Solved No Windows sounds

broni · 2011/11/07

Run OTL
Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following
Code:
:OTL
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-2431177171-1448187429-1888287071-1006\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/sh...1/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jin...ndows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] 
[2011/10/18 08:21:55 | 002,818,946 | ---- | M] () -- C:\Documents and Settings\Arthur\Desktop\aEZgloIuZdgMiImLwTAA_xcsJquyHczFRxuLtb9J5zyshkE8DAjBiY-4qGfFFl-p000vIn8Ijj5KDSP_0oDntQ==[1].mp3
[2007/11/08 13:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2007/07/10 15:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arthur\Application Data\AVG7
[2008/05/22 12:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arthur\Application Data\Uniblue
[2007/06/18 18:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Arthur\Application Data\Viewpoint
[2007/09/13 16:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7


:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
Then click the [color= "#FF0000"]Run Fix[/color] button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.
============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, click on List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

deck · 2011/11/07

Here is the 2nd OTL file:

---------------------------------------------------

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{656EC4B7-072B-4698-B504-2A414C1F0037}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{656EC4B7-072B-4698-B504-2A414C1F0037}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry value HKEY_USERS\S-1-5-21-2431177171-1448187429-1888287071-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
C:\WINDOWS\Downloaded Program Files\mcinsctl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
C:\WINDOWS\Downloaded Program Files\McGDMgr.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control Microsoft XML Parser for Java Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\REN33.tmp deleted successfully.
C:\WINDOWS\System32\SET60.tmp deleted successfully.
C:\WINDOWS\System32\SET6C.tmp deleted successfully.
C:\WINDOWS\System32\SETA5.tmp deleted successfully.
C:\WINDOWS\System32\SETA7.tmp deleted successfully.
C:\WINDOWS\System32\SETAA.tmp deleted successfully.
C:\WINDOWS\002702_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\Documents and Settings\Arthur\Desktop\aEZgloIuZdgMiImLwTAA_xcsJquyHczFRxuLtb9J5zyshkE8DAjBiY-4qGfFFl-p000vIn8Ijj5KDSP_0oDntQ==[1].mp3 moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE\TEMP folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE\OUT folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE\IN\10110 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE\IN folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE\ACTIVE folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\QUEUE folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7\Log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg7 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\AVG7 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Uniblue\Registry Booster2 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Uniblue folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\Arthur\Application Data\Viewpoint folder moved successfully.
C:\Documents and Settings\LocalService\Application Data\AVG7 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Arthur
->Temp folder emptied: 60071 bytes
->Temporary Internet Files folder emptied: 4016100 bytes
->Java cache emptied: 1135092 bytes
->Flash cache emptied: 487 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 564 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 618183 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 138562 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Arthur
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11072011_215217

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

deck · 2011/11/07

Results from Security Check:

------------------------------------------

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 29
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
``````````End of Log````````````

deck · 2011/11/07

I've run TFC

ESET is up now.....

deck · 2011/11/08

Finally done!

Almost 11 and a half hours.....

It found nothing, so no report.

broni · 2011/11/08

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.

deck · 2011/11/08

Afternoon !

Just trying to get the laptop up... It is excessivly slow right now, but I assume things will get back to normal after running through the above post.

Also ... There STILL is no Windows sounds...

I will verify that as soon as I can do anything on the laptop. Probably like in 10 to 15 minutes or so.

YES, it is that slow right now.

broni · 2011/11/08

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to continue in your previous topic in Windows forum.

Good luck!

deck · 2011/11/08

"deck said: ↑

Afternoon !

Just trying to get the laptop up... It is excessivly slow right now, but I assume things will get back to normal after running through the above post.

Also ... There STILL is no Windows sounds...

I will verify that as soon as I can do anything on the laptop. Probably like in 10 to 15 minutes or so.

YES, it is that slow right now.
Click to expand...

25+ minutes since turning my laptop on before the CPU Usage drops to a manageable level (meaning I can do things).

And I have verified that my initial issue of no Windows sound has not changed. I just get a computer "beep ".

Do you still want me to run your latest instructions now, or do we need to do something else first?

deck · 2011/11/08

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Arthur
->Temp folder emptied: 36743 bytes
->Temporary Internet Files folder emptied: 8341206 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 277058 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Arthur
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 11082011_182737

Files\Folders moved on Reboot...
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\W0YDJH91\p-01-0VIaSjnOLg[1].gif moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\U823JO5S\ba41f783-c96b-4b2d-8be8-46ee74bd1e3b__3rd_party_BBS.[1].htm moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\ISH470LI\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\ISH470LI\like[1].htm moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\ISH470LI\p-01-0VIaSjnOLg[1].gif moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\FWMOFO2W\100850-inactive-no-windows-sounds-4[1].html moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\Content.IE5\FWMOFO2W\ads[2].htm moved successfully.
C:\Documents and Settings\Arthur\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

broni · 2011/11/08

You need to go back to your original topic.
I suspect you may have some hardware problem.

deck · 2011/11/09

broni

I had a long post for you about what my morning was like, however the board timed me out and it all went away.

Probably for the best. Otherwise, you might think I'm paranoid!

Basically, here it is in thumbnail form.

9 + hours after starting the OTL "Cleanup" it was (apparently) still running. I started the Task Manager and the CPU Usage was bouncing between 100% and 0%.

When I minimized the Task Manager screen, the "Reboot" pop-up from OTL was visible. It was NOT there prior.

Rebooting took forever (again).

When I went to delete the programs and files I twice tried to do them all at once. BOTH times, the highlighting disappeared off the 19 or 20 files/programs as I visually scanned the desktop for any stray icons. So I deleted them one at a time. 2 or 3 of the programs caused a delay before I could go delete the next icon, but all went fine.

After deleting, I rebooted. Still excessively slow (as expected).

I ran ATF-Cleaner. Not much removed. I then ran CCleaner and about 146 Meg was cleaned.

Rebooted and it is still slow. HOWEVER, Windows sounds are BACK ! ! ! Very stutter-y welcome/startup sound, as the hard drive was still churning away. Task Manager continues to show excessively high CPU Usage for 15 to 20 minutes. Near impossible to do anything until it finally stops.

As I type, I have just run ATF-Cleaner and CCleaner again with not much to clean (as expected). I am now starting a defrag. I hope that may get things running faster (as in nearly back to normal boot-up time of maybe 5 minutes on a bad day).

Hopefully I can post an update before you get back on the board this evening.

broni · 2011/11/09

Interesting development
Keep me posted.

deck · 2011/11/09

5 and a half hours after starting a defrag.....

and we're at 34%.

I know part of the problem is duplicate (and in some cases, triplicate) file folders caused from several System restores when I was trying to solve this issue before seeking "professional" help.

The hard drive itself was already needing a good weeding prior to the sound issue, so that obviously is slowing things down considerably.

So... as soon as the defrag is done I'll get a chance to check things out better to see if the Windows sounds have returned to stay.

I am still confused as to why I was / am having this same exact same issue with two different computers. But I'll start checking that one out once we are sure that the laptop is working properly.

broni · 2011/11/09

Keep me posted....

deck · 2011/11/10

The defrag took 24 to 26 hours ! ! !

Not sure exactly as I was away from the laptop for a few hours and just got back in.

It is not 100%, as there are still 4 (apparently large) files fragmented, but much closer than when it started!

Start up is taking (excessively) longer than it used to. I hope it is something that was added in to the start-up routine when we started this project, and can be removed shortly.

Windows sounds still "back" but very choppy when hard drive is spinning. Actually all sounds are. I have avast! talking like a Pirate and it was also very choppy when he announced an update during the defrag process late this morning.

Did I mention that the start-up is taking a seriously excessive amount of time?

CPU Usage is still very high for many minutes. I didn't think to time it this time, but everything appears to be similar to my last reboot, which I detailed above.

broni · 2011/11/10

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.

============================================================

Download, and install Quick Startup: http://www.glarysoft.com/qs.html
Go File>Export, save report, and paste it into your next post.

deck · 2011/11/10

OH, one other GOOD thing to report!

For YEARS the battery and power icons down by the clock have been AWOL. Very occasionally they would re-appear after a major Windows Update, only to disappear upon a reboot.

They are both back, along with one or two other little icons that would occasionally re-appear after an update. only to disappear again at the next reboot. As I have rebooted a couple of times now, I am hoping that they will now STAY.

broni · 2011/11/10

......

deck · 2011/11/10

Here they are:

----------------------------

Process PID CPU Private Bytes Working Set Description Company Name Command Line
System Idle Process 0 63.24 0 K 16 K
System 4 0 K 236 K
Interrupts n/a 35.29 0 K 0 K Hardware Interrupts and DPCs
smss.exe 628 172 K 416 K Windows NT Session Manager Microsoft Corporation \SystemRoot\System32\smss.exe
csrss.exe 684 1,548 K 3,784 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe 712 7,408 K 1,604 K Windows NT Logon Application Microsoft Corporation winlogon.exe
services.exe 756 2,052 K 3,944 K Services and Controller app Microsoft Corporation C:\WINDOWS\system32\services.exe
ati2evxx.exe 940 868 K 2,896 K ATI External Event Utility EXE Module ATI Technologies Inc. C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe 980 3,332 K 5,500 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k DcomLaunch
wmiprvse.exe 3568 2,628 K 5,284 K C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe 1060 2,076 K 4,836 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k rpcss
svchost.exe 1100 18,864 K 28,316 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe 1132 2,616 K 3,760 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
acs.exe 1312 3,044 K 4,584 K C:\WINDOWS\system32\ACS.exe
svchost.exe 1376 1,612 K 4,052 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe 1468 1,820 K 4,516 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
AvastSvc.exe 1876 14,060 K 1,240 K avast! Service AVAST Software "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "
spoolsv.exe 1004 4,440 K 6,828 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
svchost.exe 1972 1,596 K 4,256 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
SASCORE.EXE 1600 872 K 2,532 K Core Service SUPERAntiSpyware.com "C:\Program Files\SUPERAntiSpyware\SASCORE.EXE "
AppleMobileDeviceService.exe 196 4,960 K 7,496 K MobileDeviceService Apple Inc. "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "
mDNSResponder.exe 288 1,208 K 3,380 K Bonjour Service Apple Inc. "C:\Program Files\Bonjour\mDNSResponder.exe "
CFSvcs.exe 420 1,596 K 732 K Service of ConfigFree. TOSHIBA CORPORATION "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe "
DVDRAMSV.exe 1656 732 K 2,068 K DVD-RAM Utility Helper Service Matsushita Electric Industrial Co., Ltd. C:\WINDOWS\system32\DVDRAMSV.exe
jqs.exe 1284 2,540 K 1,448 K Java(TM) Quick Starter Service Sun Microsystems, Inc. "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf "
HPZipm12.exe 1320 792 K 2,188 K PML Driver HP C:\WINDOWS\system32\HPZipm12.exe
QBCFMonitorService.exe 1464 10,316 K 7,768 K QuickBooks Company File Monitoring Service Intuit "C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe "
svchost.exe 2120 2,652 K 4,748 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k imgsvc
swupdtmr.exe 2152 568 K 1,580 K c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
TAPPSRV.exe 2188 696 K 2,088 K TOSHIBA TAPPSRV TOSHIBA Corp. "C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe "
alg.exe 2824 1,412 K 3,984 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe
iPodService.exe 1516 1.47 2,704 K 4,472 K iPodService Module (32-bit) Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe "
lsass.exe 768 4,092 K 528 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
ati2evxx.exe 1540 1,016 K 3,588 K ATI External Event Utility EXE Module ATI Technologies Inc. Ati2evxx.exe -Client
explorer.exe 1632 17,628 K 26,140 K Windows Explorer Microsoft Corporation C:\WINDOWS\Explorer.EXE
THotkey.exe 3304 1,328 K 4,744 K Hotkey Utility TOSHIBA "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
ltmoh.exe 3316 1,064 K 3,384 K LtMoh MFC Application Agere Systems "C:\Program Files\ltmoh\Ltmoh.exe"
agrsmmsg.exe 3328 1,020 K 2,968 K SoftModem Messaging Applet Agere Systems "C:\WINDOWS\AGRSMMSG.exe"
TvsTray.exe 3336 844 K 2,760 K TOSHIBA Virtual Sound Taskbar Module TOSHIBA Corporation "C:\Program Files\Toshiba\Tvs\TvsTray.exe"
SmoothView.exe 3356 864 K 2,540 K SmoothView TOSHIBA Corporation "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
tfswctrl.exe 3372 1,452 K 4,324 K Drive Letter Access Component Sonic Solutions "C:\WINDOWS\system32\dla\tfswctrl.exe"
SynTPLpr.exe 3388 1,084 K 3,088 K TouchPad Driver Helper Application Synaptics, Inc. "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
SynTPEnh.exe 3436 1,796 K 4,824 K Synaptics TouchPad Enhancements Synaptics, Inc. "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
TPSMain.exe 344 2,512 K 4,800 K TOSHIBA Corporation "C:\WINDOWS\system32\TPSMain.exe"
TPSBattM.exe 2416 1,092 K 3,012 K TOSHIBA Corporation "C:\WINDOWS\system32\TPSBattM.exe "
PadExe.exe 480 2,868 K 5,248 K PadTouch Main TOSHIBA "C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe"
apdproxy.exe 928 1,932 K 6,064 K Adobe Photoshop Album Starter Edition 3.0 component Adobe Systems Incorporated "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
AvastUI.exe 676 4,496 K 2,816 K avast! Antivirus AVAST Software "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
realsched.exe 1620 1,344 K 180 K RealNetworks Scheduler RealNetworks, Inc. "C:\program files\real\realplayer\update\realsched.exe" -osboot
iTunesHelper.exe 2076 9,716 K 14,976 K iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
jusched.exe 2104 1,116 K 3,352 K Java(TM) Update Scheduler Sun Microsystems, Inc. "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
TOSCDSPD.exe 2404 908 K 2,788 K CD/DVD Drive Acoustic Silencer TOSHIBA "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
SUPERANTISPYWARE.EXE 2680 116,536 K 448 K SUPERAntiSpyware Application SUPERAntiSpyware.com "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
ctfmon.exe 2512 1,236 K 4,272 K CTF Loader Microsoft Corporation "C:\WINDOWS\system32\ctfmon.exe"
OSA.EXE 2972 1,140 K 4,016 K Microsoft Office Wrapper Microsoft Corporation "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
qbupdate.exe 3616 5,680 K 9,940 K QuickBooks Automatic Update Intuit Inc. "C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe"
MSOFFICE.EXE 3684 1,172 K 2,728 K Microsoft Office Shortcut Bar Microsoft Corporation "C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE"
procexp.exe 2232 11,840 K 16,280 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\Arthur\Desktop\procexp.exe"

---------------------------------------------------------

Startup List report created on 11/10/2011 by Startup Manager

Name: THotkey
Path: C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: LtMoh
Path: C:\Program Files\ltmoh\Ltmoh.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: AGRSMMSG
Path: AGRSMMSG.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: Tvs
Path: C:\Program Files\Toshiba\Tvs\TvsTray.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: SmoothView
Path: C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: dla
Path: C:\WINDOWS\system32\dla\tfswctrl.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: SynTPLpr
Path: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: SynTPEnh
Path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: TPSMain
Path: TPSMain.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: PadTouch
Path: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: Adobe Photo Downloader
Path: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: AppleSyncNotifier
Path: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: avast
Path: "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: TkBellExe
Path: "C:\program files\real\realplayer\update\realsched.exe" -osboot
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: Adobe ARM
Path: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: QuickTime Task
Path: "C:\Program Files\QuickTime\qttask.exe" -atboottime
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: iTunesHelper
Path: "C:\Program Files\iTunes\iTunesHelper.exe "
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: SunJavaUpdateSched
Path: "C:\Program Files\Common Files\Java\Java Update\jusched.exe "
Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: TOSCDSPD
Path: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: mount.exe
Path: C:\Program Files\GiPo@Utilities\FileUtilities.3\mount.exe /z
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: SUPERAntiSpyware
Path: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: ctfmon.exe
Path: C:\WINDOWS\system32\ctfmon.exe
Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status: Enabled
------------------------------------------------------------------------------------------

Name: Office Startup
Path: C:\PROGRA~1\MICROS~2\Office\OSA.EXE -b
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Status: Enabled
------------------------------------------------------------------------------------------

Name: QuickBooks Update Agent
Path: C:\PROGRA~1\COMMON~1\Intuit\QUICKB~1\QBUpdate\qbupdate.exe
Location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Status: Enabled
------------------------------------------------------------------------------------------

Name: Microsoft Office Shortcut Bar
Path: C:\PROGRA~1\MICROS~2\Office\MSOFFICE.EXE
Location: C:\Documents and Settings\Arthur\Start Menu\Programs\Startup
Status: Enabled
------------------------------------------------------------------------------------------
Total 25 Items

Log in or Sign up

Solved No Windows sounds

broni Moderator Malware Analyst

deck Inactive Thread Starter

deck Inactive Thread Starter

deck Inactive Thread Starter

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

Share This Page

Log in or Sign up

Solved No Windows sounds

broni Moderator Malware Analyst

deck Inactive Thread Starter

deck Inactive Thread Starter

deck Inactive Thread Starter

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

broni Moderator Malware Analyst

deck Inactive Thread Starter

Share This Page

Useful Searches