We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Computer freezing/crashing
Options
hotspur_pam
Posts: 192 Forumite
Hello, thanks for the advice in this forum.
Cutting a long story short, I read the info on the spyware/malware thread and followed the advice. After running malwarebytes (which picked up a couple of things which are held in the virus vault), the laptop performance improved. The endless error messages and crashing has dropped dramatically.
However, i'm still getting the message 'Host Process for windows services stopped working and was closed.'
Prior to running malwarebyte the laptop kept deleting restore points but this facility came back after installing and running malwarebyte.
I installed and ran Ad-aware and that came back all clear.
Ran CCleaner and that seems fine too.
I then installed avast but it keeps crashing. I eventually got it to run in safe mode. It reported no viruses but i got the following message:
'Some files could not be scanned'
File name: C:|Windows|System32|WDI|SuspendPerformanceDiagnostics_SystemData_S3.bin
Status error: The request could not be performed because of an I/O device error (1117)
Hope this makes some sense, i have no idea what i'm doing - just want my laptop sorted :cool:.
EDIT: Forgot to add every now and then when the laptop crashes, a blue screen pops-up but it flashes off quickly before i can read it.... something about 'memory dumps'????
Cutting a long story short, I read the info on the spyware/malware thread and followed the advice. After running malwarebytes (which picked up a couple of things which are held in the virus vault), the laptop performance improved. The endless error messages and crashing has dropped dramatically.
However, i'm still getting the message 'Host Process for windows services stopped working and was closed.'
Prior to running malwarebyte the laptop kept deleting restore points but this facility came back after installing and running malwarebyte.
I installed and ran Ad-aware and that came back all clear.
Ran CCleaner and that seems fine too.
I then installed avast but it keeps crashing. I eventually got it to run in safe mode. It reported no viruses but i got the following message:
'Some files could not be scanned'
File name: C:|Windows|System32|WDI|SuspendPerformanceDiagnostics_SystemData_S3.bin
Status error: The request could not be performed because of an I/O device error (1117)
Hope this makes some sense, i have no idea what i'm doing - just want my laptop sorted :cool:.
EDIT: Forgot to add every now and then when the laptop crashes, a blue screen pops-up but it flashes off quickly before i can read it.... something about 'memory dumps'????
0
Comments
-
1st report
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Database version: 6870
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421
16/06/2011 17:49:37
mbam-log-2011-06-16 (17-49-37).txt
Scan type: Full scan (C:\|)
Objects scanned: 277575
Time elapsed: 44 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
2nd report
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Database version: 6870
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
20/06/2011 11:10:04
mbam-log-2011-06-20 (11-10-04).txt
Scan type: Full scan (C:\|)
Objects scanned: 281310
Time elapsed: 1 hour(s), 23 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
The above is the report of the 2nd scan.
Thanks again for any help.0 -
post a hijackthis log
Do you have the reinstall cd, and a means of backing up data, if not does the model have a factory restore partition
I'd uninstall adaware and disable defender realtime scanning, it's only going to make things slower.!!
> . !!!! ----> .0 -
Sorry forgot to add, did Spybot search and destroy and no threat found. Also did an 'Immunize' even though i don't know what it's really for :cool:. Added 'No Scripts' on Firefox browser too.
I had Comodo and AVG installed , but removed those to simplify things. Currently i have Windows Firewall, Avast Anti-virus, Ad-watch Live anti-virus, Windows Defender.
Just realised i have 2 anti-virus software running at the same time! Grrr, I'm all over the place!!!!
Forgot to add!!!!!
Laptop is Windows Vista Home Premium
2GB
32-bit Operating System
Hope this is enough info and not too confusing :cool:0 -
post a hijackthis log
Do you have the reinstall cd, and a means of backing up data, if not does the model have a factory restore partition
I'd uninstall adaware, it's only going to make things slower.
Thanks so much for the quick response closed.
A few days ago i called the company as the laptop never came with a reinstall cd and they quoted £30. The only cd i have which came in the box has 'drivers' on it. The computer is about 2 yrs old.
I've no means of backing up data, i have been looking into buying an external hard-drive due to the recent probs i've been experiencing. I'll uninstall adaware as i don't want to mess anything up.
Sorry, how do i find the factory restore partition?
.
Thanks again for your assistance.0 -
make and model of laptop?
Got any blank dvd's?!!
> . !!!! ----> .0 -
It's a Hi-Grade Notebook Computer Model M760S
Inter (R) Pentium (R) Dual CPU T2410 @ 2.00 GHz
I've no dvd's either.... i'm not much use eh? :cool:
Edit: Bit hesitant to use hijack as the info on the thread said you need advanced computer knowledge to use it which i definitely don't have!!!0 -
you could try this, after backing up your data to dvd or external drive or both
http://www.higrade.com/faq_2.htm#ND3
in the meantime, post a hijackthis log
http://www.trendmicro.com/ftp/products/hijackthis/beta/HijackThis.exe!!
> . !!!! ----> .0 -
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:53:44, on 20/06/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://encrypted.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre2.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 82.113.132.134 ns.eu.arise.com
O1 - Hosts: 82.113.132.136 vcms.eu.arise.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre2.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre2.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.4\youtubedownloaderToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0ANAAzADQANwA0ADYAMQA1ADUALQBCAEEAKwAxAC0ASwBWADMAKwA3AC0AVAA0AC0ARgBQADkAMgArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0AMQAwAEEAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Temporary Shortcut.lnk =
\autorun.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DBDC1CDA-B64B-49F7-9535-6317AA416E51} - http://arisevdi.retail2u.trcg.co.uk/downloads/VMware-viewclient.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} - https://register.btinternet.com/templates/btwebcontrol028.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://ns.eu.arise.com/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {FA81D7A9-4BDC-47D1-AB01-DA0E72B4F412} (KbdFilter Class) - http://www.epathcampus.com/willow/SDG/June2009/Take%203/Collect/Collect/activex/FlashHelper.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B277FF70-1F04-4035-A06B-C31A6269A310}: NameServer = 217.171.135.1 217.171.132.1
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BecHelperService - Unknown owner - C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
--
End of file - 8949 bytes
I got the following alert: 'For some reason your system denied write access to the Hosts file....'
Do you need me to type out the entire alert warning?0 -
you could try this, after backing up your data to dvd or external drive or both
http://www.higrade.com/faq_2.htm#ND3
Jeez, thanks for this!!! :beer:.
Do i need dvd's or cds?0 -
dvd's hold more, and are cheaper per GB if bought in tubs. Do you work for arise, and how are you connecting to the net?!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards