| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 81744 | 2007-08-05 22:51:00 | Virtual Memory exhausted | theother1 (3573) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 576972 | 2007-08-07 05:27:00 | Yep, just remove them like you said. Microsoft SQL server is an advanced database management tool that some of us use for developing/managing/etc small to huge databases. A great tool - but a huge resource hog unless you actually need it. |
Bozo (8540) | ||
| 576973 | 2007-08-07 21:58:00 | Thanks again Demon, what is there in the hijack this log which should be removed and how? |
theother1 (3573) | ||
| 576974 | 2007-08-07 23:15:00 | I have searched for rundll32.exe and find 8 entries similar to these ones situated in C:\Windows\Prefetch RUNDLL32.EXE-3C8D462.pf RUNDLL32.EXE-3DDB225F.pf RUNDLL32.EXE-4CO38A56.pf also Rundll32 in C:\WINDOWS\system32 where it should be and in C:\WINDOWS\ServicePackFiles\i386 should it be there? Help please |
theother1 (3573) | ||
| 576975 | 2007-08-08 01:15:00 | Thanks again Demon, what is there in the hijack this log which should be removed and how? Are you wanting to know how to get rid of the issues i have pointed out, or do you want me to point out more issues with the log? If it is the latter, please post another hijack this log since you have fixed the problems. otherwise i will tell you how to get rid of the problems i pointed out earlier:cool: |
Bozo (8540) | ||
| 576976 | 2007-08-08 01:48:00 | Thanks Demonhunter here is the current logfile Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:07:52 PM, on 8/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\atray.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\HP\KBD\KBD.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE c:\Program Files\Microsoft Money\System\urlmap.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.xtramsn.co.nz R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = red.clientapps.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 5.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [anti_troj] C:\WINDOWS\system32\anti_troj.exe O4 - HKLM\..\Run: [Atray] atray.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [anti_troj] C:\WINDOWS\system32\anti_troj.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - www.lizardtech.com O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - zone.msn.com O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - zone.msn.com O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - E:\Player\__CDS2.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7024 bytes |
theother1 (3573) | ||
| 576977 | 2007-08-08 03:26:00 | Thanks Demonhunter Running processes: 1 - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe 2 - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe 3 - C:\WINDOWS\System32\igfxtray.exe 4 - C:\WINDOWS\System32\hkcmd.exe 5 - C:\Program Files\QuickTime\qttask.exe 6 - C:\WINDOWS\system32\atray.exe 7 - C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe 8 - C:\Program Files\D-Link\AirPlus G\AirGCFG.exe 9 - C:\HP\KBD\KBD.EXE 10 - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe 11 - C:\PROGRA~1\Grisoft\AVG7\avgcc.exe 12 - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe 13 - C:\Program Files\RALINK\RT2500 USB Wireless LAN 14 - Card\Installer\WINXP\RaConfig2500.exe 15 - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe 16 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe 17 - C:\Program Files\Messenger\msmsgs.exe -- End of file - 7024 bytes k, i will explain what each process does and whether or not you need it: 1 - this is your Ad-Aware and i would leave on. 2 - These are to do with your AVG AV. the second process is the AVG update manager. personally i would recommend you uninstall AVG and use NOD32 (http://www.eset.com/) but that is up to you. 3 - this just gives you quick access to your control panel, a feature for Intel chipsets and is not necassary, i would turn it off. 4 - This is your intel video driver. leave it on. 5 - QuickTime, unless you were actually running it at the time you did this, i would disable it to run on start up. 6 - this is Active Tray, a utility which lets you configure the system tray. i would disable it as it isn't necassary. 7 - is a process associated with ALPHA Networks Wireless driver. I would leave this on as disabling it may cause issues with your wireless. 8 - This is also to do with your wireless. Leave it on. 9 - This is to do with logitech multimedia keyboards, also come on a lot of HP computers. Not necessary - up to you. 10 - The HP update manager - leave this on. 11 - This is to do with your AVG Anti-Virus Control Center - leave 12 - Your zonealarm firewall. You don't need AVG, ZoneAlarm, and your anti malware. Personally i would recommend you just stick with Zonealarm and un-install the other two programs as you don't need this many AV products. Or of cause, just get NOD32 13 - Self explanitory i'm sure. Leave on 14 - To do with your RaLink wireless card. leave 15 - is a process associated with Digital Imaging Software from Hewlett-Packard. not essential. i would disable it on startup. 16 - To do with your zone alarm firewall. Checks incoming traffic to make sure it is ok with the rules you have set. 17 - Windows messenger. you don't need to run this on startup. But if you disable it in msconfig, you also need to do it within msn itself (tools - options - uncheck the box) The rest are windows services which you need, or outlook or whatever you happened to be running at the time. Go and disable the ones i mentioned, use one AV product - out of the ones you have i would use zonealarm but preferably get NOD32 (http://www.eset.com/) do this, and let me know if your pc is still running slow, then we will move onto the next step. Cheers |
Bozo (8540) | ||
| 576978 | 2007-08-08 04:55:00 | Hey Demonhunter That is great, thank you. My only issue now is where to delete them from? and/or turn them off or disable them in the startup menu?:confused: |
theother1 (3573) | ||
| 576979 | 2007-08-08 06:54:00 | Ok, well to remove the programs: Start - Control Panel - Add/Remove Programs then select the program and run the un-installer. For the processes: Start - Run - type 'msconfig' - select the 'startup' tab, and uncheck the programs you don't want running on startup. If you have any other questions about the services or programs you are runnign on startup please ask about them. Cheers |
Bozo (8540) | ||
| 576980 | 2007-08-08 22:05:00 | Thank you Demonhunter. I have followed your suggestions and am waiting for the computer to restart. I look forward to seeing if it is any better. I am concerned that it is probably just a lemon!!!! | theother1 (3573) | ||
| 576981 | 2007-08-08 22:12:00 | I use the free versions of Zonealarm and AVG is nod32 also free? | theother1 (3573) | ||
| 1 2 3 4 5 6 | |||||