malware as Windows Update! and HP website phishing

Hi IvanH
OK that's good to hear...I guess (It spent me 2 days to reconstruct the Startup programs and services.)

Can you post what you did so others might benefit from it.

Thanks
Geri

 

Hi Geri,

That's actually nothing new. I was using the old step by step trouble-shooting tricks learnt ages ago and applied it in current technologies.

1. Start msconfig > General tab > choose Diagnostic startup, reboot, then check Task Manager for the CPU usage. It seems fine.

2. Start again msconfig > General tab > choose Selective startup, untick both load system services and load startup items, reboot, then check Task Manager for the CPU usage again. It seems fine again.

3. Start again msconfig > General tab > choose Selective startup, tick load system services but untick load startup items, reboot, then check Task Manager for the CPU usage again. It seems fine again.

4. Start again msconfig > General tab > choose Selective startup, tick both load system services and load startup items, reboot, then check Task Manager for the CPU usage again. It looks terrible. So, the problem is somewhere in the Startup.

5. Start again msconfig > General tab > choose Selective startup, tick load system services and untick load startup items, then

5.1 choose Startup tab, click on the Startup Item so they align alphabetically. ​

5.2 check first half of the Startup items, say from A to O.​

5.3 reboot, then check Task Manager for the CPU usage again. ​

It looks fine. So the problem should be there on the second-half of the Startup items​

Then I recursively repeat 5.2 and 5.3 but each time I check half of the remaining unchecked startup items.

Eventually a Bluetooth item is identified to be the problem.

The bluetooth software (developed by Toshiba for Asus A8Jr, managing Asus bluetooth connectivity) uses Plug and Play services, and eventually the svrhost.exe. In the past I had removed it when the first time I installed the HP PhotoSmart All-In-One printer software. But when I called HP Online Chat, they asked me to do a Level 3 Uninstallation, which removed the Plug and Play Service. Then during HP printer reinstallation, it used the default and put the Plug and Play service back with default settings. Both HP Online Chat's consultant and Norton 360 Support Centre's malware consultants had modified my computer's MSCONFIG when they diagnostic the problem, which messed up the situation further.

Noting that the relationship between "bluetooth" and "Plug and Play" services could not be found from Task Manager, Process Explorer, Windows Defender, MSConfig and etc.

The rest of my work included uninstalling, reinstalling and configuring the bluetooth software with my bluetooth devices, including a bluetooth mouse, a bluetooth earpiece, a bluetooth mobile phone interface and etc.

I guess the problem was about the Plug and Play service repeatedly looking for additional / existing bluetooth devices but they were not there. It's not the Audio Engine of Microsoft Vista that some other users encountered, as I read from other blogs about "svchost.exe DComLaunch PlugPlay delay problem ".

It took me 2 days, mainly because of the tedious and repeating reboots as required. The binary search (halfing the startup items for inspection) helped speeding up the trouble-shooting.

Un-installation at a deeper level before doing re-installation should be helpful in physically removing suspicious malicious codes hidden in programs, but it went something wrong this time.

Additional steps like cleaning up temp files, recycle bin and backup etc have not been mentioned above, but I have done them at appropriate time.

Now my notebook can serve me with 88+% CPU power. I am very happy with its performance now.

 

Hi IvanH
OK Great.
Thank you for that. There are many that come here and do a search for a fix for a problem.

You may be helping a lot of people even without you knowing it with that post.

Thanks again.

You can delete dss.exe and this folder C:\Deckard. There will be new versions if ever needed again anyway.

Glad things are working for you.

Surf Safely.
Geri

 

Hi Geri,

Thanks for your kind reminder.

Share with you:

Solving the problem is not merely a performance issue, is also a capability issue. I am now capable of working outdoor with my notebook at "battery-saving" mode.

Have a nice day

IvanH