using AVG software to remove virus

Click here to go to the driver for your printer.
Take note of the line that says: » Click here to have HP automatically check to see if you need a driver update.
Might be a good idea to use that.

I'd agree with Newt as well. Don't be afraid to say you don't understand. He's VERY good at explaining things.

 

All my RAM still slips away after an hour or two

Thanks Daizy and Newt for all the help and suggestions. Between spybot and adaware all my viruses (virii?) are gone. But I still have the same problem: I reboot and I have 86% available RAM, but in an hour or so I'm down to 26% RAM and have to reboot again. Why is it doing this? Any suggestions? It's not viruses any more, but something's still wrong. What can I do?

 

Dave - sounds like something is grabbing some memory, not releasing it even when finished with it, not noticing, and grabbing some more. Called a 'memory leak' usually.

The first thing to do is find out exactly what app is doing the deed. Maybe something that was damaged.

Go to www.sysinternals.com and the 9X utilities. Get a copy of the (free) process explorer. No install needed - just put it some place and then run it. You will have to tweak the settings to make sure it is showing what you want to see.

Start a session when you first boot up and get a feel for what you have running and how much memory & cpu time it is using. Then you can figure out what is growing as your system resources shrink.

 

First results of process explorer

Newt, I got process explorer and ran it. It never showed more than 30% cpu usage, even when I had IE with two or three websites open and also Outlook Express in use. But in about an hour and fifteen minutes the machine wouldn't do anything. When I right clicked on My Computer and went to Properties it showed only 26% of RAM available. This is the same thing that has been happening, even though this time processor explorer never showed more than 30% cpu usage at any time!

I don't know if this is a clue, but everytime I shut down to reboot I get a dialogue box saying "This program has performed an illegal operation and will be shut down" and under details "Explorer has caused an invalid page fault in module kernel32.dll at... "

Also using Adaware it found and I removed a bunch of stuff. One thing it couldn't remove the first time I used it was "virtumundo" which was "c:\windows\system\inetadpt.dll" I checked for Adaware to run on reboot and successfully removed "virtumundo" on reboot. but then on subsequent reboot my machine could never "find the server" and I couldn't go to web pages or use outlook express. So I removed "virtumundo" from quarentine with Adaware and rebooted, then I could use IE to go to webpages and also use Outlook express again.

I'm not sure why, but I feel IE may be the problem because its been damaged by some of the viruses I had. Can I reinstall IE over the existing one? Do you think a damaged IE is the problem? For God's sake, Doctor, my child is dying! Thanks.

 

Virtumundo is spyware. A nasty one that does indeed break your internet connection. It still needs to be removed.
Read here
In the middle of that page, is a link to LSP fix. Download it. It will fix your internet connection, once you've removed this spyware.

Can you give us the complete error message please?

I'd still be tempted to unplug your printer...uninstall the software...and see if it makes any difference....but that can be done as a last ditch effort, I suppose?

 

Virtumundo was removed and fixed as per your advice. I'm unable to cut and paste the info. from the IE error message, but I, laboriously, wrote down as much as possible by hand, but I quit after "bytes at cs:eip: "... If the rest after that is required, I'll copy down the rest of it on my next reboot. Here's what I did copy down:

Explorer caused an invalid page fault in module KERNEL32.dll at 019f:bff87f00. Registers: eax=c00309c4 cs:019f eip=bff87f00 eflgs=00010202 ebx=0142ff58 ss=01a7 esp=013f0000 ecx=81d55274 ds=01a7 esi=81d5bb84 fs=2f2f edx=bff7685 es=01a7 edi=013f0098 gs=0000 bytes at cs:eip

Any idea why the "process explorer" program suggested by Newt never showed over 30% CPU usage but I still lost RAM from 86% to 26% in about an hour or so, as it's been doing for about a month?

 

Until Newt comes back.....
It may be worth your effort to do an Internet Explorer Repair

*edit*
No...the rest of the error isn't neccessary. this is the part we were looking for:
Explorer caused an invalid page fault in module KERNEL32.dll at 019f:bff87f00.

 

I have IE 6, your referenced article is for IE 5, but here's something interesting: I went to add/remove programs to see if the repair option would be there for IE6. I don't have IE6 in the add/remove programs thing. All I did have was "Internet Explorer Q831167" When I clicked on it it said "this removes Q831167 and restores your previous configuration, I didn't do that. Do you know of anything that does the equivalent of your IE5 solution for IE6?

Also, when I go to "help" for my IE 6 and then "about," it not only says IE 6, but it has 11 updates or patches all starting with the letter Q and several numbers after each Q. I think that over the last year or so on several occasions I'd open IE 6 and my homepage would be from Microsoft inviting me to click and go to Microsoft and download/install "critical updates." I gues that's where the 11 Qxxxx updates came from.

 

additional reply

also, sometimes I have to reboot two or three times to get back up, last reboot I ended up in safe mode, when I tried to reboot I got the blue screen saying "a fatal exception OE has occured at 0167:10032ce9." When I clicked any key to continue, I then got "a fatal exceptionOE has occured at 0167:bff87f00." If that means anything.

 

Speaking of windows updates.........have you been there? Do you have all your critical ones done, as well as your dirvers?

At the bottom of the page... it says:
The information in this article applies to:
Microsoft Internet Explorer version 6 for Windows 98 Second Edition
Microsoft Internet Explorer version 6 for Windows 98
Does this help?

 

Dave - I've been away from that OS version a while but I seem to remember it would report low memory when you were running low on other system resources that had nothing to do with memory.

I've never seen a case of process explorer not reporting accurately so I'm confident that you do have RAM free in the amounts it says.

Not sure if something is eating your other resources (and can't for the life of me remember what they are) or if some settings were messed up by one of the critters you had and can just be reset.

More info if you want to look thru it

http://www.aumha.org/win4/a/resource.php

http://forums.infoprosjoint.net/showthread.php?p=73165#post73165

http://www.klippert.com/tcc/ResourceMem.htm (some duplication of the aumah article but some new stuff)

 

Hi Dave,

Again, update Ad-aware, configure like this and run. Delete all it finds. Download CWShredder and HijackThis from the link in my signature. Open CWShredder, close ALL other windows and hit fix. If still experiencing problems, place HijackThis in a permanent folder (I create a new one named HJT). Open and hit scan, then save log. Once it is saved it will open in notepad. Select all from the edit button, copy and paste the results here. Don't fix anything with it yet! It might also help reveal something to save and copy/paste a log from Process Explorer.

To repair IE, you can paste this command into the run box,

rundll32 setupwbv.dll,IE6Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt "

then locate IE6Setup.exe on your drive and double click to reinstall. You will need to visit Windows Update again.

 

Problem solved, I think.

After my month or two problem of booting up and having 86% or so RAM and going down to 26% or so of RAM in about an hour, I think my problem is finally solved. After adding Adaware and repairing IE 6 and getting rid of 35 viruses, including "Virtumundo," a particularly evil virus, all with the expert assistance of Daizy and Newt, I still had the same problem.

But last night after I rebooted I used control+alt+delete to remove the only two running programs in the close program dialogue box: Wusb11 and Run32.dll. Don't know why I tried this but was surprised to find out that doing it didn't affect running any of my programs like IE 6 and Outlook Express. So now my machine's been running like about 14 hours and I still have about 86% of RAM!

Thanks again Daizy and Newt for staying with me on this horrible problem, and to Noahdfear for weighing in at the end with even more tech support ideas.

Now that I seem to be OK, one last question. In the process of rebooting every hour or so just to be able to use my machine it often would take three or four reboots to get back up again. The machine would usually hang at the very end of reboot and I'd have to control+alt+delete three four times, or sometimes I'd have to hit the reset button on the machine. Ocassionally I'd get a blue screen with "a fatal exception OE has ocurred at 0167:10032ce9" and when I'd hit any key it'd go to "a fatal exception OE has occurred at 0167:bff87f00." I'm wondering if a month or so of rebooting my machine six or eight times a day has maybe stressed or strained my system. Plus all the **** left over in my system and/or registry from all the viruses I had acquired over the last two years (35!). Should I do some kind of routine maintenance or repair on my system? I've never done anything. And if so, what free software is available and recommended? My machine is a 1.2 gigahertz AMD motherboard with 512 mg of RAM and a 60 Gig and a 40 Gig hard drives. I'm using Win 98, second edition. Thanks in advance for help on this issue.

 

Wusb11 should be a Linksys wireless network adapter. Are you using one? Run32.dll is a valid process, but I don't think you should see it running. The Sircam virus uses that also, and am wondering if that's the process you are seeing and killing. With so many nasties removed, once you definately have ALL of them cleaned out, I would suggest running the System File Checker.

Get clean reports from both RAV and Housecall.

If you don't already have a firewall, you need it. Freebies available here. Sygate, Kerio and Zone Alarm are the most popular.

Maintenance
In addition to again cleaning out all temp folders, clean also everything from C:\Windows\Applog and run disk cleanup, scandisk and defrag. Best done in safe mode. If you're not already using it, the WinME defrag is much faster.

 

Hi again Dave Miller
Along with noahdfear's advice.... are you running a full time and updated virus scanner now? If not... do consider downloading AVG. It's free.