Author Topic: w?nspool.exe (Read 3378 times)

guestolo · « **Reply #40 on:** January 20, 2005, 10:25:01 PM »

Open Notepad (START>>>RUN>>>type in notepad) hit Enter
Copy the whole contents of the Quote box to notepad
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as cpuidle.reg
Save it on the desktop

Quote

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_cpuidle][-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cpuidle]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_cpuidle]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cpuidle]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_cpuidle]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cpuidle]

Double click on cpuidle.reg and allow to merge

Open Windows CleanUp! and use the Cleanup button
When it's done
Restart your computer one last time and let me see another ServiceFilter log

Can you also see if you can delete this folder
c:\windows\system32\drivers\etc\cpuidle <--folder

Jason · « **Reply #41 on:** January 20, 2005, 10:36:17 PM »

here os my post this after doing your last step:

The script did not recognize the services listed below.
This does not mean that they are a problem.

To copy the entire contents of this document for posting:
At the top of this window click "Edit" then "Select All"
Next click "Edit" again then "Copy"
Now right click in the forum post box then click "Paste"

########################################

ServiceFilter 1.1
by rand1038

Microsoft Windows XP Home Edition
Version: 5.1.2600 Service Pack 2
Jan 20, 2005 9:32:44 PM

---> Begin Service Listing <---

Unknown Service # 1
Service Name: Adobe LM Service
Display Name: Adobe LM Service
Start Mode: Manual
Start Name: LocalSystem
Description: Adobe LM ...
Service Type: Own Process
Path: "c:\program files\common files\adobe systems shared\service\adobelmsvc.exe"
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 2
Service Name: cpuidle
Display Name: cpuidle
Start Mode: Unknown
Start Name:
Description: ...
Service Type: Unknown
Path:
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 3
Service Name: GEARSecurity_BackUp
Display Name: GEARSecurity_BackUp
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: system32\gearsec.exe
State: Stopped
Process ID: 0
Started: False
Exit Code: 0
Accept Pause: False
Accept Stop: False

Unknown Service # 4
Service Name: MpfService
Display Name: McAfee Personal Firewall Service
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\progra~1\mcafee.com\person~1\mpfservice.exe
State: Running
Process ID: 328
Started: True
Exit Code: 0
Accept Pause: True
Accept Stop: True

Unknown Service # 5
Service Name: MskService
Display Name: McAfee SpamKiller Server
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\progra~1\mcafee\spamki~1\msksrvr.exe
State: Running
Process ID: 456
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service # 6
Service Name: STOPzilla Local Service
Display Name: STOPzilla Local Service
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\program files\stopzilla!\szntsvc.exe /service "stopzilla local service"
State: Running
Process ID: 1276
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service #7
Service Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Start Mode: Manual
Start Name: LocalSystem
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this ...
Service Type: Own Process
Path: c:\windows\system32\dllhost.exe /processid:{ec8858a8-0419-45ad-998c-bb33a22d213b}
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 8
Service Name: wfxsvc
Display Name: WinFax PRO
Start Mode: Disabled
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\windows\system32\wfxsvc.exe
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

---> End Service Listing <---

There are 90 Win32 services on this machine.
8 were unrecognized.

Script Execution Time: 3.078125 seconds.

guestolo · « **Reply #42 on:** January 20, 2005, 10:46:01 PM »

http://www.billsway.com/vbspage/ and scroll down to
Registry Search Tool
Download, unzip and run RegSrch.vbs
Copy and paste this in the dialog box: cpuidle
After a while a prompt will come up.(About 10 seconds) Click OK to write the results to wordpad or notepad and post them

Jason · « **Reply #43 on:** January 20, 2005, 10:49:38 PM »

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "cpuidle" 1/20/2005 9:46:39 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"j"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle.reg"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\reg]
"a"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle.reg"

guestolo · « **Reply #44 on:** January 20, 2005, 10:57:41 PM »

Not sure why it's still there>>are the Shutdowns getting quicker?

Let's try this again

Open Notepad (START>>>RUN>>>type in notepad) hit Enter
Copy the whole contents of the Quote box to notepad
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as cpuidle2.reg
Save it on the desktop

Quote

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE][-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE]

Restart into safe mode and double click on cpuidle2.reg
and allow to merge

Restart back to Normal mode

Again paste this in the RegSrch.vbs dialog box: CPUIDLE
and post back the results

Jason · « **Reply #45 on:** January 20, 2005, 11:05:20 PM »

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "CPUIDLE" 1/20/2005 10:01:59 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]
"Service"="cpuidle"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE\0000]
"DeviceDesc"="cpuidle"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"e"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle2.reg"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"j"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle.reg"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\reg]
"a"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle.reg"

[HKEY_USERS\S-1-5-21-1960408961-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\reg]
"b"="C:\\Documents and Settings\\Owner\\Desktop\\cpuidle2.reg"

it seems to still be there

guestolo · « **Reply #46 on:** January 20, 2005, 11:21:29 PM »

Were you able to delete this subfolder?
c:\windows\system32\drivers\etc\cpuidle

Are the shutdowns a bit quicker?

Let me find some more info on cpuidle in that location
Cpuidle should be running from the Program Files folder

Jason · « **Reply #47 on:** January 20, 2005, 11:28:06 PM »

I was able to delete that folder. shut downs seem to be the same.

It's getting late. I need to go to bed now. I will get back to the board as soon as I can. Thanx again.

P.S. how did you learn so much about this?

guestolo · « **Reply #48 on:** January 21, 2005, 12:41:59 AM »

Try this when you get a chance Jason
May be best to try in Safe mode

Go to Start>Run and typeregedit

Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CPUIDLE

Left click once to highlight LEGACY_CPUIDLE
and then Right click and delete it

Do the same for
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CPUIDLE

and
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CPUIDLE

Remember your just out to Delete the Legacy_CPUIDLE entries

Exit Registry Editor

If you have trouble deleting a key. Then click once on the key name to highlight it and click on the Permissions
Under the Security tab>>Advanced
Uncheck "Allow inheritible permissions" and press copy. Then click on everyone and put a checkmark in "full control". Then press apply and ok and attempt to delete the key again.

Jason · « **Reply #49 on:** January 21, 2005, 06:59:16 PM »

O.K. I did as you instructed me to and here is the Service Filter Log:

ServiceFilter 1.1
by rand1038

Microsoft Windows XP Home Edition
Version: 5.1.2600 Service Pack 2
Jan 21, 2005 5:53:57 PM

---> Begin Service Listing <---

Unknown Service # 1
Service Name: Adobe LM Service
Display Name: Adobe LM Service
Start Mode: Manual
Start Name: LocalSystem
Description: Adobe LM ...
Service Type: Own Process
Path: "c:\program files\common files\adobe systems shared\service\adobelmsvc.exe"
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 2
Service Name: GEARSecurity_BackUp
Display Name: GEARSecurity_BackUp
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: system32\gearsec.exe
State: Stopped
Process ID: 0
Started: False
Exit Code: 0
Accept Pause: False
Accept Stop: False

Unknown Service # 3
Service Name: MpfService
Display Name: McAfee Personal Firewall Service
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\progra~1\mcafee.com\person~1\mpfservice.exe
State: Running
Process ID: 756
Started: True
Exit Code: 0
Accept Pause: True
Accept Stop: True

Unknown Service # 4
Service Name: MskService
Display Name: McAfee SpamKiller Server
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\progra~1\mcafee\spamki~1\msksrvr.exe
State: Running
Process ID: 876
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service # 5
Service Name: STOPzilla Local Service
Display Name: STOPzilla Local Service
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\program files\stopzilla!\szntsvc.exe /service "stopzilla local service"
State: Running
Process ID: 1276
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service #6
Service Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Start Mode: Manual
Start Name: LocalSystem
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this ...
Service Type: Own Process
Path: c:\windows\system32\dllhost.exe /processid:{ec8858a8-0419-45ad-998c-bb33a22d213b}
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 7
Service Name: wfxsvc
Display Name: WinFax PRO
Start Mode: Disabled
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\windows\system32\wfxsvc.exe
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

---> End Service Listing <---

It seems to be gone now. I will run Cleanit! and reboot. I will then run a regsearch and post the results back.

TheTechGuide Forum

News:

Author Topic: w?nspool.exe (Read 3378 times)

guestolo

w?nspool.exe

Jason

w?nspool.exe

guestolo

w?nspool.exe

Jason

w?nspool.exe

guestolo

w?nspool.exe

Jason

w?nspool.exe

guestolo

w?nspool.exe

Jason

w?nspool.exe

guestolo

w?nspool.exe

Jason

w?nspool.exe