Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

7 minutes to correct operation


  • Please log in to reply
9 replies to this topic

#1 Erhy

Erhy

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 23 November 2011 - 12:26 PM

Hello,

since I installed Windows Live Family Safety
after booting and login it needs 7 minutes
till the system works correctly.

Have anyone a thought, what's the reason?

I have VISTA Ultimate and Noton Antivirus.

In event protocol is remarkable:

1 minute after boot

an error of the TaskScheduler
EventID 412 ResultCode 2147942402

and 7 minutes later

"Windows Live Family Safety Service" was not started correclty
and 2 seconds later, that this service runs.

Greetings
Erhy

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 PM

Posted 23 November 2011 - 03:14 PM

Hi Erhy and welcome to BleepingComputer.Please do the following.




Also hit start button in lower left hand corner. Then in the run box type msconfig, then hit the services tab then hit put a check mark in hide microsoft services what is listed there,after hiding microsoft services?



Download autoruns http://download.sysinternals.com/Files/Autoruns.zip unzipt it run it save to text file and post here in your next reply please.The default will be save as .arn file you will need to change that to save as .txt file.
Download and run startuplite from Malwarebytes.org
http://www.malwarebytes.org/StartUpLite.exe

Listproccess
A very small program that simply lists the processes that Task Manager lists, including the full path name so you can see what program they are part of. You can easily copy and paste the list into a text file for before/after comparisons, or to email/forum when asking for computer help. You may be surprised at what is running on your computer! Some processes waste a lot of computer resources and make your computer sluggish.
Download ListProcesses for Windows HERE

http://www.softwarespirit.com/ListProcesses.exe Save the file to the desktop.

Once downloaded to the desktop
Double click the Listproccess Icon
Click run
When the window opens "select" GetList
Scroll to bottom of the window and click on Copy
Reply to this thread and paste the contents of the list so we can see it.


Please download MiniToolBox HERE http://download.bleepingcomputer.com/farbar/MiniToolBox.exe When the box opens click save file, save it to the desktop and run it.

Checkmark the following boxes:

List Installed Programs
List Users, Partitions and Memory size
Click Go and post the result.

Edited by InadequateInfirmity, 23 November 2011 - 03:25 PM.


#3 Erhy

Erhy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 24 November 2011 - 09:34 AM

Thanks for your thoughts

Erhy
/
Services_listed_with_msconfig:
FsUsbExService Teruten Stopped
getPlusŪ Helper NOSMicrosystems Ltd. Stopped
Google Desktop Manager 5.9.10... Google Stopped
Google Update Service (gupdate) Google Inc. Stopped
Google Update-Dienst (gupdatem) Google Inc. Stopped
Google Software Updater Google Stopped
iPod-Dienst AppleInc. Stopped
IE Norton Management SymantecCorporation Running
Norton SymantecCorporation Running
NVIDIA Display Driver Service NVIDIA Corporation Running
NVIDIA Update Service Daemon NVIDIA Corporation Running
NVIDIA Stereosconic 3D Driver S. .. NVIDIA Corporation Running
TomTomHOMEService TomTom Stopped

AutoRuns Text File is attached

Listproccesses:

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Norton AntiVirus\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files\Norton Management\Engine\1.1.1.3\ccSvcHst.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\Explorer.EXE
C:\Windows\Explorer.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
H:\Download\SystemUtilities\ListProcesses.exe
H:\Download\Vista_tools\Power Plan Switcher for Windows 7.exe


MiniToolBox_Result Text File is attached

Attached Files



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 PM

Posted 24 November 2011 - 06:32 PM

Disable all startup entries under this category in autoruns HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Except norton. (ev erything listed in the msconfig startup except norton so as not to confuse you)

Hit start button at lower left hand corner of the screen.Then in the run box type services.msc. Find the service listed below,one at a time. left click it once you should have the option to either stop the service or restart it , stop the service then right click selected service select properties then change the startup type to manual then left click apply and move on to the next service.If the service is stopped and the startup type is manual then do nothing.

Bonjour service
FsUsbExService Truten Stopped
getPlus® Helper NOSMicrosystems Ltd. Stopped
Google Desktop Manager 5.9.10... Google Stopped
Google Update Service (gupdate) Google Inc. Stopped
Google Update-Dienst (gupdatem) Google Inc. Stopped
Google Software Updater Google Stopped
iPod-Dienst AppleInc. Stopped
TomTomHOMEService TomTom Stopped

Uninstall these programs.
EasyCleaner (or just stay away from the registry cleaner function of this program)
Eusing Free Registry Cleaner
Java 2 Runtime Environment, SE v1.4.2_16 (Version: 1.4.2_16) (outdated)
Java 2 SDK, SE v1.4.2_16 (Version: 1.4.2_16) (outdated) get updated oracle here http://www.oracle.com/index.html
Java Auto Updater (Version: 2.0.5.1) (useless)
Java™ 6 Update 26 (Version: 6.0.260) (outdated)
Java™ 6 Update 7 (Version: 1.6.0.70) (outdated) Get fresh copy of java here http://java.com/en/
Spybot - Search & Destroy (Version: 1.6.2) (useless resource hog)
Spybot - Search & Destroy 1.5.2.20 (useless resource hog)
System Requirements Lab (unless you need it)

After completing the above task then Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.If TFC doesnt prompt a reboot then please do so manually. Post back to me how the computer is running,and what services are running after disabling microsoft services.

The next thing I want you to do is run sfc /scannow. Here is a link explaining.
http://www.howtogeek...a-system-files/
Also I see you had avira antivirus at one time run the tool in this link please,it will remove any leftover bit left from the uninstall http://www.avira.com/en/support-download-avira-registrycleaner

Edited by InadequateInfirmity, 24 November 2011 - 06:58 PM.


#5 Erhy

Erhy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 25 November 2011 - 09:00 AM

Thank you so much,

but the duration of 7 minutes is yet.

I know
if I uninstall Family Safety
the duration -till the system works- is short as usual.


Exercising your instructions

first, sfc ended with error which can not be repaired,
but after reboot sfc ended with
did not find any integrity violations

Avira RegCleaner showed also
regKeys with norton,
these I hasn't deleted.


For a good day
Erhy

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,870 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:28 PM

Posted 25 November 2011 - 01:52 PM

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:
  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.
In addition...if removing the application which initiated the problem...removes it...I think that the road is pretty clear :).

Louis

Edited by hamluis, 25 November 2011 - 01:52 PM.


#7 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:28 AM

Posted 26 November 2011 - 01:27 AM

Does your Norton have an Online Family Safety? There may be a software conflict between Norton and Windows Live Family Safety.

Tekken
 


#8 Erhy

Erhy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 26 November 2011 - 08:58 AM

Thank you for all reading my reports

Erhy

I have only
Norton AntiVirus 2012

with the Tasks:

Insight-Protection
Antivirus
Antispyware
SONAR-Protection
Intrusion Prevention
E-Mail Protection
Browser Protection
Download-Insight

It looks like a blocker which ended with time out,
because between the minutes 2 till 7 there are rare disc accesses
and no entries in the security event log.

I had analyzed the Process Monitor protocol for the boot sequence
but was unable to find the blocker.


After the system start phase, when the sytem works fine already
there is a service startet with
svchost.exe -k DcomLaunch
which needs much CPU resources (45 in task manager) for one minute.

I attach the CBS.log belonging sfc with errors.

Today I had an error as the same in past noticed as event:
Faulting application svchost.exe_Browser, version 6.0.6001.18000, time stamp 0x47918b89,
faulting module browser.dll, version 6.0.6001.18000, time stamp 0x4791a668,
exception code 0xc0000005, fault offset 0x00005e45, process id 0x4c8, application start time 0x01ccab75ec4ee8ac.
(
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">- <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Level>2</Level> <Task>100</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2011-11-26T10:59:32.000Z" /> <EventRecordID>97601</EventRecordID> <Channel>Application</Channel> <Computer>ErhyVistUlt</Computer> <Security /> </System>- <EventData> <Data>svchost.exe_Browser</Data> <Data>6.0.6001.18000</Data> <Data>47918b89</Data> <Data>browser.dll</Data> <Data>6.0.6001.18000</Data> <Data>4791a668</Data> <Data>c0000005</Data> <Data>00005e45</Data> <Data>4c8</Data> <Data>01ccab75ec4ee8ac</Data> </EventData> </Event>
)

Attached Files



#9 triad_cowboy

triad_cowboy

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 PM

Posted 26 November 2011 - 08:32 PM

I know
if I uninstall Family Safety
the duration -till the system works- is short as usual.


"If" I understanding what you saying if you uninstall Family Safety... the boot time is normal...

If that is correct... you have a software conflict... :dance:

#10 Erhy

Erhy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 27 November 2011 - 06:13 AM

now I changed the properties of the service
Windows Live Family Safety Service
to start automatic with delayed start.

Now it is possible to work with the computer after 2 minutes after booting.

The event protocol shows,
that the the service run is performed 6 minutes afte booting.

So I will live with.

If you have an automatic tool for it,
please tell me how to re-enable the things, which were disabled or purged during the analysis.

Erhy

and I'm still interested about the conflict theoretically




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users