WinXP Requires Constant Reboot Due to Stalled Programs
Started by
kirkbu
, Mar 11 2013 10:16 PM
#16
Posted 20 March 2013 - 07:04 PM
#17
Posted 20 March 2013 - 07:11 PM
I'll try to stick around until it's complete, but it grows late where I am.
#18
Posted 20 March 2013 - 07:43 PM
ESET is stalled for about 10 minutes on "C:\System Volume Information\Tracking log. The clock is still moving but the review is stalled on that one file.
One threat has been found: a variant of Win32Adware RegDefense application.
Should I allow the ESET to continue?
One threat has been found: a variant of Win32Adware RegDefense application.
Should I allow the ESET to continue?
#19
Posted 20 March 2013 - 08:03 PM
Yes, I have seen Eset's hang on one file for a while. Maybe another 10 minutes or so. But if not, end it. You can still create the log to post back here of what it did find.
#20
Posted 20 March 2013 - 08:16 PM
I am sorry. I stopped the application at which point the computer was not responding. I had to restart the scan. I will post later and will not expect a response tonight--please do not wait. Thank you!
#21
Posted 20 March 2013 - 08:23 PM
I'll check in tomorrow as time permits. Thanks for letting me know.
#22
Posted 21 March 2013 - 11:08 AM
ESET report:
C:\Documents and Settings\kbuchanan\My Documents\Downloads\regserve-setup.exe a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185759.dll a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185863.exe a variant of Win32/PCCleaners application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP661\A0223775.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Documents and Settings\kbuchanan\My Documents\Downloads\regserve-setup.exe a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185759.dll a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185863.exe a variant of Win32/PCCleaners application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP661\A0223775.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
#23
Posted 21 March 2013 - 04:36 PM
An adware-bundled installer for a scam reg cleaner program, and then functions that had been held harmless in System Restore. Looks clean malware-wise. What problems are still there we need to address please?
#24
Posted 21 March 2013 - 09:13 PM
Applications are working better but when I try to connect to websites after running any application it will not function.
For example, I can run Word, iTunes, etc. but when I try to connect to a website it will just :"chug" where they page will not load and the "working" icon appears indefinitely...
For example, I can run Word, iTunes, etc. but when I try to connect to a website it will just :"chug" where they page will not load and the "working" icon appears indefinitely...
#25
Posted 22 March 2013 - 04:45 PM
Assuming AVG is the free version, why not uninstall it, and check for improvement. It could have become corrupted.
Uninstall AVG, reboot, then go here and download and run the AVG uninstaller. Just select the 2012/13 uninstaller, which should remove any older versions as well. Make sure you have it uninstall everything - it tries to have user's keep it's search hijacker toolbar.
Then check for the same problem effect. Just minimize browsing and you should be safe while you test things.
Uninstall AVG, reboot, then go here and download and run the AVG uninstaller. Just select the 2012/13 uninstaller, which should remove any older versions as well. Make sure you have it uninstall everything - it tries to have user's keep it's search hijacker toolbar.
Then check for the same problem effect. Just minimize browsing and you should be safe while you test things.
#26
Posted 23 March 2013 - 11:18 AM
After uninstalling, deleting, and reinstalling AVG Free another scan was run and found the following:
Trojan horse Agent3.BQJD
C:\System volume Information\_restore[45....\editscriptbrowser.exe
Trojan horse Agent3.BQJD
C:\System volume information\...Data1.cab
I am back at about the same point where once I open an application it now requires a restart to open any additional applications. It seems to handle disk-based applications well but if it connects to the 'net it requires the restart.
Also, when I am booting, it automatically shows a selection screen that shows how to start Windows. There are three options:
Microsoft Windows Recovery Console
do not select this [debugger enabled]
WindowsXP Professional
It autostarts WindowsXP within about .5 seconds but this always shows up.
Trojan horse Agent3.BQJD
C:\System volume Information\_restore[45....\editscriptbrowser.exe
Trojan horse Agent3.BQJD
C:\System volume information\...Data1.cab
I am back at about the same point where once I open an application it now requires a restart to open any additional applications. It seems to handle disk-based applications well but if it connects to the 'net it requires the restart.
Also, when I am booting, it automatically shows a selection screen that shows how to start Windows. There are three options:
Microsoft Windows Recovery Console
do not select this [debugger enabled]
WindowsXP Professional
It autostarts WindowsXP within about .5 seconds but this always shows up.
#27
Posted 23 March 2013 - 11:20 AM
Also, Windows Security Center pops up with a warning that says "Antivirus software may not be installed" although AVG Free is installed and seemingly functional.
#28
Posted 23 March 2013 - 03:43 PM
That select operating system options screen is due to running ComboFix in the past. The reason for Security Center notifying you that no antivirus is installed is due to likely corruption in what's called the WMI, which is fixable.
I actually didn't intend for you to reinstall AVG immediately. Did you have the application opening error while AVG was uninstalled?
I am back at about the same point where once I open an application it now requires a restart to open any additional applications
I actually didn't intend for you to reinstall AVG immediately. Did you have the application opening error while AVG was uninstalled?
#29
Posted 24 March 2013 - 11:09 AM
Yes. The Windows Security said that Antivirus software may not be installed after rebooting the first time after removing AVG.
#30
Posted 24 March 2013 - 05:07 PM
Disable your security software.
Go to Start > Run and type:
cmd.exe
and OK. At the prompt type or copy/paste each of the following, pressing Enter after each:
net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
net start winmgmt
Then type exit and press Enter to close the command window. Then reboot. See if you get that error message anymore.
Go to Start > Run and type:
cmd.exe
and OK. At the prompt type or copy/paste each of the following, pressing Enter after each:
net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
net start winmgmt
Then type exit and press Enter to close the command window. Then reboot. See if you get that error message anymore.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users