Jump to content

Recommended Posts

While I am using the computer, I have not problems.

On 6/19/2009, I have had the problem only during 'down" times.

If I do a malwarebytes full scan, AVG full scan, and/or lavasoft full scan, or if I just let the computer sit idle with no input, after 30-40 minutes the computer locks, mouse, and keyboard and I have to do a hard reboot.

I put the procexp up full screen so I could see what was running at the time of the freeze. All it shows me is the current scan and other auxilary that do not look supicious.

I have AVG and lavasoft ad-aware running in the background. I used to have (as of yesterday) windefender running in the background and teatimer and SD helper from spybot but I have disabled them.

I only load the necessary services and start up items via msconfig.

The only major change is that I went through 18 hours of troubleshooting to install a HP printer to find out that it is a bad USB cable!

HP did install an update and I received a message that CMD.exe and /$secure was corrupted and to run ckdsk, I did and it showed nothing.

I have today, deleted the one touch monitor by vissioneer and the Lexmark Z600 printer software and hardware, but I can't get rid of all of the lexmark files. I uninstalled throuth control panel but the registry still showed the program and there are some residual files on the hard drive in the system 32 folder.

I exported the registry and delted the lexmark file but the other folder/files still remain.

My biggest problem is that I can run a full scan or a scan , because after 30-40 minutes it freezes.

The computer is not touched at that time.

I do not hibernate or stand by , I have stopped the power down of the USBs and the monitor or hard drive does not ever turn off.

I have cleaned the motherboard, inside and took the RAM out and cleaned it (suggestion from Microsoft) They also suggested that I try a scan in safe mode.

I have not tried that yet.

I also have not tried to let the computer sit, since I ran the attached file. I will do that after I post here.

I have a firewall on my Netgear router, but still have the windows firewall on with no exceptions.

I have wanted to buy the Malware but it does not find my problem every, neither does lavasoft or AVG.

I have not tried Trend Micro or live.com from the Internet as a scan , but have in the past, and neither has fixed any problems that I have had

Attached are the files:

combofix.txt

attach

dds

hijackthis

malwarebytes

If you need any other info just ask.

windows XP Pro

2Gb Ram

80GB HD

CFscript.txt

mbam_log_2009_06_27__09_02_51_.txt

6_27_2009_Attach.txt

6_27_2009_DDS.txt

CFscript.txt

mbam_log_2009_06_27__09_02_51_.txt

6_27_2009_Attach.txt

6_27_2009_DDS.txt

Link to post
Share on other sites

  • Root Admin

STEP 01

The logs show you're using 2 Anti-Virus products at the same time. You can only have 1 Anti-Virus product installed at one time as they can conflict with each other and cause issues like you describe.

AVG Anti-Virus Free

Lavasoft Ad-Watch Live! Anti-Virus

You need to choose one and fully remove the other one.

It also shows that this compute is a old Compaq running this network driver: Compaq NetFlex-3/Netelligent Adapter Driver

Is that true? Is this a Compaq computer?

STEP 02

Click on START - RUN and copy / paste the entry below into the run line and click OK

CMD /C NETSH FIREWALL RESET

Click on START - RUN and copy / paste the entry below into the run line and click OK

CMD /C NETSH int ip reset c:\resetlog.txt

STEP 03

You may have corrupted files on your disk. Please try running the following.

First close ALL Applications as this routine will automatically restart your computer.

Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /F | SHUTDOWN /R /T 30

STEP 04

    Please create a BOOTLOG
  • Delete the following file if it exists. C:\Windows\ntbtlog.txt
  • Restart the computer and press F8 when Windows start booting. This will bring up the startup options.
  • Select "Enable Boot Logging" option and press enter.
  • Windows prompts you to select a Windows Installation (even if there is only one windows installation)
  • This boots windows normally and creates a boot log named ntbtlog.txt and saves it to C:\Windows
Link to post
Share on other sites

1. The AVG has an anti-spyware that I cannot shut off and the Lavasoft has a spyware Heuristis and Anti-virus engine that I can shut off. The lavasoft also looks at processes and registry protection. I would rather keep the AVG b/c I think it has a better Anti-virus program but not so good anti-spyware. I have been running these togher for MONTHS without a problem. So I deactivated the Lavasoft both anti-virus and spyware and try to run the AVG full scan and it stopped again after 58 minutes. It seems to stop on the AVG application that I kept on my hard drive. It stops at a .cab file. So I deleted the downloaded application and will try to run it again after work.

2. Do you think that I will have enough protection with just the AVG and just run the Lavasfot or Malwarebytes once a day?

3. This is not a compaq computer, I have no idea how that got there. Should I delete it? How do I delete it?

4. Ran all 'run" commands and ckdsk did not show anything. Actually nothing happened at all excep the reboot. Blank dialog boxes did come up.

5. Someone else on this forum when I had a driver conflict of my keyboard and mouse asked me to run the boot.ini file and when I went inot msconfig the boot.ini tab was there. Now I have general, sys.ini, win.ini, services, start up, and tools. I no longer have a boot.ini file. When I restarted my computer, I hit F8 and it said invalid boot.ini file. Do you think I have a mouse /keyboard driver conflict again? I had two keyboard softwares so I took one out and now I do not have the erratic mouse problem. Could this be related to the mouse/keyboard problem?

OMG, I hope that I don't have to re-install XP and/or format my hard drive!! I am getting sick, just thinking about it.

Anyway, I getting back the boot.ini? If I do an XP repari will that do it? Although I have never done one of those...

Link to post
Share on other sites

  • Root Admin

If you want to use Lavasoft AdAware that's fine just don't use their Anti-Virus version. In my opinion (not based on any technical facts, only personal) I think the Avira Anti-Virus these days is now better than AVG.

Here is an article on how to repair the BOOT.INI file which you should do:

How to rebuild the Windows boot.ini

"Invalid Boot.ini" or "Windows could not start" error messages when you start your computer

Well it's not a Compaq computer maybe but it is an HP Computer who bought up Compaq many years ago. Please run the following for me and we'll see if we can find some more information about your system before we move forward with anything drastic like forcefully removing a driver.

Click on START - RUN and copy/paste the contents of the code box below into the run box and hit OK

CMD /C DRIVERQUERY /FO TABLE /SI >C:\DriversSigned.txt

Click on START - RUN and copy/paste the contents of the code box below into the run box and hit OK

CMD /C driverquery.exe /FO TABLE /v>C:\DriversGeneral.txt

Then ATTACH the files C:\DriversSigned.txt and C:\DriversGeneral.txt to your next reply please.

Then click on START - RUN and type in "C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe" including the quotes.

Inside the program click on File - Save and save it and then zip up the file and attach it to your next reply.

The CHKDSK program may not have run for various reasons. Anti-Virus, Malware, old video drivers, etc... You should have a program on your system from HP to check for updates from HP. You can run that and have it scan your system for any updates.

Link to post
Share on other sites

I build this computer myself. It is not a HP, I picked the motherboard, etc. I have chaned the hard drive, added DVD, and changed the power supply over the years.

I ran the boot.ini rebuild and it worked. Thank GOD.

I will look into Avira instead of AVG ,but should I run Lavasoft or Malwarebytes with the Avira for a spyware program or does Avira have spyware too.

I have attached the files you requested

quote name='AdvancedSetup' date='Jun 29 2009, 03:56 PM' post='94289']

If you want to use Lavasoft AdAware that's fine just don't use their Anti-Virus version. In my opinion (not based on any technical facts, only personal) I think the Avira Anti-Virus these days is now better than AVG.

Here is an article on how to repair the BOOT.INI file which you should do:

How to rebuild the Windows boot.ini

"Invalid Boot.ini" or "Windows could not start" error messages when you start your computer

Well it's not a Compaq computer maybe but it is an HP Computer who bought up Compaq many years ago. Please run the following for me and we'll see if we can find some more information about your system before we move forward with anything drastic like forcefully removing a driver.

Click on START - RUN and copy/paste the contents of the code box below into the run box and hit OK

CMD /C DRIVERQUERY /FO TABLE /SI >C:\DriversSigned.txt

Click on START - RUN and copy/paste the contents of the code box below into the run box and hit OK

CMD /C driverquery.exe /FO TABLE /v>C:\DriversGeneral.txt

Then ATTACH the files C:\DriversSigned.txt and C:\DriversGeneral.txt to your next reply please.

Then click on START - RUN and type in "C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe" including the quotes.

Inside the program click on File - Save and save it and then zip up the file and attach it to your next reply.

http://windowshelp.microsoft.com/windows/en-us/help/7050d809-c761-43d4-aae7-587550cd341a1033.mspx' rel="external nofollow">

The CHKDSK program may not have run for various reasons. Anti-Virus, Malware, old video drivers, etc... You should have a program on your system from HP to check for updates from HP. You can run that and have it scan your system for any updates.

Link to post
Share on other sites

  • Root Admin

Well the system says you have a SiS 900 PCI Fast Ethernet Adapter but its not the current active adapter.

The current one is the Netelligent 10T PCI UTP Controller and is using the Driver c:\windows\system32\drivers\netflx3.sys (5.0.1.18, 63.75 KB (65,278 bytes), 1/13/2007 10:29 AM)

Nothing wrong with it - just wanted you to be aware of it as it stood out an an odd driver to have on a newer computer.

The logs also show that TELNET is starting up every day which is very odd and often a sign of potential attack. Are you running Telnet on purpose? Maybe a print server that is using it ?

If you can't explain the TELNET then we should do some deeper scanning of your system to determine why its running, though currently you don't appear to be infected.

Maybe check for driver updates to your system hardware and uninstall any security applications you no longer use.

Avira has some Anti-Malware capabilities and our Paid version of MBAM has a Protection Module that works to help prevent items from being installed without your knowledge. You should be able to remove AVG and use Avira without any issues.

How to uninstall AVG (remove it permanently from PC)

Link to post
Share on other sites

THe SIS 900 PCI fast ethernet adapter is on the motherboard and I do remember that it is not working.

So what about the compaq entry? Do I delete it or what?

I don't know what Telnet is , but can't i just disable it? I do have a HP printer but am not connected to a server, this is a stand alone pc.

You write:

Maybe check for driver updates to your system hardware and uninstall any security applications you no longer use.

How do I know what drivers I don't need and what securuty updates I don't need? Silly question, but in the control panel/software, everything in that is what I use. Some are not used much and I can delete the programs I don't use much.

I ran AVg full scan last night and it stopped after 22 minutes, I will try again and try a full scan with malwarebytes and see if it does stop.

I will turn off the telnet service first and then run them both.

What kind of deeper scan would you want me to do? It may stop thought like the others.

Link to post
Share on other sites

  • Root Admin

If you can, download and burn one of these CDs and you can check further for any type of hidden Virus/Malware on the system.

The other logs don't seem to indicate that you are infected though so it really could be a bad driver conflict or something.

This forum is for detecting and removing Malware but so far it doesn't look like you are infected. We can run a few more scans and see if we can find anything, but aside from that then you may have to make a new post in the PC Help forum and seek help with driver updates or application conflicts.

LiveCD for Malware and Virus Removal

Here are links to Antivirus vendors that offer free LiveCD or Rescue CD files that are used to boot from for repair if needed.

All of them except Avira are in the ISO image file format. Avira uses an EXE that has built-in CD burning capability.

Avira AntiVir Rescue System

BitDefender LiveCD

Dr Web LiveCD

F-Secure Rescue CD

Kaspersky RescueDisk

For those users that need a FREE utility to properly burn the ISO image

ImgBurn

How to write an image file to a disc with ImgBurn

Link to post
Share on other sites

You write:

you may have to make a new post in the PC Help forum and seek help with driver updates or application conflicts.

Are you talking about Microsoft website forums or malwarebytes.

Should I get rid of the Compaq driver?

I will run the Avira and post the results.

If you can, download and burn one of these CDs and you can check further for any type of hidden Virus/Malware on the system.

The other logs don't seem to indicate that you are infected though so it really could be a bad driver conflict or something.

This forum is for detecting and removing Malware but so far it doesn't look like you are infected. We can run a few more scans and see if we can find anything, but aside from that then you may have to make a new post in the PC Help forum and seek help with driver updates or application conflicts.

LiveCD for Malware and Virus Removal

Here are links to Antivirus vendors that offer free LiveCD or Rescue CD files that are used to boot from for repair if needed.

All of them except Avira are in the ISO image file format. Avira uses an EXE that has built-in CD burning capability.

Avira AntiVir Rescue System

BitDefender LiveCD

Dr Web LiveCD

F-Secure Rescue CD

Kaspersky RescueDisk

For those users that need a FREE utility to properly burn the ISO image

ImgBurn

How to write an image file to a disc with ImgBurn

Link to post
Share on other sites

  • Root Admin

What were the warnings? Did it remove anything?

I don't need any files from you. Currently none of the scans we've run so far indicate that you are infected with anything so if the computer is still hanging or locking up I'm inclined to believe its either a hardware of software conflict. That is why I asked you to post in the General PC forum to see if anyone can help you out with possibly finding a driver or software conflict that might cause that.

Link to post
Share on other sites

Sorry, I thought that it would make a log file that you wanted to see, but I had three warnings and don't remember them all. 2 of them involved an USb in a download from the Internet. I tried to copy /paste and reboot but that did not work.

I will run it again and manually write them down or do you want me to run it again and "mark to fix the problem"?

After it ran, I had to hard reboot to go forward, I did not see any way to 'continue" to starting the computer, just start scan again.

What are warnings?

I will also post to the site you stated too.

What were the warnings? Did it remove anything?

I don't need any files from you. Currently none of the scans we've run so far indicate that you are infected with anything so if the computer is still hanging or locking up I'm inclined to believe its either a hardware of software conflict. That is why I asked you to post in the General PC forum to see if anyone can help you out with possibly finding a driver or software conflict that might cause that.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.