Avast WEBforum
Other => Viruses and worms => Topic started by: AKatRT on May 02, 2011, 01:24:40 PM
-
Am having problems. Computer is slow, sometimes doesn't want to go into 'sleep' mode, sometimes blank or garbled screen, unstable screen. Virus got in even though Avast running, regular Malwarebytes checks, spyware blaster running. Downloaded Immunet - it found several problems (incl Trojan) but in the end it slows down so much that the computer gets hung up and the scan doesn't finish. Ran Dr Web CureIt, in safe mode, earlier and it found nothing. Can you help please? Thanks!
-
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
Click the "Scan" button to start scan
(http://public.avast.com/~gmerek/aswMBR1.png)
On completion of the scan click save log, save it to your desktop and post in your next reply
(http://public.avast.com/~gmerek/aswMBR2.png)
THEN
Download OTS (http://oldtimer.geekstogo.com/OTS.exe) to your Desktop and double-click on it to run it
- Make sure you close all other programs and don't use the PC while the scan runs.
- Select All Users
- Under additional scans select the following
Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
- Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
- When the scan is complete Notepad will open with the report file loaded in it.
- Please attach the log in your next post.
-
Essexboy, am I glad you're still on the job...... Thanks. Log attached. now on to action 2 of your instruction.
-
Yelp ? :rofl: ;D
-
OTS log attached. Thanks.
-
There are a few old AV drivers which I will remove, your temporary folders are very full. Did these problems occur before or after you installed immunet ?
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Win32 Services - Safe List]
YN -> (McSysmon) McAfee SystemGuards [On_Demand | Stopped] ->
YN -> (McShield) McAfee Real-time Scanner [Unknown | Stopped] ->
[Driver Services - Safe List]
YY -> (utmwntk1) AVZ Kernel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\utmwntk1.sys
[Registry - Safe List]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "Google EULA Launcher" -> c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA]
[File - Lop Check]
NY -> AVG10 -> C:\Users\korporaal\AppData\Roaming\AVG10
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
-
Boy, the actual scenario was somewhat different. Just finshed the scan. Took hours. Frequent messages asking whether to create files that could not be found. Thousands of files were supposedly involved. jpg, png, and a couple of flash player ones. jpgs all looked like garbage. I indicated 'skip' for all except for flashplayer where there was no skip option and I indicated the file was not to be created. At the end it indicated that the system should be rebooted to delete the files - I clicked 'ok' but nothing happened. No 'log' showed up either. What do you think, say? Thanks.
-
I forgot to answer you question, sorry, no, problems already there before and I downloaded immunet as an additional option to fix.
-
Just ran OTS again, same protocol, now indicated either 'cancel' or 'no' when it asked whether I wanted to create a file that did not exist. The scan went very much more quickly. At the end again the message about the required reboot to delete files. And again no reboot occurred. No log visible either. Please advise oh enlightened one..... Thanks.
-
Don't mean to overwhelm you with posts, but just so you have the most recent status, I can see from the way my pc behaves now, that the problem is not fixed yet. Thanks.
-
The reason OTS took forever was because you had near 1000 files in the temp folders ;D
OK next size hammer
Download ComboFix from one of these locations:
Link 1 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 2 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Double click on ComboFix.exe & follow the prompts.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
-
Ok, thanks. Attached. Hope this helps.
-
OK no malware evident at all - that is the good news
So we need to find a way to speed your system up and stop it hanging around
Please download Startup Lite from here (http://www.malwarebytes.org/startuplite.php) to your desktop
Run the programme and accept the recommendations given.
Reboot and let me know if there is an improvement
If not lets check the disc out
Download and run Puran Disc Defragmenter (http://www.puransoftware.com/Puran-Defrag-Download.html)
For the first run I would recommend a boot defrag and disk check
(http://i1224.photobucket.com/albums/ee362/Essexboy3/Puran.gif)
-
Will do and thank you!
-
Once done - the defrag may take a while as it runs a full chkdisc first - let me know how the system is behaving ;D
-
Thanks. Computer a bit better but still appears to 'hesitate', getting 'hung up', and continues to have an unstable screen. I did disc check - not FULL disc check. Will I get zapped for that? Should I immediately do the FULL Disc Check and hope my computer does not get obliterated by dragons? Thanks.
-
Just noticed, also have that problem still about no sleep mode kicking in. Thanks.
-
Yes the full disc check actually utilises the MS programme so it is safe and effective
I will have a little scout around about the sleep problem - Actually big thought do you have the system set to wake up on modem or something. I think that is the problem now I just need to find the real technical term for it ;D
-
Yes the full disc check actually utilises the MS programme so it is safe and effective
I will have a little scout around about the sleep problem - Actually big thought do you have the system set to wake up on modem or something. I think that is the problem now I just need to find the real technical term for it ;D
You mean WOL (Wake on LAN)? Lots of programs cause a computer to not standby or go to sleep though, could be something like webshots, weatherbug, or a host of other annoying programs that cause it.
-
Thanks. I will do the full disc thing. No wake up set up - you're dealing with a baby in computereze......would have no clue to even set something like that up. Doesn't do it always either (the not going into sleep mode), does it sometimes.
One more thing please, for some time now a notification box shows up with the text "host process for windows services stopped working and was closed". I click it away and nothing seems to happen (as in all remains as is). But no clue as to what it is or means. Any relationship with the problem you think? Thanks again.
-
Not sure whether my comment before on that 'host' stuff made any sense. Have used the machine during the day. Again somewhat better, but does remain slow, e.g. as if it hesitates when you type, but mostly with email (yahoo, hotmail) Does not make any sense I suppose. But thought I'd share anyway. Thank you.
-
Could you try disabling Immunet for a while and see if that makes a difference
-
Thank you. Yes, I did that already a couple of days ago. But I recall that during the uninstall process it asked me whether I wanted to uninstall all or leave some stuff for when I decided to get it going again. I made the horrible mistake of electing to leave some stuff. How can I cleanse all that may have been left behind during this particular uninstall process? Can you help me with that please? Thanks. That 'host process for windows has stopped' message does not have an impact you think?
-
How about that, using a trick you showed last time I found remaining spyware doctor and immunet (junk)files by using Revo uninstaller. Deleted these. Hope that revo junk file identifier will have caught them all (if I need to do something additional still, plse let me know). I will test again and advise. Thanks.
-
Aye revo is quite good like that - is the host process error still occuring ?
-
Thanks. It did after the particular post, but not since the last post today. The syndrome of 'hesitation' in the screen display is still there but I could live with it. Can I ask you still, do you believe the problem was orginally caused by a virus - also since it appeared that Immunet identified a virus. Anything I can do still (have spyware blaster, malwarebytes, avast) to avoid the real bad stuff from happening again to me? And I also noticed that Avast throws the adobe flashplayer into the sandbox - can it (adobe flashplayer) cause the problems I had? I used it frequently in the past for streaming stuff and videos. Thanks again.
-
I saw no indication of a virus - unless immunet killed it - do you know the file name ?
Yes, the flash player can be a vector for infection
-
Thanks. I deleted Immunet since (so no names from history) but it claimed it had wiped out a trojan virus.
Do you believe Immunet is worth having installed or does it just cause conflicts?
Is there an alternative when a certain website tells you that to view their content you have to download / install flashplayer? For example I have a favorite sports site, ESPN, a major site, that basically tells you to go down the flashplayer road - do I have an option then or am i stuck with having to install flashplayer to view content?
Thank you.
-
Install flash player only from the adobe site, if a site asks you to update flashplayer then decline and again go to adobe to update
http://www.adobe.com/support/flashplayer/downloads.html
Not sure about immunet as I have never tried it - might download it to my vm for a play
-
Thank you.
I will do just that on the flashplayer, appreciate the advice.
OK, would be interested to hear from you how your feel about Immunet. None of the other stuff I have installed captured a virus, but on the other hand after Immunet did what it did, I still had a problem and had to bother you again. So it may have killed the virus but did not restore my computer.
Thanks. Thanks.
-
OK I will install it tonight and have a play tomorrow ;D
-
Just experienced where IE stopped working, 2 x. Plus on hotmail, when you respond to a message it for some reason uploads and attaches a whole stack of pictures (.gif) - not mine, and also all the same. Remains weird. I had all this days ago as well. Can't figure it.
-
Do you recognise the gifs ? Could you attach one to the post or e-mail it to me if you wish
-
Boy, do I appreciate your patience. How would I email to you? Is there some avast address for you? Perhaps relevant still, I tried to install flashplayer from the weblink you provided. Their download manager seemed to get hung up - and I simply abandoned. But earlier I noticed that avast appeared suspicious of the download and did something with sandbox (I since changed the sandbox setting to 'ask'). I tried again but then I got that download manager hang-up issue and abandoned. Any relevance you think? Thanks again.
-
I will send my addy in a PM - have tried immunet and on my slow VM it went even slower - if that is possible ;D
-
Got the address and sent my mail. Thanks very much for making the address available. Yes, I remember that during a scan it slowed my machine down to something snail like. Thanks.
-
Are you using windows mail or livemail as your client ?
-
http://sn130w.snt130.mail.live.com/default.aspx?wa=wsignin1.0
Looks like live mail to me? Does the above provide the info you need?
-
Do you get your mail from the site or do you use the windows live mail from your computer ?
The reason I ask is that the gifs are for facebook/twitter/bing/rss etc... and appear as a type of banner on your e-mails
-
I believe the site, my first screen is "http log-in live etc etc". Hope that makes sense. Thanks
-
OK could you download windows live to your system and install the mail element
http://explore.live.com/windows-live-essentials?os=other
Then collect your mail using that and see if you get the same occurence
-
Yes, unfortunately no change. But I can click these images away, can live with it - unless these create some of the earlier temp files? No repeat of IE problem thus far today. Thanks.
-
I will have a rummage around in my live mail and see if they are there as an option
-
Thank you!
-
Could you go to options and under the signature tab ensure that it is not set
-
I am struggling. The only thing I could find remotely matching your instruction was:
Options►Personal email signature
Does not look at all like your screen. Sorry. Would need another hint please. Thanks.
-
No problems - open windows live mail and select the drop down on the left
Select Options and then mail
That will bring you to the tab I showed earlier
-
Ok, got there. No, nothing there. I suggest I try it again for a day or so and leave you to people who need your help more - but I thank you for your help. Can you send me on my way with one last suggestion on the flashplayer issue I mentioned, i.e. how, when I download from the website you gave me, Avast may be doing something to it (sandbox or whatever) where the Adobe download manager gets hung up? Thank you!!!
-
Download the standalone installer from here http://www.filehippo.com/download_flashplayer_ie/ to your desktop
Run the programme and if Avast queries it then use the drop down to allow it to run normally
-
OK, will do, and thank you.
-
Sorry, not good. Again as before computer slow, screen unstable, freezes up. Any other possibilities? Thank you.
-
Lets have a look at the system
Download Speedfan (http://www.filehippo.com/download_speedfan/) and install it. Once it's installed, run the program and post here the information it shows. The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.
(http://artellos.geekstogo.com/speedfan.png)
(this is a screenshot from a vista machine)
Then I will look at a slightly different area of the system with another diagnostic
Please download (http://artellos.com/sino-page) SINO by Artellos (http://artellos.com/me).
- Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
- Then please check the following checkboxes:
System Info
Services
Boot Check
Tasklist
Startup Items
Event Log
Ipconfig
Ping
Netstat
Hosts file
Shares
Routing Table- Once checked, hit the Run Scan! button and wait for the program to finish the scan.
- A notepad window will pop up. Please attach to your next reply.
Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.
-
Ah, thank you. I will have to run tomorrow plse otherwise short of time. By the way I have this Avast 'WebRep' add-on running - hope that is not the cause -> can try to run without if you believe it a good idea. But I will do what you suggest in your post. Thanks.
-
I have web rep on and it has caused no slow down that I am aware of ;D
-
Ok, yes, I believe you are right. Will do as suggested by you and get back. Thanks.
-
Re Speedfan, the info you circled on the left (fan info) is not shown. With regard the info on the right - thus far unable to copy it and bring it into a post - any suggestions please? Thanks you.
-
AKatRT,
Can you give us some information about your machine like any add-on's you use (NoScript, ect.), browser, ...information that should be in your Signature...as this may help us figure out why you can't see the information you just posted? You can make it your Signature if you want and just say in your post "see Signature." Thank you.
-
Perhaps I'm not being clear, sorry, my problem is that EB wants to see info from Speedfan, but I have no idea how to copy that from the speedfan display. Copy paste does not appear to work.
If you require addit info about what I run here (signature info?), please help me and tell me where I can find that info. I run Windows Vista on a Toshiba laptop.
-
I'm sorry, I wasn't clear from your post. Can you do a screen shot of the problem?
To create your Signature:
Please go to PROFILE on the top of the main forum page > Modify Profile > Forum Profile Information > Signature. Enter information about your system like the Operating System (OS), RAM, browser, security software, what version and product of Avast and firewall you use and other items you wish to mention. See my signature or others as an example.
-
This is the info from Speedfan - copied over: HDO: 35 C; Temp 1: 60 C; Core 0: 55 C; Core 1: 59 C. Thanks.
-
Attached is SINO log. Thanks.
-
Latest problem was (as was earlier) that upon start-up after sleep mode, system freezes up. Thanks.
-
I will go through the sino report tomorrow as it is late now
Meanwhile could you visit this page and disable wake on LAN http://www.howtogeek.com/howto/windows-vista/fix-sleep-mode-randomly-waking-up-issue-in-windows-vista/
-
No problem, take your time, I can still work the machine.
I tried to do what you asked on disabling, and found two components under network adapters: Intel WiFi Link and Realtek PCie FE. Any idea which one of these two I should disable (or both)? Thank you.
-
Try both ;D
One is your wireless and the other the network card
-
Thanks, will do. And advise.....
-
Managed to accomplish that. Will see how it goes. Had another blank/garbled screen pop up before I changed this. Will see now. Thanks.
-
Hi again - well the general concensus is that the system appears OK, but below are all the elements running when your system starts. If these can be trimmed down along with setting your services to the blackviper safe list
http://www.blackviper.com/2009/05/31/black-vipers-windows-vista-service-pack-2-service-configurations/
It may ease the strain on your system
[OneNote 2007 Screen Clipper and Launcher.lnk] - <Startup> - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[TRDCReminder.lnk] - <Startup> - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[Bluetooth Manager.lnk] - <Common Startup> - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HP Digital Imaging Monitor.lnk] - <Common Startup> - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[SynTPEnh] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[topi] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
[Google Desktop Search] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[Google EULA Launcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
[StartCCC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
[RtHDVCpl] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RtHDVCpl.exe
[Camera Assistant Software] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
[HDMICtrlMan] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
[Toshiba Registration] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
[SSBkgdUpdate] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
[OpwareSE4] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
[WrtMon.exe] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
[Windows Mobile Device Center] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - %windir%\WindowsMobile\wmdc.exe
[NokiaMServer] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
[Nokia FastStart] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
[Toshiba TEMPRO] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Toshiba TEMPRO\TemproTray.exe
[PMBVolumeWatcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
[Adobe Reader Speed Launcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[Adobe ARM] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[MSC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
[Malwarebytes' Anti-Malware (reboot)] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
[avast] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
[Sidebar] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Windows Sidebar\sidebar.exe
[WindowsWelcomeCenter] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - rundll32.exe oobefldr.dll,ShowWelcomeCenter
[ehTray.exe] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Windows\ehome\ehTray.exe
[swg] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-
Oh boy, how do I accomplish that? By the way, thank you very much for sticking with me again - I much appreciate. But help me one more time please, how do I knock these guys out? Sorry, but no clue at this end. Thanks.
-
We will use Autoruns to determine which can be removed
Download Autoruns from the link below:
1: Extract the Autoruns Zip file contents to a folder.
2: Double-click the "Autoruns.exe".
3: Click on the "Everything" tab
4: Remove any entries that mention
"File Not Found"by right-clicking the entry and select Delete.
5: Go to File then to Export As or Save in some versions.
6: Save AutoRuns.txt file to known location like your Desktop.
7: Attach to your next reply.
[/list]
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
-
Did not work, uploading the file. File is .arn. Anything else I can do with that?
Also, McShield, file not found, did not allow access for deletion.
Thanks.
-
When you save the log change the file type to txt
-
Sorry, had forgotten. Mc Shield not deleted. Thanks.
-
Run autoruns again and remove the ticks from the following
" A d o b e A R M "
" A d o b e R e a d e r S p e e d L a u n c h e r "
" C a m e r a A s s i s t a n t S o f t w a r e "
" t r a y b a r " " C h i c o n y "
" G o o g l e D e s k t o p S e a r c h "
" G o o g l e E U L A L a u n c h e r "
" N o k i a F a s t S t a r t " " N o k i a M u s i c "
" N o k i a M S e r v e r " " N o k i a M P l a t f o r m "
" O p w a r e S E 4 " " O C R A w a r e " " S c a n S o f t , I n c . "
" P M B V o l u m e W a t c h e r " " M e d i a C h e c k T o o l "
" S S B k g d U p d a t e " " S S B k g d U p d a t e "
" S t a r t C C C " " C a t a l y s t ® C o n t r o l C e n t e r L a u n c h e r "
" t o p i " " T O S H I B A O n l i n e P r o d u c t I n f o r m a t i o n "
" T o s h i b a R e g i s t r a t i o n " " V i s t a R e g i s t r a t i o n "
" T o s h i b a T E M P R O " " T o s h i b a T E M P R O "
" H P D i g i t a l I m a g i n g M o n i t o r . l n k "
" O n e N o t e 2 0 0 7 S c r e e n C l i p p e r a n d L a u n c h e r . l n k "
" T R D C R e m i n d e r . l n k "
" s w g " " G o o g l e T o o l b a r N o t i f i e r "
Then reboot
-
Not Good. Please help. We killed something that causes my machine to no longer recognize available wireless connections. Please. Thanks.
-
None of those are related to your wireless connection as far as I can see replace the tick in the two following items - although Nokia should not affect your wireless
" N o k i a F a s t S t a r t " " N o k i a M u s i c "
" N o k i a M S e r v e r " " N o k i a M P l a t f o r m "
-
Do I need to reboot after I make the changes?
-
Yes please
-
Since we were at the 'hoping what might work' stage, I went instead with checking off:
Start CCC
Toshiba registration
Toshiba Tempro
TRDC Reminder (just because I liked it back - not because I thought it would impact the problem)
Wireless detection / connection is back.
But it had an impact on speed and the shaky screen is back to some extent.
Puzzle: Which one of the restored checked brought wireless back and which one of the checked may have (significant) impact on speed / steadiness??
No way that I would know.....
Thanks.
-
Start CCC
Toshiba registration
Toshiba Tempro
Disable one at a time and then see which one stops the wireless, rebooting each time
Yo say the system improved when they were disabled ?
Start CCC is related to the video - so kill that one first
-
Yes, system was fast and steady when these rascals were disabled. And again the problem is most noticeable when on mail (hotmail, yahoo). weird stuff.
I will experiment and let you know.
Thank you.
-
Once you have done that we will then look at some driver updates
-
Ok, appreciate. Stiil have to do but will get to it.
-
It appears that the Toshiba / Vista registration program is the cause of the wireless issue. Perhaps an id recognition issue between my wireless network and the pc. In any event, wireless is fine now and the PC runs better but still has issues when in internet mode (i.e. mail and interactive websites: slow, shaky screen, freezing - but if need be I could live with it). I was wondering, could there be a problem with the IE version I have? Although I have no idea how to find out which version I use currently, how to check that. And there was still your suggestion of checking the drivers for updates - but I would need help on how to accomplish that. Thanks.
-
Although I have no idea how to find out which version I use currently, how to check that.
If you open up IE, you should see an icon on the right side of your screen with a question mark. Click on that and it should tell you what version you have. If you have a very old version, then you can go to Computer > Add/Remove Programs > Internet Explorer and it will give you the version number there as well.
Essexboy will be able to answer your other questions when he returns to the forum.
-
Ah yes, thank you, it is IE 9. Appreciate.
-
Are you current on your MS/Windows Updates?
-
Yes, I am.
-
OK...good. I'm going to let Essexboy answer your other questions, then when he is done I'll have you run a Secunia Software Inspector PSI to make sure your other software is up to date since software is changing all the time.
-
Allright, I appreciate your help.
-
No problem. One final thought....you really don't need Windows Defender (WD) on as resident (running all the time) with Avast. Is MBAM free (on-demand) or paid version (resident)? You are still well protected and WD is a memory hog.
-
Thanks. MBAM is the free version, so on demand. Still go ahead and switch off WD?
-
You really don't need it, so I would put WD to on-demand. Avast is scanning all the time in the background. Should you ever need WD, just update the definitions first, then run it.
-
OK, will do and thanks again.
-
I also noticed something else. And it is interesting that earlier we said we should do that speedfan check. It seems that (I believe after some IE / internet) activity, the power and fan speed get 'hung up' at 'high'. Certainly sounds that way, can hear that fan charging away. Have to put in sleep mode to calm it down..... Not sure this is relevant but thought it better to report. Thank you.
-
Methinks it may be a video driver problem
http://www.innovative-sol.com/drivermax/ go here and install the small programme then run
It will then take you to a webpage with a list of your outdated drivers and a download link..
You can get two free downloads per day
The first driver to update will be the video card one
Do that and let me know if the shaking disappears
-
Will do. Thank you.
-
A pain to install. Outdated versions etc. In the end was able to run. But info is wasted on an amateur such as I am. I took the liberty of sending the driver list to your email address - hope you are ok with that..... Would you be willing to take a look and tell me which one to update first please? Thanks.
-
No problem - I have just seen it :o
Today download and install these ones
ATI Mobility Radeon HD 3470
Intel(R) ICH9M-E/M SATA AHCI Controller
Click the little disc image on the right and you will be given the option of several drivers
Select the top one and click download driver
It is fairly automatic from there on in
Once those two are done then tomorrow we will select two further ones to download - untill you are updated and flying
-
Thank you. Will do that.
-
Did that, but when you run that driver check again it still shows the good ole x next to driver. So confirmed as new version downloaded but still the x. Does it require a reboot after the driver update? Thanks.
-
Yes it should ask you to reboot on completion
-
I didn't see that, but I will. Thanks.
-
When starting up this morning, no improvement as yet. Still shakiness and freezing up when working websites (email and the like) Thanks.
-
You still have several drivers to install, but only allowed 2 installs per day according to Essexboy. Remember to reboot after each install. So we'll have to see how things progress after the other installs. Thanks for the update. :)
-
Yes, I understand, no problem, I'm a patient guy and grateful for the help. I assume the right thing to do is to wait for EB to advise the next two drivers - again, no problem. Thanks.
-
Did you disable the ATI catalyst from starting again
StartCCC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
? These two next I feel ;D
Intel(R) WiFi Link 5100 AGN
Realtek PCIe FE Family Controller
-
That first one has me stumped - what to do there?
Second set of drivers I can try.
Just got the following explanatory message after a program supposedly was stopped......:
What is Data Execution Prevention?
Data Execution Prevention (DEP) is a security feature that can help prevent damage to your computer from viruses and other security threats. Harmful programs can try to attack Windows by attempting to run (also known as execute) code from system memory locations reserved for Windows and other authorized programs. These types of attacks can harm your programs and files.
DEP can help protect your computer by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you.
-
If you could start autoruns and remove the tick from that box
DEP occurs sometimes if memory is not used/released properly
-
ATI had already been unchecked from autoruns. I will do the drivers now. Thanks.
-
Once done could you mail me the updated page ;D
-
Absolutely, thank you. For now they are making me wait - 24 hrs not yet passed apparently.
-
Typical I bet they go to the microsecond
-
Probably. But I'll let you know and will send the list when they remove the hold. Thanks.
-
List has been sent over to email address. DM confirmed in another report that 4 drivers had to date been updated. Thanks.
-
Just an update, when on IE, still have shaky flashing unstable screen. And a freeze up every now and then. Sorry. Thanks.
-
OK next we will do the PCI cards - is the video on your system on a card or on the motherboard ?
Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
Mobile Intel(R) 45 Express Chipset Series PCI Express Root Port - 2A41
-
Astonishing, I actually found that stuff.
With regard the Intel ICH9 device: It gave as location PCI bus 0 device 28 (whatever that means....)
With regard the Intel R45 device: It gave as location PCI bus 0 device 1
Both devices indicated: Running properly / no conflicts / driver is up to date (I also ran check on that)
But I am not sure any of the above gives you the answer you requested......
-
If you had a PCI video card that would produce some improvement, although looking at it you appear to have the video on the motherboard
When you had the stable screen what programme was disabled that is now enabled ?
-
From an autoruns aspect, it is these:
Toshiba / Vista registration
Toshiba Tempro
TRDC Reminder
Toshiba / Vista registration appeared to be required to fix the the wireless problem. But also, I don't see how any of these could cause the issue I have. And they all have been installed for centuries.
But if I may ask, why the problem only when I'm working the internet via IE? I don't have a problem with this website, not when I watch a sportsvideo on a sports website, not when I work with Outlook, not with any of the installed programs, only when IE is the vehicle. I don't get that. Could there not be something with IE 9 that may cause this problem? Thanks.
-
Might be worth rolling back to IE8 and testing it out
-
Just so I don't mess something up, I just tried to download IE8 but IE9 is in the way. Can I remove IE 9 without doing damage to my system / data? So that subsequently I can download IE8. Thanks.
-
Just so I don't mess something up, I just tried to download IE8 but IE9 is in the way. Can I remove IE 9 without doing damage to my system / data? So that subsequently I can download IE8. Thanks.
Removing IE9 will just revert back to the previously installed browser version, or at worst, give you the default browser back (IE7 for your case I think).
No problems with removing the latest version, it won't harm your files/system.
-
Thank you!
-
Excuse the paranoia, but so what I do is go to program files (I can't find IE in programs under Control Panel), and click on internet explorer and then right click delete or cut.......or not. Or do I then kill the entire IE program and not just the latest IE 9 version? I am unsure. Thanks.
-
In the add/remove section of control panel there should be an option to show installed updates, this is where IE9 will be. I am not on my XP system at the moment to give you a step by step instruction - but if you cannot find it I will flash it up
-
We did it (remove IE9). I will test for a bit now. Thanks.
-
Be interesting to see if that resolves it
-
Will keep you posted. And thank you.
-
Ok, that fixed the problem, reverting to IE 8. Unbelievable. I don't have the fastest machine now but we're ok. May I still ask you two questions please:
1. When working in hotmail I continue to have that 'banner' problem where .jpg items get attached for some reason - we worked this earlier. My question is when it creates these attachment it numbers them 1 through infinite. Do these things create files somewhere, temp or otherwise, and if so how best to get rid of them?
2. Any 'regular maintenance' you can suggest to ensure my computer does not lose too much speed?
Thanks!
-
Could you update to windows live mail http://explore.live.com/windows-live-mail?os=other
That should fix it
Regular maintenance would include emptying the temporary files regularly using either CC or TFC
And not allowing any programme you install add itself to the startup list
-
That Life Mail looks more like Outlook to me, but I understand what you say and although I'll miss my ole hotmail, i will have to do it. MSN no longer 'maintains' hotmail then I assume?
I will do what you say with the temp files.
Other than that looks like I'm off and running again. So thanks (!) and till the next time (hah!).
-
Nope it is now all windows live stuff
Keep safe ;D
-
That Life Mail looks more like Outlook to me, but I understand what you say and although I'll miss my ole hotmail, i will have to do it. MSN no longer 'maintains' hotmail then I assume?
I will do what you say with the temp files.
Other than that looks like I'm off and running again. So thanks (!) and till the next time (hah!).
Nope it is now all windows live stuff
Keep safe ;D
Well, they still do have "hotmail". You're thinking of the client software though I think.
Outlook Express was built-in to Windows XP and with Windows Vista and 7, it was replaced by Windows Live Mail. Same software, just updated a bit. You probably have guessed by now, that each time they update their Office software, the built-in "dumbed-down" version of mail client that is installed by default in the Operating System corresponds to whatever version of Office that is available at the time.
XP has Outlook express, which sort of corresponds to Outlook 2003. Windows Vista/7 have Windows LIve Mail, which more or less looks like Office Outlook 2007/2010.
The services are still there, it's just the software that changes. Hotmail.com is still available and working, it's just the new addition of @live.com addresses that are new (which I have). Now, reading my @live.com emails, I still use hotmail.com to access them.
-
Thank you for elaborating, appreciate.
-
'Bug' you on more (last) thing please. Re your answer to my question on maintenance and getting rid of temp files, your answer was "Regular maintenance would include emptying the temporary files regularly using either CC or TFC". I have on my pc an FTC by Oldtimer. Not sure where I get the CC option from - can you help me with that still please? Thanks.
-
Here are a few suggestions on regular maintenance in addition to the ones given to you already to keep you and your machine safer in the future:
1. Keep your definitions up to date for both Avast and MBAM.
2. Keep all your shields on with Avast.
3. Update MBAM prior to scanning, then do Quick scans.
4. Keep your MS/Windows Updates current.
5. Add security related Add-on’s to your browsers for safer browsing. See my Signature as an example.
6. Use common sense when browsing and do not go to risky sites.
7. When downloading software, read what you are clicking and do not download adware toolbars which are commonly opted in; look before you click or do a Custom install to avoid putting unwanted toolbars on your machine that lead to spyware tracking or adware.
8. Check to see that your software is up to date with the free Secunia Software Inspector http://secunia.com/vulnerability_scanning/personal/ (http://secunia.com/vulnerability_scanning/personal/) since software is changing all the time. This site gives you the vendor's direct download link making it easy to upgrade your software. Many of us here scan our machines weekly.
9. Use CCleaner (CC) after closing your browser regularly. You can also use TFC as needed (depends on your Internet usage - perhaps weekly, or if suspected of malware) in addition to CC.
Let us know if you have any other additional questions. :)
-
Not sure where I get the CC option from - can you help me with that still please? Thanks.
http://www.piriform.com/ccleaner/download/slim/downloadfile
-
Maybe the OP meant the CC build option...http://www.piriform.com/ccleaner/builds (http://www.piriform.com/ccleaner/builds). I suggest the Slim Version with NO toolbars - scroll down to the bottom of the page.
-
Thank you all very much!!! Appreciate!
-
No problem. Let us know if you have any other questions. Stay safe. :D
-
Maybe the OP meant the CC build option...http://www.piriform.com/ccleaner/builds (http://www.piriform.com/ccleaner/builds). I suggest the Slim Version with NO toolbars - scroll down to the bottom of the page.
+1 for the slim version, tried to post a direct link, but this doesn't work. :-\
Thank you all very much!!! Appreciate!
You're welcome..!
-
What they said ;D
-
Appreciate all the great support and interest. Thanks.
-
Keeps us off the streets and out of the pubs
-
Hope not......I would feel bad. Take care (don't skip the pubs).
-
And again the machine wins....screen locks up and / or garbled screen (no unstable screen though). Perhaps something I have to live with. But if any ideas still out there, please let me know. Thanks.
-
Well I didn't go to the pub, so you're stuck with me again. Is the screen issue the only problem you are having now? Otherwise it is running quicker and no other problems?
Edit: I have notified Essexboy to return to this thread when he gets to the forum. In the meantime, could you please answer the question above when you get a chance.
-
Admire your patience and resilience. Yes, screen freezing and / or garbled is only problem I have. Speed is good after I ran the temp file cleaner again. Thanks.
-
'Tis probably a video problem - did we update your Video driver, and is the monitor connected properly and not loose
-
We did and it is a laptop. I worry there is a conflict somewhere, between two programs / applications - you have any ideas on this perhaps? (but of course, what do I know, just guessing). Thanks.
-
We could try a clean boot - now this is a tad tedious but it should pinpoint any driver conflicts
As I say this is tedious but you may get lucky the first time around
Step 1: Start the System Configuration Utility
1. Click Start, click Run, type msconfig, and then click OK.
2. The System Configuration Utility dialog box is displayed.
Step 2: Configure selective startup options
1. In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
2. Click to clear the Process SYSTEM.INI File check box.
3. Click to clear the Process WIN.INI File check box.
4. Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
5. Click the Services tab.
6. Click to select the Hide All Microsoft Services check box.
7. Click Disable All, and then click OK.
When you are prompted, click Restart to restart the computer.
Step 3: Log on to Windows
If you are prompted, log on to Windows.
When you receive the following message, click to select the Don't show this message or launch the System Configuration Utility when Windows start check box, and then click OK.
You have used the System Configuration Utility to make changes to the way Windows starts.
The System Configuration Utility is currently in Diagnostic or Selective Startup mode, causing this message to be displayed and the utility to run every time Windows starts.
STEP 4: Troubleshoot [list=1]
- Now restart and test the issue at hand
- If no problems, run msconfig and recheck half the disabled items on the Services tab. Reboot to test again. If the problem recurs, Uncheck half the items you just checked to narrow down the culprit.
- If the problem does not re-occur, check the other half, so all the Services are enabled. Reboot to test again. If the problem recurs, Uncheck half the items you just checked to narrow down the culprit.
-
Wow, I'll have to build up strength, take vitamins, and probably more potent stuff to bulk up in order to take this on. But I will and let you know. Thanks.
-
It is tedious - I had to do it once on a system - I did not strike lucky and it was the last driver I disabled that was the culprit
-
Understand. Funny thing is that this high fan speed has come back also - the thing is racing all the time even though I have it set at power saver. Weird stuff. Thanks.
-
Funny thing is that this high fan speed has come back also <snip>
Does the fan need a dusting? Is your machine overheating when you use it; do you need a laptop cooler? I understand it happens when the CPU is high, but sometimes "housekeeping" can help.
I think you may be ready for the pub after Essexboy's instructions. :P
-
You're right about the 'weight' of EB's instructions - I'm in training camp now, preparing.
That fan speed goes up at unpredictable (for me at least) times, but it seems (and only that) it coincides with the freezing up / garbled screen issue. I have to then put this baby to sleep to calm it down. But now have not had freezing up or garbled screen problems for half a day. But since the pain regime that EB has suggested, I have been on my knees a lot.... Thanks.
-
That does sound like you may be getting a bit of a heating problem
Any dust bunnies on your computer ;D
-
No rabbits that I can see. I will do that exercise you suggested first and worry about rodents later. Thanks.
-
An update. I did the clean boot. I did not see much of a change. Then I tried something else - not sure whether at all relevant but would like your views please. I used to have multiple views open of Yahoo. I have several accounts with them (personal + business). Yahoo tries to frustrate you having open more than one account at a time. Sometimes you can work around that, sometimes not. But I would have at least two views open at any given time. I killed that and limit to one open view, one open account. That combined with having switched back to IE 8 has given me peace and quiet for a week or so. I did get a message recently, when the screen went funny: "Display driver stopped responding and has recovered". It happened when I woke my little baby up from sleep mode - and I had a site open still that was (inter-)active.
But again, no major issues currently. What do you think? Thank you.
-
Sounds as though Yahoo does not like multiple screens - why I have no idea
With IE8 you are opening them in seperate processes (as if you had two browsers open) so mayhap that is a way around it
-
Sorry about the delay in responding - was in remote Kazakhstan and no internet access. Well, in any event, everything is working pretty good now. So thanks again. Till the next time...... ;D