Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Referred by Malware Response Team


  • Please log in to reply
6 replies to this topic

#1 Alexina27

Alexina27

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:09:53 AM

Posted 14 July 2012 - 03:54 PM

Hi,

My AVG Internet Security 2012 scan reported a rootkit so I've been working with the Malware Response Team. Everything they had me run came back clean but when I posted the results of MiniToolBox they suggested I post a new topic in this forum.

The computer is a Compaq Presario AMD Turion 64 mobile 1.59GHz 384MB ram running Windows XP Home Edition ver 2002 SP3. 2Wire Gateway wireless modem Model #DC 5.1 Vcc 2A RG2701HG-00 (think that is model #). It is only about 10' from the modem and is a DSL connection.

I would like to get some files off this computer (if it's not infected with anything) and then get it working properly for my grandson to use. It is very difficult to work with as most programs usually end up not responding (and then take forever to close), using the internet is very eratic - while tying this message the system totally froze for 10 minutes - even the clock stayed at 3:55 for 10 min and then jumped to 4:05. When trying to use scroll bars in IE it jumps all over. Also, I get a virtual memory too low message quite often. Opening Control Panel or My Computer takes a few minutes and sometimes when I close IE the window will slowly close from top to bottom (like lowering a blind).

Any assistance would be greatly appreciated!

MiniToolBox by Farbar Version: 25-06-2012
Ran by Licorice (administrator) on 14-07-2012 at 10:13:59
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "127.0.0.1"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Disconnected)
Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Lish

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : Yes

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN

Physical Address. . . . . . . . . : 00-14-A5-2D-99-D6

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.12

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : July 14, 2012 9:58:29 AM

Lease Expires . . . . . . . . . . : July 17, 2012 9:58:29 AM

Server: mymodem
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.226.14, 74.125.226.6, 74.125.226.8, 74.125.226.0
74.125.226.4, 74.125.226.9, 74.125.226.3, 74.125.226.5, 74.125.226.7
74.125.226.2, 74.125.226.1



Pinging google.com [74.125.226.14] with 32 bytes of data:



Reply from 74.125.226.14: bytes=32 time=37ms TTL=54

Reply from 74.125.226.14: bytes=32 time=13ms TTL=54



Ping statistics for 74.125.226.14:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 37ms, Average = 25ms

Server: mymodem
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=50ms TTL=52

Reply from 209.191.122.70: bytes=32 time=44ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 44ms, Maximum = 50ms, Average = 47ms

Server: mymodem
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 14 a5 2d 99 d6 ...... Broadcom 802.11b/g WLAN - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.12 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.12 192.168.2.12 20
192.168.2.0 255.255.255.0 192.168.2.12 192.168.2.12 25
192.168.2.12 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.12 192.168.2.12 25
224.0.0.0 240.0.0.0 192.168.2.12 192.168.2.12 25
255.255.255.255 255.255.255.255 192.168.2.12 192.168.2.12 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/11/2012 05:10:48 PM) (Source: ESENT) (User: )
Description: Catalog Database (1276) Database C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb was partially detached. Error -1032 encountered updating database headers.

Error: (07/11/2012 05:10:47 PM) (Source: ESENT) (User: )
Description: Catalog Database (1276) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb. Error -1032.

Error: (07/11/2012 05:10:47 PM) (Source: ESENT) (User: )
Description: svchost (1276) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (07/10/2012 07:33:07 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/10/2012 07:33:06 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/18/2012 02:46:05 PM) (Source: ESENT) (User: )
Description: Catalog Database (1532) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\edb.chk. Error -1032.

Error: (05/18/2012 02:46:05 PM) (Source: ESENT) (User: )
Description: svchost (1532) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/18/2012 02:45:33 PM) (Source: ESENT) (User: )
Description: Catalog Database (1532) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\edb.chk. Error -1032.

Error: (05/18/2012 02:45:33 PM) (Source: ESENT) (User: )
Description: svchost (1532) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (05/18/2012 02:45:02 PM) (Source: ESENT) (User: )
Description: Catalog Database (1532) Unable to write a shadowed header for file C:\WINDOWS\system32\CatRoot2\edb.chk. Error -1032.


System errors:
=============
Error: (07/14/2012 10:00:13 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.2.12,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (07/14/2012 09:58:28 AM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0014A52D99D6. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (07/14/2012 09:58:10 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Auto Connection Manager service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1070

Error: (07/14/2012 09:58:10 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service hung on starting.

Error: (07/14/2012 09:55:18 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eabfiltr

Error: (07/14/2012 09:54:51 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%1053

Error: (07/14/2012 09:54:51 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.

Error: (07/14/2012 09:54:51 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the WD SmartWare Background Service service to connect.

Error: (07/13/2012 09:01:55 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.2.12,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (07/13/2012 07:31:01 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
eabfiltr


Microsoft Office Sessions:
=========================
Error: (07/11/2012 05:10:48 PM) (Source: ESENT)(User: )
Description: Catalog Database1276C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032

Error: (07/11/2012 05:10:47 PM) (Source: ESENT)(User: )
Description: Catalog Database1276C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032

Error: (07/11/2012 05:10:47 PM) (Source: ESENT)(User: )
Description: svchost1276C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (07/10/2012 07:33:07 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/10/2012 07:33:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/18/2012 02:46:05 PM) (Source: ESENT)(User: )
Description: Catalog Database1532C:\WINDOWS\system32\CatRoot2\edb.chk-1032

Error: (05/18/2012 02:46:05 PM) (Source: ESENT)(User: )
Description: svchost1532C:\WINDOWS\system32\CatRoot2\edb.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/18/2012 02:45:33 PM) (Source: ESENT)(User: )
Description: Catalog Database1532C:\WINDOWS\system32\CatRoot2\edb.chk-1032

Error: (05/18/2012 02:45:33 PM) (Source: ESENT)(User: )
Description: svchost1532C:\WINDOWS\system32\CatRoot2\edb.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (05/18/2012 02:45:02 PM) (Source: ESENT)(User: )
Description: Catalog Database1532C:\WINDOWS\system32\CatRoot2\edb.chk-1032


=========================== Installed Programs ============================

1500 (Version: 50.0.206.000)
1500_Help (Version: 50.0.206.000)
1500Trb (Version: 50.0.206.000)
Ad-Aware
Ad-Aware (Version: 8.0.0)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Flash Player Plugin (Version: 9.0.45.0)
Adobe Reader 7.0 (Version: 7.0.0)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Apple Mobile Device Support (Version: 2.5.2.2)
Apple Software Update (Version: 2.1.1.116)
Athlon 64 Processor Driver (Version: 1.1.0.18)
ATI - Software Uninstall Utility (Version: 6.14.10.1012)
ATI Control Panel (Version: 6.14.10.5145)
ATI Display Driver (Version: 8.122.1-050411a-022561C)
AutoStreamer (Version: 1.0.33)
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2195)
Bonjour (Version: 1.0.106)
BufferChm (Version: 53.0.13.000)
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon PhotoRecord (Version: 02.02.02000)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.1)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities EOS Utility (Version: 1.1.0.8)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
CCleaner (Version: 3.18)
Conexant AC-Link Audio
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Data Fax SoftModem with SmartCP
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
HiJackThis (Version: 1.0.0)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
hp LaserJet 1000
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InterVideo WinDVD (Version: 5.0-B11.637)
IsoBuster 1.9 (Version: 1.9)
iTunes (Version: 8.2.1.6)
J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
K-Lite Codec Pack 4.9.5 (Standard) (Version: 4.9.5)
LS_HSI (Version: 1.0.21.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4SP2 (Version: 1.00.0000)
muvee autoProducer 4.0 - SE (Version: 4.00.050)
neroxml (Version: 1.0.0)
NewCopy (Version: 50.0.206.000)
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.62.14.0)
RAW Image Task 2.1 (Version: 2.1)
Readme (Version: 50.0.206.000)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SolutionCenter (Version: 50.0.152.000)
Sonic Audio Module (Version: 2.0.0)
Sonic Copy Module (Version: 2.0.0)
Sonic Data Module (Version: 2.0.0)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.0)
Sonic Update Manager (Version: 3.0.0)
Status (Version: 53.0.13.000)
Symantec Network Drivers Update (Version: 5.5.1.6)
Synaptics Pointing Device Driver (Version: 7.13.0.1)
Texas Instruments PCIxx21/x515 drivers. (Version: 1.09.0000)
TIxx21 (Version: 1.09.0000)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WD SmartWare (Version: 1.2.0.8)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Live Messenger (Version: 8.1.0178.00)
Windows Live Sign-in Assistant (Version: 4.000.249.1)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 382.48 MB
Available physical RAM: 100.89 MB
Total Pagefile: 916.77 MB
Available Pagefile: 371.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.53 GB) (Free:29.85 GB) NTFS

========================= Users: ========================================

User accounts for \\LISH

Administrator ASPNET Guest
HelpAssistant Licorice SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

17-05-2012 11:22:46 Removed Nero 7 Ultra Edition
17-05-2012 17:22:12 Installed AVG 2012
17-05-2012 17:27:50 Removed AVG Free 8.5
17-05-2012 17:28:26 Removed AVG 2012
17-05-2012 18:59:51 Removed AVG Free 8.5
17-05-2012 19:02:58 Installed AVG Free 8.5
17-05-2012 19:39:03 Installed AVG 2012
17-05-2012 19:39:59 Installed AVG 2012
17-05-2012 21:19:15 Software Distribution Service 3.0
18-05-2012 11:56:51 Installed HiJackThis
19-05-2012 14:17:39 System Checkpoint
20-05-2012 19:33:00 System Checkpoint
26-06-2012 01:14:13 Software Distribution Service 3.0
05-07-2012 14:27:06 System Checkpoint
10-07-2012 15:22:50 System Checkpoint
11-07-2012 17:10:06 System Checkpoint
11-07-2012 21:03:10 Software Distribution Service 3.0
13-07-2012 10:50:20 Software Distribution Service 3.0

**** End of log ****

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:53 AM

Posted 14 July 2012 - 06:40 PM

Total physical RAM: 382.48 MB
Available physical RAM: 100.89 MB

This is too low.Upgrade your RAM capacity

good luck

Edited by narenxp, 14 July 2012 - 06:40 PM.


#3 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:53 PM

Posted 14 July 2012 - 09:27 PM

Remove also AVG as it is known for hogging the system memory.

Tekken
 


#4 The_Outkast

The_Outkast

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ft. Wayne, IN
  • Local time:09:53 AM

Posted 16 July 2012 - 05:49 PM

It looks like you might have Internet Connection Sharing (ICS) enabled. Are there any other computers that connect through this laptop to access the internet? If not, you might want to disable ICS, it could be causing some of your problems with web browsing.

To do so:

1. Click Start
2. Click Control Panel (maybe be under Settings, depending on the view you use)
3. Click Network Connections
4. Right click Wireless Network Connection
5. Select Properties
7. Click the Advanced Tab
8. Uncheck "Allow other network users to connect through this computer's Internet connection"
9. Click OK

You should repeat steps 4-9 for your Local Area Connection as well, just to make sure it's off (even though the adapter is disabled).

#5 Alexina27

Alexina27
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:09:53 AM

Posted 18 July 2012 - 06:59 PM

Thank you to narenxp - I will be installing more ram tomorrow. I'm sure that will be a great improvement!

Thank you as well to jhayz - Will I still need to remove AVG once additional ram is installed? Is so, can you suggest one that uses less memory?

Thank you also to The_Outkast - I have disabled Internet Connection Sharing. It has froze again so am shutting it down for the day. I'll see how it runs tommorrow with additional ram.

Thanks again for all your help - I really appreciate it!!

#6 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:53 PM

Posted 19 July 2012 - 10:26 AM

If you add one gig of RAM module, you will be fine but there are other free antivirus that are light on memory usage and also on booting time. Microsoft Security Essentials and Avast are ranked #1 and #2 alternately on most review sites today.

Tekken
 


#7 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:09:53 AM

Posted 21 July 2012 - 12:32 AM

System errors can be a huge drain on resources can you post a current minitoolbox report please.

Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users