computer reboots or freezes at login (win xp)

Darn that Panda! Deleted ComboFix. I sure wish they'd fix that false positive. We were done with it anyway, so not a loss.

Click Start>Run and type regedit then hit enter. Navigate to the following location.

HKEY_CURRENT_USER\Software\Fun Web Products

First left click, then right click on the Fun Web Products key (folder) and delete. Then go to;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar

and delete the MyWebSearch bar key as well.

Exit the registry editor.

Please upload the following file to jotti and click Submit, then wait for it to complete an analysis and post the results. Also, please submit it to here (my personal submission channel) so that I can inspect it.

C:\Program Files\Support.com\adelphia\scripts\IEconfig.vbs

You can delete all of the following tools we have used, and the files/folders they created.

C:\WINDOWS\nircmd.exe
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\SYSTEM32\Process.exe
C:\WINDOWS\SYSTEM32\SrchSTS.exe
C:\QOOBOX
C:\Deckard
dss.exe
combofix.exe
sdfix.exe
LSPFix.exe
HJTsetup.exe
FindAWF.exe
SmitfraudFix.exe
all combofix, smitfraudfix and sdfix logs and scripts
Panda report
All backups in the C:\Program Files\Hijackthis\backups folder

Download and install both Ad-aware and Spybot S&D, update and do full scans, removing what they find.

Run a disk cleanup and defrag.

 

sounds like we are making progress, I am cleaning up all the trails left and then will download as instructed. I am happy that this machine is completely different than the one I started with a week ago!!!
Scan taken on 04 Aug 2007 18:13:14 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found Heur.VBS.Generic.24
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing

file also uploaded to bleepingcomputer.com

 

As I suspected, that was another false positive on the IEconfig.vbs

Here are some finishing tasks when you're done with the others.

You're now ready to install an Antivirus program, software firewall and get that computer up-to-date on Windows Updates. AVG and Zone Alarm play well together, and offer good protection as well. Unless you intend to get paid-for applications, I'd recommend using those free apps. I recommend installing the AV and firewall, then remove all system restore points (once you're sure everything is operating as it should) and create a fresh system restore point, before beginning the Windows Updates. Zone Alarm will nag quite a lot when installing the updates, but should an update bork something and you need to roll back to a restore point, better to have one with the AV and firewall already in place.

You're good to go. You've done a fantastic job!

Don't hesitate to post back if you have questions or need help with anything else.

 

downloading updates for s&d ... and then will install and update adaware.....one step at a time...feels like baby steps but that's okay.
thank you for all the help you have given me upto this point, if left on my own I would probably still be scratching my head trying to figure it out, or I may have given into the urge to toss the computer down the steps,lol!

 

You're most welcome. Glad I could help.

Just curious, what's the reason you are using dialup rather than the wireless adapter?

 

i tried several times to connect the wireless adapter, and it would show the connection had excellent signal, but ie would not recognize it as being there. it just kept looking for the cable connection.(time warner) don't know exactly why it worked with the dial up (maybe beacause a different type of connection)? it is probably something i could have fixed if i kept at it, but I am ready to get this computer back to it's owner (and hopefully not have to see it again) so i gave into the old SLOW standby.

 

thank you Pete, I have been told I am a bit stubborn but in this case I think it helped (just for the record though, I am not a he (not all the computer geeks in the world all male,lol) as I said before without Dave I think I would still be scratching my head trying to figure out what was wrong (since there was so much wrong!)

 

Pete:
not a problem


happy to report avg anti-virus found no threats
ad-adware: no threats (2nd scan, after the 1 that it did find)
spy-bot: no threats (2nd scan, after fixing 8)
installing firewall software now...

 

Thanks Pete .... means a lot to me. And what a trooper mva5493 is! Her friend is lucky to have her friendship.

Excellent!!

mva5493,

If you'd like to try getting that wireless to work, I'd be more than happy to do what I can to help. When it comes time to start doing the updates, you'd be pleased to have it working. If so, just a couple of things to try, the first of which in retrospect, after some of what we removed, I think should be done anyway, for the 'just in case'.

1. Download Winsock XP Fix. Close all open programs and connections. Run winsock XP Fix and select Fix. Reboot.
2. Open Internet options in the Control Panel. Select the Connections tab, then check 'Never dial a connection'. Click Apply and OK.

Try your wireless connection. If you again get 'connected' but can't get internet access, check the status of the connection for the IP address, DNS server address, etc. that the wireless access point has handed out. Let me know what you find. Post some details about your wireless equipment as well.

 

I don't know if I even want to try and get the wireless adapter working with it. I am on update #10 of 64... it's slow going but it is working, zone alarm is nagging me to death but, it is working I am leaving for a bit, will let it continue to download while I am doing some grocery shopping..... I was just looking at microsoft's site to see if I can download to this computer and transfer over to the other, if not it won't be the first time I have used old slowpoke, I have only had the wireless for about 2 months..it was strictly 56k before that, lol the first computer I bought with internet access had a 14,400 modem, compared to that 56k seems to move at lightning speed,lol.

 

OK then. You can disable Zone Alarm while doing the updates too. Just right click the tray icon and select 'shutdown'. It will restart when the computer reboots, or you can manually start it via the All Programs menu.

Now that ZA is installed, a bit of configuration would be good too, or, you can wait and show your friend so that he/she is aware of it's behavior.

Open Spybot, Ad-aware and AVG and check for updates. When ZA pops up notifying of the request for internet access, check the box to remember your answer and click Allow. ZA will never ask for that program again, unless it's executable changes in some way.

 

okay..I am unfamiliar with zone alarm so I may have to learn a bit about it before trying to show her. What I would like to set up the computer to automatically update not only windows but the other security programs as well because I am not sure she will follow through with updates and I don't want this machine coming for regular sleepovers.

 

SP2 will turn Automatic Updates on, if not mistaken (may prompt you), as well as offer to turn on the Security Center, which monitors Automatic Updates status, AV and Firewall status. Zone Alarm and AVG should have automatically enabled automatic updates, and while AVG will apply any new updates on it's own, Zone Alarm will just inform you of updates available. Check the program's settings to verify AU is on.

Spybot and Ad-aware do not automatically update, but rather need to be manually checked for updates prior to every scan.

 

well it's still crawling but we are up to update 49..making progress, is there anything else that needs to be done after windows updates?

 

Be sure to make repeated trips back to Windows Updates, until there are no more critical updates offered.

Should be good to go, but I'd probably run some, if not all, of the installed programs to make sure everything is working properly. Consider checking for updates to any Microsoft Office programs that may be installed. They have updates available that address security issues for those too. Upgrading to Microsoft Update rather than using Windows Update will check for both Office and regular Windows Updates.

Microsoft Update

Office Update


Maybe check device manager and event viewer for any errors. Multi-task it a bit to see how it performs. Open the case and check the dust buildup situation. If possible, blow it out with compressed air (take care to prevent the fans from spinning while blowing directly on them) to make sure it's cooling properly. Best to make sure everything is in order while it's in your possession.

 

ms office is not update not necessary..computer has wordperfect.
have already updated to microsoft updates

as for dust in the case, it had alot of buildup. the dust was coming out of the case in places, that was one of the first things I did when I got the system.

I will keep checking for updates and will play around with the apps a bit to make sure everything is running properly. I think this one is a success, and now you can move on to someone else, it looks like there are lots of people who need assistance here ( I wonder how much of the problems here are virus/spyware/maleware related??? It seems like this forum has alot of activity all the time.

Thank you once again for all you help and assistance, I didn't say uncle and you stuck it out with me.

 

Looks like you are a step ahead of me on most fronts

Again, you're very welcome. Don't hesitate to post back if you need further assistance....we'll be here.

Success indeed!

 

Amazing piece of work - great example of what this board can be all about. It took a tremendous amount of talent and knowledge on Dave's part but mva5493 deserves a lot of credit.

"New Bremen Bulldog Bites Another Bone, Chews up Malware, Spits Out F8 Key"