Ad-Aware stalling at:
C:\Documents and Settings\Name\Local Settings\Temp
(I may have precipitated this by trying to install IIS to support Frontpage. On the other hand these events may be merely coincident.)
I ran a Custom scan after excluding the Temp folder from the scan and it came to close to finishing (198,179 files scanned). But, it again stalled at C:\xp\VALUEADD
Running a new scan with VALUEADD excluded (in addition to excluding Temp.)
Stalled next at: C:\xp\SUPPORT\TOOLS
Scanned again with TOOLS excluded (in addition to Temp & VALUEADD.)
Stalled next at: C:\xp\I386\WINNTUPG\SRVINF
Ran CCleaner
Stalled next at: C:\xp\I386\WINNTUPG\OEM\TIGERJET
Ran CCleaner
Scanned again with TIGERJET excluded (in addition to Temp, VALUEADD & TOOLS.)
Stalled next at: C:\xp\I386\WINNTUPG\OEM\SPX\MPS
Followed advice from http://www.annoyances.org/exec/show/pcmag_recovery
“… you can try deleting some of the unnecessary files (such as the VALUEADD, SUPPORT, cmpnents, WIN9XMIG, WIN9XUPG, and WINNTUPG folders) files in the hopes of reducing the size of the installation. Lastly, you can start over and try the process again.
Note: The aforementioned WIN9XMIG, WIN9XUPG, and WINNTUPG folders are used to upgrade from Win9x and WinNT/2000. If you're only installing over Windows XP (or installing on an empty system), you probably can safely delete these folders. “
I checked the CD “XP SP2” received with computer. The following folders are included on that CD and can be replaced if I need to; VALUEADD, TOOLS & WINNTUPG (and all sub folders and files). SO, I deleted them all.
Ran Spybot – Search & Destroy: found and fixed three minor items:
--- Report generated: 2006-12-18 23:02 ---
Avenue A, Inc.: Tracking cookie (Internet Explorer) (Cookie, fixed)
Advertising.com: Tracking cookie (Internet Explorer) (Cookie, fixed)
DoubleClick: Tracking cookie (Internet Explorer) (Cookie, fixed)
Ran full system McAfee virus scan. No items found.
Ran Ad-Aware again. This time it stalled on C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
12-19-06 I followed instructions from Ad-Aware Forums re Freezing and CHKDSK.
CHKDSK Report
Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 12/19/2006
Time: 10:28:33 AM
User: N/A
Computer:
Description:
Checking file system on C:
The type of the file system is NTFS.
Cleaning up 1684 unused index entries from index $SII of file 0x9.
Cleaning up 1684 unused index entries from index $SDH of file 0x9.
Cleaning up 1684 unused security descriptors.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
73176074 KB total disk space.
27896980 KB in 104506 files.
35456 KB in 7307 indexes.
0 KB in bad sectors.
186322 KB in use by the system.
65536 KB occupied by the log file.
45057316 KB available on disk.
4096 bytes in each allocation unit.
18294018 total allocation units on disk.
11264329 allocation units available on disk.
Internal Info:
b0 c8 01 00 d0 b4 01 00 02 5a 02 00 00 00 00 00 .........Z......
f4 0a 00 00 01 00 00 00 26 09 00 00 00 00 00 00 ........&.......
94 70 cf 08 00 00 00 00 d0 ba e7 55 00 00 00 00 .p.........U....
82 24 97 17 00 00 00 00 72 fc 50 a0 04 00 00 00 .$......r.P.....
9e 6f 70 bf 03 00 00 00 ba 0b a5 d7 08 00 00 00 .op.............
99 9e 36 00 00 00 00 00 98 38 07 00 3a 98 01 00 ..6......8..:...
00 00 00 00 00 50 b2 a6 06 00 00 00 8b 1c 00 00 .....P..........
Windows has finished checking your disk.
Please wait while your computer restarts.
Ran Ad-Aware again. This time it stalled again on the same file: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Ran RootkitRevealer (updated to v1.71)
Found 27 discrepancies. While saving it I got the following error and when I opened the txt file it was blank.
Click to view attachment
Dr. Watson log at C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log dated 12/19/06 shows errors. Submit this with the other reports?
Ran RootkitRevealer again. New report reflects (as best I can remember) the same discrepant files as the first time plus a bunch of McAfee files (probably auto-downloads) with comment about API length being different than the Hive ________.
Report Save again failed (error msgs) and the final txt file is blank.
Error msgs:
Click to view attachment
Click to view attachment
Technical info from “click here” is:
C:\DOCUME~1\NAME~1\LOCALS~1\Temp\WERe62f.dir00\CJMZ.exe.mdmp
C:\DOCUME~1\NAME~1\LOCALS~1\Temp\WERe62f.dir00\appcompat.txt
Ran Blacklight scan;
12/19/06 14:37:30 [Info]: BlackLight Engine 1.0.47 initialized
12/19/06 14:37:30 [Info]: OS: 5.1 build 2600 (Service Pack 2)
12/19/06 14:37:31 [Note]: 7019 4
12/19/06 14:37:31 [Note]: 7005 0
12/19/06 14:38:08 [Note]: 7006 0
12/19/06 14:38:08 [Note]: 7011 1520
12/19/06 14:38:08 [Note]: 7026 0
12/19/06 14:38:08 [Note]: 7026 0
12/19/06 14:38:14 [Note]: FSRAW library version 1.7.1020
12/19/06 14:48:18 [Note]: 7007 0
Ran Ad-Aware one more time
Again it stalled at C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
At this point I need help. What next?
Thanks,
M
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Ad-Aware SE Resolved/Inactive Issues
Hi micshepp,
Here are some steps from the suggested "freezing issue" steps that from your post, you may not have tried.
1) First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
2) Start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke +immortal
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke +immortal
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke +immortal
o Click OK.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly.
Click Next, then OK.
Should the scan is complete, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click Next, then OK.
3) If that does not work, cancel before the scan reaches the point of stalling -- for example, after a few objects are detected. Click Cancel on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This may work for you now.
4) Have you ruled out any virus or trojan infections? I would recommend an online scan at one of the following (do a full system scan). The reason for doing an online scan is that some infections will disable your Antivirus installed on your PC to hide it's presence.
If any infections are found, save the log from the scan and post it back here:
eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
(if prompted, please *allow* Active X and the install of software - this is needed to scan your system)
It will take a while to download the updates needed, and then you'll be presented with a screen to scan your system.
Ewido free online scanner
http://www.ewido.net/en/onlinescan/
Trend Micro (PC-cillin) - Free on-line Scan
http://housecall.antivirus.com
Panda's Active Scan
http://www.pandasoftware.com/products/activescan.htm
Let us know if any of these steps helps you.
Regards,
Spike
Here are some steps from the suggested "freezing issue" steps that from your post, you may not have tried.
1) First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
2) Start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke +immortal
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke +immortal
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke +immortal
o Click OK.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly.
Click Next, then OK.
Should the scan is complete, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click Next, then OK.
3) If that does not work, cancel before the scan reaches the point of stalling -- for example, after a few objects are detected. Click Cancel on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This may work for you now.
4) Have you ruled out any virus or trojan infections? I would recommend an online scan at one of the following (do a full system scan). The reason for doing an online scan is that some infections will disable your Antivirus installed on your PC to hide it's presence.
If any infections are found, save the log from the scan and post it back here:
eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
(if prompted, please *allow* Active X and the install of software - this is needed to scan your system)
It will take a while to download the updates needed, and then you'll be presented with a screen to scan your system.
Ewido free online scanner
http://www.ewido.net/en/onlinescan/
Trend Micro (PC-cillin) - Free on-line Scan
http://housecall.antivirus.com
Panda's Active Scan
http://www.pandasoftware.com/products/activescan.htm
Let us know if any of these steps helps you.
Regards,
Spike
Thanks, Spike
I did all of the following
1) "First, do a disk cleanup to clear the browser cache and other unnecessary files."
I do this regularly.
2) "Start Ad-Aware scan from the Windows command line."
Did this, it froze at the same spot.
3) "If that does not work, cancel before the scan reaches the point of stalling -- for example, after a few objects are detected. Click Cancel on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This may work for you now."
Did this, removed some of the usual culprits; hitbox, Avenue A, Doubleclick. No real disaster stuff. Ad-Aware still froze.
4) "Have you ruled out any virus or trojan infections?"
I ran the online eTrust Antivirus Web Scanner. No objects found.
Further, I defragged, uninstalled Ad-Aware, re-installed (from CD) and updated it. Ran full scan; it froze.
This is very disconcerting. It appears that the WinSxS folder and files are for developers. Do I need them for normal business operations? Can I delete the entire folder without damaging my system?
Thanks,
M
I did all of the following
1) "First, do a disk cleanup to clear the browser cache and other unnecessary files."
I do this regularly.
2) "Start Ad-Aware scan from the Windows command line."
Did this, it froze at the same spot.
3) "If that does not work, cancel before the scan reaches the point of stalling -- for example, after a few objects are detected. Click Cancel on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This may work for you now."
Did this, removed some of the usual culprits; hitbox, Avenue A, Doubleclick. No real disaster stuff. Ad-Aware still froze.
4) "Have you ruled out any virus or trojan infections?"
I ran the online eTrust Antivirus Web Scanner. No objects found.
Further, I defragged, uninstalled Ad-Aware, re-installed (from CD) and updated it. Ran full scan; it froze.
This is very disconcerting. It appears that the WinSxS folder and files are for developers. Do I need them for normal business operations? Can I delete the entire folder without damaging my system?
Thanks,
M
Hi micshepp,
It is time to pass you over to the log-reading malware experts for deeper analysis (I am not an expert log-reader).
Please post a scan-log from a program called HijackThis.
Instructions on creating a HijackThis Log
It may take a day or two for a malware expert to get to you. Please be patient and donn't "bump" your post, as logs are read from oldest to newest.
Regards,
Spike
It is time to pass you over to the log-reading malware experts for deeper analysis (I am not an expert log-reader).
Please post a scan-log from a program called HijackThis.
Instructions on creating a HijackThis Log
It may take a day or two for a malware expert to get to you. Please be patient and donn't "bump" your post, as logs are read from oldest to newest.
Regards,
Spike
QUOTE(spike-nz @ Dec 25 2006, 05:44 PM) 
Hi micshepp,
It is time to pass you over to the log-reading malware experts for deeper analysis (I am not an expert log-reader).
Please post a scan-log from a program called HijackThis.
Instructions on creating a HijackThis Log
It may take a day or two for a malware expert to get to you. Please be patient and donn't "bump" your post, as logs are read from oldest to newest.
Regards,
Spike
It is time to pass you over to the log-reading malware experts for deeper analysis (I am not an expert log-reader).
Please post a scan-log from a program called HijackThis.
Instructions on creating a HijackThis Log
It may take a day or two for a malware expert to get to you. Please be patient and donn't "bump" your post, as logs are read from oldest to newest.
Regards,
Spike
Back to this issue after long time away. Here's my hijackthis log.
Logfile of HijackThis v1.99.1
Scan saved at 3:55:13 PM, on 1/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Documents and Settings\MS\My Documents\michael\Computing - Maintenance and Info\Security\HiJack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/campaign.asp?cid=16313
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk.disabled
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.lavasoft.com
O16 - DPF: {00000010-9593-4264-8B29-930B3E4EDCCD} (HPVirtualRooms10 Class) - https://www.rooms.hp.com/vRoom_Cab/WebHPVCInstall10.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://mapgide1.acgov.org/rovmap/bin/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1156545443859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1156553527218
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/...918/mcfscan.cab
O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp3.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: CJMZ - Unknown owner - C:\DOCUME~1\MIKESH~1\LOCALS~1\Temp\CJMZ.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Unknown owner - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe" -k runservice (file missing)
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Thanks for your help,
Hi,
I have reviewed the HijackThis log and see nothing obvious lurking there.
Since you have tried most of the known fixes for this issue, perhaps I can add some other suggestions.
You have a number of realtime monitor running (McAfee, Spybot teatimer). If you are trying to scan with Ad-aware while these are running that might be a cause for AAW to hang.
Try either disabling the realtime monitors of your other security programs when scanning.
Also try running a scan in Safe mode? Let us know if either of those will complete?
What version of Ad-Aware are your running? Make and build # please.
I have reviewed the HijackThis log and see nothing obvious lurking there.
Since you have tried most of the known fixes for this issue, perhaps I can add some other suggestions.
You have a number of realtime monitor running (McAfee, Spybot teatimer). If you are trying to scan with Ad-aware while these are running that might be a cause for AAW to hang.
Try either disabling the realtime monitors of your other security programs when scanning.
Also try running a scan in Safe mode? Let us know if either of those will complete?
What version of Ad-Aware are your running? Make and build # please.
QUOTE(LS CalamityJane @ Jan 24 2007, 06:35 AM)
Hi,
I have reviewed the HijackThis log and see nothing obvious lurking there.
Since you have tried most of the known fixes for this issue, perhaps I can add some other suggestions.
You have a number of realtime monitor running (McAfee, Spybot teatimer). If you are trying to scan with Ad-aware while these are running that might be a cause for AAW to hang.
Try either disabling the realtime monitors of your other security programs when scanning.
Also try running a scan in Safe mode? Let us know if either of those will complete?
What version of Ad-Aware are your running? Make and build # please.
I have reviewed the HijackThis log and see nothing obvious lurking there.
Since you have tried most of the known fixes for this issue, perhaps I can add some other suggestions.
You have a number of realtime monitor running (McAfee, Spybot teatimer). If you are trying to scan with Ad-aware while these are running that might be a cause for AAW to hang.
Try either disabling the realtime monitors of your other security programs when scanning.
Also try running a scan in Safe mode? Let us know if either of those will complete?
What version of Ad-Aware are your running? Make and build # please.
Hi CJ. Thanks for your guidance. I did the following:
Disabled PUPs in McAfee
Disabled Resident / TeaTimer in Spybot
I’m running Ad-Aware SE Plus, Build 1.06r1
Ran Ad-Aware scan. It hung up again at x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 (folder for .NET Framework). This folder contains System.EnterpriseServices.dll and System.EnterpriseServices.Wrapper.dll
.NET Framework can be installed from XP CD. So, I uninstalled it via Add/Remove.
Ad-Aware scan now freezes in another folder under WinSXS.
I then ran Ad-Aware scan in Safe Mode. It froze in the same WinSXS folder.
I'm at a complete loss here. Is it possible there are corrupt dlls in WinSXS that are foiling Ad-Aware? I'm wildly speculating since I'm past logic.
Best,
M
QUOTE
Disabled PUPs in McAfee
That is not the same as turning off your AV.
Disconnect from the internet. Turn OFF McAfee and Spybot Teatimer (and any other active security programs). Your Windows Security Center will alert you that the AV is turned off. See if a full system scan with Ad-Aware will complete. When done, turn back on your Mcafee, Spybot, etc. and reconnect to the internet
Let me know how that goes. Sometimes having your AV active while scanning with another security program can cause conflicts as the realtime protection will kick in on each file that Ad-Aware touches to examine, so both are doing the same job at the same time.
QUOTE(LS CalamityJane @ Jan 29 2007, 11:22 AM)
That is not the same as turning off your AV.
Disconnect from the internet. Turn OFF McAfee and Spybot Teatimer (and any other active security programs). Your Windows Security Center will alert you that the AV is turned off. See if a full system scan with Ad-Aware will complete. When done, turn back on your Mcafee, Spybot, etc. and reconnect to the internet
Let me know how that goes. Sometimes having your AV active while scanning with another security program can cause conflicts as the realtime protection will kick in on each file that Ad-Aware touches to examine, so both are doing the same job at the same time.
Disconnect from the internet. Turn OFF McAfee and Spybot Teatimer (and any other active security programs). Your Windows Security Center will alert you that the AV is turned off. See if a full system scan with Ad-Aware will complete. When done, turn back on your Mcafee, Spybot, etc. and reconnect to the internet
Let me know how that goes. Sometimes having your AV active while scanning with another security program can cause conflicts as the realtime protection will kick in on each file that Ad-Aware touches to examine, so both are doing the same job at the same time.
SUCCESS!!
Sorry to have taken so long to reply; too many projects. I just ran Ad-Aware Plus Build 1.06r1. It completed the scan on C:\ but froze on F:\. Further research revealed F:\ to be the formerly hidden partition for the Dell PC Restore utility. I'm sorry to say I can't determine why the partition suddenly became visible. I did find info that might be useful to others about the partition and utility at http://www.goodells.net/dellrestore/.
Following the freeze on F:\, I reran a scan on C:\ only and it went through without a hitch. I did not disable any other apps before running the scan.
My personal solution going forward is to scan C:\ only. Whether one needs to scan Dell's PC Restore partition is a separate question.
Thanks to all who helped. I only wish I could be more informative as to what finally fixed the problem.
Each time DURING a deep scan it stops at 86332 Objects scanned and
more or less freezes.....
I cannot touch any further step except Abort. But thats not what I want.
It tells me each time 14 Objects recognized and also 14 files identified.
At the bottom is says "Now scanning......" I kept the machine running all night
but it kept saying this message....
But I cannot take action....
Very frustrating
more or less freezes.....
I cannot touch any further step except Abort. But thats not what I want.
It tells me each time 14 Objects recognized and also 14 files identified.
At the bottom is says "Now scanning......" I kept the machine running all night
but it kept saying this message....
But I cannot take action....
Very frustrating
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.