Announcement

Collapse
No announcement yet.

OT, XP question....

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OT, XP question....

    Evan, this is probably your bailiwick...but I'll take anyone's ideas.....

    Neighbor has a HP with XP on it. He has a gig of RAM, but gets a lot of messages telling him things about the swapfile needing to be expanded.

    He also gets "out of memory, can't do that" type messages. (I'm relaying what he said, haven't got to look at it yet.). Latest was trying to load a game that requires only 256MB. Wouldn't work, put up insufficient memory messages.

    He did look to see what was running, and found 27 open processes....which I thought was an awful doggone lot...but it IS XP, so.....

    My initial diagnosis is (assuming no hardware problem) probable worm/spyware, but he has ad-aware and spybot, plus zonealarm. He is "between programs" for virus-scanners, having fired McAfee, so I pointed him at AVG.

    I also told him to run scandisk (for the swapfile problem), but he didn't find anything like it. Apparently it is renamed or not present in XP?????

    My questions:

    Is 27 open processes reasonable for XP?

    Is the chance of "mal-ware" as high as it looks to me?

    Is scandisk really not there in XP?

    Are there viri that would cause a lot of processes without popping up zonealarm alerts as they attempt to call out?
    I know that if they use an allowed program, like explorer, ZA won't stop them.

    I'd like to help him out, since they feed us some darn good dinners.....but I know gar nichts about XP, since I run 98.

    Thanks....
    JT

    P.S. AVG has worked great, thanks for the steer towards it...
    1601

    Keep eye on ball.
    Hashim Khan

  • #2
    Try posting on this forum. http://www.annoyances.org/ Good source of info.--RG

    Comment


    • #3
      My questions:

      Is 27 open processes reasonable for XP?

      Is the chance of "mal-ware" as high as it looks to me?

      Is scandisk really not there in XP?

      Are there viri that would cause a lot of processes without popping up zonealarm alerts as they attempt to call out?


      My machine as I sit here is running 27. That is determined by looking under the Performance tab in Task Manager. I have my machine carefully tuned to start the absolute minimum number of processes. Undoubtedly your friend has some unneeded/unwanted things running. Have a look at the Commit Charge peak value. That tells how much ram has been needed at any time since boot. I doubt the machine is really running short on ram, other things are happening. It is a common problem for progams to have a mistake in them where they have what is called a "memory leak". The program requests ram for its use and fails to deallocate it when finished. As far as the system is concerned that ram is forever still in use and no longer available. It can be seen as the commit charge climbs ever higher and will also cause a swap file error message. Unfortunately I can't tell you where to look. It could be anything. Use Msconfig from the run prompt and begin temporarily disabling startup items to try and narrow it down.


      Malware is a huge problem. Nearly every machine I see has similar problems. It is totally out of hand. Microsoft just issued patches for 20 new vulnerabilities including one that allows an e-mail or web page to install anything at all merely by enticing you to click on a link. Indetectable by the antivirus software and contains no attachment when as an e-mail.

      Scandisk is still there, it is called "chkdisk" in XP. It may be invoked from the command line (dos box) or by right clicking on the drive in Explorer and selecting properties from the menu. Select the tools tab and then pick "error checking".

      As to viri not activating Zone Alarm, yep sure. The latest crop of viruses disable Zone Alarm as well as other firewalls and antivirus software. Whats happening is a big change in the nature of viruses. Organized crime is now in the picture. These things aren't being written by teenage boys who can't get laid. It is the work of the Russian Mafia. They are using the viruses to set up networks of Zombie computers so they can use them to attack online betting and gambling sites. It's a modern version of the old protection racket.

      See here: http://www.theregister.co.uk/2003/11...ngs_in_online/

      [This message has been edited by Evan (edited 04-18-2004).]
      Free software for calculating bolt circles and similar: Click Here

      Comment


      • #4
        I just checked my pc and there are 42 processes running. What does that mean to me?
        gvasale

        Comment


        • #5
          <font face="Verdana, Arial" size="2">Originally posted by Evan:
          [i]Scandisk is still there, it is called "chkdisk" in XP. It may be invoked from the command line (dos box) or by right clicking on the drive in Explorer and selecting properties from the menu. Select the tools tab and then pick "error checking".
          </font>
          This isn't the OLD chkdsk, is it....that used to be basically a reporting program, with minor "repairs" (data tossing) to the file structure.

          Scandisk could do a disk surface scan and mark out bad areas. That is what I hoped it would do, as I wondered if a bad area were not messing up the swapfile
          (with a gig of RAM I hope the swapfile isn't that important, but this IS Microsoft....home of the 5 meg "Hello" file).

          1601

          Keep eye on ball.
          Hashim Khan

          Comment


          • #6
            Nope, not the old chkdisk. It also has a couple of command line options that change how it works. The swap file is important and is used regardless of the amount of ram present. Also, some programs will check for the existance of a swap file and won't run without it.

            Added: It doesn't help to try and relate Win 9X to XP. Win XP is Windows NT 5.1. That is how it identifies itself in an error report. Win 2000 is NT 5.0 which is the basis for Win XP. They are nearly the same but for the user interface and a few extras in XP.

            Gvasale, it means you have too many processes. Time to clean up with Spybot. Also, if you have an HP computer HP is fond of running all sorts of extra unnecessary crud. Kill them with the msconfig tool from the run dialog box.


            [This message has been edited by Evan (edited 04-20-2004).]
            Free software for calculating bolt circles and similar: Click Here

            Comment


            • #7
              JT,

              Try this:

              Click on the Start button and click on Run. At that point type in "msconfig" (without the quotes) and press OK. A requester will come up - then open the "Startup" tab and check or uncheck the processes you want or don't want. You will then be asked to restart the computer - do so.

              This also works for Windows 98.

              Edit:

              Changed to "startup" from "Services"



              [This message has been edited by Mike Burdick (edited 04-20-2004).]

              Comment


              • #8
                Mike,

                Disabling services from msconfig is not a good idea. In their infinite wisdom Microsoft made it possible to disable services in msconfig that are essential to system operation. Leave them alone. It is safe to disable startup items in msconfig. To correctly disable services, and there are many that may and should be disabled, use the management tool "services.msc" from the run prompt.

                It will allow you to stop a service and disable it. If the service is essential it will warn you of this and list the dependencies (other services that depend on that one). If you want to try doing this first find out what services are safe to disable, there are lots of web site dealing with this topic.

                Here is one:

                http://www.uksecurityonline.com/husd...leservices.htm
                Free software for calculating bolt circles and similar: Click Here

                Comment


                • #9
                  Evan,

                  Oops -- you're right, should have said startup instead of services.


                  [This message has been edited by Mike Burdick (edited 04-20-2004).]

                  Comment


                  • #10
                    Gentlemen,

                    Let me say that I'm a computer illiterate, and don't know much at all about these things. My computer has the XP windows system. When I bought it I also got one of the norton anti-virus programs, which I try to keep updated. Recently after running the norton scan I found I had a few "threats" called adware.virtumonde and a couple other adware ones. Everything still seems to be working OK but I couldn't delete them. How did I get these things? I thought that's why I had the norton program, to protect me from this garbage. Doesn't appear to work though. When I checked on the symantec website they had removal instructions, but I don't know if I have the skills needed to remove them. Looked like a real job for a computer illiterate like myself. What's going to happen if I don't remove them? Man, I love reading this forum and conversing by email to my friends but there are times like this when these damn computers hurt my head.

                    Chris

                    Comment


                    • #11
                      ACF, you need to download, install and run a couple of programs. One is AdAware, the other is Spybot Search and Destroy. Both of these programs will easily clean your system up.

                      J Tiers, while this is probably over-kill for your neighbor's situation, I recommend that anyone who knows what they're doing with computers (except Evan, he probably doesn't need this) try out a program called X-Setup Pro ( http://www.x-setup.net/ ). It makes it easy to get into your system and muck around with things (including changing the start up window screen). Thanks to it, I've been able to cut my boot and shutdown times dramatically.

                      [This message has been edited by Tuckerfan (edited 04-20-2004).]

                      Comment


                      • #12
                        Just be very, very carefull in downloading ANY software or opening ANY email with or without attachments if you don't know who sent! At work I have a Scumware / virus whatever, SpyBot can't get rid of it nor can the virus checker do it. The IT people tell me the only way to deal with is to re-format the harddrive!! Thank the Lord I don't have it at home, and I really can't say how it got on my computer at work... but this is something new, as in the last few months or so. B.G.
                        Retired - Journeyman Refrigeration Pipefitter - Master Electrician - Fine Line Automation CNC 4x4 Router

                        Comment


                        • #13
                          "...or without attachments if you don't know who sent!"

                          This is the biggest mistake most people make. Knowing who sent you something means absolutely nothing. You will recieve viruses from your friends, they are the ones with your e-mail address on their computer! Knowing who sent you something is no protection at all. Also, the viruses will fake the return address using whatever address it can find on the infected computer.
                          Free software for calculating bolt circles and similar: Click Here

                          Comment


                          • #14
                            Well, the neighbor has done the look-over and used the correct tool to follow the recommendations on the list.

                            As soon as he re-booted, within five minutes he got the "swapfile needs to be bigger" message again, just as if he had done nothing at all....

                            Using the scan tool did seem to make the machine work a bit better, he said. But it didn't fix the swapfile problem.

                            So, I told him that he should put on AVG (he hadn't yet) and run it and then all the others (spybot, ad-aware, etc).

                            Then he told me that now he can't get a connection on his cable modem!

                            He is going to go through and double-check anything he changed (he took notes).

                            I may have to go over and check this out myself over the weekend, my nice dinners are in danger
                            1601

                            Keep eye on ball.
                            Hashim Khan

                            Comment


                            • #15
                              Not knowing JACK about XP except it's expensive (in ca$h and space), the older versions had the swap file size in:

                              Control Panel -
                              System -
                              Performance Tab -
                              Virtual Memory Button

                              You could set the size yourself or have WinDooz manage it. It could be set too small.

                              Comment

                              Working...
                              X