TechSpot

Log check

By Louiscar
Apr 18, 2009
  1. Hi,

    I've been having problems with BSODs which I'm trying to track down in:
    http://www.techspot.com/vb/showthread.php?p=742034

    It's been recommended that I cover the bases, ie. eliminate or confirm malware and upload my log files for checking.

    Can someone take a look at these to confirm that I've got nothing malicious lurking, I'd be grateful.

    thanks
     
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    You have Symantec WinFax, if you don't need this any longer please uninstall it, anything Symantec is always a concern ;)

    Not sure how attached you are to Kaspersky, but I'd say uninstall it (Ideally Zone Alarm too) This program is very resource intensive, and Avira free antivirus is better anyway !

    If you do install Avira (being as I would do that)
    Please then update it, and run a full scan. It would be interesting to see what it finds and removes :)
     
  3. Louiscar

    Louiscar TS Rookie Topic Starter Posts: 18

    I hate Symantec too however, I leave Winfax in because I use my modem for faxing occasionally. It's the basic Winfax bundled with the modem. Many years old now and AFAIK it was the old Delrina product before Symatec got their greasy hands on the code.

    Kaspersky came near the top of virus scanners in tests, however, I wouldn't say I'm attached to it. That was a freebee given to me from my Bank so I have a one year license which I'm unlikely to renew when it runs out. However, as with all programs, I NEVER let them hog resources and put their 'watchdogs' in. Hence I run all scanners manually as and when I need to.

    Zone Alarm - well I've run that for years now and find it more useful than MS lame offering because it alerts me on outgoing traffic. I use version 5.5 which isn't that resource hungry and there are no suite utilities, it's just the firewall.

    The point at this stage is that these things I've been running for years and so cannot be responsible for my BSODs and unless they have been affected by malware, I am keen to keep on track finding out the reason for the BSOD problem because each time this happens I can end up with HDD corruption and it's becoming dangerous.

    Installing / uninstalling all sorts of new stuff has it's own dangers when a machine is unstable unless it's 100% essential.

    The exception is that I might swap Kaspersky for Avira however, this is the first time I've heard of Avira - used AVG before but that had a tendency to come up with a few false positives at times. Kaspersky's interface annoys me anyway. :)
    I need to look at the alternatives anyway before summer as this is when my license runs out so perhaps I'll look at some reviews.

    I'm trying to keep in mind my biggest clue to this scenario which is that all this happened after I had big problems installing .net framework 3.5. In that process (which I described in my orginal thread) something got screwed up.
    So if I am clear of malware according to my logs then shouldn't I be lookng at other areas?
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Give me a few minutes- I'm checking your logs now. I saw your original thread and I don't do the minidumps but going to suggest looking for the corresponding Error in the Event Viewer.

    EDIT: Okay, I don't see any malware in the logs and I'm going with my first thought: Find the Error(s) that correspond to the BSOD or error message you're getting:

    Start> Run> type in eventvwr
    NOTE: Please ignore Warnings and Information Events. You do not need to include the lines of code-if any- in the box below the Description. Please do not attach the entire event Log.

    I did notice something worth bringing your attention to:

    You have a lot of software downloads to manipulate various parts of the operating system and they're all on startup. It is possible that 2 or more of these program may be causing a conflict that is bringing up the BSOD. Some examples:

    These are all legitimate programs. But they might not all get along with each other.

    I would remove these from the Trusted Zone:
    I would check both of these entries using 'System Scan Only' in HijackThis> then Fix Checked:
    One more comment: I checked poker3d.sys because you mentioned as a frequent cause of problems. It's a File sharing network. Caution is given for any P2P, File Sharing.
     
  5. Louiscar

    Louiscar TS Rookie Topic Starter Posts: 18

    Hi Bobbye,

    Thanks for your input ..

    Unfotunately I've been doing some other investigations recently and have deleted the event logs because (see my other thread) I had noticed an alarming memory usage by Services.exe - it's using 645MB. One of the possible causes was the event logs needed to be cleared. This didn't have any effect though.

    I had also seen a number of errors in the event log but these were repeated at boot time and were Event ID 7000 errors to do with services that I no longer had. I went through the registry to get rid of these so that they didn't generate an error. None of the services were valid, needed due to the app or feature no longer installed.

    I therefore have no errors in the event logs unfortunately.

    The other thing which is curious, probably just highlights the intermittency of the BSODS is that I've not had one since my last reported. It's odd because they were becoming so frequent and now seem to have stopped.

    However, I've begun to suspect services.exe's unusual use of memory and massive page faults as a possible connection. Whether this is true or not remains to be seen but I am keen to track down the reason for this massive memory usage which on my laptop is only around 3MB.

    All I can do is follow the above when the next Bsod occurs.

    Understood however, most of these were running fine for a long time without bsods. The only thing I've recently installed was freecommander, the others have pretty much been with me since I had this machine - a long time IOW.
    Another thing to note with regard to freecommander is that it's not fired up automatically. Only when I need it and I've had BSODs with this not running.

    Not sure what you mean by "how are you using" Netlimiter. It's a badwidth limiter which I use to throttle bandwidth at certain times and also to preserve some of my upstream to allow for ack packets.

    WinHtrack is not used anymore I can get rid of that chaff.

    Amazon no problem, the second is my own site and coded by me so I know it's safe. However, there's little reason to put it there anymore, I think I was trying to play with some security settings many moons ago.

    I don't do P2P. Perhaps there is a p2p program of the same name. This particular Poker3d.exe is just a poker game called 'Texas Hold'em Poker 3D - Deluxe Edition'. I had only recently installed that and it was after the Bsod problem. I am beginning to discount it now as a catalyst, and as I mentioned in the other thread I was probably thrown off by the fact that it caused two consecutive BSODs but after that nothing. I have used it quite a bit and it's not forcing the problem anymore.

    The whole thing is pretty strange if you ask me. The worst kind of problems are the intermittent ones. :)

    I seem to be back to now looking at this memory usage and perhaps wondering if at some point or other there are memory leaks which increase the usage at times. Currently I see no evidence for that. At bootime services.exe grabs 645MB of memory and seems to be fairly constant regardless for instance if I shut or disable services. Now that I've elimnated the ID 7000 Event errors it's exactly the same.

    I just don't know when this started because I obviously failed to notice it when it changed. I'd guess that it was at the point where I did the .net uninstall / cleanup which begain this whole sorry affair. I can't help feeling though that I may be on to something and even if not sorting it out is probably a good thing at any rate since after adding up all the other processes I am losing 1GB memory in a 2GB machine.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...