UPHClean / MS antivirus

[edavid3001]

Okay, so I get the 1517 event log issues (et al) on around 500 machines
including 2000 pro, server, 2003, xp pro. Some on AD, some on Domain,
some not.

Trying out UPHClean I get this;

The following handles in user profile hive domain\userl (user sid) have
been remapped because they were preventing the profile from unloading
successfully:

svchost.exe (1148)
HKCU (0x314)

What does this tell me? svchost is generic. HKCU - duh, I know that's
what is locked. 1148 the PID?

According to Process Explorer, 1148 has running in it gcasdtserv.exe
which is Giant Antivirus aka Microsoft Antivirus beta 1.

So is this what is causing these errors?

Also, I am testing on a XP PRO machine not on a domain. When I have
two users logged on and one logs off with this UPHClean running, the
monitor goes into power savings and cannot be woke up. Looks like the
PC is still running - HD has activity et al. But the monitor has no
signal.

 

[lvee]

if the UPHClean did not fix your user profile hive problem, then I'll
suggest one thing. If you have Zone Alarm, update it to the newest
version,6.0.667.000.

 

[Wesley Vogel]

What does this tell me?

UPHClean is telling you it has stopped the 1517 errors.

UPHClean is telling you that it closed handles that were preventing
the profile from unloading.

See >> You can also have UPHClean log the call stack that is responsible for
the
profile hive handle.

UPHClean v1.5e readme.txt
http://download.microsoft.com/download/a/8/7/a87b3d05-cd04-4743-a23b-b16645e075ac/readme.txt

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

 

[Yves Leclerc]

btw: The software "Giant" is not an anti-virus system . It is Giant
"CounterSpy" anti-spyware system. Soywares are not "officially" considered
to be virues yet!

 

[edavid3001]

Zone Alarm is not installed. I have a hardware firewall. Using XP's
software firewall.
And right after if fixed these errors, my computer crashes. How nice.

Uninstalling UPHClean crashed my computer also.

This is a computer that never crashes. Nothing other than the normal
software in startup is running. I am a net admin of around 500
Windows PC's - for over 10 years. Not a n00b. fyi. I reproduced the
error several times before posting. It wasn't a fluke.
Yup, your right. I wrote antivirus - it is antispyware. Duh on my
part. I use eTrust AV.
I have MS Antispyware beta installed - updated to latest version.

So I guess what I have learned is Microsoft Antispyware is locking my
HKCU registry hive. Hmmm.

 

[Ken Blake, MVP]

btw: The software "Giant" is not an anti-virus system . It is Giant
"CounterSpy" anti-spyware system. Soywares are not "officially"
considered to be virues yet!

You are correct that a spyware program is not a virus. However, it has
nothing to do with "officlally" or "yet." Despite the way many people use
the term "virus" to mean any form of malicious software, that's a very loose
use of the term, and is not what a virus actually is.

The term "virus" simply means self-replicating software. The software
doesn't even have to be malicious to be a virus (although it almost always
is). For more information, read
http://foldoc.doc.ic.ac.uk/foldoc/foldoc.cgi?query=virus

 

[Plato]

The term "virus" simply means self-replicating software. The software

Agreed:
http://www.bootdisk.com/txtfiles/virus.txt

 

[Ken Blake, MVP]

Agreed:
http://www.bootdisk.com/txtfiles/virus.txt

See, now and then we agree on something. <g>

 

[Plato]

See, now and then we agree on something. <g>

About every three years or so....grin

 

[Ken Blake, MVP]

About every three years or so....grin

LOL. Maybe a *little* more often than that.