Another messed up system

Status
Not open for further replies.
I would use Revo to uninstall all Acrobat Reader. Only acrobat reader.

You know how to cleanup deeper with AutoRuns and RunScanner.

Then Install FoxitReader Free: http://www.foxitsoftware.com/pdf/rd_intro.php
Not only is it low impact on the cpu but blazingly fast. You will never miss Acrobat reader.

That is a crock on having to do that on a sound card! Geeze!

Lets get everything else and leave the Audio till last and I have time to look into it.

Mike
 
Did everything suggested and still have a long boot time.

I ran BootVis and I suspect that the problem is with the drivers (although I'm no analyst). Don't forget that I uninstalled SP3 and then had to re-install XP from the CD. This might have nessed up the drivers.

I've put together a log of the times from the 2 BootVis Traces. Tried to attached the file but the "attach files" option is missing on the reply form. Had trouble logging onto the Techspot site again.
 
Hi Gouge

Sorry late responding. Been a rough week for me and been out of the office all morning.

Oh yes the Audio driver could very well be it.

So do this to find out.

1. devicemng and rt click and disable all Audio
2. reboot to see if there is a change.

Note: don't do 3 below at the same time as 2 above as any services in 3 should already be in not started condition and if not you need to know which ones still try to run. Then even tho they say not started disable them all.

3. If not or some improvement then go into services and set any Audio entries to disabled and reboot again.

Mike
 
OK, I'll try it.

From the BootVis runs, the main driver delays were:
(Initial boot - 70 secs)
NDIS.SYS
VIDEOPRT.SYS
EMUPIA2K.SYS (audio driver)

Later boot - 70+
fltmgr.sys
aswmon2.sys
 
I disabled EMUPIA2K.SYS in Device Mgr and all other audio devices and bootup improved with drivers loading in 40secs. I then set it to "demand" and all seems ok.

NDIS.SY delayed 8.5 secs
VIDEOPRT.SYS delayed 9.5 secs

If I could overcome the delays, I'd be back to the 22secs for the XP screen while drivers loaded.

I disbled audio settings in Services, but there was no improvement - obviously no audio devices worked!

I disabled NDIS.SYS, but the system locked and I had to return to previous working config.

I couldn't find anything in Device Mgr or Services that used VIDEOPRT.SYS so didn't go any further with that one.

Anyway, the soundcard works on my music software without stuttering now, but still without some functions.

Windows Media Player works OK now, but comes near to 100% cpu at times.
 
The following 2 files are required for Windows to even start do not mess with those.

NDIS.SYS Network
VIDEOPRT.SYS

I would live with this. 40 seconds.

Not unusual for Win Media player.

That is why I use Media Player classic (plays everything QuickTime RealPlayer etc)
Look at Klite-mega First entry http://home.hccnet.nl/h.edskes/mirror.htm

I also use VLC http://www.videolan.org/vlc/download-windows.html

Because of the wide file type support but also CPU efficiency of both.

Is your Audio built into the motherboard?


Mike
 
Guessed as much when it all went pear-shaped! Could it be the drivers that are faulty or something else that they interact with?

I have a basic default audio on the motherboard, but I have disabled that as part of the Audigy installation.

Soundblaster Audigy is on a seperate PCI board.
 
You should re enable we only disabled for trouble shooting purposes.

OK this deal about installing in steps I don't like.

Can you not get the full driver install? If so download it.

Below is how I would do it.

1. Boot to Safe Mode and uninstall from Device manager . Do not let it reboot to normal mode or you will have to start all over.

2. Try to uninstall any references to the Audio card in Add/Remove programs while in Safe Mode, if it will let you. If it uses the Windows Installer it will not as the Windows Installer does not run in Safe Mode.

3. Shutdown. Physically remove the PCI Sound card.

4. Boot up to normal mode let Windows see the Sound card is now gone. If you could not uninstall the Audio driver software because it needed the Windows installer then now uninstall the software. Then reboot.

5. Use AutoRuns and RunScanner to cleanup any left overs.

6. Use Regseeker to find other left overs and a general reg clean.

7. Shutdown reinstall the Sound Card and install as new.

Mike
 
Firstly, thanks for all of your help in cleaning up my system, Mike. I think that we've gone as far as we can without searching out the cause of the driver delays. I'll live with the 40 secs bootup.

I think that we can close this thread now. Do you agree? I also need to uninstall the cleanup applications that we've used.

With regards to the soundcard, I have already done what you suggest, other than a Registry clean.

The problem appears to be with the application software, not loading, not the drivers.

SB Audigy 2 ZS has a number of applications associated with it, all of which have had updates in the past 4 years.

Creative Mediasource is a seperate set of applications loaded from the same installation disc. These have also had many updates but also upgrades over the past 4 years. One upgrade took it to Mediasorce v5. Without that installed, the Creative Autoupdate only provides updates for Mediasource v2.

Creative provide comprehensive driver updates for Audigy 2 ZS, the latest a few months ago, but they don't appear to include a bundled set of application updates.

Hence, if I do a new install from the CD, I only get the 2004 version of the software. If I load the latest drivers, I get 2004 software with 2008 drivers - no enhancements to the software functionality. A bit like having IE5 and XP 2008 drivers.

At least that is my understanding and nobody has informed me otherwise.

Anyway, to avoid this thread getting any longer, I have started a new thread in Video and Audio.

Thanks again, Mike
 
Uninstalling cleanup software.

Would you please confirm the best way of completely uninstalling the various programs that we used during the cleanup in this thread?

I can see some on Revo uninstaller, but I'm not sure whether deleting the folder of the others will wipe out all files, logs etc.

Thanks
 
Hi Gouge

Been busy!

Don't uninstall MBAM or SAS but run them when you go to work or bed once every 2 weeks or so.

When not under the gun these long scans can be scheduled at a time as not to interfere with computer time.

Additionally running them every couple of weeks should help prevent multiple infections etc. Which are much harder for us to clean.

The SDFix, ComboFix should be cleared as they need to be downloaded again if needed.

Type
combofix /u
at Run command click ok.

The rest is in the closing below.

Thread closing-------------------------------------------------------------------
Please download OTCleanIt http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe

Save to desktop.

This will remove all the tools we used to clean your computer.
These tools update so often they require downloading again later if needed.

Double-click OTCleanIt.exe. Click CleanUp. Yes to the "Begin cleanup Process?"

Approve all if prompted by Firewall, Widows Defender or other guards or security programs about OTCleanIt attempting access to the Internet, allow all.

If prompted to Reboot click Yes.
OTCleanit will delete itself when finished, if not delete it by yourself.

-------------------------------------------------------------------------------------
Run CCleaner again twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.

D/L install and run ATF-Cleaner clear all except passwords in all browsers you have. Run repeatedly until no more found.

http://www.majorgeeks.com/ATF_Cleaner_d4949.html
-------------------------------------------------------------------------------------
The issues found is in System Restore so do the below

Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "After cleanup at TechSpot".

Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.

As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

It clears what is known as Shadow copies which are used by specialized back up programs.

This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------

Every 2 weeks or so run mbam and sas until clean They take a while so leave scanning while you are sleeping working or watching TV. If not done under the gun they can be schedules not to interfere with computer time.

If they find something they can not clean then get back to us.

Additionally run CCleaner.

I have been using ThreatFire for more than a year, it just went from ver 3 to ver 4.

It was designed to co-exist with other Virus scanners.

Additionally it uses totally different process to protect. While conventional Virus scanners work from definitions ThreatFire works on recognizing Virus/Malware activity. It's like looking at it with 2 sets of eyes and from a different angle.

http://www.threatfire.com/Download/
-------------------------------------------------------------------------------------
Look at http://www.javacoolsoftware.com/spywareblaster.html

Run SpyBot ocassionally and use the Immunize function.
http://www.safer-networking.org/en/download/

Install Hostman and allow it to disable DNS Client and select all 4 Host files and the Update
Hostman http://www.abelhadigital.com/2008/07...-released.html

A Disk scan and Defrag are in order.

Mike
 
I will be glad to help you with that. My concern has been that with all the program downloads and the resulting scans, you might get to the point where your hard drive was compromised:

To remove the cleaning tools:
* Download OTCleanIt (http://download.bleepingcomputer.com.../OTCleanIt.exe)
* Click the CleanUp! button.
* It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).
Clear your existing System Restore points and establish a new clean restore point:
Quote:
Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
* Next, go to Start > Run and type in cleanmgr
"Ensure the selection is on C:\ and click on OK"-
* Select the *More options* tab
* Choose the option to clean up System Restore and OK it.
* This will remove all restore points except the new one you just created
Please let me know if you need additional help with this.
 
I meant to post those instructions, but I didn't read the post to see I already had!!:D

Thanks,
Bobbye
 
Thank you Sir

I understand where you are coming from and will try to do better!

I did go and read it again sure hasn't changed much since last few times I read it. I always try to read it at any new minor update.

I will endeavor to keep all threads to one page and 6 or eight posts and a day or so. But there may be a time when someone only posts back one post a day or even skips a few days in between.

And then they might not respond or answer my questions and I might have to ask a lot of questions that ups the page and post count.

And sometimes I might even feel that just getting the tools to work at all to be more important than an additional HJT log.

On those occasions the page time could go up to weeks the page count up to 40 and the post count over 100. If it does it is beyond my control as I don't stop or give up.

But my goal will be! to keep all threads to one page and 6 or eight posts and a day or so. And to reread the HJT logs more often even if I already know what is there!

Mike
 
Not required, there are too many reasons that this can't work (you already mentioned a few)
But my goal will be! to keep all threads to one page and 6 or eight posts and a day or so



Yes this will do nicely :)
And to reread the HJT logs more often even if I already know what is there!
 
While I can understand your points, guys, I have a PC that is not running well and need help and clarification. If it could have been cleaned and back to A1 performance in 1 page, then fine by me, but it wasn't. Mine was a complex problem, hence I started a new thread on the soundcard problem (for which I have had no real help yet!!) to stop this thread getting any longer.

In your #61 post, Mike, you said to "let it disable DNS Client". I did everything else, but I'm not sure how to do this bit.
 
Hi Gouge

:) Pay no mind to our bantering amongst ourselves! It has nothing to do with you. Just a little procedural debate beside the road.

I will try to get a look at your other thread.

OK the DNS Client was turned off via the Services tweaks we did earlier so Hostman detected it as already off and did not ask.

The Threatfire has a learning curve how is that coming along. If you are used to it then click settings and max the sensitivity (looks like a cell phone signal) this will make it more wordy as it checks deeper. But once all are approved you will only get a prompt ocasionally.

OK besides the Audio how are things performance wise.

Mike
 
No, it's not 'bantering among ourselves'. It's an attempt to draw attention to something that needs to be handled and that's the entries in the HijackThis log. Unless this is done, you are spinning wheels.

Most of us work in a team work environment. Some members are more experienced in some things, so we ask for their help. Unfortunately, not everyone recognizes this so they fail to get the additional help and as a result, the person with the problem can't get a resolution.

A thread going on this long and with so many things already tried without resolution indicates there is a problem somewhere. Unless it is addressed, it isn't going to be handled..
 
OK. Here's the latest Hijackthis log file.

Please let me know what, if anything is still wrong and an agreed resolution.

Martin
 
The only entries I'd have you remove from the HijackThis log are:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

You have a lot of unnecessary processes starting on boot such as Adobe Photoshop, Java, all of the Canon printer references (including Easy Web-Print), the Creative processes, PC Pitstop Utilities, Musicnotes Viewer, NVIDIA Smart Scan, Scorch and Tiscali Music downloads:

To stop Start-ups:
Start> Run> msconfig> enter> Selective Startup> Startup tab> you can UNCHECK everything except the antivirus program, firewall if one and touchpad if on laptop- everything else can be started manually
NOTE: If you do take processes off of startup, when you reboot, you will get a nag message that you can ignore after checking 'don't shown this message again.' Stay in Selective Start to maintain the changes.

I'd change the Startup type of these services to Manual:
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
The above are all legitimate processes but they don't need to Stsart on boot and run in the background. Just open the program (and printer) when you need it instead of using valuable reaources.
To change Service Startup type:
Start> Run> services.msc> right click on the Service> Properties> change Startup Type to Manual.
This is sometimes best done in Safe Mode.

Please let me know if I can be of further help.
 
Followed instructions.

System worse now than before I started this!

XP screen boot takes over 90 secs and opening programs is so slow when opening IE7 I went away and returned later to enter this post.

Forget it guys.

I've invested in a new Music PC with a different soundcard as I can't wait any longer.

I'll flatten this hard drive and use this as a spare.
 
I am very sorry you have ended up in this state. sometimes, when logs aren't check thoroughly in the beginning and entries removed, problems get worse. I don't think anything I had you do caused this.

Please take a few minutes and get all the cleaning programs off:
* Download OTCleanIt (http://download.bleepingcomputer.com.../OTCleanIt.exe)
* Click the CleanUp! button.
* It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).

Clear your existing System Restore points and establish a new clean restore point:
Quote:
Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
* Next, go to Start > Run and type in cleanmgr
"Ensure the selection is on C:\ and click on OK"-
* Select the *More options* tab
* Choose the option to clean up System Restore and OK it.
* This will remove all restore points except the new one you just created.
 
Status
Not open for further replies.
Back