Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Xp Lockup


  • This topic is locked This topic is locked
32 replies to this topic

#1 dmcrisp

dmcrisp

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 24 April 2008 - 04:06 PM

Hello,

I've got a recent problem going with my xp system. At random moments, my computer locks up and I have to reboot. At the time of the initial episode, I had Bit Defender running.

When I try to scan the computer using BD or Spybot S&D, the computer locks up again during the scan. I have tried to scan from Safe Mode and have also downloaded and tried the following:

Kepersky
Avira
Uniblu Registry Booster 2
MalwareBytes
Spybot S&D
ATF Cleaner
AVG Antivirus
Norton Antivirus

ALL of the above, when running in scan mode, lock up the computer. I have tried everything and don't know what else to try. I currently have the AVIRA loaded as my resident antivirus.

Is there anyone out there that can help me resolve this problem? I think it is in my registry, but not sure. The Malwarbytes got a few bad files out as did Avira, but the problem remains.

I appreciate in advance any information that may help me rid my computer of this bug.

Thanks
darren

BC AdBot (Login to Remove)

 


#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 24 April 2008 - 04:26 PM

to start off; if you now have Avira loaded as your resident antivirus program , may one ask how you uninstalled each of the other antivirus programs ,and did you EVER have more than ONE antivirus program installed at any time?

#3 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 24 April 2008 - 04:31 PM

I have had AVG and Avira running simultaneously, otherwise just the Avira. I also have Spybot S&D running as resident along with WinPatrol. Not good?

thanks
darren

Forgot..I removed the previous antivirus via the control panel options for install/uninstalling programs.

#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 24 April 2008 - 04:41 PM

you mention Norton? did you use the Norton removal tool on it ?

http://service1.symantec.com/SUPPORT/tsgen...005033108162039

using the control panel add/remove is not sufficient to remove Norton completely

of interest, how far BACK does your system restore go?

if you have more than ONE installed av at any time it it tantamount to having NONE as those that ARE on board will vyw for computer supremicy and NOT search for viruses

#5 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 24 April 2008 - 04:49 PM

Yes, used the Norton removal tool, which rid me of the LiveUpdate business. Norton really is a blimp of a program and overtakes everything.

Point taken with the multiple AV programs. For now it's just one. Not sure if it conflicts with the Uniblue Registry Booster 2 that is loaded.

How can you see how far back the system restore goes? I've had a look around and can't find this info. Sorry for the inexpertise...

thanks

#6 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 24 April 2008 - 05:05 PM

How can you see how far back the system restore goes? I've had a look around and can't find this info. Sorry for the inexpertise...


no worries :thumbsup:

if it is where it should be.......... go to start/programs/system restore/and open the section; have a nosey and look around rummage in there

this guide on here
http://www.bleepingcomputer.com/tutorials/windows-xp-system-restore-guide/

gives you pictures of what you can expect to find

try that rummage?

#7 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 25 April 2008 - 11:29 AM

Thanks ruby1,

I will have a look at the tutorial.

I have found the system restore under the accessories/system utilities menu. It looks like the computer automatically set a restart point every day for the last few months.

I'll read the tutorial and see what I can do. But will resetting the system eliminate malware or trojans?

Many thanks,
darren

#8 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 25 April 2008 - 04:06 PM

it might help you to turn it back to before you had the clutter of programs on it to enable you to do some effective scans; if it will let you roll back,then , when you know exactly what appropriate protection programs you do have on there, you can see how the computer runs, do some basic housekeeping such as a defrag , run some basic scans and see if anything gets flagged up ; you will then still have system restore turned on as your safety net if any scans go wrong

you may ultimately need to turn Restore off to flush any malaware out OF the System restore

but that is not yet

see if it will let you roll back to a known clean and not- too- cluttered- with- extra- programs point?

#9 forrestmage

forrestmage

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:04 AM

Posted 25 April 2008 - 05:04 PM

run chkdsk and a defrag, sometimes the easiest solutions are best. Also do some online av scanning.
http://windowsxp.mvps.org/Scanners.htm

#10 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 26 April 2008 - 03:06 AM

OK, I restored to approxamately one month ago (March 31). This was a time where I am sure there was no problems with the computer as far as lock-ups are concerned, and no excess of AV programs to add to the conflict. Just to add, I defragged the hd once a week, always regularly, before the problems started.

My first attempt to run Bit Defender AV scan after the computer rebooted, you guessed it...locked up.

I have now nullified the system restore, returning back to yesterday's date.

I am trying to understand the method of "turning restore off" to flush out the malware/bad files in the system. If I turn if OFF, then back ON, then I won't have a previous restore point to go to, correct?

Can someone give a little clarification as to the EXACT procedure for doing this so that I can retry to restore to a previous era without doing damage to the system? Not having this experience, I a hesitant to try things myself for lack of knowledge.

Thanks again for your kind help.

dmc

#11 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 26 April 2008 - 04:58 AM

some nasties have a habit of 'sitting ' in the System Restore' section so that, even if you maybe run a scan and appear to be 'clean' , when you reboot the computer the horrid things are back again,

at present we know you do have system restore enabled and working, which is good

as you have previously had avg 7.5 antivirus program on there(?) why not try it again?
suggest remove the Bit defender , reboot and install avgantivirus;
http://www.filehippo.com/download_avg_antivirus/4029/

fully update the definitions, reboot your computer into safe mode and do a full system scan

see if it will let you run a system scan without locking up?

also, may one ask, as you are on XP have you service pack 2 installed and do you have any problems getting updates from the microsoft windows update site?

#12 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 26 April 2008 - 07:50 AM

Hello.. back again,

I downloaded AVG 8.0 with updated definitions, rebooted into Safe Mode and scanned. The AVG program only gave me the option to scan with a command line, which it did automatically. It found a few bad files, namely "fsmgmt.dll" aka Win32/Cryptexe.A and winlogon.exe, described both as "virus". It also found various Adware files and "adware.titanshieldantispyware", lots of that

After scanning it rebooted automatically to Windows standard mode. I looked in the AVG vault for these bad files, but they were not there. Not sure if the reboot was an automatic decision of AVG, or the bug that I have.

I subsequently scanned using AVG in standard mode and the first scan revealed these same viruses, but the computer locked up at about 2 minutes into the scan, so I guess that they have not been cleared from the system. They are not currently in the quarantine folder.

I tried running the AVG scan again, this time the computer rebooted automatically about 10 seconds into the scan. Didn't like that much.

Any ideas??

continued thanks...d

#13 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 26 April 2008 - 08:26 AM

please confirm that at this point in time you only have the ONE antivirus program installed which is the AVG?
I for one am still not convinced you DO have only ONE antivirus program on board; if you DO have more than one you WILL have problems
I linked you to taking on board avg 7.5 so not sure why you chose the newer 8.0 version?

if the computer will let you can you do a scan with superantispyware?


http://www.superantispyware.com/superantis...efreevspro.html

its free exe is http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE you will need to install it, fully update the definitions and reboot the computer ; then run the program with the computer OFF line from the desktop icon and get a full computer scan done; when completed open the program and go to prefernces/statistics,logs ; can you highlight the report you should find and copy and paste it here please for the experts to examine ?

#14 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 26 April 2008 - 08:49 AM

Hi ruby1,

Yes, I only have one antivirus, AVG 8.0. I downloaded it from the page that you linked to. I just assumed that the 8.0 would be better as it is a later (complete) version. Has this somehow compromised the possibility to clean my computer out? Just wondering why 7.5 would be recommended over 8.0...sorry for that error.

I will download Superantispyware and try it...

back in a minute.

thanks,
d

#15 dmcrisp

dmcrisp
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 26 April 2008 - 08:52 AM

another question: do I need to run Superantispyware in Safe Mode?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users