Re: [Ql-Users] slowdown
Evening Andy, It was when I downloaded the file at http://download.sysinternals.com/Files/ProcessMonitor.zip My A/V (F-Prot) said it was 'a potential', so I stopped their; better things to do etc... Of all the people in all the world, Mark Russanovich (spelling?) is probably one of the most trustworthy Windows guys around. Excluding Marcel of course! Anything of his will be signed and trusted. He does work for Microsoft now. Ah, yes! I see the dilemma! ;-) Only kidding. Procmon, ProcExplorer and all others stuff from there is clean. Cheers, Norman. ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Warning! I got a Virus alert when I downloaded the file! Regards Andy Barber From: Norman Dunbar nor...@dunbar-it.co.uk To: ql-us...@q-v-d.com Sent: Wednesday, 28 January, 2009 18:26:43 Subject: Re: [Ql-Users] slowdown Evening, Check out ProcMon, it will perhaps tell you what caused the activity: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx Exactly what I was going to suggest. I use it at work (and I'm not supposed to!) and it has helped me solve many an insidious problem with Windows. Cheers, Norman. ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Do a virus scan from safe mode. ... and if that fails, use system restore to go back in time. Tony Thanks for suggestion - have restored to a point a few days before it all flared up. No change. Sophos won't start in Safe Mode (it should, though, shouldn't it)? Anyway, best to go off list with this now before I get banned from QL-users. -- Dilwyn Jones ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Andy Barber wrote: Warning! I got a Virus alert when I downloaded the file! I'd rather believe there's something wrong with your PC or virus scanner than believing Mark publishes an infected file. ;-) (the file is signed and thus cannot be manipulated without Windows noticing). Seriously, it's clean. It could just be that the scanner doesn't like Mark's method of embedding DLLs into the EXE files. He just really likes single EXE files that just run and don't need to be installed. Marcel ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
It was when I downloaded the file at http://download.sysinternals.com/Files/ProcessMonitor.zip My A/V (F-Prot) said it was 'a potential', so I stopped their; better things to do etc... Regards Andy Barber From: David Tubbs davet...@tiscali.co.uk To: ql-us...@q-v-d.com Sent: Wednesday, 28 January, 2009 20:06:15 Subject: Re: [Ql-Users] slowdown At 11:49 28/01/2009 -0800, you wrote: Warning! I got a Virus alert when I downloaded the file! Regards Andy Barber Which file Which sit and link What virus ? ? ? ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Was no problem here either in download or trial. At 15:58 28/01/2009 -0800, you wrote: It was when I downloaded the file at http://download.sysinternals.com/Files/ProcessMonitor.zip My A/V (F-Prot) said it was 'a potential', so I stopped their; better things to do etc... Regards Andy Barber From: David Tubbs davet...@tiscali.co.uk To: ql-us...@q-v-d.com Sent: Wednesday, 28 January, 2009 20:06:15 Subject: Re: [Ql-Users] slowdown At 11:49 28/01/2009 -0800, you wrote: Warning! I got a Virus alert when I downloaded the file! Regards Andy Barber Which file Which sit and link What virus ? ? ? ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm -- No virus found in this incoming message. Checked by AVG. Version: 7.5.552 / Virus Database: 270.10.15/1921 - Release Date: 28/01/2009 06:37 ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Hi Marcel I tend to take your point of view, as I think my A/V is not behaving correctly. I await a reply from F-Prot (paid version!) to the problem, (it won't update.) Regards Andy Barber From: Marcel Kilgus ql-us...@mail.kilgus.net To: ql-us...@q-v-d.com Sent: Wednesday, 28 January, 2009 21:59:04 Subject: Re: [Ql-Users] slowdown Andy Barber wrote: Warning! I got a Virus alert when I downloaded the file! I'd rather believe there's something wrong with your PC or virus scanner than believing Mark publishes an infected file. ;-) (the file is signed and thus cannot be manipulated without Windows noticing). Seriously, it's clean. It could just be that the scanner doesn't like Mark's method of embedding DLLs into the EXE files. He just really likes single EXE files that just run and don't need to be installed. Marcel ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Anyway, best to go off list with this now before I get banned from QL-users. NO! Although you run your QL on a Windows platform, perhaps we might both have been caught by a new virus/malware. See my other posts in this group. ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Have you tried to use Autoruns (from sysinternals) to disable start up programs, services and drivers? I have used that a couple of times to isolate programs, services and drivers that goes bad. Make sure you select Hide Microsoft Entries during the first isolation rounds. http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx /Mike ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Dilwyn Jones wrote: Help. My laptop has been driving me mad today with the constant disk activity. I've spent most of the day trying to find out what is going on and drawn a blank. Check out ProcMon, it will perhaps tell you what caused the activity: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx Marcel ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Dilwyn Jones wrote: Help. My laptop has been driving me mad today with the constant disk activity. I've spent most of the day trying to find out what is going on and drawn a blank. Basically, the computer (Windows and QPC) is being slowed down by some task running which is causing CONSTANT drive C: activity. I've disconnected from the web, stopped the anti-virus (Sophos), stopped the indexing service etc (all the usual suspects) and removed all startup programs. Disk activity is still pretty continuous in fits and bursts. Even CTRL ALT DEL to have a look at the processes takes ages to appear and apart from the usual Windows tasks I can't see anything suspicious. Pointer movement is sluggish to say the least, movingin large steps along the screen making it barely controllable. Any ideas, anyone? used to happen here, eventualy disabled some google stuff and it returned to normal All the best - Bill ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Dilwyn Jones wrote: Help. My laptop has been driving me mad today with the constant disk activity. I've spent most of the day trying to find out what is going on and drawn a blank. Check out ProcMon, it will perhaps tell you what caused the activity: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx Marcel Wow, creates a HUGE amount of data, most of it meaningless to me. The FileOpen etc activity seems to be caused by a 'softmodem' and the wireless RaLink card. Even when turned off and not connected to the router. Regular QueryOpen, CreateFile, QueryNetworkOpenInformationFile, QueryStandardInformationFile, CloseFile Masses of RegOpenKey, RegCloseKey etc. (don't know what they all mean). Nothing that really ties in as far as I can tell. No toolbars or anything new installed in the last couple of days. Even sound gets affected, a simple system Ping sound gets broken up into P-i-n-g sounding like an underwater bubbling sci-fi sound! -- Dilwyn Jones ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Dilwyn Jones wrote: The FileOpen etc activity seems to be caused by a 'softmodem' and the wireless RaLink card. Even when turned off and not connected to the router. Well, whatever this is, try to kill the process that causes all those lines and see whether it helps. Take the exakt task name xyz.exe and look for it in Google. Masses of RegOpenKey, RegCloseKey etc. (don't know what they all mean). These are registry accessed. Marcel ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
I prefer Process Explorer, available from http://technet.microsoft.com/en-us/sysinternals/default.aspx or www.sysinternals.com. Its a more advanced version of the built-in one. Perhaps more palatable for sub-planet-sized brains ;o) It usually does the job for me Per Dilwyn Jones wrote: Dilwyn Jones wrote: Help. My laptop has been driving me mad today with the constant disk activity. I've spent most of the day trying to find out what is going on and drawn a blank. Check out ProcMon, it will perhaps tell you what caused the activity: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx Marcel Wow, creates a HUGE amount of data, most of it meaningless to me. The FileOpen etc activity seems to be caused by a 'softmodem' and the wireless RaLink card. Even when turned off and not connected to the router. Regular QueryOpen, CreateFile, QueryNetworkOpenInformationFile, QueryStandardInformationFile, CloseFile Masses of RegOpenKey, RegCloseKey etc. (don't know what they all mean). Nothing that really ties in as far as I can tell. No toolbars or anything new installed in the last couple of days. Even sound gets affected, a simple system Ping sound gets broken up into P-i-n-g sounding like an underwater bubbling sci-fi sound! ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
P Witte wrote: I prefer Process Explorer, available from http://technet.microsoft.com/en-us/sysinternals/default.aspx Process Explorer (sister application of the Process Monitor I mentioned) is always a good idea if you want to replace the Windows Task Manager (I did). But massive HD activity does not necessarily translate into CPU activity, so often it's not obvious who's the culprit in there. But at least it's good to kill the task that causes the activity :-) But it's probably getting a bit too Windows specific for this list now... Marcel ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Task Manager (I did). But massive HD activity does not necessarily translate into CPU activity, so often it's not obvious who's the culprit in there. But at least it's good to kill the task that causes the activity :-) But it's probably getting a bit too Windows specific for this list now... OK, I'll just mention that the process is EXPLORER.EXE. However, it's applicable for me because it prevents me runing QPC! The anti-virus has kicked in for a routine scan now, so I'll leave it for tonight. -- Dilwyn Jones ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
Re: [Ql-Users] slowdown
Dilwyn Jones wrote, On 27/01/09 23:32: Task Manager (I did). But massive HD activity does not necessarily translate into CPU activity, so often it's not obvious who's the culprit in there. But at least it's good to kill the task that causes the activity :-) But it's probably getting a bit too Windows specific for this list now... OK, I'll just mention that the process is EXPLORER.EXE. However, it's applicable for me because it prevents me runing QPC! The anti-virus has kicked in for a routine scan now, so I'll leave it for tonight. Do a virus scan from safe mode. ... and if that fails, use system restore to go back in time. Tony -- QBBS (QL fido BBS 2:257/67) +44(0)1442-828255 t...@firshman.co.uk http://firshman.co.uk Voice: +44(0)1442-828254 Fax: +44(0)1442-828255 Skype: tonyfirshman TF Services, 29 Longfield Road, TRING, Herts, HP23 4DG ___ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
