While trying to edit a listing in my Ipod this afternoon, I was unable to type the letter "r" - not upper or lower case. So I rebooted. Then when I tried to connect to my dsl the user name box filled up with the letter "v" over and over and over and wouldn't let me delete it and enter my name. I hit control alt delete to see if I saw anything unusual running. The only thing that seemed to be using alot of power was alg.exe. I deleted it to see what would happen. It worked I think because I was then able to connect to the dsl. I ran AVG updated and found nothing. I ran Spy Hunter - which found 127 registry issues called Backweb which I believe is associated with the Kodak software I was using last night - so I left it alone. I updated and ran PC Bug Doctor - no problem. I ran spybot s&d -no problem. I updated my Norton which runs everyday anyway and is supposed to update itself. Well it did have something to update and then it said I had to reboot..so I did. Then I ran Norton after the reboot but before trying to connect to dsl. The Norton didn't find anything..so again I tried to connect and again I got all the "v"s. I shut alg.exe again and was then able to connect to dsl.
What can I do?? Any suggestions?

Mch1850,
The alg.exe file is located in the c:\windows\System32 folder and belongs there. In other cases, alg.exe is a virus, spyware, trojan or worm! If that is the case, then delete that alg.exe in, Safe Mode.

Did a search and it comes up in WINNT\system32. But somehow I'm able to be on here without it. Also there are 47 processes running is this ok? What would have caused all the "v"'s in the user name connection box?

mch1850,
I would think you could get away with running 20-30 processes or less, 40 sounds like you are running things that don't need to be running. A list of your processes would be helpful to me.

The ongoing v's and it not letting you delete could have been your computer lagging and you holding down the v button, or a virus, or your keyboard. Does this happen when you write in wordpad? When your computer is running ok, test to see if you have problems again, try a different keyboard if possible, and then if it's neither of those, then it's likely a virus.

Jeremy

Jeremy,
Here is what is running
hphipm11.exe System 3124
IEXPLORE.EXE admin 37012
SpySweeper.exe admin 9232
msnmsgr.exe admin 4160
iPodService.exe System 4712
rundll32.exe admin 3200
qttask.exe admin 3416
hpgs2wnf.exe admin 4732
iTunesHelper.exe admin 5240
avgcc.exe admin 6444
mmtask.exe admin 4068
WkUFind.exe admin 2548
hpgs2wnd.exe admin 4772
hphmon04.exe admin 4416
WEBPROXY.EXE admin 3280
hpztsb05.exe admin 3776
CCaPP.EXE admin 12300
aPVXDWIN.EXE admin 5516
taskmgr.exe admin 5296
PAVPROT.EXE System 7776
nvsvc32.exe System 3928
pavFnSvr.exe System 12692
NAVAPSVC.exe System 9140
spoolsv.exe admin 5216
explorer.exe admin 11528
PSIMSVC.EXE System 2200
CCEVTMGR.EXE System 3892
CCSETMGR.EXE System 5068
svchost.exe Local Service 4284
svchost.exe Network Service 4368
sqlservr.exe System 11300
svchost.exe System 22430
gearsec.exe System 2684
ehSched.exe System 4160
avgupsvc.exe System 3396
svchost.exe System 5852
avgamsvr.exe System 7676
alg.exe Local Service 6244
lsass.exe System 1920
services.exe System 4560
winlogon.exe System 1776
csrss.exe System 4988
smss.exe System 460
Scsiaccess.exeSystem 2728
Prevsrv.exe System 4456
PavPrSrv.exe System 2668
System System 228
System Idle Process System 20

Thank you so much for your time and trouble.

Mch1850,
Well I'm working on your procceses, could you send me a list of your items on startup. To do that.

1. Click Start, Choose Run..., type "msconfig" no quotations. Then click OK.

2. Choose the "StartUp" tab and give me the list of items in there and if there checked

3. I'll post your processes back asap.

Jeremy

Thanks again Jeremy,
Here is my msconfig startup list:
hkcmd
ccApp
NvCpl
hpztsb05
hphmon04
hphupd04
hpgs2wnd
WkUFind
mmtask
APVXDWIN
UsrPrmpt
avgcc
NeroCheck
iTunesHelper
qttask
SpyHunter
nwiz
NvMcTray
msnmsgr
SpySweeper
CTHELPER
ehtray
GWInkMonitor
igfxtray
PicasaMediaDetector
mmtask
msmsgs
NeroCheck
nwiz
qttask
sgtray
QuickShutDown
KodakEasyShare s...
KodakSoftware U...

I'm noticing some duplication here.
Whatdya think Jeremy?

SpySweeper.exe admin 9232 This deletes your spyware/adware
msnmsgr.exe admin 4160 this is your msn instant messenger
iPodService.exe System 4712 this is for your mp3 player
rundll32.exe admin 3200 is a virus if not in the system32 folder
qttask.exe admin 3416 Quick Time Video Tray Icon
hpgs2wnf.exe admin 4732 For hewlett packard
iTunesHelper.exe admin 5240 another for your mp3's
avgcc.exe admin 6444 that's fine
mmtask.exe admin 4068 for jukebox
WkUFind.exe admin 2548 background process
hpgs2wnd.exe admin 4772 that's fine
hphmon04.exe admin 4416 needed
WEBPROXY.EXE admin 3280 for your anti-virus program
hpztsb05.exe admin 3776 hewlett packard taskbar utility
CCaPP.EXE admin 12300 is for Norton AntiVirus 2003
aPVXDWIN.EXE admin 5516 Part of Panda Anti-Virus
taskmgr.exe admin 5296 (this is the task manager your in now)
PAVPROT.EXE System 7776 Part of Panda Anti-Virus
nvsvc32.exe System 3928 needed ensures drivers card works correctly
pavFnSvr.exe System 12692 Part of Panda Anti-Virus
NAVAPSVC.exe System 9140 needed
spoolsv.exe admin 5216 needed
explorer.exe admin 11528 needed(this is for windows to run)
PSIMSVC.EXE System 2200 Part of Panda Anti-Virus
CCEVTMGR.EXE System 3892 needed
CCSETMGR.EXE System 5068 is part of Norton Internet Security or Norton Antivirus from Symantec Corporation.
svchost.exe Local Service 4284 needed
svchost.exe Network Service 4368 needed
sqlservr.exe System 11300 SQL server
svchost.exe System 22430 needed
gearsec.exe System 2684 to copy DVDs",CDs", etc.
ehSched.exe System 4160 for Windows Media Center
avgupsvc.exe System 3396
svchost.exe System 5852 needed
avgamsvr.exe System 7676 AVG antivirus related
alg.exe Local Service 6244
lsass.exe System 1920 needed
services.exe System 4560 needed
winlogon.exe System 1776 needed
csrss.exe System 4988 needed
smss.exe System 460 needed
Scsiaccess.exeSystem 2728 needed
Prevsrv.exe System 4456 Part of Panda Anti-Virus
PavPrSrv.exe System 2668 Part of Panda Anti-Virus
System System 228 needed
System Idle Process System 20 needed
Now let me break this list down in a paragraph, your running programs that don't need to be run all the time via we'll take care of that with msconfig. You don't show any viruses but the viruses could take the names of processes you need, so be sure to check there in the right directories (if you still have adware/spyware problems). Now with that said, we'll continue chopping away at your processes list with msconfig.
Arcaned.

Jeremy,
The RUNDLL32.exe shows up 8 times when I do a search. The first 7 times it comes up as in folder C:\WINNT\Prefetch ???
The type is PF file - what is that?
The last listing is for rundll32 with no .exe extension - found in
C:\WINNT\system 32.

Your Welcome, I enjoy helping, and thank you's are much appreciated.
Laughing at your, Whatdya think? Personally yuk way to many things on start up. Just follow below and uncheck or check each item as noted in, "msconfig".

Here is your msconfig startup list:

hkcmd uncheck

ccApp check

NvCpl check

hpztsb05 uncheck

hphmon04 uncheck

hphupd04 uncheck

hpgs2wnd uncheck

WkUFind uncheck

mmtask uncheck

APVXDWIN check

UsrPrmpt check

avgcc check

NeroCheck check

iTunesHelper uncheck

qttask uncheck

SpyHunter uncheck

nwiz ...uncheck unless u have 2 monitors

NvMcTray check

msnmsgr uncheck

SpySweeper ...uncheck just run manually when needed

CTHELPER uncheck

ehtray uncheck

GWInkMonitor uncheck

igfxtray uncheck

PicasaMediaDetector uncheck

mmtask uncheck

msmsgs uncheck

NeroCheck uncheck

nwiz uncheck

qttask uncheck

sgtray check - we'll leave this - this
reminds you to back up your files

QuickShutDown ...If you want quick shut down check this - uncheck it if you don't use it

KodakEasyShare s...uncheck

KodakSoftware U... uncheck

When needed programs can be opened manually by you.

Then choose ok > Exit Without Restart. Go To Start > Choose Run... > Type, "regedit"..> Click OK.

In Registry Editor Go > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Shared Tools > MSCONFIG > startupreg

In every folder in the startupreg via they will be all programs that you unchecked in, "msconfig". Delete the hkey out of every folder in "startupreg", when done close that and restart your computer.

Run "msconfig" after restart and choose the startup tab and repost your processes and how your performance is.

mch1850,
You are A ok on your RUNDLL32's, I don't see any problems here.

Jeremy

Jeremy,
Here are my new results from msconfig after following your instructions:
ccApp
NvCpl
APVXDWIN
UsrPrmpt
avgcc
NeroCheck
NvMcTray
Boy this list looks so much more manageable.I hope I did it all properly. Thanks so much for all of your time and effort. You're my hero!

mch1850,
Thank you for your much appreciated feedback! Your list looks much more manageable. If any questions come up, just let me know.

Jeremy Hunter

Jeremy,

I don't know if you remember me or not, but I encountered a problem today wherein my IE shut off. The computer itself didn't shut down or reboot just went back to my desktop.
Anyway now I notice on my desktop an icon I was unfamiliar with, when I opened it, this is what it said

An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION (0xc0000005) occurred at PC=0xC6523CF
Function=Java_sun_awt_windows_WColor_getDefaultColor+0x2E0D
Library=C:\Program Files\Java\j2re1.4.2\bin\awt.dll

Current Java thread:
at sun.awt.windows.WToolkit.eventLoop(Native Method)
at sun.awt.windows.WToolkit.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x77F50000 - 0x77FF7000 C:\WINNT\System32\ntdll.dll
0x77E60000 - 0x77F46000 C:\WINNT\system32\kernel32.dll
0x77C10000 - 0x77C63000 C:\WINNT\system32\msvcrt.dll
0x77D40000 - 0x77DCC000 C:\WINNT\system32\USER32.dll
0x7E090000 - 0x7E0D1000 C:\WINNT\system32\GDI32.dll
0x77DD0000 - 0x77E5D000 C:\WINNT\system32\ADVAPI32.dll
0x78000000 - 0x78087000 C:\WINNT\system32\RPCRT4.dll
0x70A70000 - 0x70AD4000 C:\WINNT\system32\SHLWAPI.dll
0x71700000 - 0x71849000 C:\WINNT\System32\SHDOCVW.dll
0x71950000 - 0x71A34000 C:\WINNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll
0x003C0000 - 0x003E1000 C:\Program Files\Webroot\Spy Sweeper\sis.dll
0x77120000 - 0x771AB000 C:\WINNT\system32\oleaut32.dll
0x771B0000 - 0x772D4000 C:\WINNT\system32\OLE32.DLL
0x773D0000 - 0x77BCA000 C:\WINNT\system32\SHELL32.dll
0x77340000 - 0x773CB000 C:\WINNT\system32\comctl32.dll
0x5AD70000 - 0x5ADA4000 C:\WINNT\System32\uxtheme.dll
0x71500000 - 0x715FD000 C:\WINNT\System32\BROWSEUI.dll
0x72430000 - 0x72442000 C:\WINNT\System32\browselc.dll
0x75F40000 - 0x75F5F000 C:\WINNT\system32\appHelp.dll
0x7C890000 - 0x7C911000 C:\WINNT\System32\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINNT\System32\COMRes.dll
0x77C00000 - 0x77C07000 C:\WINNT\system32\VERSION.dll
0x63000000 - 0x63096000 C:\WINNT\system32\WININET.dll
0x762C0000 - 0x76348000 C:\WINNT\system32\CRYPT32.dll
0x762A0000 - 0x762B0000 C:\WINNT\system32\MSASN1.dll
0x76F90000 - 0x76FA0000 C:\WINNT\System32\Secur32.dll
0x76620000 - 0x7666E000 C:\WINNT\System32\cscui.dll
0x76600000 - 0x7661B000 C:\WINNT\System32\CSCDLL.dll
0x76670000 - 0x76757000 C:\WINNT\System32\SETUPAPI.dll
0x75A70000 - 0x75B15000 C:\WINNT\system32\USERENV.dll
0x68000000 - 0x6804D000 C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
0x71AD0000 - 0x71AD8000 C:\WINNT\System32\WSOCK32.dll
0x71AB0000 - 0x71AC5000 C:\WINNT\System32\WS2_32.dll
0x71AA0000 - 0x71AA8000 C:\WINNT\System32\WS2HELP.dll
0x76B40000 - 0x76B6C000 C:\WINNT\System32\WINMM.dll
0x1A400000 - 0x1A47A000 C:\WINNT\system32\urlmon.dll
0x10000000 - 0x10018000 C:\Program Files\Norton AntiVirus\NavShExt.dll
0x76B20000 - 0x76B35000 C:\WINNT\System32\ATL.DLL
0x7C080000 - 0x7C0F7000 C:\WINNT\System32\MSVCP70.dll
0x7C000000 - 0x7C054000 C:\WINNT\System32\MSVCR70.dll
0x01110000 - 0x011C0000 c:\program files\google\googletoolbar2.dll
0x76C30000 - 0x76C5B000 C:\WINNT\System32\WINTRUST.dll
0x76C90000 - 0x76CB2000 C:\WINNT\system32\IMAGEHLP.dll
0x71C20000 - 0x71C6E000 C:\WINNT\System32\netapi32.dll
0x76990000 - 0x769B4000 C:\WINNT\System32\ntshrui.dll
0x71B20000 - 0x71B31000 C:\WINNT\system32\MPR.dll
0x75F60000 - 0x75F66000 C:\WINNT\System32\drprov.dll
0x71C10000 - 0x71C1D000 C:\WINNT\System32\ntlanman.dll
0x71CD0000 - 0x71CE6000 C:\WINNT\System32\NETUI0.dll
0x71C90000 - 0x71CCC000 C:\WINNT\System32\NETUI1.dll
0x71C80000 - 0x71C86000 C:\WINNT\System32\NETRAP.dll
0x71BF0000 - 0x71C01000 C:\WINNT\System32\SAMLIB.dll
0x75F70000 - 0x75F79000 C:\WINNT\System32\davclnt.dll
0x73D70000 - 0x73D82000 C:\WINNT\System32\shgina.dll
0x75970000 - 0x75A62000 C:\WINNT\System32\MSGINA.dll
0x76360000 - 0x7636F000 C:\WINNT\System32\WINSTA.dll
0x01350000 - 0x01382000 C:\WINNT\System32\ODBC32.dll
0x763B0000 - 0x763F5000 C:\WINNT\system32\comdlg32.dll
0x1F850000 - 0x1F866000 C:\WINNT\System32\odbcint.dll
0x0FFD0000 - 0x0FFF3000 C:\WINNT\System32\rsaenh.dll
0x76EE0000 - 0x76F17000 C:\WINNT\System32\RASAPI32.DLL
0x76E90000 - 0x76EA1000 C:\WINNT\System32\rasman.dll
0x76EB0000 - 0x76EDB000 C:\WINNT\System32\TAPI32.dll
0x76E80000 - 0x76E8D000 C:\WINNT\System32\rtutils.dll
0x01310000 - 0x0131B000 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x01580000 - 0x0163B000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x5EDD0000 - 0x5EDEA000 C:\WINNT\System32\olepro32.dll
0x76170000 - 0x761F8000 C:\WINNT\System32\shdoclc.dll
0x74770000 - 0x747FF000 C:\WINNT\System32\mlang.dll
0x01740000 - 0x0175A000 C:\Program Files\Panda Software\Panda TruPrevent Personal\pavlsp.dll
0x7C340000 - 0x7C396000 C:\WINNT\System32\MSVCR71.dll
0x7C3A0000 - 0x7C41B000 C:\WINNT\System32\MSVCP71.dll
0x01770000 - 0x017A1000 C:\Program Files\Panda Software\Panda TruPrevent Personal\PavTrc.dll
0x017B0000 - 0x017CD000 C:\Program Files\Panda Software\Panda TruPrevent Personal\icl_cfg.dll
0x71A50000 - 0x71A8B000 C:\WINNT\system32\mswsock.dll
0x76F20000 - 0x76F45000 C:\WINNT\System32\DNSAPI.dll
0x71A90000 - 0x71A98000 C:\WINNT\System32\wshtcpip.dll
0x76FB0000 - 0x76FB7000 C:\WINNT\System32\winrnr.dll
0x76F60000 - 0x76F8C000 C:\WINNT\system32\WLDAP32.dll
0x02230000 - 0x02431000 C:\WINNT\System32\msi.dll
0x75E90000 - 0x75F38000 C:\WINNT\System32\SXS.DLL
0x76FC0000 - 0x76FC5000 C:\WINNT\System32\rasadhlp.dll
0x63580000 - 0x63832000 C:\WINNT\System32\mshtml.dll
0x746F0000 - 0x74716000 C:\WINNT\System32\msimtf.dll
0x74720000 - 0x74764000 C:\WINNT\System32\MSCTF.dll
0x76390000 - 0x763AC000 C:\WINNT\System32\IMM32.DLL
0x325C0000 - 0x325D2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x02090000 - 0x020AE000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll
0x020C0000 - 0x020E0000 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll
0x6B700000 - 0x6B790000 c:\winnt\system32\jscript.dll
0x746C0000 - 0x746E7000 C:\WINNT\System32\MSLS31.DLL
0x66E50000 - 0x66E8B000 C:\WINNT\System32\iepeers.dll
0x73000000 - 0x73023000 C:\WINNT\System32\WINSPOOL.DRV
0x66000000 - 0x6600F000 C:\Program Files\Yahoo!\Companion\Modules\pubmod\v1\pubmod.dll
0x65000000 - 0x6502B000 C:\Program Files\Yahoo!\Companion\Modules\pubmod\v1\YPUBC.dll
0x74CB0000 - 0x74D1F000 C:\WINNT\System32\mshtmled.dll
0x72D20000 - 0x72D29000 C:\WINNT\System32\wdmaud.drv
0x72D10000 - 0x72D18000 C:\WINNT\System32\msacm32.drv
0x77BE0000 - 0x77BF4000 C:\WINNT\System32\MSACM32.dll
0x77BD0000 - 0x77BD7000 C:\WINNT\System32\midimap.dll
0x73300000 - 0x73375000 c:\winnt\system32\vbscript.dll
0x045B0000 - 0x04757000 C:\WINNT\System32\macromed\flash\Flash.ocx
0x049E0000 - 0x049E9000 C:\WINNT\System32\ddrawex.dll
0x51000000 - 0x5104D000 C:\WINNT\System32\DDRAW.dll
0x73BC0000 - 0x73BC6000 C:\WINNT\System32\DCIMAN32.dll
0x6BDD0000 - 0x6BE03000 C:\WINNT\System32\dxtrans.dll
0x6BE10000 - 0x6BE65000 C:\WINNT\System32\dxtmsft.dll
0x767F0000 - 0x76814000 C:\WINNT\System32\schannel.dll
0x0FFA0000 - 0x0FFC1000 C:\WINNT\System32\dssenh.dll
0x71D40000 - 0x71D5B000 C:\WINNT\System32\actxprxy.dll
0x73D50000 - 0x73D60000 C:\WINNT\System32\cryptnet.dll
0x6CC60000 - 0x6CC6B000 C:\WINNT\System32\dispex.dll
0x73080000 - 0x7309C000 C:\WINNT\system32\rsvpsp.dll
0x66880000 - 0x6688A000 C:\WINNT\System32\imgutil.dll
0x58A20000 - 0x58A6E000 C:\WINNT\System32\inetcpl.cpl
0x667D0000 - 0x667ED000 C:\WINNT\System32\inetcplc.dll
0x02BD0000 - 0x02BE8000 C:\WINNT\System32\OCCache.DLL
0x722B0000 - 0x722B5000 C:\WINNT\System32\sensapi.dll
0x5E310000 - 0x5E31B000 C:\WINNT\System32\pngfilt.dll
0x03670000 - 0x03676000 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
0x6D440000 - 0x6D450000 C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
0x6D310000 - 0x6D327000 C:\Program Files\Java\j2re1.4.2\bin\jpiexp32.dll
0x6D380000 - 0x6D397000 C:\Program Files\Java\j2re1.4.2\bin\jpishare.dll
0x089A0000 - 0x08AD6000 C:\PROGRA~1\Java\J2RE14~1.2\bin\client\jvm.dll
0x01A90000 - 0x01A97000 C:\PROGRA~1\Java\J2RE14~1.2\bin\hpi.dll
0x01B80000 - 0x01B8E000 C:\PROGRA~1\Java\J2RE14~1.2\bin\verify.dll
0x01C20000 - 0x01C38000 C:\PROGRA~1\Java\J2RE14~1.2\bin\java.dll
0x01BA0000 - 0x01BAD000 C:\PROGRA~1\Java\J2RE14~1.2\bin\zip.dll
0x0C5E0000 - 0x0C6EA000 C:\Program Files\Java\j2re1.4.2\bin\awt.dll
0x064D0000 - 0x06520000 C:\Program Files\Java\j2re1.4.2\bin\fontmanager.dll
0x5C000000 - 0x5C0C8000 C:\WINNT\System32\D3DIM700.DLL
0x6D2F0000 - 0x6D304000 C:\Program Files\Java\j2re1.4.2\bin\jpicom32.dll
0x06290000 - 0x062B2000 C:\Program Files\Java\j2re1.4.2\bin\dcpr.dll
0x03FC0000 - 0x03FCF000 C:\Program Files\Java\j2re1.4.2\bin\net.dll
0x065B0000 - 0x065CE000 C:\Program Files\Java\j2re1.4.2\bin\jpeg.dll
0x6D510000 - 0x6D58D000 C:\WINNT\system32\DBGHELP.dll
0x76BF0000 - 0x76BFB000 C:\WINNT\System32\PSAPI.DLL

Heap at VM Abort:
Heap
def new generation total 1152K, used 1039K [0x10020000, 0x10150000, 0x10780000)
eden space 1088K, 94% used [0x10020000, 0x10120e08, 0x10130000)
from space 64K, 19% used [0x10130000, 0x10133148, 0x10140000)
to space 64K, 0% used [0x10140000, 0x10140000, 0x10150000)
tenured generation total 13236K, used 10781K [0x10780000, 0x1146d000, 0x16020000)
the space 13236K, 81% used [0x10780000, 0x11207498, 0x11207600, 0x1146d000)
compacting perm gen total 8448K, used 8413K [0x16020000, 0x16860000, 0x1a020000)
the space 8448K, 99% used [0x16020000, 0x16857730, 0x16857800, 0x16860000)

Local Time = Tue Oct 12 11:45:10 2004
Elapsed Time = 345
#
# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot(TM) Client VM (1.4.2-b28 mixed mode)
#

Do you know what happened? Any suggestions?
Thanks in advance.
mch1850

i have imgutil.ddl and a imgutil32.dll in my windows/system32 map, not sure if the second belongs there to, does anyone know