Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP Pro slow boot and run mystery


  • Please log in to reply
62 replies to this topic

#1 Michele31415

Michele31415

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 27 January 2015 - 04:56 PM

Here's a real mystery.  The system is XP Professional updated with all available updates with 4 GB of RAM.  When booting normally, it is slow.  Very slow.  V E R Y slow.  Like over an hour to get to the desktop (possibly longer - I just couldn't sit in front of it that long timing it).  Then once it's booted, it's still slow.  Things that should happen instantly, like bringing up the Start menu take several seconds.  Things that should take a second like opening the Control Panel take nearly a minute.  While I'm waiting for things to happen, the disk activity light is pegged on solid.

 

But the really weird part is that it boots quickly and normally into Safe Mode.  Before you think you know the answer, read on.

 

Here's what I've tried so far.  None of these has helped.

 

Ran AVG in Safe Mode  - nothing found.

Ran Malwarebytes in Safe Mode- nothing found.

Rolled back the system two weeks - didn't help.

Did a chkdsk /f - nothing found.

Defragmented even though it said it wasn't needed - no change.

Ran theSeaTools for DOS disk diagnostic (it has a Seagate drive).  Passed both the short and long tests.

Used msconfig to enable a diagnostic startup (removes all optional startup items).  Still takes forever to boot normally.

No new hardware has been added recently.

No new software has been added recently.

 

The only two clues I can find are

1. Constant disk activity

2. A system log full of hundreds of Error 7001 "Service Control Manager" messages.

 

I'm stumped.  Any ideas would be greatly appreciated.



BC AdBot (Login to Remove)

 


#2 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 27 January 2015 - 10:11 PM

Could you post the contents of one of the Service Control Manager errors? I think it might help to see the details. Maybe it will point to a program or a struggling service. The first thing I would do in this situation is disable all startups. Start->Run->msconfig->startups and uncheck all but Windows (incl a-v). Then reboot to see if the freezing is still present. It would also help if you could post a list of your current startups. If you have trouble using standard Windows, just boot into Safe Mode and make the startup changes and reboot into normal from there to see if there is improvement. Might save you some time. You can get the error report in this same way.

#3 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 28 January 2015 - 12:51 AM

Could you post the contents of one of the Service Control Manager errors? I think it might help to see the details. Maybe it will point to a program or a struggling service.

There are only two unique SCM 7001  errors and they alternate, every other one.

 

One is "The Telephony service depends on the Plug and Play service which failed to start because of the following error: THe service cannot be started, either because it is disabled or because it has no enabled devices associated with it."

 

The other error is "The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The dependency service or group failed to start."

 

That's odd - this machine doesn't even have a telephone modem in it.

 

"The first thing I would do in this situation is disable all startups. Start->Run->msconfig->startups and uncheck all but Windows (incl a-v)."

 

I already did that (see OP).

 

"Then reboot to see if the freezing is still present."

 

I did that too.  It is.

 

"It would also help if you could post a list of your current startups."

 

At the moment, I have enabled the following items:

 

vprot

VCCDaemon

CLIStart

RTHDCPL

PDVDServ

nwiz

NvMcTray

NvCpl

NetworkClipboard

issch

isuspm

gldirect

CloneCDTray

avgui

ctfmon

winpatrol

AVG-Secure-Search

 

With all of these enabled, we have the slow problem.  But even with everything diabled (msconfig diagnostic startup), it takes over an hour to boot.  Except in Safe Mode which boots quickly.



#4 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 28 January 2015 - 01:14 AM

Telephony...I wonder if it's your network driver. When you booted into safe mode was it sm with networking or just safe mode? Maybe you could try safe mode with networking and eliminate that as the problem.

Maybe someone can speak for the purpose of Telephony. I noticed that it occupies or has access to a port a couple of weeks ago, when I was investigating what was using ports on this Win 7 PC. I was using Wireshark. I was surprised to see it there, too.

Here's what MS has to say about it, but it didn't help me much:

https://msdn.microsoft.com/en-us/library/windows/desktop/ms733433%28v=vs.85%29.aspx

Looks too much like just another security hole to me.

As for what to try next, I would try disabling AVG and boot to see if the problem persists. At least you could rule it out very quickly. Looks like you have multiple processes that are associated with AVG, including vprot, avgui, and AVG-Secure-Search.

Maybe you can determine where this came from, but I haven't run across it before...isuspm. Apparently associated with Install Shield. Some info:

https://forums.malwarebytes.org/index.php?/topic/13713-what-does-isuspm-do/

issch is associated with the Install Shield. Another one that perhaps you know why it's there. Info:

The process issch.exe is associated to several applications that uses InstallShield Update Service such as InstallShield Update Service Scheduler, Macrovision Update Service Scheduler, Macrovision FLEXnet Connect Scheduler.

PDVDServ Info:

http://www.neuber.com/taskmanager/process/pdvdserv.exe.html

CLIStart...Just noticed you apparently have two graphics programs running. I see the NVIDIA (Nv) startups, but CLIStart is for Radeon graphics cards. Which graphics card do you actually use?

Edited by UpgradeMe, 28 January 2015 - 01:33 AM.


#5 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 28 January 2015 - 01:30 AM

"Telephony...I wonder if it's your network driver. When you booted into safe mode was it sm with networking or just safe mode?"


 

With networking.  Boots into SM very fast.

 

"Maybe someone can speak for the purpose of Telephony. I noticed that it occupies or has access to a port a couple of weeks ago, when I was investigating what was using ports on this Win 7 PC. I was using Wireshark. I was surprised to see it there, too."

 

AFAIK, its only purpose is to run a telephone modem.  Why would my PC suddenly be wanting to start that process?  I'm almost thinking rootkit at this point.

"Here's what MS has to say about it, but it didn't help me much:

https://msdn.microsoft.com/en-us/library/windows/desktop/ms733433%28v=vs.85%29.aspx"

 

Indeed.  There's a bunch of stuff about it on the web, none of it particularly useful.

"Looks too much like just another security hole to me."

 

Mmm hmm.

"As for what to try next, I would try disabling AVG and boot to see if the problem persists. At least you could rule it out very quickly."

 

I can do that.  It will be tomorrow before I know the result.


Edited by Michele31415, 28 January 2015 - 01:31 AM.


#6 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 28 January 2015 - 01:46 AM

Yes, I think you may have a security/malware issue. Before you go through a whole battery of malware removal, there are a few things I think you can try. One is to download and run AdwRemover. Adware can cause this kind of slowing. Here is the download for AdwRemover:


http://www.bleepingcomputer.com/download/adwcleaner/


Otherwise, the Kaspersky rescue disk is a very good boot tool. If you have a rootkit, there is a fairly decent chance it will find the problem. Here is some info on rootkits:

http://classroom.synonym.com/remove-bootable-rootkit-9224.html

One other thing I am sure you looked over. When you boot next into the PC, take a look in Task Manager to see if there is anything unusual listed there.

Edited by UpgradeMe, 28 January 2015 - 01:47 AM.


#7 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 28 January 2015 - 01:37 PM

Those are all great suggestions that I will try to get to today.  In the meantime, this morning in Safe Mode I enabled the Windows login "VerboseStatus" registry key, hoping to narrow down where the hang-up is.  I also removed Telephony from the Startup services list in msconfig.  Then I rebooted normally.  This time it "only" took 20 minutes from boot to the login screen.  But what's odd is that even while it's just sitting there waiting for me to click on my account name to login, the disk activity light is pegged on 100%.

 

And I didn't really get much info from VerboseStatus.  The timing is Boot -> Windows logo (spends about 5 minutes here) -> blank screen (spends about 10 minutes here) -> login screen (waits for a mouse click with non-stop disk activity)  -> Desktop (takes about 3 minutes for the icons to populate).

 

From there I opened Task Manager but didn't see anything out of the ordinary running.  So I opened WinPatrol and looked at the Recent tab.  In there I did find a few interesting things, in particular this:

 

a file named 43GCJVGAHNU44.THS, attribute Shockwave Flash, with type HIDDEN, supposedly created 10/19/04, modified 12/08/03  (this computer is only four years old) and last accessed right at the time I booted the machine today.  .THS is supposed a WordPerfect thesaurus file but this machine does not have WordPerfect on it.

 

Scotty the Watchdog also sees 8 more hidden files with random names like "ETILQ5_3WFHJULQAAXN0SK"., also accessed at boot time.  They're all zero length.

 

This probably merits looking into...

 

RIght now I'm running AVG again with the latest database.  It claims to scan for rootkits.  We'll see.



#8 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 28 January 2015 - 03:57 PM

Looks like the ETILQS files may be associated with Firefox. I have also found reference to them with Google Chrome. Here is some info:

 

https://support.mozilla.org/en-US/questions/987495

 

I don't necessarily think it's a bad idea to monitor hidden files as suggested in this thread, but these seem to be OK. Here is more:

 

http://answers.microsoft.com/en-us/windows/forum/windows_7-files/what-are-etilqs-files/fbab1341-acf2-4013-8394-324f2679aa89

 

https://support.mozilla.org/en-US/questions/992421

 

Found a reference that the .ths may be indeed associated with Flash.  Here is some info:

 

http://labnol.blogspot.com/2006/03/mcafee-deletes-google-microsoft-adobe.html

 

Seems odd that something that old would find its way onto PC the age of yours...

 


Edited by UpgradeMe, 28 January 2015 - 04:23 PM.


#9 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 28 January 2015 - 08:52 PM

"One is to download and run AdwRemover."

 

I downloaded that but when I tried to install it it said "SQLite3 can't be loaded (1)".In the meantime, I'm deleting that strange .THS file that WinPatrol found and rebooting.  The ETILQS files I gues sare a non-issue;  I have those also on another machine that is running fine.

 

Oh yes, I also updated AVG and ran it again.  This time it claims to have found (and quarantined) 12 registry entries whose descriptions were something like "prevents .com from executing", and .pif and .exe among others.  So something is clearly wrong here.  AVG removed them so we'll see what happens next.



#10 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 28 January 2015 - 08:58 PM

Having run sfc /scannow and chkdsk, you have done everything and more, when throwing in the AVG scans and booting with startups off. I think maybe it's a good time to head over to virus removal and see if you can get to the bottom of the situation.

Maybe it wouldn't hurt to run sfc /scannow one more time, since avg probably did do some malware removal, which can sort of help and hurt, too, sometimes.

Edited by UpgradeMe, 28 January 2015 - 08:59 PM.


#11 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 29 January 2015 - 01:10 PM

I'm ebarrassed to admit I found out the reason why AdwCleaner wouldn't install.  The account did not have administrator privileges.  I will point out that it's not my machine and I simply used the account the owner showed me with the initial complaint.  It just hadn't occurred to me it wasn't an admin account.  Anyway, AdwCleaner found nothing other than vToolbarUpdater, which I didn't want anyway.

 

What's strange now is that the computer no longer takes hours to boot, but it's still 20 mnutes which is about 18 minutes too long.  AndI still don't get why doing a diagnostic startup (which removes all non-essential services and startup items) doesn't make it boot any faster, but booting in Safe Mode does boot fast.

 

I did get rid of that random-name .THS file and it didn't come back.  Also, since disabling the Telephony service, I stopped getting any more 7001 errors.

 

Well thanks anyway for your help.



#12 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:01:04 AM

Posted 29 January 2015 - 01:24 PM

Safe mode does not load system drivers, so perhaps it's a driver issue. I have seen this problem from network drivers before and also from graphics drivers. It's a tricky area, so I feel like you have to be ready to undo any updates to drivers you make if the problem is not resolved.

I wish I could think of a way to diagnose this kind of bottleneck, where the startups are ruled out completely, but I can't think of anything other than possibly this is a driver issue...

Edited by UpgradeMe, 29 January 2015 - 01:25 PM.


#13 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 29 January 2015 - 08:54 PM

"I wish I could think of a way to diagnose this kind of bottleneck, where the startups are ruled out completely, but I can't think of anything other than possibly this is a driver issue..."

 

I really have to agree.  This isn't my first rodeo and I've never seen anything like this.  I'm always a bit leery though of doing driver upgrades as I've seen lots of them turn a minor problem into a major headache.  I think at this point I need to cogitate on the problem for a while.  If I come up with the answer, I'll be sure to post it here for the benefit of anyone else coming down this road at some point in the future.  Thanks for your help!



#14 hamluis

hamluis

    Moderator


  • Moderator
  • 56,302 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:04 AM

Posted 03 February 2015 - 07:07 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#15 Michele31415

Michele31415
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 03 February 2015 - 08:54 PM

OK, here's wht MiniToolBox said:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Administrator (administrator) on 03-02-2015 at 19:32:33
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/30/2015 00:46:34 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27054. CA_Error27054: SetupAction(0xE0010032): Installation failed.

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:25 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 05:52:25 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server) (User: )
Description: TcpListenerManager: not accepting connections: failed to listen on at least one transport.


System errors:
=============
Error: (02/02/2015 05:48:38 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:51:35 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:51:04 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:51:04 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:49:34 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:49:04 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:49:04 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:48:33 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:48:33 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058

Error: (02/01/2015 11:48:03 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (01/30/2015 00:46:34 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2015 -- Error 27054. CA_Error27054: SetupAction(0xE0010032): Installation failed.(NULL)(NULL)(NULL)

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 08:43:22 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:25 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 05:52:25 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot accepting connections: failed to listen on at least one transport.

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot listening on IPv4: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted. (10048)

Error: (01/29/2015 05:52:24 PM) (Source: VNC Server)(User: )
Description: TcpListenerManagernot accepting connections: failed to listen on at least one transport.



=========================== Installed Programs ============================
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{190601AF-7BE4-046E-CEBF-14EE74434250}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
America's Army (HKLM\...\{EF434C52-D882-43DB-8777-EC7B10D8943C}) (Version: 2.8.0 - U.S. Army)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.31121 - ATI Technologies Inc.)
ATI Parental Control & Encoder (Version: 3.0 - ATI Technologies Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4281 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Battlefield 1942 (HKLM\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version:  - )
Brothers In Arms (HKLM\...\BrothersInArms) (Version:  - Ubisoft)
Call of Duty - United Offensive (HKLM\...\InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Activision)
Call of Duty - United Offensive (Version: 1.00.0000 - Activision) Hidden
Call of Duty (HKLM\...\Call of Duty) (Version:  - )
Call of Duty® 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty® 2 (Version: 1.00.0000 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000 - Activision) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2011.1109.2145.39010 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2011.1109.2146.39010 - Advanced Micro Devices, Inc.) Hidden
CloneCD (HKLM\...\CloneCD) (Version:  - SlySoft)
COMODO Internet Security (HKLM\...\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}) (Version: 5.3.44816.1227 - COMODO Group Inc.)
CryptoPrevent v4.3.3 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 4.40.0312.0214 - DT Soft Ltd)
DolbyFiles (Version: 0.1 - Nero AG) Hidden
DropMyRights (HKLM\...\{E5B72007-07C9-4E67-B29E-696073F45704}) (Version: 1.0.0 - MSDN)
Far Cry (HKLM\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ubisoft)
Far Cry (Version: 1.00.0000 - Ubisoft) Hidden
FreeFileSync 5.23 (HKLM\...\FreeFileSync) (Version: 5.23 - Zenju)
GnuWin32: UnRar version 3.4.3 (HKLM\...\UnRar-3.4.3_is1) (Version: 3.4.3 - GnuWin32)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (Version: 2.1.71.14 - Oracle, Inc.) Hidden
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Macrium Reflect - Free Edition (HKLM\...\{A8DF1374-7E6B-448A-87BB-2DCE71874F2B}) (Version: 4.2.2952 - Macrium)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 2.1.121.2 - McAfee, Inc.)
Medal of Honor Airborne (HKLM\...\{25F28E39-FDBB-11DB-8314-0800200C9A66}) (Version: 1.0.1.0 - Electronic Arts)
Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor Allied Assault™ Breakthrough (HKLM\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version:  - )
Medal of Honor Allied Assault™ Spearhead (HKLM\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version:  - )
Medal of Honor Pacific Assault™ (HKLM\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.0 - Electronic Arts)
Menu Templates - Starter Kit (Version: 9.4.2.0 - Nero AG) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{4fc3c19c-e2d7-4824-905f-122988b3d64c}) (Version:  - Nero AG)
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero Express Help (Version: 9.6.2.101 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart Help (Version: 9.4.12.100 - Nero AG) Hidden
NeroExpress (Version: 9.4.17.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13527 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - CyberLink Corporation)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 3.33 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6101 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein - Platinum Edition (HKLM\...\Return to Castle Wolfenstein - Platinum Edition) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SciTech GLDirect (HKLM\...\SciTech GLDirect) (Version:  - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
Sniper: Ghost Warrior (HKLM\...\Steam App 34830) (Version:  - City Interactive S.A.)
Spawn Gaming Mouse (HKLM\...\{0EBEAC4B-8222-4FBB-958D-88E9C68B18F0}) (Version:  - )
Speed Disc (HKLM\...\{EF91AA6E-BD0C-427B-B723-DF2202415BA8}) (Version: 3 - Fogware Publishing)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Lord of the Rings FREE Trial  (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TightVNC (HKLM\...\{D903B276-81AE-4AED-AEF9-45DACFBF16CE}) (Version: 2.7.10.0 - GlavSoft LLC.)
Trader Workstation 4.0 (HKLM\...\Trader Workstation 4.0) (Version:  - )
Tt eSPORTS Challenger Ultimate (HKLM\...\{D65D9706-6D6D-42E8-A11A-63E3AFECBBC1}) (Version: 2.0.2.0 - Tt eSPORTS)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version:  - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2447568) (HKLM\...\KB2447568-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VNC Server 5.2.2 (HKLM\...\{C7F445C2-C464-4C6C-BBED-259042A43273}) (Version: 5.2.2 - RealVNC Ltd)
VNC Viewer 5.2.2 (HKLM\...\{6721C636-62DB-4F4E-B060-53F6B1AB6688}) (Version: 5.2.2 - RealVNC Ltd)
WAR TRAIN - Normandie 1944 (HKLM\...\{C44E4AA1-3E3E-4BAC-B666-6F964EC42C3B}) (Version: 1.0 - Asylum Games)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
Wolfenstein (HKLM\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Activision)
Wolfenstein (Version: 1.0 - Activision) Hidden
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft FREE Trial (HKLM\...\{02EBDBB9-4600-41D3-B566-40CB861511D2}) (Version: 1.00.0000 - ATI Technologies Inc.)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 3326.42 MB
Available physical RAM: 2473.22 MB
Total Pagefile: 5847.7 MB
Available Pagefile: 2509.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1982.06 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.75 GB) (Free:388.52 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-AE021B92D9

Administrator            ASPNET                   Guest                    
HelpAssistant            removevirus              SUPPORT_388945a0         
User                     


**** End of log ****

 

Speccy has been sitting there going "analyzing" for an hour now without producing any results.  All I see is that the disk activity light is on solid the whole time.  If it ever finishes, I'll report that here.

 

<...time passes...>

 

OK, it finished, but every item was listed "access denied".  The disk light is no longer on solid.

 

http://speccy.piriform.com/results/pUa3ULfXDF2EGaZb0Bb5sY0
 


Edited by Michele31415, 04 February 2015 - 12:22 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users