1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Sudden failure of utilities

Discussion in 'Virus & Other Malware Removal' started by xelahart, May 14, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Last night I had a strange sudden failure on my computer. I don't know what search terms to use to get help form Google, so I am hoping a friendly human on this forum will be able to diagnose and point me to a solution.

    OS
    Windows Vista
    The Event
    Last night I had turned on the computer and logged on using a dedicated logon I use for synching my i-pod. I was adding folders to my library from an external harddrive when everything suddenly froze. I only had Windows Explorer and i-tunes open, both froze. I could not close them. I opened Task Manager, this could not close them. I Switched User, used a differnt logon, openined Task Manager, clicked All Users, and tried to kill i-tunes and Windows Explorer from there, still no effect. I tried to Log Off, Restart and Shut Down, all ignored. I eventually held the power button down until it died and then started it up again.
    Symptoms Since
    After restarting the computer Windows Explorere could see the external hard drive, but could not see anything inside it, it just looked for ages, then hung, then would not close, then computer would not shut down, power down again.

    When I started it up the next time it hung before loading Windows, it appeared to be trying to read one of the external hard disks. I powered down again, turned off all the external hard disks and started up again.
    Now whenever I turn it on it seems fine, but freezes as soon as I try to do anything. Open internet explorer to research the issue, opening up Control Panel, Task Manager, or sometimes just Windows Explorer, all freeze, which is making diagnostics difficult. Whenever it freezes it also refuses to shut down so I have to manually power it down. Sometimes I try to shut it down before it has frozen and it hangs half way trhough the shut down, I just have a mouse pointer on a black screen indefintiely.

    It seems to run OK in Safe Mode. I tried doing a System Restore from within from Safe Mode. It suggested going back to before the last Windows update a few days ago so I did this. I don't know if it worked, I think not, it was taking ages so I went to bed, in the moring it was frozen on the black screen with the mouse pointer. When I started it again it was no better.

    I will try to do a TSG SysInfo run tonight if it will let me (I am writing this from another computer).

    Any suggestions?
     
  2. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    TSG Info said:

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
    Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, x64 Family 6 Model 23 Stepping 7
    Processor Count: 4
    RAM: 3070 Mb
    Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i, 256 Mb
    Hard Drives: C: Total - 600238 MB, Free - 303221 MB;
    Motherboard: Packard Bell BV, MCP73PVT-PM
    Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated and Enabled
     
  3. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    That TSG Info didn't seem to give a lot of info that would help with diagnosis. If there is anything else I can do to provide more useful data I am happy to try.
    A little help, somebody, please ...
     
  4. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Er...

    How about some advice on how to get a question responded to?
    Have I posted in the wrong place?
    Or failed to use some key words that the technical wizards on this forum search for?
    Or comitted some newbie forum faux pas I am not aware of?

    Hello, Earth to Tech Support Guy Forum, are you reading me? OVER
     
  5. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Would a Hijack This log help with diagnosis?
    Happy to try anything that helps.
     
  6. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    OK this is what HJT said:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:16:18, on 16/05/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Safe mode with network support
    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\helppane.exe
    C:\Program Files\HijackThis\HijackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\mcafee.com\agent\McUpdate.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&s=1&o=vp32&d=1008&m=imedia_x2416
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&s=1&o=vp32&d=1008&m=imedia_x2416
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120706041929.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    --
    End of file - 8685 bytes
     
  7. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    32,772
    First Name:
    James
    Please bear in mind, this is a 100% volunterring site and we are not on here 24/7. We may not see your thread until later.

    As to the issue at hand, if you completely leave the external drives disconnected for 48 hours does your computer work as normal?
     
  8. AtlBo

    AtlBo

    Joined:
    Jun 1, 2010
    Messages:
    678
    Just a tip xelahart...

    When the computer starts to slow, (if at all possible) let your first response be to open Task Manager. Sort by the CPU column so that the processes using the most processor can be seen at the top. Leave it open while you troubleshoot and make note of which processes seem to be bogging down the computer. This can help lead to diagnosis more quickly...
     
  9. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Couriant
    Sorry for getting impatient. I can see now that it has not been that long since my first post, and you all have your own lives.
    The external hard drive has not been connected since the event (which is now more than 48hrs).

    AtlBo
    Task manager is usually my first response. However since this fault developed I often find that once a programme has frozen on me Task Manager refuses to open. I get the tiny green grid icon in the bottom right of my Task Bar saying Task Manager is open but no main window I can do anything with. If I do manage to get TM open, It tells me the CPU is 99% idle, i.e. nothing is bogging the computer down even though I can see the hard drive light is on almost constantly (and hear it chugging about) and the computer is ignoring most of my instructions.
     
  10. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    A few more symptoms to report. All the below are if I don't start in Safe Mode.

    If I open IE it normally runs OK initially unless I go to a site with an embedded video in which case it crashes.
    I when I tried to download HighJackThis and TSG Info, the Save As window refused to pop up when I tried to save them (had to do it from within safe mode)
    Similarly I opened a Word doc and tried to print, when I clicked print the window that normally pops up wiith print option didn't.
    If I try to open any of the utilities from within Control Panel, they either refuse to open, or freeze when trying to populate the initial list of things (e.g. when Programmes populates the list of installed programmes)
    If I have Task Manager open when a programme crashes, TM does not report any unusual CPU or RAM usage, just says that the programme is not responding. It is also usually not able to close the programme or end the associated process.
     
  11. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    And a specific question:

    Is there a way to get the computer to start in Safe Mode without having to start the computer normally and then kill it by holding down the power button. (When I start it up again Safe Mode is offered before Windows loads)

    The only way I can get the computer to do anything, (including diagnositcs) is in safe mode and the only way I know to access safe mode is the process above. I assume that doing this repeatedly must be battering some of the components?
     
  12. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    32,772
    First Name:
    James
    Hold down F8 while computer is booting up (but HAS to be before the Windows logo screen)

    I will move this to the Malware forum as it seems that you may have something running in the background that is causing these issues. Again, please be patient while they are working with you and others :)
     
  13. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Thanks for the help.
    If you think it is malware presumably there would be no harm in me trying to run something that looks for that sort of stuff?
    Any you can suggest that would run from within safe mode?
     
  14. Couriant

    Couriant Trusted Advisor

    Joined:
    Mar 26, 2002
    Messages:
    32,772
    First Name:
    James
    The Malware team will be the ones to answer that. I don't deal with malware... yet
     
  15. xelahart

    xelahart Thread Starter

    Joined:
    Apr 29, 2009
    Messages:
    105
    Not sure if it is relevant but when I start in safe mode I notice that the last thing to load is crcdisk.sys and that it hangs for a long time at this point before starting.

    Also the advice I was given (above) for starting in safe mode without having to start up normally then kill the power doesn't work for me. I was told to hold F8 but this just takes me to a screen where I can choose to boot from alternative disks, it does not give me an option to start in safe mode. Is there some other route I can try to get it to start in safe mode?

    Also please could someone recommend a malware tool I could run from safe mode to see if that is my problem?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1098665

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice