1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please help me frame my question Properly

Discussion in 'Windows XP' started by Jambonay, Nov 1, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    I don't know how to properly describe the problem I have been having to do useful searches for help on this and other forums!

    I have a Dell Inspiron 7500 running win 2000 sp4. It has developed the problem of shutting off abruptly as if power had been removed from the system with no warning, prompt or anything. When I go to restart it, it either reboots into hibernate mode or gives me a blue screen with a KMODE EXCEPTION NOT HANDLED and a memory dump. I then have to reboot again to get it up and running.

    This shutdown is triggered by certain web pages though not all pages and not always triggered by any one page. The shutdown occurs ALWAYS when trying to open a 3-d drawing in AutoCAD 2002 though NOT by opening the exact same drawing file in AutoCAD r14

    It is a very weird problem and I have been searching various forums all over the web, at Dell, at Microsoft and I can't find anyone with a similar problem which makes me think I am not describing the problem correctly.

    Please help
     
  2. dwaynea515

    dwaynea515

    Joined:
    Sep 9, 2001
    Messages:
    601
    Good Morning and welcome to TSG.

    Do this in order:

    1) Open Internet Explorer -> Tools -> Internet Options -> delete cookies, delete files (select off-line content), clear history. Then click ok and exit Internet Explorer.


    2) Read http://tomcoyote.org/SPYBOT/index1.html then download and run SpyBot. Make sure to get the updates for SpyBot before you have it scan your computer. After you scan and remove anything SpyBot finds, make sure to click the Immunize button followed by OK and then click the Immunize button in the right pane.

    ) Read http://www.tomcoyote.org/hjt then download and install HiJackThis. Open up HiJackThis and click "Scan". After you do so, click "Save Log" and save it to your desktop. Exit HiJackThis and open the log you created on your desktop and copy everything in the log and post it here
     
  3. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    OK< here it is:

    Logfile of HijackThis v1.97.3
    Scan saved at 2:17:44 PM, on 11/1/2003
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v5.00 (5.00.2920.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\Tablet.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\System32\mspmspsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\SymTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\WINDOWS\system32\bcmwltry.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\QUICKENW\QWDLLS.EXE
    C:\Program Files\Sony Handheld\USBSwt.exe
    C:\Program Files\Sony Handheld\HOTSYNC.EXE
    C:\Program Files\Microsoft Office\Office\OSA9.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\jarthur\Desktop\hijack\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationalreview.com/thecorner/corner.asp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:6588
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\SYSTEM\blank.htm
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
    O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    O4 - HKLM\..\Run: [QBCD Autorun] D:\autorun.exe restart TIMER_SEQUENCE first
    O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
    O4 - HKLM\..\Run: [RemoveCpl] RemoveCpl.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
    O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Startup: PowerReg SchedulerV2.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE
    O4 - Global Startup: Sony PDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
    O8 - Extra context menu item: Convert for CLIE - C:\Program Files\Sony\Image Converter\menu.htm
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/dell/site/PCPitStop.CAB
    O16 - DPF: {0FF3E97F-433D-11D2-B31A-00A0C9B135DB} (CoDetectDigitalRiver Class) - http://ebot.digitalriver.com/v2.0-doc/dlwizard/wizard3.0.4.3.cab
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) - http://www.genisar.com/files/genplug60.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/110e5f0235a08d3a7123/netzip/RdxIE601.cab
    O16 - DPF: {71CA4411-45EC-4608-B9D7-6D4B6A9D1BB4} (Attenza System Profiler) - http://service.dell.com/dell/SystemProfiler.cab
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera1.city.north-bay.on.ca/activex/AxisCamControl.ocx
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom Class) - http://www.zoomify.com/download/zoomify214.cab
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,219
    First Name:
    Derek
  5. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    Thank you Derek for your response.
    I did try what you suggested a couple of days ago. I downloaded all the latest drivers and manually deleted the earlier ones from my system and then installed the new ones. Did not solve my problem.

    I should add that every time I click on the reply button using the computer in question it crashes and thus begins anew the 15 minute boot , re boot , reboot sequence to get it back up and running.
     
  6. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,219
    First Name:
    Derek
    post a start uplist from hijackthis, that includes all hardware drivers and services so we might see what is causing it.

    looking at the M$ article it can be extremely difficult to track down but it is ALWAYS a driver problem but determining which one is problematic

    to do start up list openj HJT, press config/misc tools/ tick both boxes about empty & minor sectionas & press generate start up list

    if you look at the M$ article try to copy the stop message next time it happens at least the last part where it says error in xxxxx.sys or similar to give us some hope of finding youur faulty driver
     
  7. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    here is the startup list will post picture of Blue screen in a sec:

    StartupList report, 11/1/2003, 3:58:56 PM
    StartupList version: 1.52
    Started from : C:\Documents and Settings\jarthur\Desktop\hijack\HijackThis.EXE
    Detected: Windows 2000 SP4 (WinNT 5.00.2195)
    Detected: Internet Explorer v5.00 (5.00.2920.0000)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\savedump.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\Tablet.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\System32\mspmspsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\SymTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\WINDOWS\system32\bcmwltry.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\QUICKENW\QWDLLS.EXE
    C:\Program Files\Sony Handheld\USBSwt.exe
    C:\Program Files\Sony Handheld\HOTSYNC.EXE
    C:\Documents and Settings\jarthur\Desktop\hijack\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\jarthur\Start Menu\Programs\Startup]
    HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    PowerReg SchedulerV2.exe

    Shell folders AltStartup:
    *Folder not found*

    User shell folders Startup:
    *Folder not found*

    User shell folders AltStartup:
    *Folder not found*

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE
    InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE
    Sony PDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe

    Shell folders Common AltStartup:
    *Folder not found*

    User shell folders Common Startup:
    *Folder not found*

    User shell folders Alternate Common Startup:
    *Folder not found*

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    SystemTray = SysTray.Exe
    Synchronization Manager = mobsync.exe /logon
    AtiPTA = atiptaxx.exe
    SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    NAV Agent = C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
    SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
    POINTER = C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    QBCD Autorun = D:\autorun.exe restart TIMER_SEQUENCE first
    bcmwltry = bcmwltry.exe
    RemoveCpl = RemoveCpl.exe
    TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    QD FastAndSafe =
    QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

    SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    [OptionalComponents]
    *No values found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .SCR:
    HKEY_CLASSES_ROOT\AutoCADScriptFile\shell\open\command

    (Default) = C:\WINDOWS\NOTEPAD.EXE "%1"

    --------------------------------------------------

    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command

    (Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

    --------------------------------------------------

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = "C:\WINDOWS\System32\shmgrate.exe" OCInstallUserConfigIE

    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = "C:\WINDOWS\System32\shmgrate.exe" OCInstallUserConfigOE

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [{6A5110B5-E14B-4268-A065-EF89FF33C325}] *
    StubPath = regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll

    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\System32\ie4uinit.exe

    [{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *
    StubPath = %SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl

    --------------------------------------------------

    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps

    *Registry key not found*

    --------------------------------------------------

    Load/Run keys from C:\WINDOWS\WIN.INI:

    load=*INI section not found*
    run=*INI section not found*

    Load/Run keys from Registry:

    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=C:\WINDOWS\system32\ssmarque.scr
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    --------------------------------------------------

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    --------------------------------------------------

    Verifying REGEDIT.EXE integrity:

    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Company name OK: 'Microsoft Corporation'
    - Original filename OK: 'REGEDIT.EXE'
    - File description: 'Registry Editor'

    Registry check passed

    --------------------------------------------------

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    NAV Helper - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Disk Defragmenter.job
    Norton AntiVirus - Scan my computer.job
    Norton SystemWorks One Button Checkup.job
    ScanDisk.job
    Symantec NetDetect.job
    Tune-up Application Start.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [DirectAnimation Java Classes]
    CODEBASE = file://C:\WINDOWS\Java\classes\dajava.cab
    OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

    [Internet Explorer Classes for Java]
    CODEBASE = file://c:\windows\SYSTEM\iejava.cab
    OSD = C:\WINDOWS\Downloaded Program Files\Internet Explorer Classes for Java.osd

    [Microsoft XML Parser for Java]
    CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
    OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

    [{00000075-9980-0010-8000-00AA00389B71}]
    CODEBASE = http://codecs.microsoft.com/codecs/i386/voxacm.CAB

    [SysProWmi Class]
    InProcServer32 = C:\WINDOWS\System32\Dell\SystemProfiler\SysPro.ocx
    CODEBASE = http://support.dell.com/systemprofiler/SysPro.cab

    [QuickTime Object]
    InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
    CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

    [sys Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\PCPitStop.dll
    CODEBASE = http://www.pcpitstop.com/dell/site/PCPitStop.CAB

    [CoDetectDigitalRiver Class]
    CODEBASE = http://ebot.digitalriver.com/v2.0-doc/dlwizard/wizard3.0.4.3.cab

    [WficaCtl Object]
    InProcServer32 = C:\WINDOWS\System32\WFICA.OCX
    CODEBASE = http://www.genisar.com/files/genplug60.cab

    [Office Update Installation Engine]
    InProcServer32 = C:\WINDOWS\opuc.dll
    CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

    [RdxIE Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\RdxIE.dll
    CODEBASE = http://207.188.7.150/110e5f0235a08d3a7123/netzip/RdxIE601.cab

    [Attenza System Profiler]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\SystemProfiler.dll
    CODEBASE = http://service.dell.com/dell/SystemProfiler.cab

    [Java Plug-in 1.4.1_03]
    InProcServer32 = C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
    CODEBASE = http://java.sun.com/products/plugin/1.4/jinstall-14_03-windows-i586.cab

    [DmiReader Class]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\SYSPRO~1.DLL
    CODEBASE = http://ftp.us.dell.com/fixes/PROFILER.CAB

    [CamImage Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\AxisCamControl.ocx
    CODEBASE = http://camera1.city.north-bay.on.ca/activex/AxisCamControl.ocx

    [Java Plug-in 1.4.1_03]
    InProcServer32 = C:\Program Files\Java\j2re1.4.1_03\bin\npjpi141_03.dll
    CODEBASE = http://java.sun.com/products/plugin/1.4/jinstall-14_03-windows-i586.cab

    [{CEBC955E-58AF-11D2-A30A-00A0C903492B}]
    CODEBASE = http://windowsupdate.microsoft.com/R957/V31Controls/x86/nt5/en/actsetup.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Zoom Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZActiveX.dll
    CODEBASE = http://www.zoomify.com/download/zoomify214.cab

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #1: C:\WINDOWS\System32\nwprovau.dll
    NameSpace #2: C:\WINDOWS\System32\rnr20.dll
    NameSpace #3: C:\WINDOWS\System32\winrnr.dll
    Protocol #1: C:\WINDOWS\system32\msafd.dll
    Protocol #2: C:\WINDOWS\system32\msafd.dll
    Protocol #3: C:\WINDOWS\system32\msafd.dll
    Protocol #4: C:\WINDOWS\system32\msafd.dll
    Protocol #5: C:\WINDOWS\system32\msafd.dll
    Protocol #6: C:\WINDOWS\system32\msafd.dll
    Protocol #7: C:\WINDOWS\system32\msafd.dll
    Protocol #8: C:\WINDOWS\system32\msafd.dll
    Protocol #9: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #10: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #11: C:\WINDOWS\system32\msafd.dll
    Protocol #12: C:\WINDOWS\system32\msafd.dll
    Protocol #13: C:\WINDOWS\system32\msafd.dll
    Protocol #14: C:\WINDOWS\system32\msafd.dll
    Protocol #15: C:\WINDOWS\system32\msafd.dll
    Protocol #16: C:\WINDOWS\system32\msafd.dll
    Protocol #17: C:\WINDOWS\system32\msafd.dll
    Protocol #18: C:\WINDOWS\system32\msafd.dll
    Protocol #19: C:\WINDOWS\system32\msafd.dll
    Protocol #20: C:\WINDOWS\system32\msafd.dll
    Protocol #21: C:\WINDOWS\system32\msafd.dll
    Protocol #22: C:\WINDOWS\system32\msafd.dll
    Protocol #23: C:\WINDOWS\system32\msafd.dll
    Protocol #24: C:\WINDOWS\system32\msafd.dll
    Protocol #25: C:\WINDOWS\system32\msafd.dll
    Protocol #26: C:\WINDOWS\system32\msafd.dll
    Protocol #27: C:\WINDOWS\system32\msafd.dll
    Protocol #28: C:\WINDOWS\system32\msafd.dll
    Protocol #29: C:\WINDOWS\system32\msafd.dll
    Protocol #30: C:\WINDOWS\system32\msafd.dll
    Protocol #31: C:\WINDOWS\system32\msafd.dll
    Protocol #32: C:\WINDOWS\system32\msafd.dll
    Protocol #33: C:\WINDOWS\system32\msafd.dll
    Protocol #34: C:\WINDOWS\system32\msafd.dll
    Protocol #35: C:\WINDOWS\system32\msafd.dll
    Protocol #36: C:\WINDOWS\system32\msafd.dll
    Protocol #37: C:\WINDOWS\system32\msafd.dll
    Protocol #38: C:\WINDOWS\system32\msafd.dll
    Protocol #39: C:\WINDOWS\system32\msafd.dll
    Protocol #40: C:\WINDOWS\system32\msafd.dll
    Protocol #41: C:\WINDOWS\system32\msafd.dll
    Protocol #42: C:\WINDOWS\system32\msafd.dll
    Protocol #43: C:\WINDOWS\system32\msafd.dll
    Protocol #44: C:\WINDOWS\system32\msafd.dll
    Protocol #45: C:\WINDOWS\system32\msafd.dll
    Protocol #46: C:\WINDOWS\system32\msafd.dll
    Protocol #47: C:\WINDOWS\system32\msafd.dll
    Protocol #48: C:\WINDOWS\system32\msafd.dll
    Protocol #49: C:\WINDOWS\system32\msafd.dll

    --------------------------------------------------

    Enumerating Windows NT/2000/XP services

    Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
    Microsoft Embedded Controller Driver: System32\DRIVERS\ACPIEC.sys (system)
    AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (autostart)
    Intel AGP Bus Filter: System32\DRIVERS\agp440.sys (system)
    Alerter: %SystemRoot%\System32\services.exe (manual start)
    Application Management: %SystemRoot%\system32\services.exe (manual start)
    RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
    Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
    Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
    ati2mpab: System32\DRIVERS\ati2mpab.sys (manual start)
    atirage3: System32\DRIVERS\atimpab.sys (manual start)
    ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
    ATM Service: %SystemRoot%\System32\ATMsrvc.exe (disabled)
    Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
    pcAnywhere Host Service: C:\Program Files\Symantec\pcAnywhere\awhost32.exe (manual start)
    awlegacy: \SystemRoot\System32\Drivers\awlegacy.sys (system)
    AW_HOST: system32\drivers\aw_host5.sys (system)
    BCM 802.11g Network Adapter Driver: System32\DRIVERS\bcmwl5.sys (manual start)
    Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k BITSgroup (manual start)
    Computer Browser: %SystemRoot%\System32\services.exe (autostart)
    Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start)
    CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
    Indexing Service: C:\WINDOWS\System32\cisvc.exe (manual start)
    ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
    Microsoft ACPI Control Method Battery Driver: System32\DRIVERS\CmBatt.sys (manual start)
    Microsoft Composite Battery Driver: System32\DRIVERS\compbatt.sys (system)
    DHCP Client: %SystemRoot%\System32\services.exe (autostart)
    Disk Driver: System32\DRIVERS\disk.sys (system)
    Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
    dmload: System32\drivers\dmload.sys (disabled)
    Logical Disk Manager: %SystemRoot%\System32\services.exe (autostart)
    Microsoft DirectMusic SW Synth (WDM): system32\drivers\DMusic.sys (manual start)
    DNS Client: %SystemRoot%\System32\services.exe (autostart)
    3Com Megahertz 10/100 LAN CardBus PC Card Driver: System32\DRIVERS\el575nd5.sys (manual start)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
    Fax Service: %systemroot%\system32\faxsvc.exe (manual start)
    Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
    Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
    Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
    Game Port Enumerator: System32\DRIVERS\gameenum.sys (manual start)
    Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
    Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (autostart)
    i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
    iRiver Internet Audio Player IFP-300: System32\DRIVERS\ifp300.sys (autostart)
    IntelIde: System32\DRIVERS\intelide.sys (system)
    Microsoft IntelliPoint Features driver: System32\DRIVERS\IPFilter.sys (manual start)
    IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
    RIP Listener: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    IPSEC driver: System32\DRIVERS\ipsec.sys (manual start)
    IrDA Protocol: System32\DRIVERS\irda.sys (autostart)
    IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
    Infrared Monitor: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
    Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    Server: %SystemRoot%\System32\services.exe (autostart)
    Workstation: %SystemRoot%\System32\services.exe (autostart)
    TCP/IP NetBIOS Helper Service: %SystemRoot%\System32\services.exe (autostart)
    TCP/IP Print Server: %SystemRoot%\System32\tcpsvcs.exe (manual start)
    LT Modem Driver: System32\DRIVERS\ltmdmnt.sys (manual start)
    ESS Maestro Audio Driver (WDM): system32\drivers\maestro.sys (manual start)
    Messenger: %SystemRoot%\System32\services.exe (autostart)
    MLPTDR_C: \??\C:\WINDOWS\System32\MLPTDR_C.SYS (autostart)
    NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
    Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
    Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
    BDA MPE Filter: System32\DRIVERS\MPE.sys (manual start)
    MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
    Windows Installer: C:\WINDOWS\System32\MsiExec.exe /V (manual start)
    Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
    Microsoft MPU-401 MIDI UART Driver: system32\drivers\msmpu401.sys (manual start)
    NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start)
    NAVAP: \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS (manual start)
    Norton AntiVirus Auto Protect Service: C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe (autostart)
    NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20031031.016\NAVENG.Sys (manual start)
    NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20031031.016\NavEx15.Sys (manual start)
    NetBEUI Protocol: System32\DRIVERS\nbf.sys (autostart)
    Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
    NetBT: System32\DRIVERS\netbt.sys (system)
    Network DDE: %SystemRoot%\system32\netdde.exe (manual start)
    Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
    NetDetect: \SystemRoot\system32\drivers\netdtect.sys (manual start)
    Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
    Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Norton Unerase Protection Driver: \??\C:\WINDOWS\System32\Drivers\NPDRIVER.SYS (manual start)
    Norton Unerase Protection: C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (autostart)
    NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
    Removable Storage: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Client Service for NetWare: %SystemRoot%\System32\services.exe (autostart)
    IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
    NWLink IPX/SPX/NetBIOS Compatible Transport Protocol: System32\DRIVERS\nwlnkipx.sys (autostart)
    NWLink NetBIOS: System32\DRIVERS\nwlnknb.sys (autostart)
    NWLink SPX/SPXII Protocol: System32\DRIVERS\nwlnkspx.sys (autostart)
    NetWare Rdr: System32\DRIVERS\nwrdr.sys (manual start)
    PalmUSBD: system32\drivers\PalmUSBD.sys (manual start)
    Parallel class driver: System32\DRIVERS\parallel.sys (manual start)
    Parallel port driver: System32\DRIVERS\parport.sys (system)
    PCI Bus Driver: System32\DRIVERS\pci.sys (system)
    Pcmcia: System32\DRIVERS\pcmcia.sys (system)
    Pen Class: System32\Drivers\PenClass.sys (system)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    BUSlink USB-Optical Adapter: System32\DRIVERS\scd1pl.sys (autostart)
    IPSEC Policy Agent: %SystemRoot%\System32\lsass.exe (autostart)
    WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
    Protected Storage: %SystemRoot%\system32\services.exe (autostart)
    Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
    Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WAN Miniport (IrDA Modem): System32\DRIVERS\rasirda.sys (manual start)
    WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
    Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
    Microsoft Streaming Network Raw Channel Access: system32\drivers\RCA.sys (manual start)
    Rdbss: System32\DRIVERS\rdbss.sys (system)
    Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
    Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Remote Registry Service: %SystemRoot%\system32\regsvc.exe (autostart)
    Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\System32\rsvp.exe -s (manual start)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
    Smart Card Helper: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Task Scheduler: %SystemRoot%\system32\MSTask.exe (autostart)
    SDdriver: \??\C:\WINDOWS\System32\Drivers\sddriver.sys (manual start)
    RunAs Service: %SystemRoot%\system32\services.exe (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
    Serial port driver: System32\DRIVERS\serial.sys (system)
    Internet Connection Sharing: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Simple TCP/IP Services: %SystemRoot%\System32\tcpsvcs.exe (autostart)
    BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start)
    SMC IrCC Miniport Device Driver: System32\DRIVERS\smcirda.sys (manual start)
    SNMP Service: %SystemRoot%\System32\snmp.exe (autostart)
    SNMP Trap Service: %SystemRoot%\System32\snmptrap.exe (manual start)
    Memory Stick Driver(SonyCLDK): System32\DRIVERS\SonyCLDK.sys (system)
    Sony Memory Stick Driver(SONYPVM1): System32\DRIVERS\SONYPVM1.SYS (system)
    Sony USB Filter Driver (SONYPVU1): System32\DRIVERS\SONYPVU1.SYS (manual start)
    Speed Disk service: C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe (autostart)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    Srv: System32\DRIVERS\srv.sys (manual start)
    BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start)
    Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
    SYMREDRV: \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (manual start)
    SYMTDI: \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS (autostart)
    Synaptics TouchPad Driver: System32\DRIVERS\SynTP.sys (manual start)
    Microsoft System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
    TabletService: C:\WINDOWS\System32\Tablet.exe (autostart)
    Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
    Telnet: %SystemRoot%\system32\tlntsvr.exe (manual start)
    Distributed Link Tracking Client: %SystemRoot%\system32\services.exe (autostart)
    Microsoft USB Universal Host Controller Driver: System32\DRIVERS\uhcd.sys (manual start)
    Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
    Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft USB Standard Hub Driver: System32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB PRINTER Class: System32\DRIVERS\usbprint.sys (manual start)
    USB Mass Storage Driver: System32\DRIVERS\USBSTOR.SYS (manual start)
    Utility Manager: %SystemRoot%\System32\UtilMan.exe (manual start)
    VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
    Windows Time: %SystemRoot%\System32\services.exe (manual start)
    Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WDNEBBFBWinmodem icon: System32\DRIVERS\WDNEBBFB.sys (manual start)
    Windows Management Instrumentation: %SystemRoot%\System32\WBEM\WinMgmt.exe (autostart)
    WMDM PMSP Service: C:\WINDOWS\System32\mspmspsv.exe (autostart)
    Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Windows Management Instrumentation Driver Extensions: %SystemRoot%\system32\Services.exe (manual start)
    World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start)
    Automatic Updates: %systemroot%\system32\svchost.exe -k wugroup (autostart)
    Wireless Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: *Registry value not found*

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    Network.ConnectionTray: C:\WINDOWS\system32\NETSHELL.dll
    WebCheck: C:\WINDOWS\System32\webcheck.dll
    SysTray: stobject.dll

    --------------------------------------------------
    End of report, 35,651 bytes
    Report generated in 0.640 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  8. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    here is the blue screen image
     
  9. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    sorry, let me try again
     

    Attached Files:

  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,219
    First Name:
    Derek
    It's your ati graphics card driver that is causing the problem

    uninstall the drivers completely and try with a standard windows vga driver see if that stops the crashes

    if it does then what graphics card have you actualy got installed.

    did the problem start after a new set of drivers or what

    I would use the original drivers that came with the card, rather than updating and see if that makes it more stable.
     
  11. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,219
    First Name:
    Derek
    The only other answer might be SP4


    I have heard of other crashing problems with SP4 upgrades and many users prefer to revert to & stay with SP3 which appears more stable

    Did the crashes start since you upgraded or did they happen before
     
  12. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,219
    First Name:
    Derek
  13. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    thank you Derek for your responses. My dogs wanted me to go take a walk with them. Back Now. I don't thinK it is sp4 as I did that update to try and get rid of the problem. I will have to figure out which drivers came with the card from Dell.
     
  14. Jambonay

    Jambonay Thread Starter

    Joined:
    Nov 1, 2003
    Messages:
    57
    I have installed and uninstalled all the various drivers for this card and it still crashes the system. I did try run my surefire crash test (autocad 2002 in 3d) in windows safe mode and NO CRASH so Ithink that proves that the problem is indeed the driver.
     
  15. Jtoast

    Jtoast

    Joined:
    Oct 3, 2002
    Messages:
    3,362
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/176169

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice