Tarun

Label1.Caption = App.Title However, if they rename it the app will not update the external file name, only the internal/compiled file name.

It's the IP.Board rich text editor. However, TinyMCE is a fairly good WYSIWYG editor and there are other open source alternatives.

The dumps also point to your tcpip.sys file. Have you "patched" your tcpip.sys file? If so, you may wish to run sfc /purgecache and then sfc /scannow

Great work damian. What is the theme you have installed with the pack? Would love to find/use it on my system. Few change requests: In Start -> Run. Can it be modified to look like Vista and not have that rather annoying and distracting animated image? Also, can the MSFN link in the start menu be an optional change? Oh, and when you go to shutdown the images are not properly lined up.

Firetune works brilliantly and integrates the tweaks you mention above plus many more.

http://bink.nu/photos/news_article_images/...8/original.aspx

The Event Viewer logs every login attempt, that may be of some help. It also tells you what username.

unzip -o MyZip.zip should work fine. Don't forget if you have a space, to wrap it in quotes.

Wrap it in quotes. Any time you have a space, simply wrap it in quotes. Batch File Tutorials

You could check out XPize.

Give this a shot. rundll32.exe setupapi.dll,InstallHinfSection DefaultInstall 132 C:\WINDOWS\inf\sr.inf You might be prompted for your Windows installation media.

MOLD

DORK

Looks like a false positive, the few that call it suspicious look like it's due to them being packed by compression such as UPX.

Almost forgot, but if you have the VB6 itself installed on your computer you would need the VB6SP6b installed. However if you don't have VB6 installed all you would need is the runtimes.

VB6 currently has SP6b. You may want to download that update and install it.

Thanks cluberti! I'll have to post the results of the dump next time explorer.exe crashes.

I've been trying to debug why this error occurs. Unfortunately it does not generate a crash dump of any form. I've checked by doing Start > Run > "%allusersprofile%\Application Data\Microsoft\Dr Watson" next boot after this error, but there is no user.dmp. The most it generates is an item in the event viewer, which is as follows: Application popup: Explorer.EXE - Application Error : The instruction at "0x7c9106c3" referenced memory at "0x7e29e356". The memory could not be "written". I've updated fully and my explorer.exe is: 6.00.2900.2649 I believe the current/standard version is: 6.0.2900.2180 The only time I've seen this occur is when I shut down the computer. It's rare that it happens. Seems to be about once every 7-10 shutdowns. Assistance is welcome.

Upload it to virus-total and check it there.

For those interested, here's a direct link to UPHClean. I definitely recommend using it, and even distribute it with my Anti-Malware packs. It's even helped me out a few times.

Just curious, but did you happen to run the Hotfix Uninstaller part in CCleaner?

Generated by Tarun's HijackThis Converter v0.50 Beta. Default-color items are optional, red are known to be malicious. Created registry value R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 Changed registry value R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Created registry value R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local Enumeration of existing IE's BHO's O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll Enumeration of existing IE's toolbars O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) Enumeration of suspicious auto-loading registry entries O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime Extra IE context menu items O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm Extra "Tools" menu items and buttons O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) Broken Internet access. To fix these you will need LSPFix To fix these you will need LSPFix O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll Downloaded Program Files item O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/trydiner...h2.1.0.0.48.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/snailmail...gwebinstall.cab O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://www.freeworldgroup.com/games6/diner...tg.1.0.0.33.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://a532.g.akamai.net/f/532/6712/5m/vir...0/installer.exe O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://candystand.com/assets/activex/virto...acheManager.CAB O16 - DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} (DVCDownloaderControl Object) - http://www.sonypictures.com/games/thedavin...aderControl.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://aolsvc.aol.com/onlinegames/dinerdas...sh.1.0.0.72.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/heavyweap...ploader_v10.cab O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326 Be sure to update your Java to the latest version.

Doesn't The Inquirer post a bunch of junk/false news? It might be true though, found this: http://www.uberpulse.com/us/2007/07/cisco_...rkets_video.php

Is the My Documents folder still open when you go to Shutdown your computer or have you closed all open windows?

See my previous post for what you should remove.