Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WinXP Requires Constant Reboot Due to Stalled Programs


  • Please log in to reply

#16
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
in process now.
  • 0

Advertisements


#17
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I'll try to stick around until it's complete, but it grows late where I am.
  • 0

#18
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ESET is stalled for about 10 minutes on "C:\System Volume Information\Tracking log. The clock is still moving but the review is stalled on that one file.

One threat has been found: a variant of Win32Adware RegDefense application.

Should I allow the ESET to continue?
  • 0

#19
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Yes, I have seen Eset's hang on one file for a while. Maybe another 10 minutes or so. But if not, end it. You can still create the log to post back here of what it did find.
  • 0

#20
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I am sorry. I stopped the application at which point the computer was not responding. I had to restart the scan. I will post later and will not expect a response tonight--please do not wait. Thank you!
  • 0

#21
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I'll check in tomorrow as time permits. Thanks for letting me know.
  • 0

#22
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
ESET report:

C:\Documents and Settings\kbuchanan\My Documents\Downloads\regserve-setup.exe a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185759.dll a variant of Win32/Adware.RegDefense application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP654\A0185863.exe a variant of Win32/PCCleaners application cleaned by deleting - quarantined
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP661\A0223775.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
  • 0

#23
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
An adware-bundled installer for a scam reg cleaner program, and then functions that had been held harmless in System Restore. Looks clean malware-wise. What problems are still there we need to address please?
  • 0

#24
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Applications are working better but when I try to connect to websites after running any application it will not function.

For example, I can run Word, iTunes, etc. but when I try to connect to a website it will just :"chug" where they page will not load and the "working" icon appears indefinitely...
  • 0

#25
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Assuming AVG is the free version, why not uninstall it, and check for improvement. It could have become corrupted.

Uninstall AVG, reboot, then go here and download and run the AVG uninstaller. Just select the 2012/13 uninstaller, which should remove any older versions as well. Make sure you have it uninstall everything - it tries to have user's keep it's search hijacker toolbar.

Then check for the same problem effect. Just minimize browsing and you should be safe while you test things.
  • 0

Advertisements


#26
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
After uninstalling, deleting, and reinstalling AVG Free another scan was run and found the following:

Trojan horse Agent3.BQJD
C:\System volume Information\_restore[45....\editscriptbrowser.exe

Trojan horse Agent3.BQJD
C:\System volume information\...Data1.cab

I am back at about the same point where once I open an application it now requires a restart to open any additional applications. It seems to handle disk-based applications well but if it connects to the 'net it requires the restart.

Also, when I am booting, it automatically shows a selection screen that shows how to start Windows. There are three options:

Microsoft Windows Recovery Console
do not select this [debugger enabled]
WindowsXP Professional

It autostarts WindowsXP within about .5 seconds but this always shows up.
  • 0

#27
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Also, Windows Security Center pops up with a warning that says "Antivirus software may not be installed" although AVG Free is installed and seemingly functional.
  • 0

#28
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
That select operating system options screen is due to running ComboFix in the past. The reason for Security Center notifying you that no antivirus is installed is due to likely corruption in what's called the WMI, which is fixable.

I am back at about the same point where once I open an application it now requires a restart to open any additional applications


I actually didn't intend for you to reinstall AVG immediately. Did you have the application opening error while AVG was uninstalled?
  • 0

#29
kirkbu

kirkbu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Yes. The Windows Security said that Antivirus software may not be installed after rebooting the first time after removing AVG.
  • 0

#30
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Disable your security software.

Go to Start > Run and type:

cmd.exe

and OK. At the prompt type or copy/paste each of the following, pressing Enter after each:

net stop winmgmt
cd /d %windir%\system32\wbem
ren repository repository.old
net start winmgmt


Then type exit and press Enter to close the command window. Then reboot. See if you get that error message anymore.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP