1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

xp running out of resources

Discussion in 'Windows XP' started by sanguinarium, Aug 16, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. sanguinarium

    sanguinarium Thread Starter

    Joined:
    Aug 16, 2007
    Messages:
    4
    hi forum.

    here's one that i've tried to figure out for about a year now and can't get a hold on and also could not find anything in the archives:

    running xp sp2 on a dell inspiron 9300, xp sometimes starts to lose resources, failing to open new applications, new explorer windows or lacking parts of guis in applications, such as explorer button bars or parts of menues. but if i then close an already open application to free some ressources and repeat the action that failed (e.g. opening a new explorer window) xp might be able to do it properly. i can repeat this a couple of times, until i'm down at only a minimal number of windows/apps and will have to reboot. after reboot, everything is normal again.

    here's some more examples of strange things i've seen:
    - explorer windows won't open at all, no error msg, system sometimes 'beeps'
    - an explorer window might not display the buttons-area under the menu, but only a windows-logo in the center.
    - an explorer window might display without the task area (blue area) that's usually on the left side
    - whole applications won't start, sometimes giving error messages, sometimes not
    - apps would start, but will miss parts or their capabilities. examples:
    . photoshop shows dialog-windows but parts of dialog interface is missing
    . photoshop can't execute certain actions like 'save for web' anymore
    . my ftp-programm is cutting off the menu that should display all configured sites

    there is no consistant error message that would identify which resource type the system is running out on. the system is constantly scanned for viruses, trojans, et. al. using symantec antivirus and hijackthis. there is more than enough memory (2gig) and taskman will display enough free memory when i encounter those situations. the system is used daily (sleep mode at night, no hibernation) and the problem might show up after 3 days or only after 3 weeks.

    i first suspected photoshop and dreamweaver to mess up something when running in parallel, because the problem always showed up shortly after those two apps had been run together. i stopped doing that, and found that it still happens, but it will just take longer.

    also there is nothing like a similar amount of memory used, when that problem arises.

    so my question is: where would you start looking / monitoring things for this problem.


    any hints and tips are greatly appreciated.
     
  2. Sponsor

  3. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
    Lets start from eventviewer

    Start >> Run >> eventvwr.msc >>> Copy and Paste Some Of the Recent Errors[Red]
     
  4. sanguinarium

    sanguinarium Thread Starter

    Joined:
    Aug 16, 2007
    Messages:
    4
    ok. eventviewer it is:

    - the system log has nothing of interest: just a few dhcp and network-adapter errors over the whole log. nothing that correlates timewise whatsoever.

    - the application log shows error records at the times when the apps failed to start up. no entries though for problems that occured once the apps were running (no warning entry, no info entry). besides that, the log is pretty much clear. here's some:

    Faulting application outlook.exe, version 10.0.2616.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
    Faulting application Apache.exe, version 2.0.54.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00001230.
    Faulting application explorer.exe, version 6.0.2900.2180, faulting module shell32.dll, version 6.0.2900.3051, fault address 0x001dd54d.
    Fault bucket 469000411.
    Faulting application iexplore.exe, version 7.0.6000.16473, faulting module quicktime.qts, version 7.1.3.191, fault address 0x007e6927.
    Faulting application iexplore.exe, version 7.0.6000.16473, faulting module quicktime.qts, version 7.1.3.191, fault address 0x0019b0fa.
    Faulting application photoshop.exe, version 9.0.0.0, faulting module photoshop.exe, version 9.0.0.0, fault address 0x00a8ccc7.
    Faulting application uedit32.exe, version 11.1.2.2, faulting module unknown, version 0.0.0.0, fault address 0x00e701d2.
    Faulting application acrobat.exe, version 7.0.0.1333, faulting module acrobat.dll, version 7.0.0.1333, fault address 0x000abb55.
    Faulting application iexplore.exe, version 7.0.6000.16473, faulting module flash9b.ocx, version 9.0.28.0, fault address 0x00187b9f.
    Faulting application iexplore.exe, version 7.0.6000.16441, faulting module flash9b.ocx, version 9.0.28.0, fault address 0x0019cd80.
    Faulting application thunderbird.exe, version 1.0.6.0, faulting module xpcom.dll, version 1.7.20050.6080, fault address 0x00029330.
    Faulting application debabelizerpro.exe, version 5.0.0.274, faulting module mfc42.dll, version 6.0.8665.0, fault address 0x0006ae8f.
     
  5. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
  6. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
  7. sanguinarium

    sanguinarium Thread Starter

    Joined:
    Aug 16, 2007
    Messages:
    4
    > Delete the Temporary Internet Files
    is done on a regular base: all files but cookies & complete history are cleaned

    > Apple QuickTime "QuickTime.qts" Heap Overflow Vulnerability
    qt is now 7.2

    > Turn Off System Beeps
    well...

    >http://docxp.mvps.org/b1n/FlashRepair.exe
    ok.
     
  8. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
    Download HJTInstall.exe to your Desktop.

    http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    * Doubleclick HJTInstall.exe to install it.
    * By default it will install to C:\Program Files\Trend Micro\HijackThis .
    * Click on Install.
    * It will create a HijackThis icon on the desktop.
    * Once installed, it will launch Hijackthis.
    * Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    * Copy/Paste the log to your next reply please.

    Don't use the Analyse This button, its findings are dangerous if misinterpreted.
    Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
     
  9. sanguinarium

    sanguinarium Thread Starter

    Joined:
    Aug 16, 2007
    Messages:
    4
    hijack it is:

    - i used the zipped-version if you don't mind... ;)
    - as mentioned before, i run this regularly
    - i usually analyze it through http://www.hijackthis.de/
    - the one thing that gets marked nasty is the xing plugin which in fact is fine.


    ---------------------------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:11:08, on 16.08.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\CobianBackup8\cbService.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Symantec\NortonGhost\Agent\PQV2iSvc.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Symantec\NortonGhost\Agent\GhostTray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Adobe\Acrobat70\Distillr\Acrotray.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\CobianBackup8\cbInterface.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
    C:\Program Files\Apache Group\Apache2\bin\Apache.exe
    C:\Program Files\Apache Group\Apache2\bin\Apache.exe
    C:\Program Files\SecureCRT\SecureCRT.exe
    C:\Documents and Settings\someuser\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xxxxxxxx.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat70\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\NortonGhost\Agent\GhostTray.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat70\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Cobian Backup 8 interface] "C:\Program Files\CobianBackup8\cbInterface.exe" -service
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat70\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {B1DE1BE4-AC89-407F-921F-C45C15C8FADB} (xingWebControl.Launcher) - https://www.xing.com/sync/xingWebControl.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Cobian Backup 8 service (CobBMService) - Luis Cobian - C:\Program Files\CobianBackup8\cbService.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\NortonGhost\Agent\PQV2iSvc.exe
    O23 - Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: WLANKEEPER - IntelĀ® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    O24 - Desktop Component 1: (no name) - D:\mydata\active_desk\xmas.html

    --
     
  10. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
    On the right side there is a "Red Exclamation Triangle" .. Use it to ask a "Gold Shield Member" to Help you with your "hijackthis log"
     
  11. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    106,207
    devil_himself,

    You need to stop advising members to use the report feature to request technical assistance. This is abuse of the report feature.

    I have made this request to you in another thread as well which you have not yet acknowledged.
     
  12. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910

    Sorry .. I get it

    I Won't do it Next time ...

    Thanks
     
  13. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    106,207
    Download and install AVG Anti-Spyware v7.5
    • After download, double click on the file to launch the install process.
    • Choose a language, click "OK" and then click "Next".
    • Read the "License Agreement" and click "I Agree".
    • Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
    • After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
    • The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'. As AVG Anti-Spyware may interfere with some of our other fixes, we are temporarily disabling its active protection features until your system is clean, then you can re-enable them.
    • Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
    • Connect to the Internet, go back to AVG Anti-Spyware, select the "Update" button and click "Start update".
      Wait until you see the "Update successful" message. If you are having problems with the updater, manually download and update with the AVG Anti-Spyware Full database installer.
    • Exit AVG Anti-Spyware when done - DO NOT perform a scan yet.
    Reboot your computer in SAFE MODE using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". (Note: When run in safe mode, sometimes the GUI is larger than the screen and the buttons at the bottom are partly or completely hidden, making them inaccessible for doing a scan. If this happens press Alt + Spacebar. A menu will come open, make sure you select maximize then run the scan. If that does not help, then you may have to run your scan in normal mode and advise your helper afterwards.)

    Scan with AVG Anti-Spyware as follows:
    • Click on the "Scanner" button and choose the "Settings" tab.
    • Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
    • Under "How to Scan? ", "Possibly unwanted software", and What to Scan?" leave all the default settings.
    • Under "Reports" select "Automatically generate report after every scan" and uncheck "Only if threats were found".
    • Click the "Scan" tab to return to scanning options.
    • Click "Complete System Scan" to start.
    • When the scan has finished, it should automatically be set to Quarantine--if not click on Recommended Action and set it there.
    • You will also be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.
    IMPORTANT! Do not save the report before you have clicked the :Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button.
    • Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
    • Exit AVG Anti-Spyware when done, reboot normally and post the log report in your next response.
    Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. Doing so can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

    AVG Anti-Spyware is free for 30 days and all the extensions of the full version will be activated. After the 30 day trial, active protection extensions will be deactivated and the program will turn into a feature-limited freeware version that you can continue to use as an on-demand scanner or you may purchase a license to use the full version. We are installing AVG Anti-Spyware with its real-time protection disabled. Once your system is clean you may re-enable it so you can continue using this feature for the remainder of the trial period.


    Please go HERE to run Panda's ActiveScan
    • You need to use IE to run this scan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report


    Come back here and post a new HijackThis log along with the logs from the AVG and Panda scans.
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    106,207
    Thank you. :)
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - running resources
  1. Garglefoot
    Replies:
    1
    Views:
    101
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/610563