B
buttoni
I'm on an WinXP Home SP3 machine and having Event ID's 1517 and 1527
everytime a user logs off. We have one admin account and two Limited
accounts and at every logoff from one account to another results in multiple
explorer.exe's showing up in task manager process list. What I've done so
far:
1. Gone to Ctrl Panel, User Accts, Change the way users logon/logoff and
told the system toe completely close down programs when a user logs off.
2. Have and occasional (rarely) End Task on SuperAntispyware but
uninstalling SAS does not resolve the multiple copies of explorer.exe.
3. Have d/L and installed Microsoft's UPHClean (User Profile Hive Cleaner)
which installed without a glitch. That has eliminated the Event ID 1517's
and 1524's and now at logoff, there is just the Event ID1401 indicating it
has done it's job because explorer.exe was preventing unloading that user
profile.
4. My system was wiped and the OS was clean installed at a repair shop
recently, and a system file check using SCANNOW done by me afterwards yieled
no problems with system files.
5. Have run Trend Micro Housecall virus scan on-line and no infections
found. Have run TrojanHunter, SAS Pro, A-squared, Avast and MalwareBytes
scans and they all find no infections. I really think the pc is "clean".
6. Have cleared and increasesd the Pagefile to 2560 initial size; 2560 Max
Size, per AUHMA's recommendations.
But the problem of multiple copies of explorer.exe in Task Manager persists,
exactly one per user account that has logged on, despite all lthe above
efforts. As Windows is not freeing up the memory for these users at
logoff, by the time there are 3-4 copies, my memory maxes out, the pc freezes
and I have to shutdown via Task Manager, as the taskbar and start button will
no longer display on desktop.
For more technical details I am providing a link to my discussion on another
forum
http://forums.comodo.com/firewall_help/installation_question-t35968.0.html;msg255891#msg255891
I hope someone here can shed some light on possible cause or offer
suggestions. FYI only Comodo FW (with Defense+), AvastHome and SAS Pro are
realtime, besides the UPHCleaner itself.
everytime a user logs off. We have one admin account and two Limited
accounts and at every logoff from one account to another results in multiple
explorer.exe's showing up in task manager process list. What I've done so
far:
1. Gone to Ctrl Panel, User Accts, Change the way users logon/logoff and
told the system toe completely close down programs when a user logs off.
2. Have and occasional (rarely) End Task on SuperAntispyware but
uninstalling SAS does not resolve the multiple copies of explorer.exe.
3. Have d/L and installed Microsoft's UPHClean (User Profile Hive Cleaner)
which installed without a glitch. That has eliminated the Event ID 1517's
and 1524's and now at logoff, there is just the Event ID1401 indicating it
has done it's job because explorer.exe was preventing unloading that user
profile.
4. My system was wiped and the OS was clean installed at a repair shop
recently, and a system file check using SCANNOW done by me afterwards yieled
no problems with system files.
5. Have run Trend Micro Housecall virus scan on-line and no infections
found. Have run TrojanHunter, SAS Pro, A-squared, Avast and MalwareBytes
scans and they all find no infections. I really think the pc is "clean".
6. Have cleared and increasesd the Pagefile to 2560 initial size; 2560 Max
Size, per AUHMA's recommendations.
But the problem of multiple copies of explorer.exe in Task Manager persists,
exactly one per user account that has logged on, despite all lthe above
efforts. As Windows is not freeing up the memory for these users at
logoff, by the time there are 3-4 copies, my memory maxes out, the pc freezes
and I have to shutdown via Task Manager, as the taskbar and start button will
no longer display on desktop.
For more technical details I am providing a link to my discussion on another
forum
http://forums.comodo.com/firewall_help/installation_question-t35968.0.html;msg255891#msg255891
I hope someone here can shed some light on possible cause or offer
suggestions. FYI only Comodo FW (with Defense+), AvastHome and SAS Pro are
realtime, besides the UPHCleaner itself.