| May 11, 2005, 10:36 AM | |
|
Memory issue
recently i am getting all sorts of memory problems..RAM. i do ctrl+alt+del and there are only rnapp and explorer running, i got a good few gigas free on my hardrive, i've had the problem about a week... how can i find out what's hogging the memory and fix it?
|
| May 11, 2005, 11:31 AM | |
|
hmmm... i don't know, but maybe you should check this site: http://www.pcworld.com/downloads/fil...d,22441,00.asp
|
| May 11, 2005, 12:17 PM | ||
|
Quote:
__________________
 And no, I am not Japanese. [22:25] [AkuKitsune] monobot be useful [22:25] [Monobot] Unable to comply. |
||
| Jun 12, 2005, 10:16 AM | |
|
http://www.softpedia.com/get/Interne...jackThis.shtml (this will probably only run is safemode if you got a real bad virus) it logs EVERY program running. post the list in this topic. (or pm me)
|
| Jun 12, 2005, 12:22 PM | ||
|
Quote:
oh and also a theory of mine- could there be some file or program or dll or crap that is responcable to delete and free up system memory after tasks are done? could this devise be damaged for me? |
||
} (MessengerStatsClient Class) - | Jun 12, 2005, 01:34 PM | |
|
It looks like you've been hit by some spyware or adware... not ceraint, but there are some entries in that log which look suspicious. Has your home page changed itself recently?
Download and run Ad-Aware and Spybot Search & Destroy, also check your virus scanner is up to date and do a scan. |
| Jun 13, 2005, 01:59 AM | ||
|
Quote:
the following should be killed, unless you have a good reason... also, if you've got no virus scanner, I presume those virus scanner entry's are faked by viruses or something? or do you have a virus scanner and you dont know abouth it? so: Code:
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://acc.count-all.com/--/?pgdoc (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://find4u.net/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://69.50.184.51/find4u/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://aifind.inf/?id=54
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQLITE\ICQTOOLBAR\TOOLBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQLITE\ICQTOOLBAR\TOOLBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Control] rundll32.exe C:\WINDOWS\SYSTEM\ctrlpan.dll,Restore ControlPanel
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities 2002\NPROTECT.EXE
O4 - HKLM\..\Run: [Image] rundll32 C:\WINDOWS\IMAGE.DLL,Install
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities 2002\NPROTECT.EXE
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ssgrate.exe] C:\WINDOWS\SYSTEM\SYSTEM.EXE
O4 - HKCU\..\RunServices: [Image] rundll32 C:\WINDOWS\IMAGE.DLL,Install
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRAM FILES\ICQLITE\ICQTOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
***please note that you dont delete java runtime, stuff might not work as intended***
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.communities.msn.com/contr...UC/MsnPUpld.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...StatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-D5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/c...DC_1_0_0_41.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by13fd.bay13.hotmail.msn.com...ex/HMAtchmt.ocx
O21 - SSODL: DDE Control Module - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - (no file)
any please comment on this before you actually delete these... |
||
| Jun 13, 2005, 03:06 AM | |
|
DO NOT DO WHAT Alex SAID!
Getting rid of all of those entries could cause serious problems with Norton, which may end up with you needing to reinstall Windows (I'm speaking from experience here - when Norton gets messed up, it can be very hard to get it working again)! |
| Jun 13, 2005, 03:33 AM | ||
|
(sorry about that Alex, but it is a bad idea to remove stuff unless you know what it's doing. There are a few system entries that shouldn't be removed which you had marked)
Quote:
Anyway, looking at your HijackThis log, it appears that you have been hit by a variant of CoolWebSearch. Download and run CWShredder, which should kill it. It also looks like Norton Internet Security or Norton AntiVirus is installed and running. It looks like it might be versoin 2002, but you may have an upgrade to that installed. Anyway, run Norton (there should be an icon for it in the start menu, under "Norton" or "Symantec"), and run LiveUpdate to ge the latest virus definitions. Then do a full system scan. Also, download and run both Spybot Search & Destroy and Ad-Aware, and update both of them (the internal updateers should do the trick). Then do full system scans (might be called "in-depth" in Ad-Aware) with both of them. Do NOT be tempted by other spyware removers that you may see - most of those actually contain spyware and do more harm than good. If you have any problems with updating those programs, or doing the system scans, then post here and let us know (some spyware tries to actively intefere with antivirus and antispyware). Once that's done, if any of those programs find anything then please post details of it (like what nasty was found). Also post a new HijackThis log. (BTW, the lines in HijackThis that caught my eye are the ones below. Don't remove them with HijackThis yet - it's better for them to be removed by spybot/adaware if detected by them, as some nasties hook deep into the system and can cause problems if not removed properly) Code:
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://acc.count-all.com/--/?pgdoc (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://find4u.net/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://69.50.184.51/find4u/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://aifind.inf/?id=54
O4 - HKLM\..\Run: [Control] rundll32.exe C:\WINDOWS\SYSTEM\ctrlpan.dll,Restore ControlPanel
O4 - HKLM\..\Run: [Image] rundll32 C:\WINDOWS\IMAGE.DLL,Install
O4 - HKCU\..\Run: [ssgrate.exe] C:\WINDOWS\SYSTEM\SYSTEM.EXE
O4 - HKCU\..\RunServices: [Image] rundll32 C:\WINDOWS\IMAGE.DLL,Install
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O21 - SSODL: DDE Control Module - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - (no file)
|
||
| Jun 13, 2005, 05:10 AM | ||
|
Quote:
|
||
| Jun 13, 2005, 07:55 AM | |
|
thats just what i said, antivirus expired, can be removed... you should try http://www.free-av.de/ i have this too, it is good, this is not one of the infamous "spyware removals" that actually adds more. this antivirus is completely free and doesnt expire.
[/advertizing] but maybe you shouldnt listen to me, My version of Spybot SD doesnt even detect everything, so I go about deleting spyware manually, to good results so far, (smooth running win2000, even with real low systeem specs. (266mhz, 96mb-ram, 16mb-video)) |
| Jun 13, 2005, 01:09 PM | |
|
Yep, looks all clean now. If you're still getting problems then post again, and we'll just have to try harder
 Sorry about that Alex, but it's always a bad idea to just remove everything. Sure, the shotgun approach will often work, but it'll often kill a lot of other stuff on your system and leave pieces behind. It's very important with antivirus programs to be careful and not leave bits behind, else you can end up with really fun problems. As far as anti-virus programs go, the only one I've had real experience with has been Norton (btw, it seems that when you istall norton it resets the subscription period to one year from the date of installation. So you could try uninstalling and then reinstalling it). I do know that free ones exist, and if they work then by all means use them. I just would caution against going for any old "free" one, as a lot of supposed spyware removers and the like actually contain spyware (even some pay-for ones). I would try Alex's one, just note that the link is to a German site (there's a link to an English version on that page but it timed out on me). Oh Alex, I see your "real low systeem specs" and raise you a P166 MMX laptop with 96MB ram, 2MB video and a 3GB disk with NTFS compression *on* running Win2k, with Norton 2k4 installed. It ran JJ2 quite nicely as well at 640x480, with medium-high settings. Edit: if you install a new anti-virus program, then uninstall all other anti-virus programs first. Same goes for firewalls. Anti-virus programs tend to intefere with each other in strange ways. |
| Jun 13, 2005, 01:20 PM | |
|
bashes back with p2-133mhz, 16mb-ram, with 0 video (integrated into system ram), and 1.2gb fat32/compressed win95, ran jj2 on all high, quite fast, (30 or so fps) also really nice sound card.
you're right... also, the page should be in english if you change .de for .com |
| Jun 13, 2005, 01:52 PM | |
|
Hmmm, windows 98
 If you have had your computer for a year or more, backup all your files and format your harddrive. I've found out from experience, that formatting and reinstalling windows will clear up almost any problem you could have. It's like starting from scratch, but you will be sure that you got rid of any malicious files that would cause your computer to be messed up. You probably will save more time by just erasing eveything and reinstalling, than getting frustrated by not being able to fix your computer. And do what Nimrod said. 98 is get XP if your computer supports it. Many enhancements over 98. Also, If you decide to do this, format your harddrive to the NTFS file system. You are currently using FAT32 now. NTFS is MUCH faster and will give you better overall performance.
__________________
"No, I don't care if you get offended by my opinion" ~ Some dude on Futuremark forums.  Sign up for LPU HERE |
| Jun 13, 2005, 02:13 PM | ||
|
Quote:
|
||
| Jun 14, 2005, 05:48 AM | |
|
Any error messages? If so, then post the exact message (take screenshots if necessary (but please save as GIF to save bandwidth)).
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -8. The time now is 05:18 AM.
Jazz2Online © 1999-INFINITY (Site Credits). Jazz Jackrabbit, Jazz Jackrabbit 2, Jazz Jackrabbit Advance and all related trademarks and media are ™ and © Epic Games. Lori Jackrabbit is © Dean Dodrill. J2O development powered by Loops of Fury and Chemical Beats. Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Original site design by Ovi Demetrian. DrJones is the puppet master. Eat your lima beans, Johnny.