Results 1 to 13 of 13
  1. #1
    iNET Interactive
    Join Date
    Jan 2010
    Location
    Seattle, WA, USA
    Posts
    376
    Thanks
    1
    Thanked 29 Times in 24 Posts

    Free 'Process Explorer' helps end shutdown woes




    LANGALIST PLUS

    Free 'Process Explorer' helps end shutdown woes


    By Fred Langa

    A free tool from Microsoft's Sysinternals can show you exactly what's preventing smooth system shutdowns.

    Process Explorer works on XP, Vista, and Windows 7 and is available in either a self-contained or a live, Web-based version.

    The full text of this column is posted at WindowsSecrets.com/2011/02/24/05 (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    New Lounger
    Join Date
    Dec 2009
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Windows XP not going to StandBy

    Ref Fred's column and Windows not going to StandBy. I found I had a MBR root trojan which was causing the problem. Dr CureIt found it, and removed it, and all of a sudden it now goes to StandBy again.
    Please keep it the good work.
    Andy

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    orefield, pa
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    On the article about 'Security Shield' scareware digs in, won't go' I have removed AV Security Suite, Antivirus8, Antivirus Action, Antivir Solution Pro and others by just booting into 'Safe Mode with networking'. Download the current free MalWareBytes with updates and run a full scan to remove all traces of the rogue virus. Reboot and you're good to go.

  4. #4
    New Lounger
    Join Date
    Jun 2010
    Location
    Loganville, GA
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I used the “rkill” and Malwarebytes method when I had “Antivirus Studio 2010” malware on one of our PCs.
    rkill would stop the rogue malware and Malwarebytes would find stuff and clean it up but on reboot the rogue would start again. After a couple of tries, I realized that when I ran rkill, it would come back and tell me what it had stopped, and where the files were located. I used Malwarebytes shredding tool to destroy those files and ran Malwarebytes again (along with Microsoft Security Essentials and SuperAntiSpyware) and the malware was gone.

  5. #5
    New Lounger
    Join Date
    Feb 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by gabink View Post
    I used the “rkill” and Malwarebytes method when I had “Antivirus Studio 2010” malware on one of our PCs.
    rkill would stop the rogue malware and Malwarebytes would find stuff and clean it up but on reboot the rogue would start again. After a couple of tries, I realized that when I ran rkill, it would come back and tell me what it had stopped, and where the files were located. I used Malwarebytes shredding tool to destroy those files and ran Malwarebytes again (along with Microsoft Security Essentials and SuperAntiSpyware) and the malware was gone.
    Had a similar issue with scareware named System Tools. After several "rebirths", I noted that Malwarebytes free version is not proactive. It would clean with a scan but System Tools would return. Upgrading to the paid version adds a proactive capability that once cleaned with the scan would not let System Tools return. Malwarebytes is great for a free tool but having the proactive function makes it even better.

  6. #6
    New Lounger
    Join Date
    Feb 2011
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Smile Event Viewer is a qucker solution

    Event Viewer in Vista and Win 7 is a quicker way to track down errant software when attempting to solve shutdown delays. In the Start search on the Start button type in Event Viewer which may require your permission to execute. Then select Applications and Services Logs => Microsoft => Windows => Diagnostics-Performance => Operational and scan down through log to previous shutdowns and you get information back indentifying programs that took to long to close including timing details. This is not to decry 'Process Explorer' - I think that it and the other modules in SysInternals are brillent. For more information web search "Windows shutdown" +"event viewer"

  7. #7
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Sacramento, CA, USA
    Posts
    116
    Thanks
    7
    Thanked 4 Times in 4 Posts
    The dead battery behavior: "My Acer lost all networking facilities when the battery died — no taskbar icon, no networking in Control Panel, no network cards in Device Manager. Removing the battery put it all back; reinstalling the dead battery took them away again." makes sense because a dead battery is probably internally shorted across one or more cells. When it's installed it's drawing a lot of current. The charger can't supply all the current and a lot of voltage is dropped across the dead battery...leaving the laptop to suffer with low voltage.

    It's incorrect to say a truly dead battery is the same as no battery; dead batteries are dead because of shorted cells, not open cells. The charger is probably fine too.


  8. #8
    2 Star Lounger
    Join Date
    Jun 2010
    Location
    sydney
    Posts
    164
    Thanks
    22
    Thanked 16 Times in 14 Posts
    I've noticed that system shutdowns can be really slow if one of my disk drives has powered down because it's not been used for a while. It happens on external and internal drives.

    So I always wake up my drives before I shut down (I close down the discretionary tray apps while I'm waiting). I also disconnect all external drives manually before I do the shutdown. It sounds a lot of effort, but the bottom line is that I get the machine into a powered down state much sooner. The actual shut down process takes a few seconds.

    I did this on XP for years and now I'm doing it on Win 7.

    It also means that if I did start to get slow shut downs then it would probably indicate there's a gremlin in there somewhere.

  9. #9
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by northwood2222 View Post
    I've noticed that system shutdowns can be really slow if one of my disk drives has powered down because it's not been used for a while. It happens on external and internal drives.

    So I always wake up my drives before I shut down (I close down the discretionary tray apps while I'm waiting). I also disconnect all external drives manually before I do the shutdown. It sounds a lot of effort, but the bottom line is that I get the machine into a powered down state much sooner. The actual shut down process takes a few seconds.

    I did this on XP for years and now I'm doing it on Win 7.

    It also means that if I did start to get slow shut downs then it would probably indicate there's a gremlin in there somewhere.
    External drives, including eSATA and USB drives, present special issues during Windows XP shutdowns. They are not under BIOS control, so it is best to wake them up and use the Safely Remove routines before attempting a system shutdown. Caching and firmware issues can cause shutdowns to hang endlessly when external devices have not been Safely Removed prior to a Windows XP shutdown.
    -- Bob Primak --

  10. #10
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    A note on Thunderbird e-mails. There is no reason to let any Thunderbird e-mails or settings get lost or corrupted in the first place. Backing up an entire Thunderbird Profile is as simple as finding the User >> AppData >> Thunderbird Folder, and copying this Folder in its entirety for each user to a safe location. (Make a separate Backup Folder to contain the Thunderbird AppData for each user, and label these Folders to remember whose AppData they are.) From there, if anything goes wrong with Thunderbird or the computer, a clean reinstall of Thunderbird, followed by copying and replacing the User >> AppData >> Thunderbird Folder from the backup location gives a full recovery, including all e-mail messages and attachments.

    Also, Thunderbird Attachments and/or Messages can be Exported as separate files, in formats which MS Office can read directly. Again, there is no reason to be picking around with a Text Editor to try to salvage lost or corrupted Thunderbird e-mail messages and attachments.
    -- Bob Primak --

  11. #11
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    In the case of the rogue Security Shield, one thing which can be done is to download the portable version of Super Antispyware onto a USB Drive, and run it directly from the USB Drive in Windows Safe Mode on the infected computer. This will bypass the infection's defenses in most cases, and a scan and removal will be accomplished in one process. Still, RKill is a good first step in any cleanup of these sorts of infections.
    -- Bob Primak --

  12. #12
    2 Star Lounger
    Join Date
    Jun 2010
    Location
    sydney
    Posts
    164
    Thanks
    22
    Thanked 16 Times in 14 Posts
    Quote Originally Posted by bobprimak View Post
    External drives, including eSATA and USB drives, present special issues during Windows XP shutdowns. They are not under BIOS control, so it is best to wake them up and use the Safely Remove routines before attempting a system shutdown. Caching and firmware issues can cause shutdowns to hang endlessly when external devices have not been Safely Removed prior to a Windows XP shutdown.
    And, as far as I can tell the same deficiencies exist with Windows 7. Perhaps SP1 will address the issue, but I doubt it.

  13. #13
    New Lounger
    Join Date
    Dec 2009
    Location
    Pune, Maharashtra, India
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    RE: Recovering Attachments from Lost E-Mails

    Hi Fred,
    Just wanted to comment on your article about recovering attachments from lost e-mails, to say that Corel's WinZIP is excellent at converting MIME Content into it's orgianal binary format. It has saved me no end of times when recoving clients e-mails from crashed systems.

    All that needs to be done different to your own instructions, is to save the text file with the complete MIME encoding with a '.b64' extention, (instead of an '.eml' extention) then WinZIP will open it up and you will be able to "extract" the attachment and save it to your hard disk.

    Also since Corel offer WinZIP with a 30 day trial period, with no function limitations, then if this is a one-off case you could use WinZIP without having to pay for it.

    Jonathan.
    Jonathan R. Portwood.
    Technical Director,
    PQSA Services,
    Assisting NGO's with IT Support Services!
    www.pqsa-network.org

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •