Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blue screen of Death w/ too much Page File useage [CLOSED]


  • This topic is locked This topic is locked

#16
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan,


I just want to verify that everything else is back to normal with your computer with the exception of the tracking cookies?

Also you do use firefox and not IE correct?

If there are anyother problems with your computer, please let me know.


I am trying to get another staffs opinion on this, it has me braincramped.


Thanks,

:tazz:

Excal
  • 0

Advertisements


#17
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Now, i'm using Firefox and Msn. I admit, I have got some other problems on my computer. I think the root of some of the problems related to my internet connection is a driver I installed to use my modem through the USB port. I installed it a while back and met with some problems, with which I faulted viruses. When viruses overan my computer I had to completely reformat.( It would hardly turn on) . The first time I installed it, the internet connection gradually deteriorated, and the control panel would screw up every time I loaded it twice in one session ( Both network setup wizard icons would load several times and about 20 error messages would appear) I though it was viruses but when it came back after installing it again I started to suspect the driver. I've run some form of uninstall, but the problems persist and my computer recognizes the modem whenever I plug it in through the USB port still. This shouldn't have anything to do with the spyware, but I was hoping for some help in this as well and have up to this point come up empty-handed.

Here are the cookies found on this start-up:
Yieldmanager
Adrevolver
Ask
Questionmarket
Tradedoubler
Adserver

And the previous:
Adserver
Zedo
207.net

If you would like I could send you the Panda report. It is loaded with stuff.
I also noticed a few were from realmedia, so some may be valid.

Thanks for your help, Ryan
  • 0

#18
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
download and install SpywareBlaster 3.4, open the progam and click "enable all protection". This will help prevent ad/tracking cookies.

As far as your other problem goes, I am going to PM one of out other staff members who might be able to help you with your NON-Spyware problem.
It actually might be quicker if you post a new thread in the appropriate section.

:tazz:

Excal
  • 0

#19
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Also, I have to say the page file problem has not yet gone away, and I have followed all instructions. I hope you can still help with that.

Thanks, Ryan
  • 0

#20
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan,

Go here and start a topic about that page file problem, sooon as you do, I will PM one of the experts and let them know to reply to it. Let me know when you have that done.


http://www.geekstogo...2003_NT-f5.html

:tazz:


Excal
  • 0

#21
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Ok, I made the topic. Here is the address.
http://www.geekstogo...showtopic=39718

Thanks, Ryan
  • 0

#22
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan,

I send one of the staff members a PM and gave him your new link. I will leave this thread open for the time being so we no there is no reoccurring problems.


Thanks,

:tazz:

Excal
  • 0

#23
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
I just BSOD'ed. I started to think it wasn't going to happen again. I wrote all the error information. Here it is:

Driver_IRQL_NOT_LESS_OR_EQUAL

"Windows has detected a serious error blah blah"

STOP:0x000000D1 (0xFA6FC010, 0x00000002, 0x00000000, 0xFA145F35)

***PCONT.SYS - Address FA145F35 base at FA144000, DateStamp 41839eeb

You may not be able to do anything with this, but I think you told me to write down the error. I am also going to post this in the other topic.

Thanks, Ryan
  • 0

#24
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan definately post that in the other one. I don't think thats Malware related at all.



TOm
  • 0

#25
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
i got another BSOD, here is the info.

PAGE_FAULT_IN_NONPAGED_AREA

"Windows has detected a serious error blah blah"

*** STOP:0x00000050 (0xFFA16000, 0x00000002, 0x804F1F96, 0x00000000)

I don't think this was very helpful either, but this was the original problem.
Maybe you know something about it.

Thanks, Ryan.
  • 0

Advertisements


#26
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan make sure you post that on the post you have with Gerry please.


Thanks,


Excal
  • 0

#27
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
I posted it later that day, and have many BSOD's since. So far noone has replied and it has been excess of a week. I think this still may be related to spyware, but in a different way than originally thought. several times immediately after turning the computer on after a BSOD winpatrol found one of the startup programs you had me remove trying to become a startup progrm again. I feel my antivirus may be causing the problem trying to take care of it, as most of the time my computer faults panda for the crash. That's all I have to say. I don't know if you can do anything about this, but I felt the need to say something.

Thanks, Ryan
  • 0

#28
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Ryan,


Can you give me another HiJackThis please.


Thanks.

:tazz:

Excal
  • 0

#29
Ryanx1

Ryanx1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 37 posts
Sure, here it is.

Logfile of HijackThis v1.99.1
Scan saved at 9:28:18 PM, on 7/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\apvxdwin.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Visual Networks\Visual IP InSight\Voyager ATX Agent\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Voyager ATX Agent\IPMon32.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe
C:\Program Files\neXBC\neXBC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O4 - HKLM\..\Run: [LMPDPSRV] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Voyager ATX Agent\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Voyager ATX Agent\IPMon32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: HushEncryptionEngine - https://mailserver3....ptionEngine.cab
O16 - DPF: Yahoo! Checkers - http://download.game...nts/y/kt4_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1118517776187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1118517730015
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon....es/vzWebIns.CAB
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://help.verizon...tWebInstall.cab
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Well, that's it...
Thanks, Ryan
  • 0

#30
Excal

Excal

    Malware Slayer Extraordinaire!

  • Retired Staff
  • 12,739 posts
Lets try to see if we can dig deeper.
  • Please click this link to download Silent Runners.
  • Save it to the desktop.
  • Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.
  • You will see a text file appear on the desktop - it's not done yet, just let it run (it won't appear to be doing anything!)
  • Once you receive the prompt "All Done!", double-click on the new text file on the desktop and copy that entire log and paste it here.

  • NOTE* If you receive any warning message about scripts, please choose to allow the script to run.
    For some time it will look like nothing is happening. Just keep waiting.
  • Once it's done it will create a log. A window will come up telling you when it's saved. Please post that log here
  • Open HiJackThis
  • Click on the configure button on the bottom right
  • Click on the tab "Misc Tools"
  • Check off the 2 boxes next to the Box that says "Generate StartupList log"
  • Click on the button "Generate StartupList log"
  • Copy and past the StartupList from the notebook onto your post
Post both logs for me please ;)


Thanks,

:tazz:

Excal
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP