Tarun

Mark, your log is clean. What sort of Internet connection are you on? Dial-up, DSL, cable, etc.. Also, are you behind a router? If so, you may wish to check your router's settings. Network Magic may be slowing down your networking experience. You may want to try to temporarily disable it and see if there is any improvements. O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash Also, what do you use Network Magic for at your network? You do need to update your Internet Explorer, but that can wait until your problem(s) have been fixed. I'm sorry but that is honestly the worst advice you could dare ever give a user. The fact that he chose to use Avast for his anti-virus and Comodo for his firewall and Windows Defender for real-time protection are all excellent choices. Avast is one of the very best freeware anti-virus products available. In fact, it far surpasses numerous paid products in quality and detection. It goes above and beyond, because it also detects spyware and adware. Comodo does an excellent job at monitoring and protecting a computer. It will also tell you if a program is known to be malicious or not. ZoneAlarm is well known for causing numerous slowdowns, blue screen issues and much more. This is both the free and pro versions. Why use a software that is only going to add more issues and slowdowns to his already existing issues? AVG antivirus is also known for missing a lot of viruses. I've dealt with many computers that have had this anti virus with up-to-date definitions and had numerous infections. All of which avast caught and cured. Registry cleaning has one benefit, and that is to clean up/fix the leftovers from incomplete/problematic uninstallers. Aside from that, there is no reason to bother the registry. "A few hundred kilobytes of unused keys and values causes no noticeable performance impact on system operation. Even if the registry was massively bloated there would be little impact on the performance of anything other than exhaustive searches." "Registry Cleaners can fix problems associated with traces of applications left behind due to incomplete uninstalls. So it seems that Registry junk is a Windows fact of life and that Registry cleaners will continue to have a place in the anal-sysadmin's tool chest, at least until we're all running .NET applications that store their per-user settings in XML files - and then of course we'll need XML cleaners." Source: Registry Junk: A Windows Fact of Life Now, as far as the services go. A user should never alter their services unless under direct instruction from a certified technician. The services are there and set for a reason. Disabling them does not increase performance on any noticeable level. If you believe there is an increase in performance, it is a matter of perception and nothing more. If you're concerned about slow performance, install more RAM. Remember, idle RAM is wasted RAM. With his startup, there are a few things that he may wish to remove; but that is his choice. If he actively uses the programs then he should leave them alone. However there are two that would be safe to remove as they can be accessed through the Start Menu. They are: O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe He shouldn't worry about removing those as of yet. His problem needs to be resolved first. Unfortunately, that website will give a lot of misinformation and also mark perfectly safe entries as malicious. Users are suggested to avoid it at all costs.

Added a Wiki to the website for many FAQs and guides.

Label1.Caption = App.Title However, if they rename it the app will not update the external file name, only the internal/compiled file name.

It's the IP.Board rich text editor. However, TinyMCE is a fairly good WYSIWYG editor and there are other open source alternatives.

The dumps also point to your tcpip.sys file. Have you "patched" your tcpip.sys file? If so, you may wish to run sfc /purgecache and then sfc /scannow

Great work damian. What is the theme you have installed with the pack? Would love to find/use it on my system. Few change requests: In Start -> Run. Can it be modified to look like Vista and not have that rather annoying and distracting animated image? Also, can the MSFN link in the start menu be an optional change? Oh, and when you go to shutdown the images are not properly lined up.

Firetune works brilliantly and integrates the tweaks you mention above plus many more.

http://bink.nu/photos/news_article_images/...8/original.aspx

The Event Viewer logs every login attempt, that may be of some help. It also tells you what username.

unzip -o MyZip.zip should work fine. Don't forget if you have a space, to wrap it in quotes.

Wrap it in quotes. Any time you have a space, simply wrap it in quotes. Batch File Tutorials

You could check out XPize.

Give this a shot. rundll32.exe setupapi.dll,InstallHinfSection DefaultInstall 132 C:\WINDOWS\inf\sr.inf You might be prompted for your Windows installation media.

MOLD

DORK

Looks like a false positive, the few that call it suspicious look like it's due to them being packed by compression such as UPX.

Almost forgot, but if you have the VB6 itself installed on your computer you would need the VB6SP6b installed. However if you don't have VB6 installed all you would need is the runtimes.

VB6 currently has SP6b. You may want to download that update and install it.

Thanks cluberti! I'll have to post the results of the dump next time explorer.exe crashes.

I've been trying to debug why this error occurs. Unfortunately it does not generate a crash dump of any form. I've checked by doing Start > Run > "%allusersprofile%\Application Data\Microsoft\Dr Watson" next boot after this error, but there is no user.dmp. The most it generates is an item in the event viewer, which is as follows: Application popup: Explorer.EXE - Application Error : The instruction at "0x7c9106c3" referenced memory at "0x7e29e356". The memory could not be "written". I've updated fully and my explorer.exe is: 6.00.2900.2649 I believe the current/standard version is: 6.0.2900.2180 The only time I've seen this occur is when I shut down the computer. It's rare that it happens. Seems to be about once every 7-10 shutdowns. Assistance is welcome.

Upload it to virus-total and check it there.

For those interested, here's a direct link to UPHClean. I definitely recommend using it, and even distribute it with my Anti-Malware packs. It's even helped me out a few times.

Just curious, but did you happen to run the Hotfix Uninstaller part in CCleaner?

Generated by Tarun's HijackThis Converter v0.50 Beta. Default-color items are optional, red are known to be malicious. Created registry value R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 Changed registry value R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Created registry value R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local Enumeration of existing IE's BHO's O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll Enumeration of existing IE's toolbars O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) Enumeration of suspicious auto-loading registry entries O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime Extra IE context menu items O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm Extra "Tools" menu items and buttons O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) Broken Internet access. To fix these you will need LSPFix To fix these you will need LSPFix O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll Downloaded Program Files item O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/trydiner...h2.1.0.0.48.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/snailmail...gwebinstall.cab O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.freeworldgroup.com/games6/diner...tg.1.0.0.33.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/f/532/6712/5m/vir...0/installer.exe O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://candystand.com/assets/activex/virto...acheManager.CAB O16 - DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} (DVCDownloaderControl Object) - http://www.sonypictures.com/games/thedavin...aderControl.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://aolsvc.aol.com/onlinegames/dinerdas...sh.1.0.0.72.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/heavyweap...ploader_v10.cab O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326 Be sure to update your Java to the latest version.

Doesn't The Inquirer post a bunch of junk/false news? It might be true though, found this: http://www.uberpulse.com/us/2007/07/cisco_...rkets_video.php