledxpsp2res.dll,-22002
SharedAccess\Setup\\ServiceUpgrade - 1
SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All - 1
SharedAccess\Enum\\0 - Root\LEGACY_SHAREDACCESS\0000
SharedAccess\Enum\\Count - 1
SharedAccess\Enum\\NextInstance - 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv]
wuauserv\\Type - 32
wuauserv\\Start - 2
wuauserv\\ErrorControl - 1
wuauserv\\ImagePath - %systemroot%\system32\svchost.exe -k netsvcs
wuauserv\\DisplayName - Automatic Updates
wuauserv\\ObjectName - LocalSystem
wuauserv\\Description - Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
wuauserv\Parameters\\ServiceDll - C:\WINDOWS\system32\wuauserv.dll
wuauserv\Security\\Security - 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 
wuauserv\Enum\\0 - Root\LEGACY_WUAUSERV\0000
wuauserv\Enum\\Count - 1
wuauserv\Enum\\NextInstance - 1

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 10:22:42 AM, on 1/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

THE END!


----------



## Cookiegal (Aug 27, 2003)

Go to *Control Panel*  *Add/Remove programs* and remove the following, if there:

*MyWaySA or
MyWay SearchAssistant*

*Click Here* and download Killbox and save it to your desktop but dont run it yet.

Rescan with HijackThis, close all browser windows except HijackThis, put a check mark beside these entries and click *fix checked*.

* 
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll

O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll

*

Then boot to safe mode:

 *How to restart to safe mode*

Double-click on Killbox.exe to run it. 

Put a tick by *Standard File Kill*. 
In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

*C:\Documents and Settings\Lindee\Application Data\PFP120JCM.{PB
C:\Documents and Settings\Lindee\Application Data\PFP120JPR.{PB
C:\Program Files\MyWaySA
*

Click on the button that has the red circle with the X in the middle after you enter each file. 
It will ask for confirmation to delete the file. 
Click Yes. 
Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
Killbox may tell you that one or more files do not exist. 
If that happens, just continue on with all the files. Be sure you don't miss any.
Next in Killbox go to *Tools > Delete Temp Files*
In the window that pops up, put a check by *ALL* the options there *except* these three:
XP Prefetch
Recent
History

Now click the *Delete Selected Temp Files* button.
Exit the Killbox.

Boot back to Windows normally and post another HijackThis log please.


----------



## Lindee (Jan 10, 2002)

Cookiegal: as you reuested. There was only one file that said it wasn't there: c:\ProgamFiles\MyWaySA

Logfile of HijackThis v1.99.1
Scan saved at 11:09:12 AM, on 1/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


----------



## Cookiegal (Aug 27, 2003)

How are things running now?


----------



## Lindee (Jan 10, 2002)

Cookiegal: WHEW!!!!!!!!!!! What a process. You really know what you are doing. It fixed it perfectly. I truly appreciate what you have done to help me fix this.

Now, opeing IE doesn't give me that error to debug any longer. I do, however get an error when closing. It is NOT caused by anything you did, it has been there all along. I wanted to deal with one issue at a time. It is: base2paneform and there is another one that is all jibberish and isn't on the screen long enough to write it down. There is another one I was getting that was something about windowsformspak or something like that. Is this in your field or do you have to post it on aother topic?

Thank you again for everything, I really do appreciate you.


----------



## Cookiegal (Aug 27, 2003)

That is due to some HP hardware such as your printer. You can usually resolve it by taking HP software out of startup via msconfig.

Go to *Start *- *Run *- type in *msconfig *- click OK and click on the startup tab.

Uncheck *HP Software Update *to start with as I think this is the culprit and then reboot and see if you still get the error. If so, uncheck any other HP program that is running at startup in msconfig.

Let me know how it goes please.


----------



## Lindee (Jan 10, 2002)

Cookiegal: For the most part all but one error message appears when shutting down the computer. It flashes so fast I down't have time to write it down. It looks like a bunch of jibberish in the title, not words that can be understood.


----------



## Cookiegal (Aug 27, 2003)

Go to *Start * *Run *- type *msconfig*  click OK and click on the *startup tab*. Uncheck everything listed there except your anti-virus (AVG7_CC) and reboot. Then let me know if that solved the problem please.


----------



## Lindee (Jan 10, 2002)

Cookiegal: I will do what you ask tomorrow, in the meantime, I need to know if AVG is as secure as Norton? Our home computer has Norton and is up for renewal. We do everything on that computer and want to be sure AVG is as safe. I am using the free version on this computer at work. Your advise is appreciated.

BTW, last night when I shut the computer down, it appeared to be an error with Adobe Acrobat which read: ACRORD32.exe. then it was followed with: 0x5ad71531. Does any of this make sense to you? Should I wait to hear from you before I do what you suggested in your last post?


----------



## Cookiegal (Aug 27, 2003)

I'd say the most secure anti-virus programs are Nod32 and Kapersky. AVG is good but I can't say how it compares to Norton other than Norton takes up a lot of resources.

You can go ahead and follow my previous instructions but also do this please:

Go to *Start *- *Run *- type in *eventvwr.msc *and click OK. Look under "application" and "system" for any errors in red that are recent. If you see any, double click to open them up and then click on the icon that looks like two pieces of paper. This will copy the entire error to the clipboard. Then paste them here please.


----------



## valis (Sep 24, 2004)

just to toss in my two cents worth, I've used AVG at home ever since Norton allowed (with the accidental assistance of my wife) 106k trojans. Took a few weeks to get that sorted out. Ever since, I've used AVG (over 2 years now) and have had zero problems.

I would say the 2 biggest steps towards staying clean, regardless of what AV you use, are to practice safe surfing (educate yourself on how you got infected) and maybe consider switching from IE to a different browser.

Just my humble opinion, we now return you to your regularly scheduled programming.


----------



## Cookiegal (Aug 27, 2003)

Hey Tim. :up:


----------



## valis (Sep 24, 2004)

morning cookie......unthawed up there yet? 55 F, 12 C down here today.......


----------



## Cookiegal (Aug 27, 2003)

Wow, that's chilly for you guys!  -9C or 14F here but it has warmed up. The other morning it was -30C or -22F. We are well preserved up here.


----------



## Lindee (Jan 10, 2002)

Event Type:	Error 
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 11:18:29 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.
Hi Cookiegal,

i rant the event.msc, there were TONS of errors, but the clipboard only showed what i have pasted below.

I opened a window in MS Word and went to the office clipboard there. Is there another way to access it? This is not even close to the number of errors that were listed:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..


----------



## Cookiegal (Aug 27, 2003)

Did you follow my instructions in post no. 47?


You will have to copy those errors, one by one, but it's not necessary to do them all, just the most recent.


----------



## Lindee (Jan 10, 2002)

Cookiegal,


I guess I missed # 47 due to the weekend. I just did it and it did not solve the proble. I unchecked everything except AVG_CC. Rightnow that is all I have open.

Here are some of the errors I copied, (not detailed) that was on the error message window: 
C:\DOCUME~1\Lindee\LOCALS~1\Temp\8c7b_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\3bd_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\f192_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\98ee_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\4880_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\6fef_appcompat.txt
C:\DOCUME~1\Lindee\LOCALS~1\Temp\e8e5_appcompat.txt

These are the most recent. What other details do you need?


----------



## Cookiegal (Aug 27, 2003)

Those are of no use at all. I need you to open them up, as outlined in my instructions, which I will repeat here.

*If you see any, double click to open them up and then click on the icon that looks like two pieces of paper. This will copy the entire error to the clipboard. Then paste them here please. *


----------



## Lindee (Jan 10, 2002)

I did as you instructed, what I copied ftom the clipboard is all that showed up, which is what I pasted earlier from it. The last email is just errors I had pasted from the window that popped up when closing IE. 

There was a huge laundry list of errors when I opened the Application window, where would you like me to start?


----------



## Cookiegal (Aug 27, 2003)

Start with the most recent and just go back a couple of days.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I am going to send this in a couple of posts as it is quite long. WOW! I am sure glad you know what you're doing. I don't think I could do what you do in a million years. It took forever to find where Microsoft was hiding the Clipboard.

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 2:17:33 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/20/2007
Time: 2:17:21 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 2:05:54 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/20/2007
Time: 2:05:51 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 10:16:57 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/20/2007
Time: 10:16:55 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 10:08:01 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/20/2007
Time: 10:07:56 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 9:57:02 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 362195512.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 32 31 39 35 35 31 36219551
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/20/2007
Time: 9:56:40 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application OUTLOOK.EXE, version 11.0.8118.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 4f 55 54 4c 4f 4f OUTLOO
0018: 4b 2e 45 58 45 20 31 31 K.EXE 11
0020: 2e 30 2e 38 31 31 38 2e .0.8118.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 8:43:05 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/20/2007
Time: 8:43:05 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/20/2007
Time: 8:42:49 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/19/2007
Time: 5:42:01 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/19/2007
Time: 5:41:30 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/19/2007
Time: 3:05:57 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 339441609.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 33 39 34 34 31 36 30 33944160
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/19/2007
Time: 3:05:42 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application inception.exe, version 1.0.0.1, faulting module inception.exe, version 1.0.0.1, fault address 0x000206bd.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 6e 63 ure inc
0018: 65 70 74 69 6f 6e 2e 65 eption.e
0020: 78 65 20 31 2e 30 2e 30 xe 1.0.0
0028: 2e 31 20 69 6e 20 69 6e .1 in in
0030: 63 65 70 74 69 6f 6e 2e ception.
0038: 65 78 65 20 31 2e 30 2e exe 1.0.
0040: 30 2e 31 20 61 74 20 6f 0.1 at o
0048: 66 66 73 65 74 20 30 30 ffset 00
0050: 30 32 30 36 62 64 0d 0a 0206bd..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/19/2007
Time: 3:02:49 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/19/2007
Time: 11:34:50 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/19/2007
Time: 11:34:47 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/19/2007
Time: 8:57:34 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/19/2007
Time: 8:57:05 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 3:07:07 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 3:07:03 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 212523432.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 32 31 32 35 32 33 34 33 21252343
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/15/2007
Time: 3:07:01 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x629132f4.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 36 32 39 fset 629
0050: 31 33 32 66 34 0d 0a 132f4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/15/2007
Time: 3:07:00 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 3:06:54 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/15/2007
Time: 2:10:58 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 11:01:18 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 332702262.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 33 32 37 30 32 32 36 33270226
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/15/2007
Time: 11:00:48 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application WINWORD.EXE, version 11.0.8106.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 57 49 4e 57 4f 52 WINWOR
0018: 44 2e 45 58 45 20 31 31 D.EXE 11
0020: 2e 30 2e 38 31 30 36 2e .0.8106.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 9:51:18 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/15/2007
Time: 9:51:04 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/15/2007
Time: 9:14:33 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/15/2007
Time: 9:11:59 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/14/2007
Time: 4:38:43 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/14/2007
Time: 4:38:36 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/14/2007
Time: 2:48:42 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 212523432.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 32 31 32 35 32 33 34 33 21252343
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/14/2007
Time: 2:48:35 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x629132f4.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 36 32 39 fset 629
0050: 31 33 32 66 34 0d 0a 132f4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/14/2007
Time: 10:16:26 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 356260503.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 35 36 32 36 30 35 30 35626050
0010: 33 0d 0a 3..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/14/2007
Time: 10:16:23 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module urlmon.dll, version 6.0.2900.3020, fault address 0x0003a697.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 72 6c 6d 6f in urlmo
0038: 6e 2e 64 6c 6c 20 36 2e n.dll 6.
0040: 30 2e 32 39 30 30 2e 33 0.2900.3
0048: 30 32 30 20 61 74 20 6f 020 at o
0050: 66 66 73 65 74 20 30 30 ffset 00
0058: 30 33 61 36 39 37 0d 0a 03a697..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 2/14/2007
Time: 9:20:45 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

More to come...


----------



## Lindee (Jan 10, 2002)

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 2/14/2007
Time: 9:20:41 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/13/2007
Time: 12:24:05 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/13/2007
Time: 12:24:01 PM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/13/2007
Time: 10:21:12 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application aim6.exe, version 1.4.9.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 61 69 6d 36 2e 65 aim6.e
0018: 78 65 20 31 2e 34 2e 39 xe 1.4.9
0020: 2e 31 20 69 6e 20 68 75 .1 in hu
0028: 6e 67 61 70 70 20 30 2e ngapp 0.
0030: 30 2e 30 2e 30 20 61 74 0.0.0 at
0038: 20 6f 66 66 73 65 74 20 offset 
0040: 30 30 30 30 30 30 30 30 00000000

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/13/2007
Time: 9:42:09 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/13/2007
Time: 9:42:08 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/13/2007
Time: 9:42:04 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/13/2007
Time: 9:41:50 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/13/2007
Time: 9:41:50 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/13/2007
Time: 9:41:47 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/8/2007
Time: 9:05:30 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/8/2007
Time: 9:05:17 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 2/5/2007
Time: 11:09:02 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 362195512.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 32 31 39 35 35 31 36219551
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 2/5/2007
Time: 11:08:05 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application OUTLOOK.EXE, version 11.0.8118.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 4f 55 54 4c 4f 4f OUTLOO
0018: 4b 2e 45 58 45 20 31 31 K.EXE 11
0020: 2e 30 2e 38 31 31 38 2e .0.8118.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Microsoft Office 11
Event Category:	None
Event ID:	2001
Date: 1/31/2007
Time: 10:19:21 AM
User: N/A
Computer:	D820GY61
Description:
Rejected Safe Mode action : Microsoft Office Outlook.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 1/30/2007
Time: 5:46:39 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 332702262.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 33 32 37 30 32 32 36 33270226
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 1/30/2007
Time: 5:46:36 PM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 332702262.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 33 32 37 30 32 32 36 33270226
0010: 32 0d 0a 2..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 1/30/2007
Time: 5:45:28 PM
User: N/A
Computer:	D820GY61
Description:
Hanging application WINWORD.EXE, version 11.0.8106.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 57 49 4e 57 4f 52 WINWOR
0018: 44 2e 45 58 45 20 31 31 D.EXE 11
0020: 2e 30 2e 38 31 30 36 2e .0.8106.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 1/30/2007
Time: 5:45:26 PM
User: N/A
Computer:	D820GY61
Description:
Hanging application WINWORD.EXE, version 11.0.8106.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 57 49 4e 57 4f 52 WINWOR
0018: 44 2e 45 58 45 20 31 31 D.EXE 11
0020: 2e 30 2e 38 31 30 36 2e .0.8106.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 1/25/2007
Time: 9:25:35 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 1/25/2007
Time: 9:24:44 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/24/2007
Time: 10:36:34 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/24/2007
Time: 8:51:08 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 2:41:54 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 2:30:59 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 2:23:16 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 1/23/2007
Time: 10:22:15 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 173332064.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 37 33 33 33 32 30 36 17333206
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 1/23/2007
Time: 10:22:11 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application HijackThis.exe, version 1.99.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 48 69 6a 61 63 6b Hijack
0018: 54 68 69 73 2e 65 78 65 This.exe
0020: 20 31 2e 39 39 2e 30 2e 1.99.0.
0028: 31 20 69 6e 20 68 75 6e 1 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 10:19:18 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1001
Date: 1/23/2007
Time: 9:58:10 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 368405934.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 36 38 34 30 35 39 33 36840593
0010: 34 0d 0a 4..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 9:58:06 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Hang
Event Category:	None
Event ID:	1001
Date: 1/23/2007
Time: 9:42:41 AM
User: N/A
Computer:	D820GY61
Description:
Fault bucket 126637809.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 31 32 36 36 33 37 38 30 12663780
0010: 39 0d 0a 9..

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 1/23/2007
Time: 9:42:31 AM
User: N/A
Computer:	D820GY61
Description:
Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 69 65 78 70 6c 6f iexplo
0018: 72 65 2e 65 78 65 20 36 re.exe 6
0020: 2e 30 2e 32 39 30 30 2e .0.2900.
0028: 32 31 38 30 20 69 6e 20 2180 in 
0030: 68 75 6e 67 61 70 70 20 hungapp 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 30 30 30 t 000000
0050: 30 30 00

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 9:01:17 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/23/2007
Time: 8:52:50 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..


----------



## Lindee (Jan 10, 2002)

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/22/2007
Time: 3:44:38 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/22/2007
Time: 9:29:08 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/21/2007
Time: 2:29:07 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/21/2007
Time: 1:26:02 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 5:45:00 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 4:21:04 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 3:14:13 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 3:03:45 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 11:52:07 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 10:24:34 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/18/2007
Time: 9:01:40 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/17/2007
Time: 3:47:57 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/17/2007
Time: 2:42:18 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/17/2007
Time: 10:56:34 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/17/2007
Time: 8:55:42 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/16/2007
Time: 5:56:02 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/16/2007
Time: 2:44:48 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/16/2007
Time: 2:33:22 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/16/2007
Time: 9:10:49 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/15/2007
Time: 6:05:28 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/15/2007
Time: 2:05:27 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/15/2007
Time: 12:51:04 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/14/2007
Time: 9:50:05 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/11/2007
Time: 5:58:53 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/11/2007
Time: 8:44:47 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/10/2007
Time: 4:35:12 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..


----------



## Lindee (Jan 10, 2002)

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/10/2007
Time: 2:51:51 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/10/2007
Time: 12:18:24 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/10/2007
Time: 11:18:07 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019780.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 38 30 0d 0a 19780..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/10/2007
Time: 8:45:18 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 5:32:32 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 2:53:50 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 1:56:55 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 1:46:33 PM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 1/9/2007
Time: 11:18:29 AM
User: N/A
Computer:	D820GY61
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x10019790.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 31 30 30 fset 100
0050: 31 39 37 39 30 0d 0a 19790..

SYSTEM ERRORS:

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 2/12/2007
Time: 2:45:46 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 2/5/2007
Time: 2:35:28 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/29/2007
Time: 2:54:27 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/25/2007
Time: 1:59:13 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 11:04:56 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 11:04:47 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7026
Date: 1/24/2007
Time: 11:00:58 AM
User: N/A
Computer:	D820GY61
Description:
The following boot-start or system-start driver(s) failed to load: 
AFD
APPDRV
AVG Anti-Spyware Driver
Avg7Core
Avg7RsW
Avg7RsXP
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 11:00:58 AM
User: N/A
Computer:	D820GY61
Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 11:00:58 AM
User: N/A
Computer:	D820GY61
Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 11:00:58 AM
User: N/A
Computer:	D820GY61
Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 11:00:58 AM
User: N/A
Computer:	D820GY61
Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 11:00:12 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 11:00:05 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 10:46:33 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 10:46:27 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7026
Date: 1/24/2007
Time: 10:43:22 AM
User: N/A
Computer:	D820GY61
Description:
The following boot-start or system-start driver(s) failed to load: 
AFD
APPDRV
AVG Anti-Spyware Driver
Avg7Core
Avg7RsW
Avg7RsXP
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 10:43:22 AM
User: N/A
Computer:	D820GY61
Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 10:43:22 AM
User: N/A
Computer:	D820GY61
Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 10:43:22 AM
User: N/A
Computer:	D820GY61
Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/24/2007
Time: 10:43:22 AM
User: N/A
Computer:	D820GY61
Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 10:42:38 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/24/2007
Time: 10:42:35 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/23/2007
Time: 10:15:25 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/23/2007
Time: 10:15:18 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7026
Date: 1/23/2007
Time: 10:05:27 AM
User: N/A
Computer:	D820GY61
Description:
The following boot-start or system-start driver(s) failed to load: 
AFD
APPDRV
AVG Anti-Spyware Driver
Avg7Core
Avg7RsW
Avg7RsXP
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/23/2007
Time: 10:05:27 AM
User: N/A
Computer:	D820GY61
Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/23/2007
Time: 10:05:27 AM
User: N/A
Computer:	D820GY61
Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/23/2007
Time: 10:05:27 AM
User: N/A
Computer:	D820GY61
Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/23/2007
Time: 10:05:27 AM
User: N/A
Computer:	D820GY61
Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/23/2007
Time: 10:04:47 AM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/23/2007
Time: 10:04:44 AM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:42:40 PM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:42:34 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:38:48 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service MDM with arguments "" in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:38:48 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service MDM with arguments "" in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:38:48 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service MDM with arguments "" in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:38:46 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service MDM with arguments "" in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7026
Date: 1/21/2007
Time: 1:37:14 PM
User: N/A
Computer:	D820GY61
Description:
The following boot-start or system-start driver(s) failed to load: 
AFD
APPDRV
AVG Anti-Spyware Driver
Avg7Core
Avg7RsW
Avg7RsXP
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/21/2007
Time: 1:37:14 PM
User: N/A
Computer:	D820GY61
Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/21/2007
Time: 1:37:14 PM
User: N/A
Computer:	D820GY61
Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/21/2007
Time: 1:37:14 PM
User: N/A
Computer:	D820GY61
Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 1/21/2007
Time: 1:37:14 PM
User: N/A
Computer:	D820GY61
Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: 
A device attached to the system is not functioning.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM


----------



## Lindee (Jan 10, 2002)

Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:36:30 PM
User: NT AUTHORITY\SYSTEM
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 1/21/2007
Time: 1:36:29 PM
User: D820GY61\Lindee
Computer:	D820GY61
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service netman with arguments "" in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/18/2007
Time: 2:56:59 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7011
Date: 1/18/2007
Time: 8:51:45 AM
User: N/A
Computer:	D820GY61
Description:
Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Tcpip
Event Category:	None
Event ID:	4199
Date: 1/15/2007
Time: 4:05:19 PM
User: N/A
Computer:	D820GY61
Description:
The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:04:23:6A:C1:E1. Network operations on this system may be disrupted as a result.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 03 00 50 00 ......P.
0008: 00 00 00 00 67 10 00 c0 ....g..À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/15/2007
Time: 1:57:46 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/10/2007
Time: 12:01:58 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 1/3/2007
Time: 2:44:19 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

Event Type:	Error
Event Source:	W32Time
Event Category:	None
Event ID:	29
Date: 1/1/2007
Time: 6:38:11 AM
User: N/A
Computer:	D820GY61
Description:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

EventType:	Error
Event Source:	W32Time
Event Category:	None
Event ID:	17
Date: 1/1/2007
Time: 6:38:11 AM
User: N/A
Computer:	D820GY61
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time-c.timefreq.bldrdoc.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	ipnathlp
Event Category:	None
Event ID:	32003
Date: 12/20/2006
Time: 1:50:16 PM
User: N/A
Computer:	D820GY61
Description:
The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 1f 00 00 00 ....

THE END! WHEW!!!


----------



## Cookiegal (Aug 27, 2003)

Go to Start > Search and under "More advanced search options". 
Make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders"

Next click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"

Then search for this file and let me know where it's located please.

*inception.exe*


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I know where it is. It is on my desktop. It is a program we use for our office, daily.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I think some of the items I either checked or unchecked is causing some problems. I am unable to open some Word docs and others is jibberish. I need to fix this, I can't do my work without it working, Any ideas?


----------



## Cookiegal (Aug 27, 2003)

You can go back and check what you wish but none of those should affect Word.

*Click here* to download Silent Runners.
Save (do not choose open) it to the desktop.
Run SilentRunners by double clicking the "SilentRunners" icon on your desktop.
You will see a text file appear on the desktop - *it's not done, let it run (it won't appear to be doing anything!)*
Once you receive the prompt *All Done!*, open the text file on the desktop, copy that entire log, and paste it here.
**NOTE* If you receive any warning message about scripts, please choose to allow the script to run.*


----------



## Lindee (Jan 10, 2002)

Cookiegal, here is what I found:

Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
"Aim6" = ""C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp" ["AOL LLC"]
"DellSupport" = ""C:\Program Files\Dell Support\DSAgnt.exe" /startup" ["Gteko Ltd."]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" ["Hewlett-Packard Co."]
"Dell Wireless Manager UI" = "C:\WINDOWS\system32\WLTRAY" ["Dell Inc"]
"VSOCheckTask" = ""c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask" [file not found]
"VirusScan Online" = ""c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"" [file not found]
"UpdateManager" = ""C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r" ["Sonic Solutions"]
"type32" = ""C:\Program Files\Microsoft IntelliType Pro\type32.exe"" [MS]
"SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."]
"SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
"RealTray" = "C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER" ["RealNetworks, Inc."]
"MPFExe" = "C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [file not found]
"MMTray" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" ["Musicmatch, Inc."]
"mmtask" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" ["Musicmatch Inc."]
"IntelliPoint" = ""C:\Program Files\Microsoft IntelliPoint\point32.exe"" [MS]
"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"eBayToolbar" = "C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe" ["eBay Inc."]
"DVDLauncher" = ""C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"" ["CyberLink Corp."]
"dla" = "C:\WINDOWS\system32\dla\tfswctrl.exe" ["Sonic Solutions"]
"Dell QuickSet" = "C:\Program Files\Dell\QuickSet\quickset.exe" [empty string]
"DadApp" = "C:\Program Files\Dell\AccessDirect\dadapp.exe" [null data]
"Camera Detector" = "C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun" ["ACD Systems, Ltd."]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" ["Sun Microsystems, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]

HKLM\Software\Microsoft\Active Setup\Installed Components\
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}\(Default) = "IE7 Uninstall Stub"
\StubPath = "C:\WINDOWS\system32\ieudinit.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}\(Default) = (no title provided)
-> {HKLM...CLSID} = "eBay Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" ["eBay Inc."]
{5CA3D70E-1895-11CF-8E15-001234567890}\(Default) = (no title provided)
-> {HKLM...CLSID} = "DriveLetterAccess"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]
"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"
-> {HKLM...CLSID} = "RecordNow! SendToExt"
\InProcServer32\(Default) = "C:\Program Files\Sonic\RecordNow!\shlext.dll" [null data]
"{5CA3D70E-1895-11CF-8E15-001234567890}" = "DriveLetterAccess"
-> {HKLM...CLSID} = "DriveLetterAccess"
\InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{92085AD4-F48A-450D-BD93-B28CC7DF67CE}" = "eBay Toolbar"
-> {HKLM...CLSID} = "eBay Toolbar"
\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" ["eBay Inc."]
"{97FA8AA2-EE77-4FF2-9449-424D8924EF21}" = "IntelliType Pro Zooming Control Panel Property Page"
-> {HKLM...CLSID} = "IntelliType Pro Zooming Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll"" [MS]
"{111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB}" = "IntelliType Pro Scrolling Control Panel Property Page"
-> {HKLM...CLSID} = "IntelliType Pro Scrolling Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll"" [MS]
"{ED6E87C6-8A83-43aa-8208-8DBC8247F4D2}" = "IntelliType Pro Key Settings Control Panel Property Page"
-> {HKLM...CLSID} = "IntelliType Pro Key Settings Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliType Pro\itcplkey.dll"" [MS]
"{A2569D1F-4E06-43EC-9825-0088B471BE47}" = "IntelliType Pro Wireless Control Panel Property Page"
-> {HKLM...CLSID} = "IntelliType Pro Wireless Control Panel Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll"" [MS]
"{20082881-FC36-4E47-9A7A-644C95FF749F}" = "IntelliPoint Wireless Control Panel Property Page"
-> {HKLM...CLSID} = "Wireless Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliPoint\ipcplwir.dll"" [MS]
"{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE}" = "IntelliPoint Wheel Control Panel Property Page"
-> {HKLM...CLSID} = "Wheel Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll"" [MS]
"{653DCCC2-13DB-45B2-A389-427885776CFE}" = "IntelliPoint Activities Control Panel Property Page"
-> {HKLM...CLSID} = "Activities Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliPoint\ipcplact.dll"" [MS]
"{124597D8-850A-41AE-849C-017A4FA99CA2}" = "IntelliPoint Buttons Control Panel Property Page"
-> {HKLM...CLSID} = "Buttons Property Page"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll"" [MS]
"{506F4668-F13E-4AA1-BB04-B43203AB3CC0}" = "{506F4668-F13E-4AA1-BB04-B43203AB3CC0}"
-> {HKLM...CLSID} = "ImageExtractorShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Visio10\VisShe.dll" [null data]
"{D66DC78C-4F61-447F-942B-3FB6980118CF}" = "{D66DC78C-4F61-447F-942B-3FB6980118CF}"
-> {HKLM...CLSID} = "CInfoTipShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Visio10\VisShe.dll" [null data]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
 \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"]

HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Lindee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Startup items in "Lindee" & "All Users" startup folders:
--------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Digital Line Detect" -> shortcut to: "C:\Program Files\Digital Line Detect\DLG.exe" ["BVRP Software"]
"Google Updater" -> shortcut to: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe -systray -startup" ["Google"]
"HotSync Manager" -> shortcut to: "C:\Palm\hotsync.exe" ["Palm Computing, Inc., a 3Com Company"]
"HP Digital Imaging Monitor" -> shortcut to: "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" ["Hewlett-Packard Co."]
"HP Image Zone Fast Start" -> shortcut to: "C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe -s" [null data]

Enabled Scheduled Tasks:
------------------------

"ISP signup reminder 1" -> launches: "C:\WINDOWS\system32\OOBE\OOBEBALN.EXE /sys /i /n:1" [MS]
"McAfee.com Scan for Viruses - My Computer (D82DGY61-Lindee)" -> launches: "c:\program files\mcafee.com\vso\mcmnhdlr.exe /runtask:0" [file not found]

Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{40D41A8B-D79B-43D7-99A7-9EE0F344C385}"
-> {HKLM...CLSID} = "AIM Search"
 \InProcServer32\(Default) = "C:\Program Files\AIM Toolbar\AIMBar.dll" [file not found]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll" ["Yahoo! Inc."]
"{92085AD4-F48A-450D-BD93-B28CC7DF67CE}" = (no title provided)
-> {HKLM...CLSID} = "eBay Toolbar"
\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" ["eBay Inc."]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar3.dll" ["Google Inc."]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{FE54FA40-D68C-11D2-98FA-00C0F0318AFE}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Real.com"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Shdocvw.dll" [MS]

HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Research"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll" ["Sun Microsystems, Inc."]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\Program Files\AIM\aim.exe" ["America Online, Inc."]

{CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\
"ButtonText" = "Real.com"

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]
Dell Wireless WLAN Tray Service, wltrysvc, "C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe" [null data]
Google Updater Service, gusvc, ""C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"" ["Google"]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
MSSQL$MICROSOFTBCM, MSSQL$MICROSOFTBCM, "C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -sMICROSOFTBCM" [MS]
Pml Driver HPZ12, Pml Driver HPZ12, "C:\WINDOWS\system32\HPZipm12.exe" ["HP"]

Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
hpzlnt12\Driver = "hpzlnt12.dll" ["HP"]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]

----------
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 116 seconds, including 18 seconds for message boxes)


----------



## Cookiegal (Aug 27, 2003)

Download ComboScan by Deckard from *Here* and save it to your Desktop. 

Double click *comboScan.exe * and follow the prompts.
When finished, it will produce a log for you. 
Post the contents of that log in your next reply.
Using Windows Explorer (to get there right-click your Start button and go to "Explore"), navigate to the *C:\ComboScan *folder. You will find two logs in the folder, *ComboScan.txt *and *Supplementary.txt*.
Open the *Supplementary.txt* log in Notepad
Also Copy and Paste its contents in a reply.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I was finally able to get to this other scan you wanted me to do. Here are the results.

ComboScan v20070226.18 run by Lindee on 2007-03-01 at 09:39:26
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information -----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Celeron(R) CPU 2.60GHz
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 510.33 MiB / 201.61 MiB
Pagefile Memory (total/avail): 1246.52 MiB / 831.44 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1997.37 MiB

C: is Fixed (NTFS) - 25.15 GiB total, 9.36 GiB free. 
D: is CDROM (No Media)
E: is Removable (No Media)

-- Security Center --------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.446 v7.5.446 (GRISOFT)

-- Environment Variables --------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Lindee\Application Data
CLIENTNAME=Console
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=D820GY61
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Lindee
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\D820GY61
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\IM;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONID=1154415600824htx605616bca49:10cc8878778:1e4d
SESSIONNAME=Console
SWUTVER=1.0.22.20030804
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Lindee\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Lindee\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\HP\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\Lindee\LOCALS~1\Temp\radD2103.tmp
USERDOMAIN=D820GY61
USERNAME=Lindee
USERPROFILE=C:\Documents and Settings\Lindee
VERSION=3.0.5.001
windir=C:\WINDOWS

-- User Profiles ----------------------------------------------------------------

Lindee _(admin)_

-- Add/Remove Programs ----------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AccessDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{417B79C9-CDB4-477F-952D-840CEFC57A6C}\setup.exe" -l0x9 
ACDSee for PENTAX --> MsiExec.exe /I{EED5156C-4BA8-4105-A506-DB9D00F8B68D}
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
AOL Instant Messenger --> C:\PROGRA~1\AIM\uninstll.exe -LOG= C:\PROGRA~1\AIM\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
Broadcom Management Programs --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2A6282FF-B75B-463F-90F5-0A43732F690D} /l1033 
Business Contact Manager for Outlook 2003 --> MsiExec.exe /I{66563AD8-637B-407F-BCA7-0233A16891AB}
Conexant D480 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Picture Studio v3.0 --> MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37}
Dell Support 5.0.0 (630) --> rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
Dell Wireless WLAN Card --> C:\WINDOWS\system32\BCMWLU00.exe verbose
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
eBay Toolbar --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}\setup.exe" -l0x9 
FormTool v5 --> MsiExec.exe /I{7A8E8A21-835D-44AA-B3D9-104247EA7908}
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HijackThis 1.99.1 --> C:\Program Files\Hijackthis\HijackThis.exe /uninstall
HP Image Zone 4.7 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7 --> "C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
Inception for Windows --> C:\INCEPT~1\UNWISE.EXE C:\INCEPT~1\INSTALL.LOG
Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Photo Album 5 --> MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
Jasc Paint Shop Pro Studio, Dell Editon --> MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Links 2003 --> "C:\Program Files\Microsoft Games\Links 2003\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visio Standard 2002 SR-1 [English] --> MsiExec.exe /I{92530409-6D54-11D4-BEE3-00C04F990354}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst 
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Palm Desktop --> C:\WINDOWS\IsUninst.exe -fC:\Palm\Palm.isu -cC:\Palm\Palmuni.dll
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PowerDVD 5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Ws2k3 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\pbi- MyoVision\Ws2k3\Uninst.isu"
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe

-- End of ComboScan: finished at 2007-03-01 at 09:44:10 -------------------------


----------



## Cookiegal (Aug 27, 2003)

Go to Control Panel - Add/Remove programs and remove:

*J2SE Runtime Environment 5.0 Update 2
Viewpoint Media Player*

Can you please give me a recap of what the problems are now.


----------



## Lindee (Jan 10, 2002)

Cookiegal,

I unistalled the J2SE Runtime ... I am still getting errors. I get the "windowsformspark" when closing down. When I open the description of the "Micorsoft has encountered an error an needs to close" window. I click on the description and it is always in the 
C:\ DOCUME~1\Lindee\LOCALS!1\Temp\8db6_appcompat.txt. 

Now what?


----------



## Cookiegal (Aug 27, 2003)

Open HijackThis and click on the "Open the Misc Tools Section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" botton. Copy and paste that list here please.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

i noticed you will be back on thr 16th. Hopefullly, we can get this problem nailed. Enjoy your time away.

AccessDirect
ACDSee for PENTAX
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0
Adobe Reader 7.0.9
AIM 6.0
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
AVG Anti-Spyware 7.5
AVG Free Edition
Broadcom Management Programs
Business Contact Manager for Outlook 2003
Conexant D480 MDC V.9x Modem
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support 5.0.0 (630)
Dell Wireless WLAN Card
Digital Line Detect
eBay Toolbar
FormTool v5
GdiplusUpgrade
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HP Image Zone 4.7
HP PSC & OfficeJet 4.7
HP Software Update
Inception for Windows 
Intel(R) Extreme Graphics 2 Driver
Internet Explorer Default Page
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java 2 Runtime Environment, SE v1.4.2_03
Learn2 Player (Uninstall Only)
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Links 2003
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visio Standard 2002 SR-1 [English]
Modem Helper
MSXML 4.0 SP2 (KB927978)
Musicmatch® Jukebox
NetWaiting
overland
Panda ActiveScan
PowerDVD 5.1
QuickSet
QuickTime
RealPlayer Basic
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929969)
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Synaptics Pointing Device Driver
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB931836)
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinRAR archiver
WordPerfect Office 12
Ws2k3
Yahoo! Toolbar


----------



## Cookiegal (Aug 27, 2003)

The Windowsformspark error you are getting is related to this program:

*FormTool v5*

Do you still use it?

Go to Control Panel - Add/Remove programs and remove these:

*J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Viewpoint Media Player*

Now go *here* and install the latest version of Java.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

How can I find out what program "form tool V" belongs to?


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I downloaded the Java you wanted me to do. Now when I try and open Explorer, I am getting a real drag in time opening IE and it is giving me an error. When it hourglassed while trying to open, it appeared to have stopped, so I tried it again from the desktop rather than the sys tray, that didn't work either, then I tried it from the start button. Finally it opened, 6 times!!! all with errors.

Now what?


----------



## Cookiegal (Aug 27, 2003)

FormTool v5 is a program so I would look in Program Files for it. 

I don't see how Java would affect IE. Did you reboot after installing it?


----------



## Lindee (Jan 10, 2002)

Cookiegal:

Yes, I rebootrd and did a hard shut down. My programs are now running so SLOW and many times MS Word is "not responding" This is a fairly new computer and not sure why it is doing wht it is doing. Clicking on the icons on the desktop take a really long time to load. It appears to be draging.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

BTW, I did find out what the Form Tool V is. It is a program I use all the time. Is there a way to debug it?


----------



## Cookiegal (Aug 27, 2003)

Do you have the software to be able to uninstall that forms program and reinstall it?

Please post a new HijackThis log.


----------



## Lindee (Jan 10, 2002)

Unfortunatey, I no longer have the CD for that program. Is that what is causing my programs to not respond or to be really SLOW?

Here is the HJT log you asked for:
Logfile of HijackThis v1.99.1
Scan saved at 10:06:12 AM, on 3/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~4\OFFICE11\OUTLOOK.EXE
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\dumprep.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I also posted another thread for my other computer: "programs not responding" Will you please take a look at it and reply? You have given me such valuable information on this computer and trust your judgement.

Thanks


----------



## Cookiegal (Aug 27, 2003)

It could well be that program that is causing the problem but I don't know for usre.

Go to *Start *- *Run *- type in *msconfig *- click OK and click on the startup tab.

Uncheck everything there except the following one and then post a new HijackThis log please.

*AVG7_CC*

I'll take a look at your other thread.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

Logfile of HijackThis v1.99.1
Scan saved at 5:21:55 PM, on 4/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156355325546
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


----------



## Cookiegal (Aug 27, 2003)

Now, witih this set up, are you still having problems?


----------



## Lindee (Jan 10, 2002)

Cookiegal:

yes. I still have the error when opeining IE. What did we change that you thought fixed the problem? Also, do I need to recheck things in my start up to eliminate the box that appears?


----------



## Cookiegal (Aug 27, 2003)

We took everything out of startup except for your anti-virus. Please leave it this way for now and also do this.

Go to *Start * *Run *- type *msconfig*  click OK and click on the *services tab* and check *hide Microsoft Services*.

Then try unchecking all the NON Microsoft services except for your anti-virus program and reboot.

Let me know how the system performs when you do that.

.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I restarted the computer several times now. I think the error in opeing IE has been solved. When the computer is shutting down, I get an error message: iedw.exe DLL initiization failed.

I need to know what to recheck so i don't keep getting the System Configuration Utilization window asking me to restart or exit without restarting. I have checked and unchecked so many things at this point.  

So, the Forms Tool V was or wasn't the culprit?


----------



## Cookiegal (Aug 27, 2003)

Was it the last steps I posted that solved it? If so, then you have to re-enable the services, one at a time, until you hit the one that causes the problem to occur.

Also, check the eventvwr.msc again to see what error was generated by this latest error and post it here please.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I think I spoke too soon. I was opening an internet page and got another error. When I opened it to see what the cause of the problem was it gave me: 

C:\DOCUME~1\Lindee\LOCALS~1\Temp\ac80_appcompat.txt

It appears the errors are always generated from the "temp" . The end of it always has something different after the "Temp"\ 

I have not re-checked anything in the startup yet.
Now what?


----------



## Cookiegal (Aug 27, 2003)

That is just a text file and is not the actual location of the error.

Go to *Start *- *Run *- type in *eventvwr.msc* and click OK. See if there are any errors under "application" and "system" marked in red for the last couple of days. If so, double click on them to open them up and then click on the icon that looks like two pieces of paper to copy them to the clipboard. Then paste them here please.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

There are 15 in hte past 2 days and a ton prior to that. How can I copy and paste "all" of the errors in the clipboard for you? The clipboard will only allow one at a time, unless I am doing something wrong.


----------



## Cookiegal (Aug 27, 2003)

You can put multiple items in the clipboard but it would be easier for you just to copy them and then paste them one at a time into a Word document and then copy and paste the entire document here.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I stopped at March 23rd. There were so many errors at that point. Would you like those too?

I did see in this list an error for the print spooler. Is this why I cannot use my printer? Maybe it was something I unchecked earlier in the start up. I really need this printer. How do I turn it back on?

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/24/2007
Time: 9:46:04 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.Event Type:	Error
Event Source:	Automatic LiveUpdate Scheduler
Event Category:	Scheduler Events 
Event ID:	101
Date: 4/11/2007
Time: 6:08:41 AM
User: NT AUTHORITY\SYSTEM
Computer:	LINDEE1
Description:
Information Level: error Initialization of the COM subsystem failed. Error code: 0x8007041D

Event Type:	Error
Event Source:	Application Hang
Event Category:	(101)
Event ID:	1002
Date: 4/6/2007
Time: 6:58:38 AM
User: N/A
Computer:	LINDEE1
Description:
Hanging application WINWORD.EXE, version 10.0.6826.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 57 49 4e 57 4f 52 WINWOR
0018: 44 2e 45 58 45 20 31 30 D.EXE 10
0020: 2e 30 2e 36 38 32 36 2e .0.6826.
0028: 30 20 69 6e 20 68 75 6e 0 in hun
0030: 67 61 70 70 20 30 2e 30 gapp 0.0
0038: 2e 30 2e 30 20 61 74 20 .0.0 at 
0040: 6f 66 66 73 65 74 20 30 offset 0
0048: 30 30 30 30 30 30 30 0000000

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date: 4/6/2007
Time: 6:55:49 AM
User: N/A
Computer:	LINDEE1
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x0355c6b0.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180 
0030: 69 6e 20 75 6e 6b 6e 6f in unkno
0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
0040: 2e 30 20 61 74 20 6f 66 .0 at of
0048: 66 73 65 74 20 30 33 35 fset 035
0050: 35 63 36 62 30 0d 0a 5c6b0..

Event Type:	Error
Event Source:	Microsoft Office 10
Event Category:	None
Event ID:	1001
Date: 3/28/2007
Time: 7:32:23 AM
User: N/A
Computer:	LINDEE1
Description:
Fault bucket 399357277.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 42 75 63 6b 65 74 3a 20 Bucket: 
0008: 33 39 39 33 35 37 32 37 39935727
0010: 37 0d 0a 7..

Event Type:	Error
Event Source:	Microsoft Office 10
Event Category:	None
Event ID:	1000
Date: 3/28/2007
Time: 7:32:10 AM
User: N/A
Computer:	LINDEE1
Description:
Faulting application outlook.exe, version 10.0.6822.0, faulting module unknown, version 0.0.0.0, fault address 0x04101ab5.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 6f 75 74 ure out
0018: 6c 6f 6f 6b 2e 65 78 65 look.exe
0020: 20 31 30 2e 30 2e 36 38 10.0.68
0028: 32 32 2e 30 20 69 6e 20 22.0 in 
0030: 75 6e 6b 6e 6f 77 6e 20 unknown 
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 34 31 30 31 61 t 04101a
0050: 62 35 0d 0a b5..

________________________________________

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/12/2007
Time: 6:44:39 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp..

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10010
Date: 4/11/2007
Time: 10:25:38 AM
User: NT AUTHORITY\SYSTEM
Computer:	LINDEE1
Description:
The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7000
Date: 4/11/2007
Time: 6:08:45 AM
User: N/A
Computer:	LINDEE1
Description:
The LiveUpdate service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7009
Date: 4/11/2007
Time: 6:08:45 AM
User: N/A
Computer:	LINDEE1
Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7009
Date: 4/11/2007
Time: 6:08:45 AM
User: N/A
Computer:	LINDEE1
Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/11/2007
Time: 6:03:42 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/9/2007
Time: 10:37:34 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10005
Date: 4/7/2007
Time: 9:32:50 PM
User: LINDEE1\Linda Scharbach
Computer:	LINDEE1
Description:
DCOM got error "The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. " attempting to start the service gusvc with arguments "" in order to run the server:
{B53B7061-6584-46AA-A033-D610EB10BD9B}

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/6/2007
Time: 7:07:29 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/4/2007
Time: 6:45:30 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/3/2007
Time: 5:48:59 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10010
Date: 4/2/2007
Time: 9:15:08 PM
User: NT AUTHORITY\SYSTEM
Computer:	LINDEE1
Description:
The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 4/1/2007
Time: 1:21:33 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/30/2007
Time: 12:38:23 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/26/2007
Time: 7:06:45 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/25/2007
Time: 6:27:28 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/25/2007
Time: 10:16:18 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/25/2007
Time: 8:21:04 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/24/2007
Time: 7:11:33 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7000
Date: 3/24/2007
Time: 5:21:55 PM
User: N/A
Computer:	LINDEE1
Description:
The IMAPI CD-Burning COM Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7009
Date: 3/24/2007
Time: 5:21:55 PM
User: N/A
Computer:	LINDEE1
Description:
Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/24/2007
Time: 5:20:17 PM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:	Error
Event Source:	Service Control Manager
Event Category:	None
Event ID:	7001
Date: 3/24/2007
Time: 9:46:04 AM
User: N/A
Computer:	LINDEE1
Description:
The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

There's no need to go back further than that.

Click *Start *- right-click *My Computer*, and then click *Manage*.


Expand Services and Applications, and then click Services. 
In the right pane, right-click *LexBce Server*, and then click Properties. 
On the General tab, in the Startup type list, click *Disabled*. 
Under Service status, click Stop, and then click OK. 
Right-click the *Print Spooler service*, and then click Start (if it is stopped). 
Quit Computer Management.

Let me know if the printer works after doing the above.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I did as you instructed. It was already disabled. It also showed stopped and the start button and other buttons under the service status were grayed out and couldn't make a choice to start. I did not see ehere the "Print spooler" was located in that window. I still tried to print, but it didn't work

Also, the issue of rebooting. I am still getting the black screen telling me to "connect the uSB keyboard/mouse and to presxs F/1 to continue" not sure why I am getting this.

When the computer restarts the System Configuration Utilites window keeps popping up and telling me to restart. I know it is probably because you had me uncheck mostly everything. I really would like to get rid of all the spyware programs, but not sure which ones to keep.

I think I should just buy a new computer


----------



## Cookiegal (Aug 27, 2003)

I would like to check to see if you have a registry key:

Go to *Start *- *Run *- type in *regedit *and click OK to open the registry editor.

Expand these keys by clicking on the + to the left:

HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Services

in the left-hand pane, under Services, do you have a folder that says *Spooler*?


----------



## Lindee (Jan 10, 2002)

Cookiegal:

yes, there is a folder that says "spooler"

my computer has been very unresponsive today. What else can we do?

I have cleared the cache, history, cookies, rebooted the lynksys router.


----------



## Cookiegal (Aug 27, 2003)

Please go to Start - Run - type in services.msc and click OK.

Click on "Action" and select "export list" and save it on your desktop with the name services.txt then upload it here as an attachment please.


----------



## Lindee (Jan 10, 2002)

Cookiegal:

For some reason, it will not allow me to attach this. Hope this still works for you. I had to paste it in. My computer has been so unresponsive, it has been difficult to even open some windows.



Name	Description	Status Startup Type	Log On As
Alerter	Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled	Local Service
Application Layer Gateway Service	Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.	Started	Manual	Local Service
Application Management	Provides software installation services such as Assign, Publish, and Remove. Manual	Local System
ASP.NET State Service	Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Network Service
Automatic Updates	Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.	Started	Automatic	Local System
AVG Anti-Spyware Guard Started	Automatic	Local System
AVG7 Alert Manager Server Started	Automatic	Local System
AVG7 Update Service Started	Automatic	Local System
Background Intelligent Transfer Service	Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.	Started	Automatic	Local System
Canon Camera Access Library 8 Started	Automatic	Local System
ClipBook	Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled	Local System
COM+ Event System	Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Manual	Local System
COM+ System Application	Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
Computer Browser	Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Automatic	Local System
Cryptographic Services	Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
DCOM Server Process Launcher	Provides launch functionality for DCOM services.	Started	Automatic	Local System
Dell Wireless WLAN Tray Service	Provides 802.11 network connection during system startup	Started	Automatic	Local System
DHCP Client	Manages network configuration by registering and updating IP addresses and DNS names.	Started	Automatic	Local System
Distributed Link Tracking Client	Maintains links between NTFS files within a computer or across computers in a network domain.	Started	Automatic	Local System
Distributed Transaction Coordinator	Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Network Service
DNS Client	Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Network Service
DSBrokerService Manual	Local System
Error Reporting Service	Allows error reporting for services and applictions running in non-standard environments.	Started	Automatic	Local System
Event Log	Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.	Started	Automatic	Local System
Fast User Switching Compatibility	Provides management for applications that require assistance in a multiple user environment.	Started	Manual	Local System
Fax	Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network. Automatic	Local System
Google Updater Service Started	Automatic	Local System
Help and Support	Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
HID Input Service	Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
HTTP SSL	This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Manual	Local System
IMAPI CD-Burning COM Service	Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
Indexing Service	Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language. Manual	Local System
IPSEC Services	Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.	Started	Automatic	Local System
Logical Disk Manager	Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
Logical Disk Manager Administrative Service	Configures hard disk drives and volumes. The service only runs for configuration processes and then stops. Manual	Local System
Machine Debug Manager	Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.	Started	Automatic	Local System
Messenger	Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled	Local System
MS Software Shadow Copy Provider	Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
MSSQL$MICROSOFTBCM Started	Automatic	Local System
MSSQLServerADHelper Manual	Local System
Net Logon	Supports pass-through authentication of account logon events for computers in a domain. Manual	Local System
NetMeeting Remote Desktop Sharing	Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
Network Connections	Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.	Started	Manual	Local System
Network DDE	Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled	Local System
Network DDE DSDM	Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Disabled	Local System
Network Location Awareness (NLA)	Collects and stores network configuration and location information, and notifies applications when this information changes.	Started	Manual	Local System
Network Provisioning Service	Manages XML configuration files on a domain basis for automatic network provisioning. Manual	Local System
NT LM Security Support Provider	Provides security to remote procedure call (RPC) programs that use transports other than named pipes. Manual	Local System
Office Source Engine	Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports. Manual	Local System
Performance Logs and Alerts	Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Network Service
Plug and Play	Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.	Started	Automatic	Local System
Pml Driver HPZ12 Started	Automatic	Local System
Portable Media Serial Number Service	Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device. Manual	Local System
Print Spooler	Loads files to memory for later printing.	Started	Automatic	Local System
Protected Storage	Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.	Started	Automatic	Local System
QoS RSVP	Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets. Manual	Local System
Remote Access Auto Connection Manager	Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. Manual	Local System
Remote Access Connection Manager	Creates a network connection.	Started	Manual	Local System
Remote Desktop Help Session Manager	Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box. Manual	Local System
Remote Procedure Call (RPC)	Provides the endpoint mapper and other miscellaneous RPC services.	Started	Automatic	Network Service
Remote Procedure Call (RPC) Locator	Manages the RPC name service database. Manual	Network Service
Removable Storage Manual	Local System
Routing and Remote Access	Offers routing services to businesses in local area and wide area network environments. Disabled	Local System
Secondary Logon	Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
Security Accounts Manager	Stores security information for local user accounts.	Started	Automatic	Local System
Security Center	Monitors system security settings and configurations.	Started	Automatic	Local System
Server	Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
Shell Hardware Detection	Provides notifications for AutoPlay hardware events.	Started	Automatic	Local System
Smart Card	Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local Service
SQLAgent$MICROSOFTBCM Manual	Local System
SSDP Discovery Service	Enables discovery of UPnP devices on your home network.	Started	Manual	Local Service
System Event Notification	Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.	Started	Automatic	Local System
System Restore Service	Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties	Started	Automatic	Local System
Task Scheduler	Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
TCP/IP NetBIOS Helper	Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.	Started	Automatic	Local Service
Telephony	Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.	Started	Manual	Local System
Terminal Services	Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.	Started	Manual	Local System
Themes	Provides user experience theme management.	Started	Automatic	Local System
Uninterruptible Power Supply	Manages an uninterruptible power supply (UPS) connected to the computer. Manual	Local Service
Universal Plug and Play Device Host	Provides support to host Universal Plug and Play devices. Manual	Local Service
Volume Shadow Copy	Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
WebClient	Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local Service
Windows Audio	Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
Windows Driver Foundation - User-mode Driver Framework	Manages user-mode driver host processes Manual	Local System
Windows Firewall/Internet Connection Sharing (ICS)	Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.	Started	Automatic	Local System
Windows Image Acquisition (WIA)	Provides image acquisition services for scanners and cameras.	Started	Automatic	Local System
Windows Installer	Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. Manual	Local System
Windows Management Instrumentation	Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System
Windows Media Player Network Sharing Service	Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play Manual	Network Service
Windows Time	Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Started	Automatic	Local System
Wireless Zero Configuration	Provides automatic configuration for the 802.11 adapters	Started	Automatic	Local System
WMI Performance Adapter	Provides performance library information from WMI HiPerf providers. Manual	Local System
Workstation	Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.	Started	Automatic	Local System


----------



## Cookiegal (Aug 27, 2003)

It shows the print spooler service there as bein started. When did you start having problems printing?


----------



## Lindee (Jan 10, 2002)

Cookiegal:

Sorry, think I posted that on the wrong post. The issue with my other post "programs not responding" was the one with the printer not printing...among other things.l resolved that and bought a new computer. I think it was time anyway.

This computer with the IE problems needs to get resolved. Now when I am on the internet and try to open links in pages, the only way I can get them to open is to press the shift button and click the link.

We have checked and unchecked so many things on this computer, I can't remember what it is suppose to be. Please help me.

Thanks


----------



## Cookiegal (Aug 27, 2003)

Is that the only problem on this computer? It's getting a little confusing. 

Let's try IEFix:

http://www.majorgeeks.com/download4467.html


----------



## Lindee (Jan 10, 2002)

Cookiegal:

The problem with this computer is the constant error when opening IE. You had me check and uncheck so many things, I am not sure what it is suppose to be.

When I try and open a link in a web page, I have to hold the shift button down and click the link in order for it to open.

Please tell me how to fix this problem. As you can see there are well over 100 posts from you and I going back and forth. I thought it might be corrected by this point.

I appreciate all your help in trying to get this fixed.


----------



## Cookiegal (Aug 27, 2003)

I'm sorry you're not happy but we did deal with some other issues in this thread. The things that are disabled can remain disabled. It will just make your startup lighter, which is a good thing. It's only important to have your anti-virus running at starup.

This is my last suggestion. If it doesn't work then I'm out of idea.

Quit all programs that are running.

Click Start - Run
Type *regsvr32 urlmon.dll* and then click OK
When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.

If this does not resolve the problem, repeat steps 2 through 4 for each of the following files (in step 3, replace Urlmon.dll with each of the file names below):


Shdocvw.dll
Actxprxy.dll
Oleaut32.dll
Mshtml.dll
Browseui.dll
Shell32.dll


----------



## Lindee (Jan 10, 2002)

Cookiegal:

I ran all the .dlls you wanted. All checked out ok.

Not sure where to go from here. There is something that is causing the error. Are you fresh out of ideas? Can you repost mine and maybe someone else has something to offer?


----------



## Cookiegal (Aug 27, 2003)

I suggest you start a new thread as you'll get help that way. I'll close this one.


----------

