is my ram missing?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
hello .just got my first computer at 38 . How sad!was hoping u guys could answer a question or two for me.the box in question is a packard bell 2.1Gh celeron 256mb ram , win xp 32. Now , when i start up the computer ,and look at snapsys, it tells me that out of the 256mb of ram i have somewhere between 40 and 80mb free and the only thing running is activsurf agent.(exept from the OS i assume).when im on the web there are two explore prossesses running . IEXPLORE.EXE and explorer.exe and 5 or 6 cvchost.exes. i have updated norton and ran it and it didnt find any viruses. is it normal to use this much ram or do you think there is something else running that i need to know about?And if so how do i find it ? P.S. Reading thru some of your threads is like trying to read hindu. please remember im veryconfused! P.P.S . iv just noted on of the cvchosts uses a very simillar amount of ram to explorer.exe. cheers!
 

dai

Joined
Mar 6, 2003
Messages
11,198
256 is the minimum recommend you put in another 256,everthing you do goes into ram for fast retrieval,if you are not running out of memory,getting a box popping up saying insuffiecent memory,don't worry.
xp is a ram hog.
run adaware and spybot on a regular basis as well as your virus checker
 
Joined
Feb 28, 2001
Messages
11,584
Veryconfused
I am not familiar with the program Snapsys but I am assuming it creates a snapshot of dynamic and static information about the state of your computer.
Anyway lets discuss RAM first.
I always use this statement to explain usage of RAM.
"Unused RAM is Wasted RAM!"
What is meant by that is RAM and other on motherboard are the fastest storage media you have. Compared to a hard drive it is lightning fast! When you system boots there are many programs that start. All these program use RAM space for quite retrieval of information\processes required.
You mentioned the only process you though was running is activsurf agent! Well that is not true. There are many others that are exposed via Task Manager, (Ctrl,Alt,Del) and other that are hidden and can be exposed by other free third party utilities such as Process View found Here
Take a look at the attached snapshot of what is running on my system and you will see that there are many items in residence.

There is nothing wrong with RAM consumption running at 30% free.

Keep in mind Windows does a great job in controlling RAM and Virtual memory.

Here is a series of 4 articles one which build to the next.

The only thing we disagree with in there is setting virtual memory max settings since windows has evolved since to handle it quite well.

http://content.techweb.com/winmag/columns/explorer/2000/11.htm
http://content.techweb.com/winmag/columns/explorer/2000/12.htm
http://content.techweb.com/winmag/columns/explorer/2000/13.htm
http://content.techweb.com/winmag/columns/explorer/2000/14.htm

Take care and I am sure others will help explain to.

Dave
 

Attachments

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
hi again .ran spybot.do i get rid of backweb lite?and will anything stop working if i do . theres lots n lots of "backweb lites"! thanks!
 

dai

Joined
Mar 6, 2003
Messages
11,198
found this on a google search
It's best to try to find the host program *first* and then uninstall that.
THEN run Adaware and Spybot. Coupla reasons...first, if you don't
uninstall the host program and then clean out the entries, you likely
never *will* be able to completely uninstall it. Second, if the host
program is still there, Backweb is generally tightly written into that host
program, so, if you don't uninstall it first, not only will the host
program not work properly (probably), it will keep trying to reinstall the
Backweb registry keys.

Trouble is, it's often hard to find the host program. Many times it comes
disguised in support/help utilities or drivers. Always either back the
registry up or use a system restore point when you install new software.
Go Back or something like it may work too. If you got it snuck into a new
computer, try to find out what all those wonderful preloaded programs
actually *do* before you go too far installing your personal stuff.
Chances are you can (and probably should) live without about half of them.
 

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
hi dia. any clues as to how i can find the host program pls? you r talking to a computer virgin. my typing is getting quicker tho!
:eek:
 

dai

Joined
Mar 6, 2003
Messages
11,198
try start/search and look for something like backweb lite.exe
backweb lite
include hidden folders in the search
first d/l the 30 demo of jv16 from
www.jv16.org
when you run the registry tool check on the first page that comes up and lists everthing on your computer for backweb lite and tick the box for removal the let jv16 remove everthing for backweb
 

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
HI! ran the jv16 prog. COOL TOOL! Got shot of backweb. Had to re run spybot to loose the cookies. could you tell me what i should do with "DSO exploits" and "teknum auto updater" pls?
 

dai

Joined
Mar 6, 2003
Messages
11,198
dso is a entry point for a hacker,get rid of it
teknum updater a google search says this is a a/virus updater so leave it
then post a hijack log for one of the experts to have a look at
you can get it from here
http://www.tomcoyote.org/hjt/
 

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
did away with the dso sLogfile of HijackThis v1.97.2
Scan saved at 16:58:08, on 16/09/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\sllights.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\kevin\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dial.blueyonder.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dial.blueyonder.co.uk/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: Packard Bell (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Money Viewer (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://dial.blueyonder.co.uk/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{785F214E-FE93-48C7-9EC0-66487677FA44}: NameServer = 193.38.113.3 194.117.157.4

. heres the log frm hijackthis . any ideas?
 

dai

Joined
Mar 6, 2003
Messages
11,198
it is best one of the experts looks at your log,but i see you have a dialer for blueyonder uk is this your isp
 

veryconfused

Thread Starter
Joined
Sep 14, 2003
Messages
62
HI. Blueyonder is my isp. This may be a really silly question but how do i get an expert to look at the log? oh. one other thing, when i down load programs they seem to down load very slowly.usually something like 3.5/4 kbps . is that normal?
 

IMM

Joined
Feb 1, 2002
Messages
3,257
This one entry is something i'm not sure about
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
Can you tell me what it is?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top