Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Outlook Express Hang & Infection?


  • Please log in to reply
12 replies to this topic

#1 aland08

aland08

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 20 April 2009 - 01:05 PM

Hi,

I was booted out of Outlook Express today & could not get back in w/o a reboot. There were no reported app hangs at the time OE wasn't functioning yet there were some MS/OE related programs still running prior to reboot... yet I still couldn't get in to OE. I don't have any other info to report as I did not write down what programs were still running according to task manager/processes. All is well after the reboot but I am still a bit concerned.

What I did find was that about 10 hours earlier, at the time I was running scans, were reported Application issues in my Event Viewer. I have posted such logs below. Are these normal, am I infected? I'm not sure and that's also why I am here. I thought I should start here as opposed to the "Am I Infected.." forum. MBAM, SuperASW and Avast scans all come up clean & I also have Spyware Blaster installed.

Look forward to your responses. Thanks.

Alan

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 11:22 AM

Please download and run Processexplorer


http://technet.microsoft.com/en-us/sysinte...s/bb896653.aspx

Under file and save as, create a log and post here

copy and paste into a reply
Chewy

No. Try not. Do... or do not. There is no try.

#3 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 03:35 PM

Chewy,

THANK YOU!

Is this what you want?

Alan
--------------------------

Process PID CPU Description Company Name
System Idle Process 0 99.23
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 564 Windows NT Session Manager Microsoft Corporation
csrss.exe 628 Client Server Runtime Process Microsoft Corporation
winlogon.exe 652 Windows NT Logon Application Microsoft Corporation
services.exe 696 Services and Controller app Microsoft Corporation
svchost.exe 876 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 944 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1040 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1128 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1204 Generic Host Process for Win32 Services Microsoft Corporation
aswUpdSv.exe 1244 avast! Antivirus updating service ALWIL Software
ashServ.exe 1292 avast! antivirus service ALWIL Software
spoolsv.exe 1876 Spooler SubSystem App Microsoft Corporation
LVPrcSrv.exe 1920 Logitech LVPrcSrv Module. Logitech Inc.
svchost.exe 2016 Generic Host Process for Win32 Services Microsoft Corporation
jqs.exe 236 Java™ Quick Starter Service Sun Microsystems, Inc.
PRISMXL.SYS 316 PrismXL Service Lanovation
svchost.exe 400 Generic Host Process for Win32 Services Microsoft Corporation
ashMaiSv.exe 836 avast! e-Mail Scanner Service ALWIL Software
ashWebSv.exe 1020 avast! Web Scanner ALWIL Software
alg.exe 1328 Application Layer Gateway Service Microsoft Corporation
lsass.exe 708 LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1584 Windows Explorer Microsoft Corporation
LVCOMSX.EXE 2224 LVCom Server Logitech Inc.
ElkCtrl.exe 2256 Logitech Camera Service(E) Logitech Inc.
OrderReminder.exe 2296 HP Cartridge Order Reminder Hewlett-Packard
jusched.exe 2344 Java™ Platform SE binary Sun Microsystems, Inc.
ashDisp.exe 2360 avast! service GUI component ALWIL Software
firefox.exe 3684 Firefox Mozilla Corporation
procexp.exe 4204 0.77 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 04:43 PM

Avast may have been updating it's email scanning software, such glitches come with using layered protection.

Not to worry
Chewy

No. Try not. Do... or do not. There is no try.

#5 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 07:42 PM

Chewy,

Thanks, but I just realized that I never pasted my event viewer logs as I indicated in my opening post. Just to be sure, I will post them below. Is Esent related to Outlook Ex? Am I still OK?

Event Type: Error
Event Source: ESENT
Event Category: Database Corruption
Event ID: 473
Date: 04/20/2009
Time: 1:58:01 AM
User: N/A
Computer: ALAN
Description:
Catalog Database (1044) Database C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb was partially detached. Error -1032 encountered updating database headers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------
Event Type: Error
Event Source: ESENT
Event Category: General
Event ID: 489
Date: 04/20/2009
Time: 1:58:01 AM
User: N/A
Computer: ALAN
Description:
svchost (1044) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------------------------------
Event Type: Error
Event Source: ESENT
Event Category: Logging/Recovery
Event ID: 439
Date: 04/20/2009
Time: 1:58:00 AM
User: N/A
Computer: ALAN
Description:
Catalog Database (1044) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb. Error -1032.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------------------
Event Type: Error
Event Source: ESENT
Event Category: General
Event ID: 490
Date: 04/20/2009
Time: 1:58:00 AM
User: N/A
Computer: ALAN
Description:
svchost (1044) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Edited by aland08, 22 April 2009 - 07:43 PM.


#6 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 08:06 PM

Avast is excellent protection but a bear on resources, try not to multitask

ESENT is part of event viewer
Chewy

No. Try not. Do... or do not. There is no try.

#7 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 08:12 PM

Chewy,

So everything looks OK to you? Just so I understand, are the errors in the applications of my EV related to my Outlook Exp. shutting down the next morning? As I mentioned, the EV errors happened about 10 hours prior to OE not opening.

Thanks,
Alan

#8 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 08:21 PM

How often do you reboot, do you let the computer stay on all the time?
Chewy

No. Try not. Do... or do not. There is no try.

#9 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 08:39 PM

I leave it on most all of the time. I may shut it down at night once every couple of weeks & I probably reboot for one reason or another a few times per week. Why?

Alan

#10 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 08:45 PM

Many setups aren't stable enough to run weeks at a time

I like to reboot every day

First sign of a glitch I reboot
Chewy

No. Try not. Do... or do not. There is no try.

#11 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 08:58 PM

OK... what about my earlier question? ...

"Just so I understand, are the errors in the applications of my EV related to my Outlook Exp. shutting down the next morning? As I mentioned, the EV errors happened about 10 hours prior to OE not opening"

And... do you see any problems or am I good? I wasn't thinking that I had any major issues but...

Alan

#12 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:16 PM

Posted 22 April 2009 - 09:22 PM

The only major issue that's evident is your not rebooting

Give it a test for a few days, reboot once a day.

Or even shut down from time to time, a computer that's off is not using power or pulling dust into the case
Chewy

No. Try not. Do... or do not. There is no try.

#13 aland08

aland08
  • Topic Starter

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 22 April 2009 - 09:24 PM

lol...

Thanks,

Alan




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users