Slow shutdown problem

Checked that a while back. It's already 0.

Regards

Fixed!!!!!! (Or so it seems)

Installing this service did the trick.

Error 404 - Not Found

http://www.microsoft.com/downloads/details.aspx?FamilyID=1b286e6d-8912-4e18-b570-42470e2f3582&DisplayLang=en

Now, if only I could get the machine to start up quickly and gracefully.

Is it worth deleting those hotfix uninstallers in C:\Windows? They are taking up about 400Mb of space and I strongly doubt that I will ever use them.

Regards

Have you slipstreamed a repair disk for home?

If you have, you can kill a ton of the hot patch uninstalls, sp3 uninstall, and the sp3 backup files



also can run xp w/ sp3 as a repair disk

I killed the hotfix uninstallers with CCleaner. It still left some uninstallers (I guess from service packs). How can they be quickly deleted? I clearly will not reverse windows back to pre SP1 days.

BTW: Here is one event from the log after installing UPHClean:

The following handles in user profile hive LES\Les (S-1-5-21-1957994488-2052111302-725345543-1005) have been remapped because they were preventing the profile from unloading successfully:

DkService.exe (392)
HKCU\Software\Microsoft\SystemCertificates\My (0x3fc)
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness (0x4b8)
HKCU\Software\Microsoft\SystemCertificates\Root (0x58c)
HKCU\Software\Microsoft\SystemCertificates\CA (0x598)
HKCU (0x59c)
HKCU\Software\Microsoft\SystemCertificates\trust (0x5f8)
HKCU (0x5fc)
HKCU\Software\Microsoft\SystemCertificates\My (0x608)
HKCU\Software\Policies\Microsoft\SystemCertificate s (0x644)
HKCU\Software\Policies\Microsoft\SystemCertificate s (0x670)

People who use this tiny service from M$ can view the relevant events in Event Viewer under Application, event # 1401.

Regards

from 3 weeks ago post at bleepin

I found your thread (search is great, isn't it? ).

But is it a matter of just deleting the folders in Explorer? The SPUnist are regsitered in the ARP Cache IIRC. There's something which cleans this up, perchance? Your last post indicates problems with IE. I don't have disk space issues on C drive (as you can see).

Maybe best to leave them.

Regards

IE 6 was corrupted by age, bad shutdowns(scores) and probably 2 very dangerous infections I had in the past, when I stupidly installed spywareblaster in full protect mode with spybot running similar protection, IE 6 went belly up, IE 7 was too late, windows started blue screening. Running windows as a repair disk didn't work either.

About this time I worked on another computer that couldn't be defragged so I took a crash course in cleaning up windows xp. Relevant thread was in a private area for staff, since those methods were rather dangerous.


Google yields some interesting results for msicuu2.exe and MsiZap.exe, the later is a command line utility that when run with the G switch can remove gigs of orphaned msi files from the installer folder.

Vista has some similar problems except on an even larger scale with it's winsxs folder.

Thanks for that - I'll investigate. Right now, I'm looking at Control Sets and why I have so many (since only one can be current). This is interesting.

What prompted me to do this is that there are remnants of SPTD left over all over my registry (I have uninstalled it, using Duplex Secure's installer/uninstaller on its FAQ page). I suppose it is OK to get rid of them.

But for my next trick, I need to speed up booting. I have it quite minimal, but it takes forever. I'll run a bootviz and report back.

Regards

I finally gave up on those last registry entries for daemon tools, too many hidden attributes and permissions to wade thru.

No I won't be testing that software again on my virgin OS!

It's funny how different ARK scanners show different results on the same computer.

Side note: I suspect the computer that wouldn't be defragged had issues with crashed auto updates from Microsoft filling up the Installer folder with orphans.

Here's another cleanup tool that was reccomended to me in the expert section at MBAM

Please download Sophos Anti-rootkit & save it to your desktop.
alternate download link
Note: If using the vendor's download site you will be asked to register with MySophos so an email containing an activation link can be sent to your email address.

Be sure to print out and read the Sophos Anti-Rookit User Manual and Release Notes.

• Double-click sar_15_sfx.exe to begin the installation, read the license agreement and click Accept.
• Allow the default location of C:\Program Files\Sophos\Sophos Anti-Rootkit and click Install.
• A message will appear "Sophos Anti-Rootkit was successfully installed. Click 'yes' to start it now".
• Click Yes and allow the driver and its randomly named .tmp file (i.e. F.tmp) to load if asked.
• If the scan did not start automatically, make sure the following are checked:
  • Running processes
  • Windows Registry
  • Local Hard Drives
• Click Start scan.
• Sophos Anti-Rootkit will scan the selected areas and display any suspicious files in the upper panel.
• When the scan is complete, a pop-up screen will appear with "Rootkit Scan Results". Click OK to continue.
• Click on the suspicious file to display more information about it in the lower panel which also includes whether the item is recommended for removal.
  • Files tagged as Removable: No are not marked for removal and cannot be removed.
  • Files tagged as Removable: Yes (clean up recommended) are marked for removal by default.
  • Files tagged as Removable: Yes (but clean up not recommended) are not marked for removal because Sophos did not recognize them. These files will require further investigation.
• Select only items recommended for removal, then click "Clean up checked items". You will be asked to confirm, click Yes.
• A pop up window will appear advising the cleanup will finish when you restart your computer. Click Restart Now.
• After reboot, a dialog box displays the files you selected for removal and the action taken.
• Click Empty list and then click Continue to re-scan your computer a second time to ensure everything was cleaned.
• When done, go to Start > Run and type or copy/paste: %temp%\sarscan.log
• This should open the log from the rootkit scan. Please post this log in your next reply. If you have a problem, you can find sarscan.log in C:\Documents and Settings\<username>\Local Settings\Temp\.

Before performing an ARK scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.

• Disconnect from the Internet or physically unplug you Internet cable connection.
• Clean out your temporary files.
• Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
• Temporarily disable your anti-virus and real-time anti-spyware protection.
• After starting the scan, do not use the computer until the scan has completed.
• When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

GMER will tell you where SPTD is in your registry. Of course, some ControlSets are mirrors of others, but that is what the "Select" key is all about - to ID what's what in the zoo.

I'll check out puera

Regards

Sophos Anti-Rootkit Version 1.5.0 (c) 2009 Sophos Plc
Started logging on 8/28/2009 at 9:30:24 AM
User "Chewy" on computer "HOME-8D5F15B23B"
Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
Info: Starting process scan.
Info: Starting registry scan.
Info: Starting disk scan of C: (NTFS).
Hidden: file C:\Documents and Settings\Chewy\Local Settings\Temporary Internet Files\Content.IE5\3WCCA78U\d_lt_c,mod_strr,mod_adf ,mod_act,mod_act_s,mod_drag,mod_ctrapp,mod_exdom,m od_zoom,mod_kbrd,mod_scrwh,mod_tfcapp,mod_lyrs,mod _lyctr,mod_cbl,mod_qdt,mod_trtlr%7D[1].js
Hidden: file C:\Documents and Settings\Chewy\Local Settings\Temporary Internet Files\Content.IE5\3WCCA78U\al_L-ns.CE_Software_OS_L;;kw=;tile=2;ord1=427633;sz=300 x250,336x280;contx=CE_Software_OS;btg=ns.CE_Storag e_General_L;btg=ns[1].CE_Software_OS_L;ord=1103358497459427
Hidden: file C:\Documents and Settings\Chewy\Local Settings\Temporary Internet Files\Content.IE5\8W39HX2I\JeQWpwZ15BbWU3MDg1OTU3N TI@._V1._SX120_SY90_BO120,0,0,0_PIimdb-play-bar2-180,BottomLeft,120,-120_CR120,120,120,90_ZAClip,37,63,27,83,verdenab,9 ,255,255,255,1_[1].jpg
Hidden: file C:\Documents and Settings\Chewy\Local Settings\Temporary Internet Files\Content.IE5\3WCCA78U\nBnXkFtZTcwOTU5NTc1Mg@@ ._V1._SX120_SY90_BO120,0,0,0_PIimdb-play-bar2-180,BottomLeft,120,-120_CR120,120,120,90_ZATrailer,37,63,27,83,verdena b,9,255,255,255,1_[1].jpg
Info: Starting disk scan of D: (NTFS).
Info: Starting disk scan of G: (NTFS).
Info: Starting disk scan of H: (NTFS).
Stopped logging on 8/28/2009 at 9:33:26 AM

Ran IE temp file cleanup and the 4 hidden files disappeared in next scan

I dunno what's in that PuraRa, but it just put my PC on steroids! Folders open faster than before, everything seems slicker. And it wiped 500Mb off Windows with those service pack uninstallers.

I'm just gunna run it every week or so to keep things in a nice order.

There's a freeware JavaRa on the same site for cleaning out old Java RE crap.

Regards

Also Les you might give NTREGOPT a try. Basically it sort of copies your registry then sets it so the old one is deleted and the new one used on the next boot. I notice when I run it my shutdown<=>boot cycle is a lot faster and smoother for awhile. It doesn't delete or clean anything. I've never noticed it cause a problem as long as you run it at a time when you can reboot as soon as it's finished.