Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware/Trojan--PC freezes have to restart


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
Manually delete: C:\Program Files\Real\ The real player uninstall is too stupid to do it for you.

Jusr download and install UPHClean like it says.

To use the Microsoft User Profile Hive Cleanup Service (UPHClean), follow these steps:

Download UPHClean. To download and install UPHClean, visit the following Microsoft Web site:
http://www.microsoft...70-42470E2F3582
You will be prompted to validate your copy of Windows.
As soon as you have downloaded the UPHClean installer (UPHClean-Setup.msi), double-click the installer to begin the installation.
In the User Profile Hive Cleanup Service installation wizard, click Next.
In the License Agreement page, read the license agreement, select I Agree, and then click Next.
In the Select Installation Folder page, click Next.
In the Confirm Installation page, click Next.
When UPHClean is installed, click Close.

Note UPHClean runs as a service in Windows and will start automatically every time that Windows starts.
To confirm that UPHClean is installed and running, click Start, and then click Run.
In Open box, type the following text, and then click OK:

services.msc
In Services, in the Name column, locate User Profile Hive Cleanup. In the Status column, confirm that the User Profile Hive Cleanup service is Started.
  • 0

Advertisements


#17
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Checked Status of UPHClean and that column is blank

I did right click and "start" is an option in the drop down menu. Is it ok to click that?

Figured I'd ask B4 I did something wrong :)


manually deleted that real player program file

Edited by cocofruit, 20 July 2011 - 07:24 PM.

  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
Newly installed services will probably need a reboot to start on their own. MS should know that. You can try pressing the Start button and see if it starts or you get an error message. If you get an error message tell me what it says.
  • 0

#19
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron!

start option on UPHClean worked very well :)


Where do I go from here?


Also, I ran speccy and posted the log for you. Now what do I do to find out if this hard drive may be dying?
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
OK. It says you have:

WDC WD1200BEVS-22LAT0
Manufacturer Western Digital
Form Factor GB/2.5-inch
Business Unit/Brand Mobile/WD Scorpio®
RPM/Buffer Size or Attribute 5400 RPM with 8 MB cache (Mobile)
Interface/Connector SATA 3 Gb/s with 22-pin SATA connector/SATA 1.5 Gb/s with 22-pin SATA connector (Mobile)

So go to:
http://support.wdc.c...200bevs&x=8&y=9

and get one of these:

Data Lifeguard Diagnostic for DOS (CD)
Data Lifeguard Diagnostic for Windows

The CD version is probably better but last time I tried it there were some problems getting it to run. Had to manually set the path so it could find its own license which I thought was pretty stupid. Try the Windows version. If I remember correctly they have a quick test (which even a dead drive I had once was able to pass) and an Extended test which is about as thorough as you can get. The Extended test ran for about 19 hours and at the end admitted that there were some errors and asked if I wanted it to try and correct them. I said yes and 30 seconds later my dead drive came back to life and I was able to recover all of the data tho I could never get the drive to boot reliably.

The temps are running about 63. That usually means you have some dust clogging the vents and the heatsink. I'd use a vacuum cleaner hose to suck the dust from all of the vents. Maybe reverse the flow if you can and blow in them once then suck again. I've seen warnings that this can cause static problems but I think that's more a winter time problem in a dry heated room. It's not critical yet but heat shortens the life of the CPU so best to give it a shot. I usually see temps of around 50 on a clean laptop. 35 on a desktop.

Your Process Explorer log does not look happy:

Process PID CPU Private Bytes Working Set Description Company Name
ZCfgSvc.exe 3728 33.85 7,376 K 13,532 K ZeroCfgSvc MFC Application Intel Corporation
iFrmewrk.exe 3832 29.23 21,336 K 26,620 K Intel Framework MFC Application Intel Corporation
svchost.exe 1940 8.46 15,508 K 25,916 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1744 6.15 2,188 K 5,080 K Generic Host Process for Win32 Services Microsoft Corporation
System Idle Process 0 5.38 0 K 28 K

System Idle should be at the top with over 90 %. The top two are the wireless configuration routines from Intel. This is very wrong. If this is not a transient condition then the laptop must really be sluggish. Speccy says you are connected with a cable so try disabling the Wireless and run Process Explorer again. Hit the Space bar to pause it and freeze the display. Run the cursor over the top two svchost entries and it should tell you more about what each is doing.

If you have a wireless router available, I'd unplug and see if you can get it to sync up then run Process Explorer again.

Ron
  • 0

#21
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron! You are so knowledgeable & have been extremely helpful.

All I can say is wow---this is not looking too good.

I will download & run the data lifeguard diag for windows. Busy day tomorrow, bare with. It may take me a little bit to get back to you and hopefully I'll do it right. I will do a quick test, unless you recommend the extended one.

Question: At the end of the diag, will it generate a log or just on-screen results??

I have broadband connection [cable]. I previously disabled wireless b/c laptop kept trying to connect. I have netgear router, but haven't set it up yet.

Laptop is actually very quick, not sluggish at all & whisper quiet. It was hanging originally, but now that is gone. I'll run process explorer again.

I shall be back....
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
That short test is a waste of time. You need to just let the extended test run over night. I'm not sure about the log. Don't think it leaves one. Try the diskcheck again afterward.

You need to uninstall the Intel® PROSet/Wireless Software then download and install the latest copy from your PC maker or from Intel.

Ron
  • 0

#23
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron!

Well, I forged ahead and ran Data Lifeguard Diagnostics [windows].

Initially I did a quick test, before I got your message to run the extended.

When I ran the quick test--Drive 1 did not complete.

Status code = 02 [interrupted by hard or soft reset]
Failure check point = 65 [error log test]
Smart self test did not complete on Drive 1


I ran quick test a 2nd time. It finished.

Smart Status: Pass
Test Results: Pass


Then I ran the extended Test Twice....

Both times it would not finish and hangs after about 50%. No results on this.

It froze everything and I had to shutdown. I even disabled the firewall/KAV before starting.


Did I perform the test correctly? unsure why it is hanging

Anything else I can try, another diag maybe?

If all was done correctly...what's the verdict---is this HD going belly up?

Edited by cocofruit, 21 July 2011 - 06:11 AM.

  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
Try pulling the main batery and see if it will then run the Recovery Console, chkdsk /r

There is a strange condition sometimes when the battery is too weak that causes it to get too many interrupts.

If not: I think you will need to try the other one:

Data Lifeguard Diagnostic for DOS (CD)

Hopefully they have fixed it if not and it claims it can't find the license:

path a:/

dlgdiag5

This brings up the license text but there was no way to Accept the agreement. I hit ESC to Close it and the screen went dark. Hit Enter a couple of time and finally got to the menu and the program ran as expected.

Ron
  • 0

#25
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron!

I removed the main battery and ran chkdsk again.

It got to 78% and I thought it was going to finish, then it abruptly when back to 50% and stopped at 56%. odd as heck!


Went back to western digital and proceeded to download the diag Dos CD, but not sure which download to click on.

There are 2----zip file and iso----Which one to get???

Dos CD Download

Do I have to burn this to disk first??

Sorry for the 20 questions, first time I've done this diag thing and have no idea what I'm doing.

Your concise instructions, have made this experience so much easier for me. thanks again!
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
If you were on a dialup link then you might want the zip otherwise take the iso. (Zip is a quicker download but then you have to extract it before you can use it. Simpler with the iso.) Save it to your desktop or somewhere you can find it. Then download the freeisoburner.exe from
http://www.freeisoburner.com/

Put a blank cd in your burner. Run freeisoburner.exe then Open and point it at your iso file. Then Burn.

Reboot, (You may need to go into Setup or boot menu to change the boot order so that it looks at the CD before the hard drive), boot from the CD. Choose the extended test and once it is running, go to bed.

Ron
  • 0

#27
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron! sorry it took me so long to get back with you. Busy last couple of days.

I downloaded the iso file and it was in winrar. So I extracted and there are 3 executables. DLDIAG5, IBMBIO.COM, IBMDOS.COM and 2 text files.

I thought it would just open up into 1 file and I could burn it. Did I miss something?? pls advise, thanks!
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
I went to:

http://support.wdc.c...&sid=30&lang=en

and clicked on the download next to

"Diag504fCD.iso iso 2.10 MB"

and I got Diag504fCD.iso

which is what it was supposed to be so I'm not sure what you did. Maybe you downloaded the DOS without the CD version?

Ron
  • 0

#29
cocofruit

cocofruit

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi Ron!

I found the problem w/diag download. My winrar integration had iso checked. When I unchecked it the file downloaded properly as iso.

I burned it to disk using the free software you gave me [grab & burn].

I went into BIOS and boot was set to CD-Rom as #1

After all that, it could not find the user license.

I did this as you suggested:
path a:/
dlgdiag5

It just kept saying it was missing the txt file [but I checked and it was on the disk]

Please make sure license agreement file is located in the same path as DLGDIAG.EXE

Cannot load the file A:\Command.com

Insert disk and strike any key



I did some research and turns out many have had problems with the WD iso CD and it is not being fixed.

FYI taken from a forum poster:

"After a lengthy exchange with Western Digital I was told that the bootable .ISO doesn't work with some SATA optical drives. I tested this, and sure enough it was true. CD didn't work in a SATA optical drive (although bootable CDs of other programs did), but on an older PC with an IDE drive Data Lifeguard worked fine."

Appears WD's answer was to use the windows version, which hangs for me. I guess I'm stuck :)

Anything else you can suggest or should I just wrap this up??
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,776 posts
  • MVP
I think the problem is that the path statement needs to point to the correct drive letter. When it boots what does the prompt says? D:/ or X:/ or what? Put that in the Path statement instead of the A:/.

Then try

dlgdiag5

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP