# Computer Weirdness ...



## Jules (Aug 2, 2004)

I'm not a black-belt at computers by any stretch of the imagination and my computer is behaving oddly to me. Can any of you guys who are more knowledgeable/experienced provide some input?

Symptoms:

Just above the Menu Bar on the right hand side keeps flashing a transparent " >> Next Track " sort of icon.

It does this intermittently but frequently.

As this icon flashes so do all the other icons on my desktop.

And the processor fan starts winding up.

And all my applications start running slower.

Performance CPU usage in Task Manager keeps going upto over 80% and more even with no app's running; it would iexplorer is the main memory user when this is high.

Things I've tried:

Re-booting. (Same)

Going into task manager and shutting all applications down. (Still occurs)

Deleting all temporary internet files and cookies (No difference)

Running my McAffee anti-virus - though I have to admit this is in subscription but out of date as whenever I tried to update it my internet access was just so slow. (No infected files found)

Two things that may be unrelated:

I started downloading a new update of iTunes (7.2?) but aborted because this started happening and I thought there was a problem.

A friend used our computer a couple of days ago and it was only after this that the ">>Next Track" business started happening ... which leads me to suspect it might be a virus?

I'm keen to try anything - because it is bugging me!

Any and all suggestions will be welcome - Thanks


----------



## dowsing (Sep 21, 2006)

Jules said:


> I'm not a black-belt at computers by any stretch of the imagination and my computer is behaving oddly to me. Can any of you guys who are more knowledgeable/experienced provide some input?
> 
> Symptoms:
> 
> ...


You could try a system restore to before your friend used it, this fixes about 95% of things.


----------



## langtoftlad (Mar 31, 2007)

Uninstall McAfee!

Install AVG Free - it's completely free and receives daily updates. Has a good reputation.

Right click on the icon to see if a pop-up dialog box gives any clues to its identity

If it does, then use task manager to shut down the process

You could always use task manager processes (next tab) to see if anything is hogging your resources.

Try uninstalling the iTunes & reinstalling it.

edit: or as Dowser suggests - system restore back to a point when you know your pc was ok

If you suspect a virus - the best method of cleaning is to switch of system restore & re-boot your pc in "Safe Mode". Then run your anti virus.

If you don't switch off system restore, a copy of any virus will lurk there.


----------



## rhaythorne (Jan 12, 2004)

I'd guess that if Internet Explorer is the main memory hogger when this peculiar icon puts in an appearance then perhaps some sort of IE add-on or BHO "Browser Helper Object" has been installed.

In Internet Explorer (version 7, can't remember 6 but it may be the same) click on the Tools menu and select "Manage Add-ons", then "Enable or disable Add-ons". You will be presented with a box like the one below, in which you can view all the various extra crap that Internet Explorer runs, allegedly for your benefit 










If anything in there looks fishy, try disabling it and see if the probelm goes away. If you get it wrong you can always re-enable it again later if need be and try another one.


----------



## the strap (Feb 21, 2007)

Take this opportunity to switch from IE to Firefox.


----------



## Jules (Aug 2, 2004)

Thanks Guys - really appreciate it.

I intend to spend a couple of hours trying to get to grips with tonight - so hopefully will try out some/all of the suggestions.

I'll start with the Add-Ons one first Rich - as I noticed that IExplorer was hogging most of the memory when I looked in the Task Manager Processes Memory Usage column.

I'll let you know how it goes.

Any more?


----------



## limey (Aug 24, 2006)

Napalm


----------



## Mrcrowley (Apr 23, 2003)

Is Macafee no good?


----------



## James (Jul 17, 2006)

Curious how many processes are shown running in task manager. Take a print screen of whats running and post the jpeg.

and a print screen of services in administrative tools.

Then we see next step. I imagine its something from something you have installed which can be managed once determined


----------



## langtoftlad (Mar 31, 2007)

Mrcrowley said:


> Is Macafee no good?


It's adequate









...but it's resource hungry and it costs...

There are equally good products available for free...


----------



## Jules (Aug 2, 2004)

Well for better or for worse I'm going down the McAffee update route currently ... at midnight









Tried uninstalling iTunes - no difference

then did the Manage Add-ons - thought I'd got somewhere but it reappeared on re-boot

So decided then to update McAfee and am sat here after ages and it has detected 9 items so far.

Will keep you informed ... am writing this on the wife's old iBook


----------



## Jules (Aug 2, 2004)

Well ... I finished uppdating my MacAffee virus checer and ran it. Nothing but some cookies, which I deleted.

Then I downloaded and ran EasyCleaner to tidy up the registry.

Then I downloaded and ran Ad-Aware - Thanks Rondeco - and got rid of similar looking cookies.

So am now going to try re-installing iTunes ... because the ">>Next Track" icon is still flashing.

If this doesn't work ... will try some of the other suggestions.

If I'm doing the wrong things or in a strange order it is because I am skating on the thin veneer of my computer knowledge ...


----------



## Jules (Aug 2, 2004)

I've downloaded Firefox - but it was still flashing away.

However after re-installing iTunes it seems to have stopped ...









As for the Add-ons does anyone know what:

CCA291CA-C863-46EF-9331-5C8D4460577F

... is? I hope it's not embarrassing









(possibly from a failed attempt to set-up a blue tooth connection between mobile and the computer?)

Am posting this on my desktop and it's working - just seen on the iBook your last post Ron - Thanks ... After having a quick look on the Add Remove Programmes I don't know what these are:-

X10 Hardware 0.01MB

Medion Flash XL 2.0 0.84MB

Nero Suite No info

Think I'm going to have to go to bed now ... fingers crossed it doesn't seem to be flashing anymore ...










We'll see ...

Thanks all for the help.


----------



## rhaythorne (Jan 12, 2004)

Well done Jules, hope it's sorted









If you find that some program you remove appears to re-install itself when you reboot the computer, then 9 times out of 10 it's because there's a Registry entry to do this in the following location:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Entries here get run whenever you restart the machine, so an installation program referenced here can re-install a program you removed in your previous session.

You can delete the specific entry to stop this happening or, as Ron suggested, run the hijackthis program which will show a log of all the Registry entries in this location plus many, many other things and then you can let someone else give you some advice as to what to delete and what to leave alone.

The long number you mentioned (CCA291CA-C863-46EF-9331-5C8D4460577F) is called a Class Identifier, or CLSID for short. It's basically a reference number that uniquely identifes something. In this case it's probably an ActiveX control used by Internet Explorer.

If you're feeling brave, have a look at the following Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility

Lots of them aren't there!

If you scroll down the list you'll probably see the one you mentioned listed in there somewhere, although it wont tell you exactly what it is.

If you remove an ActiveX control from IE using the Manage Add-ons functionality within IE, this will not prevent the ActiveX control from being re-installed later or from IE prompting you to re-install it if you visit a web site that wants that ActiveX control to be installed.

To prevent the ActiveX control from running and to stop IE even prompting you to install it, you have to set the "Kill Bit" on the CLSID for that ActiveX control in the Registry.

If you look at the above Registry key and select one of the CLSID's you'll notice an entry called "Compatibility Flags". If you set the value of the Compatibility Flags entry to a Hexadecimal value of 400, that effectively "kills" that ActiveX control, preventing it from running and stopping IE from even prompting you to install it.

Some easy stuff to finish off with:

The X10 Hardware program is probably something to do with a web cam that was aggresively advertised a year or two ago via pop-up ads. You probably clicked "Yes" on something and installed the software. Even I accidentally did this once as there were so many pop-ups everywhere







If it's not that, it something to do with home automation devices.

Medion Flash XL appears to be an external USB flash memory/hard drive of some kind.

Nero is software for burning CD's/DVD's, managing/manipulating photos and video/audio files.

Phew, hope that helps


----------



## Jules (Aug 2, 2004)

Gordon Bennett!! - Thanks for all that detailed info Rich ...

I intend to have another session over the weekend (hopefully not as long or as late) and see how fast the old 'puta is running, and do some more checking and tidying up. I'll try and action some of those suggestions.

I do feel a bit happier that my Virus checker software is upto date - but last night my internet connection seemed very slow ...









I've now got Mozilla on the desktop and think I will probably end up using that more often than IE.

I don't know if it was coincidence, but on reflection I think it was possibly some "weirdness" from iTunes. Does iTunes have some form of internet connection within it? It was the overwriting of the deleted older version of iTunes that ultimately seemed to stop this weird flashing ">>Next Track" icon. As I was shaving with Okum's razor this morning I did think that Next Track kind of pointed to it being an iTunes glitch.

Maybe if I had just deleted and then re-installed iTunes I would have got to bed earlier ... but without my new found wealth of knowledge or fresh computer confidence


----------



## rhaythorne (Jan 12, 2004)

You'll be relieved to hear that I know nothing about iTunes, so you wont have to wade through any lengthy posts from me on that subject









Off out now. Catch you guys later


----------



## philjopa (May 18, 2005)

Any sign of those pics yet Jules?


----------



## Mrcrowley (Apr 23, 2003)

langtoftlad said:


> Mrcrowley said:
> 
> 
> > Is Macafee no good?
> ...


Thanks for that.

I will get rid of this I have then - driving me nuts.

Alternatives?


----------



## langtoftlad (Mar 31, 2007)

Mrcrowley said:


> langtoftlad said:
> 
> 
> > Mrcrowley said:
> ...


AVG Free

Link


----------



## langtoftlad (Mar 31, 2007)

Jules said:


> I do feel a bit happier that my Virus checker software is upto date - but last night my internet connection seemed very slow ...


Dare I say that McAfee might be slowing your internet experience - it depends on what exactly you have it doing. At the very worst, it could be examining and checking every action you perform on your pc whilst online.

Internet security is a balance. Total security is possible but that equates to a pointless total disconnection from the internet but you'll never get a virus! The more comprehensive the protection, the longer it takes and the slower the surfing.

The problem with things like Norton & McAfee is that they are very large, very comprehensive, ungainly and inefficient. Probably because the 'suite' of protection has never been developed as an integrated solution but rather as a number of separate applications bolted together to create a package to appeal to the widest audience commercially.

You have probably got & are using overlapping functions & facilities whether you want to or not.


----------



## Jules (Aug 2, 2004)

rondeco said:


> Jules , if you're still struggling after that download HijackThis , do a scan and save the log file then paste it here and I'll take a look .
> 
> p.s. I like your sig line
> 
> ...


Well I'm hoping not to have another 2 a.m. session but the blummin 'puta is doing it again ... though not as bad.

Ron - would you mind having a look at my logfile from your link above.

I'm a bit concerned about going into the Registry - it's been many years since I've done anything like that - and I can't remember any of it.

Anyway ... if you could please have a quick look at this, and point me in the right direction if it is something obvious.

Two that look weid to me:-

03 - Toolbar (no name) - ... (no file)

04-HKLM\... AGRSMMSG

but on a quick google it looks like the AGSMMSG is some kind of modem driver - so what do I know!

I really hope I don't have to go down the re-install Windows route, I've got all legitimate software (MS Office etc) but I'm not sure with my luck I could get my wireless router to keep working









As for the SigLine - Thanks







Funny & Zen at the same time ... maybe, but it is silly enough for me.

Cheers

Jules

PS Now not only do I have to Thank Roy for providing my watch forum fixes, but also my Computer Helpdesk too!!









Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 23:01:11, on 03/06/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SM1BG.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\Dit.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

C:\WINDOWS\mHotkey.exe

C:\WINDOWS\CNYHKey.exe

C:\Program Files\Home Cinema\PowerCinema\PCMService.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\HP\HP Software Update\HPWuSchd.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\McAfee\MSK\MskAgent.exe

C:\Program Files\SiteAdvisor\6066\SiteAdv.exe

C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

c:\program files\common files\mcafee\mna\mcnasvc.exe

C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Program Files\McAfee\MSK\MskSrver.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\SiteAdvisor\6066\SAService.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\Jules\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - Default URLSearchHook is missing

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O4 - HKLM\..\Run: [sM1BG] C:\WINDOWS\SM1BG.EXE

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [Dit] Dit.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

O4 - HKLM\..\Run: [CHotkey] mHotkey.exe

O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"

O4 - HKLM\..\Run: [adiras] adiras.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm (file missing)

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180656196437

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: McAfee Application Installer Cleanup (0108551180907092) (0108551180907092mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP10855~1.EXE

O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe (file missing)

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe

O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--

End of file - 10375 bytes


----------



## Jules (Aug 2, 2004)

I'm still having problems ...









I'll give it one more push and then will consider either attempting to 1) re-install everything or 2) paying someone to have look - my worries with these two options are:-

1) Re-installing - not sure if I am savvy enough to do it properly and get rid of any nasties and get everything to work.

2) If I pay, for example, PC World how can you be sure they are just looking for revenue







rather than trying to solve the problem! And if you get a unknown little guy/operation how can you be certain he will not just come along and go for the quick-fix solution because it's easier for him too?

Anyway in response to some of the input above (All of which is very much appreciated) that I have not responded to directly:-

System Restore (dowsing) - I haven't done this because I haven't set any System Restore points previously and I believe you need them don't you?









Re Boot in Safe Mode and run Virus Checker (langtoftlad) - I tried doing that last night and was a bit spooked by the long time it seemed to take in the black-screen-white-type (DOS?) world! It seemed to be saying lots about hard drive partition?? Not something I have done - could it be related? Unfortunately I couldn't get McAfee to run in Safe Mode - is this perhaps because it needs access to the web?

RegSeeker (Thanks Ron) - I downloaded this but am not certain quite how to use it and it gives some hefty warnings about deleting things out of the registry which I am currently not confident on.

HKEY_LOCAL ... (Rich) - I've just no idea how to action that advice due to my complete computer muppetryness (Sorry







)

Task Manager processes (James) - I keep using this all the time and the one thing that keeps coming up is mHOTKEY.exe and I've googled this and it doesn't seem to be too onerous. Though I do think it is related because when I end it in task manager the flashing ">>Next Track" icon stops ... though the computer fan still starts like a Huey Cobra winding up.

So, sorry to bother all you guys again, but I think I'm at the end of what I feel I am currently able to do now - I don't know why I'm so keen to take computer advice from watch enthusiasts







but in a strange way I trust this forum.

Any further/other suggestions?


----------



## langtoftlad (Mar 31, 2007)

What is your processor and amount of RAM

I'm no expert but to me, it seems like you've got an awful lot of software starting at start up!

Whilst that might not be your major problem - this amount of processes will slow you down.

Do you know how to select which programs launch at startup by using config.sys?

Do you need all these to launch when you start your pc;

Musicmatch jukebox

Power Cinema

Real Player (an insideous piece of software if ever I saw one)

Quicktime

MSN Messenger

Itunes

Skype

Sagem (phone?)

HP Digital Imaging

iPod service

...and a lot of the processes seem to be attributed to McAfee.

Before you go down the re-install windows route or pay someone to sort it out - I would try two things

Un-install McAfee - at least temporarily whilst you sort it out

Un-install ALL your multimedia software <!>. This type of software is fairly resource hungry and tends to infiltrate your pc. There are many better pieces of software - mainly freeware, written by enthusiasts who have had similar problems to yourself.

For example instead of musicmatch, itunes, real player, quicktime etc I'd consider using VLC multimedia player - free and will play just about anything from video to mp3's VLC

Lots of people love itunes but for me I just need something to transfer music from my pc to my ipod. The tiny little vPod does exactly what it says on the tin vPod

If you want to play your ipod music via your pc, then there's Podplayer

and if you want to transfer your music from your ipod back to your pc (or someone elses) then I use Sharepod which is something you can't do with iTunes I believe.

All of which are very small standalone programs and don't take over your system.

If you do decide to un-install these pieces of software then I'd also recommend getting a registry cleaner because these applications are notorious for leaving remnants behind despite their claims to be completely uninstalled.

I use "Your Uninstaller" Feature limited 21 day Free Trial (but you can get a crack as well for the full version if you're that way inclined







)

and RegCleanr (note spelling) Download completely free

You'll be amazed at what is left after a supposedly complete application uninstall

As for McAfee - I've expressed my thoughts earlier and personally recommend AVG Free as a better complete alternative AVG Free

Good luck!


----------



## rhaythorne (Jan 12, 2004)

Just to add to what the others have said, I think you should also upgrade your copy of Adobe Reader. Version 6 (which you seem to be using) is _very_ vulnerable to a Cross Site Scripting (XSS) attack which means you could get hacked by doing nothing more than clicking on a link to a PDF file on a website.

Versions 6.06, 7.09 or 8.x fix this problem. Upgrading to version 8.x is probably the best solution.


----------



## Jules (Aug 2, 2004)

Well guys ... I'm cautious, especially as I thought I had cracked it before, but I think I MAY have an idea what the problem is.

In the light of what Rich was saying about Keyboard drivers I tried to think what ">>Next Track" could actually be related to. I did wonder if was some problem with my CD or DVD drives. However, one symptom I had thought that was unrelated was that my i-Tunes was going a bit weird. On closer observation it was skipping tracks sometimes when I tried to select one - it would skip down to the bottom of my tracklist and then flash/hang. So I got to wondering could this be something to do with those weird hot key buttons I never use at the top of my keyboard?

Anyway to cut a long story and the last 3 hours or so short ... I decided it was something to do with the Fast Forward / Skip / Next Track keyboard button. So fortune sometimes favours the idiot so I deleted the additional keyboard driver that was loading at start-up and it hasn't happened since!!

I was a bit worried my keyboard might not work and I would have to go up in the loft and get an old squiggly cable keyboard down. Well I'm typing on it now and have since updated Adobe (thanks Rich) and deleted some stuff of my start-up (thanks langtoftlad) and still no probs.

A sort of test I've done is to go back into i-Tunes and press the hotkey keyboard button and i-Tunes started doing it again but this time no flshing icon or fan cranking it up to 11. So I don't know, but I think my keyboard may be faulty - and maybe there was some weird conflict with the keyboard driver and ... something else?

Well I'll keep my fingers crossed. And thanks for all help. It's been a learning experience and I don't think somehow it's finished yet.

Jules

PS those anti i-Tunes links look really interesting langtoftlad, Thanks. I'll certainly have a look at those ... another night!

Edited for horrendous late night typing


----------



## langtoftlad (Mar 31, 2007)

Whilst I'm flying on anti-establishment software can I contradict what Rhaythorne has suggested









Do not upgrade Adobe Acrobat but uninstall it instead!!! It's another of those cumbersome resource hungry leviathans with lots of bolt on pieces nobody uses.

If all you want to do is read .pdf files then I thoroughly recommend Foxit Reader HERE It's a tiny application (just a few kbs as opposed to adobe's mbs & mbs) and its quick too....


----------



## strange_too (Feb 19, 2007)

Earlier in the thread people where talking about AV's

Following a interview with the owner of eEye on TWIT's Secruity Now, I've been using his Blink product for about a month now on my XP book and I would really recommend it. It's a very light, but very effective product and is intelligent in the way it deals with attacks. From what I remember the DOA etc use it.

Well worth a try.


----------



## rhaythorne (Jan 12, 2004)

langtoflad said:



> Whilst I'm flying on anti-establishment software can I contradict what Rhaythorne has suggested
> 
> 
> 
> ...


Of course you can









Foxit looks quite nice (I just gave it a quick whirl ) but note that its integration into anything other than Internet Explorer appears limited at best. Non-IE users will find that Foxit opens up the pdf in its own, separate window. That may or may not be an issue for users of alternative browsers.

strange_too said:



> Earlier in the thread people where talking about AV's
> 
> Following a interview with the owner of eEye on TWIT's Secruity Now, I've been using his Blink product for about a month now on my XP book and I would really recommend it. It's a very light, but very effective product and is intelligent in the way it deals with attacks. From what I remember the DOA etc use it.
> 
> Well worth a try.


I had a play with blink last year (may have been a beta or somesuch) and, whilst not for me, yep, it's definitely worth investigating.


----------

