Virus detected, again......

[AKatRT]

Attached is SINO log. Thanks.

[AKatRT]

Latest problem was (as was earlier) that upon start-up after sleep mode, system freezes up. Thanks.

[essexboy]

I will go through the sino report tomorrow as it is late now

Meanwhile could you visit this page and disable wake on LAN http://www.howtogeek.com/howto/windows-vista/fix-sleep-mode-randomly-waking-up-issue-in-windows-vista/

[AKatRT]

No problem, take your time, I can still work the machine.

I tried to do what you asked on disabling, and found two components under network adapters: Intel WiFi Link and Realtek PCie FE. Any idea which one of these two I should disable (or both)? Thank you.

[essexboy]

Try both 

One is your wireless and the other the network card

[AKatRT]

Thanks, will do. And advise.....

[AKatRT]

Managed to accomplish that. Will see how it goes. Had another blank/garbled screen pop up before I changed this. Will see now. Thanks. 

[essexboy]

Hi again - well the general concensus is that the system appears OK, but below are all the elements running when your system starts.  If these can be trimmed down along with setting your services to the blackviper safe list   
http://www.blackviper.com/2009/05/31/black-vipers-windows-vista-service-pack-2-service-configurations/

It may ease the strain on your system


[OneNote 2007 Screen Clipper and Launcher.lnk] - <Startup> - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[TRDCReminder.lnk] - <Startup> - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[Bluetooth Manager.lnk] - <Common Startup> - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HP Digital Imaging Monitor.lnk] - <Common Startup> - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[SynTPEnh] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[topi] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
[Google Desktop Search] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[Google EULA Launcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
[StartCCC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
[RtHDVCpl] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RtHDVCpl.exe
[Camera Assistant Software] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
[HDMICtrlMan] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
[Toshiba Registration] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
[SSBkgdUpdate] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
[OpwareSE4] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
[WrtMon.exe] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
[Windows Mobile Device Center] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - %windir%\WindowsMobile\wmdc.exe
[NokiaMServer] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
[Nokia FastStart] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
[Toshiba TEMPRO] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Toshiba TEMPRO\TemproTray.exe
[PMBVolumeWatcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
[Adobe Reader Speed Launcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[Adobe ARM] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[MSC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
[Malwarebytes' Anti-Malware (reboot)] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
[avast] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
[Sidebar] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Windows Sidebar\sidebar.exe
[WindowsWelcomeCenter] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - rundll32.exe oobefldr.dll,ShowWelcomeCenter
[ehTray.exe] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Windows\ehome\ehTray.exe
[swg] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[AKatRT]

Oh boy, how do I accomplish that? By the way, thank you very much for sticking with me again - I much appreciate. But help me one more time please, how do I knock these guys out? Sorry, but no clue at this end. Thanks.

[essexboy]

We will use Autoruns to determine which can be removed

Download Autoruns from the link below:

1: Extract the Autoruns Zip file contents to a folder.
2: Double-click the  "Autoruns.exe".
3: Click on the "Everything" tab
4: Remove any entries that mention

"File Not Found"by right-clicking the entry and select Delete.
5: Go to File then to Export As or Save in some versions.
6: Save AutoRuns.txt file to known location like your Desktop.
7: Attach to your next reply.
[/list]
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

[AKatRT]

Did not work, uploading the file. File is .arn. Anything else I can do with that?

Also, McShield, file not found, did not allow access for deletion.

Thanks.

[essexboy]

When you save the log change the file type to txt

[AKatRT]

Sorry, had forgotten. Mc Shield not deleted. Thanks.

[essexboy]

Run autoruns again and remove the ticks from the following

" A d o b e   A R M "
" A d o b e   R e a d e r   S p e e d   L a u n c h e r "
" C a m e r a   A s s i s t a n t   S o f t w a r e "    
" t r a y b a r " " C h i c o n y "
 " G o o g l e   D e s k t o p   S e a r c h "    
" G o o g l e   E U L A   L a u n c h e r "
 " N o k i a   F a s t S t a r t "     " N o k i a   M u s i c "    
" N o k i a M S e r v e r "     " N o k i a   M   P l a t f o r m "
" O p w a r e S E 4 "     " O C R   A w a r e "     " S c a n S o f t ,   I n c . "
" P M B V o l u m e W a t c h e r "     " M e d i a   C h e c k   T o o l "
" S S B k g d U p d a t e "     " S S B k g d U p d a t e "    
" S t a r t C C C "     " C a t a l y s t ®   C o n t r o l   C e n t e r   L a u n c h e r "
" t o p i "     " T O S H I B A   O n l i n e   P r o d u c t   I n f o r m a t i o n "
" T o s h i b a   R e g i s t r a t i o n "     " V i s t a   R e g i s t r a t i o n "
 " T o s h i b a   T E M P R O "     " T o s h i b a   T E M P R O "    
" H P   D i g i t a l   I m a g i n g   M o n i t o r . l n k "
 " O n e N o t e   2 0 0 7   S c r e e n   C l i p p e r   a n d   L a u n c h e r . l n k "
" T R D C R e m i n d e r . l n k "
 " s w g "     " G o o g l e T o o l b a r N o t i f i e r "

Then reboot

[AKatRT]

Not Good. Please help. We killed something that causes my machine to no longer recognize available wireless connections. Please. Thanks.