windows xp locks up

  • Thread starter Thread starter Jason
  • Start date Start date
J

Jason

I downloaded avast, uninstalled and reinstalled it to get the computer
working. I did a virus scan and malwarebytes both found a couple of
items. Since then the computer locked up again. I used safe mode and
msconfig again for diagnostic startup which got the computer working
except for:
When i enabled everything it told me access denied

I tried computer - manage - services to enable avast (amongst others)
but i get error: need to be administrator even though i was logged in as
administrator.

Without uninstalling and reinstalling again what can be done?

Thanks,
J.



found solution for: (it was under local machine - msconfig)

I ran msconfig to do a selective start-up (all programs/services
stopped) - computer was slow and no programs ran unless in safe mode.

Now I have 2 lines (was 4 but got rid of two in regedit):
Startup and command are nine squareboxes plus ...
the location is software\microsoft\windowsnt\currentversion\windows

i was able to delete the ones in
hkcu\software\microsoft\windowsnt\currentversion\windows because that is
current user but what is the other lines?

thanks,
J.
 
Jason said:
I downloaded avast, uninstalled and reinstalled it to get the computer
working. I did a virus scan and malwarebytes both found a couple of
items. Since then the computer locked up again. I used safe mode and
msconfig again for diagnostic startup which got the computer working
except for:
When i enabled everything it told me access denied

I tried computer - manage - services to enable avast (amongst others)
but i get error: need to be administrator even though i was logged in as
administrator.

Without uninstalling and reinstalling again what can be done?

Thanks,
J.


Either malware's changed the System's Permissions or there's still
malware present.
If you can burn a CD, Kaspersky offers this Rescue .iso that can be
burned to a CD, the use it to boot the computer so that the Hard Drive
is inactive, then it will update it's definitons automatically, and then
you scan the inactive HD with it -

Kaspersky Rescue Disk 10
http://support.kaspersky.com/viruses/rescuedisk/all

After you've scanned the system and confirmed that all malware has been
detected and removed, you can reset XP's Permissions by following this
guide - Reset the Registry and the File Permissions in Windows XP
http://www.winhelponline.com/blog/reset-the-registry-and-the-file-permissions-in-windows-xp/


MowGreen
================
*-343-* FDNY
Never Forgotten
================

"Security updates should *never* have *non-security content* prechecked
 
downloaded Kaspersky Rescue Disk 10 - it says it can't configure the
realtek gigabit network card - i tried to manually enter ip address etc
as well and it says it can't configure manually either.
i have another computer that uses the vodem so i thought i would be able
to do the update that way but since the network card can't be setup that
is impossible.

Also the text is way too small and illegible - there is no way of
changing it - i tried right clicking on the desktop but all i got was
the same menu as down on the left.
 
Jason said:
downloaded Kaspersky Rescue Disk 10 - it says it can't configure the
realtek gigabit network card - i tried to manually enter ip address etc
as well and it says it can't configure manually either.
i have another computer that uses the vodem so i thought i would be able
to do the update that way but since the network card can't be setup that
is impossible.

Also the text is way too small and illegible - there is no way of
changing it - i tried right clicking on the desktop but all i got was
the same menu as down on the left.

I just downloaded the current Kaspersky Rescue Disk, and looked
in the "bases" directory with 7-ZIP. The definitions are from
January 1st, 2011 and are relatively current. If you can't
get the very most recent updates, you're going to be covered
for a good many other malwares. Not getting updates, won't be
that big a deal.

/rescue/bases
unp023.kdc 2011-01-01 14:39:56

I've been trying to find an update site, where you could
get the files manually. I did find a site, and tried some of the
files, but the "bases" files delivered, don't have the correct
extension on the file names. (They didn't have .kdc on the end,
inside the downloaded ZIP file.)

I also tried the Kaspersky forums, and can't find instructions
for manual updates. They have a recipe for USB boot media,
but I still can't find any mention of how you'd go about
transferring files across.

http://forum.kaspersky.com/index.php?showforum=159

The Gentoo operating system on the Rescue CD, doesn't
appear to be all set up for PPP. There is no /etc/ppp directory
for example. The kernel has some ppp modules compiled into it.
But there is no "Emerge" command on the Gentoo disc, so no
way to add stuff to it. Emerge builds binaries from source,
and would also require that gcc be on the rescue CD, to be
able to start adding software.

There is another way to do it. If you run the Rescue disk
on another computer, one with wired or wireless networking,
with working DHCP, then that computer may be able to run updates.
The Rescue disc stores updates on a partition of its choosing,
on your hard drive. On my computer (dual boot WinXP/Win2K),
it chose to dump garbage in the Win2K partition. (Presumably,
because I used to run Kaspersky AV products on that partition.
My subscription was also on that partition.)

If I go to that disk, I can find

D:\Kaspersky Rescue Disk 10.0
bases_rd
data_rd

and so on. It may be possible to copy some of
that info over (from a computer that has successfully run
the update), but the tool likely keeps track of
what is going on, with some sort of XML file. So
it won't be particularly easy to do it by hand.
But it's still theoretically possible.

I'd just use the CD as it currently stands, without
running Update, as the definitions are from New Year's
day and should be good enough.

The Gentoo OS, does have at least one Gigabit Realtek module included

modprobe -l | grep 8169

/lib/modules/2.6.32-gentoo-r7/kernel/drivers/net/r8169.ko

I got that, from running a slightly older downloaded version
of Rescue, in a VPC 2007 virtual machine. That's how I can type
this message, and examine the environment at the same time.

The other thing you can do in there, is

lshw | less

*-network
description: Ethernet interface
product: DECchip 21140 {FasterNet}

(Less, is to allow you to page the output, a page at a time.
You can also try the command without "less", but then scrollback
might be a problem.)

That is the network interface reported in my VPC 2007 virtual
environment, with Rescue 10 running inside it. So the lshw
command, should be able to show you a network card, if present.
Then it would be a matter of modprobing a module for it or
the like.

Once you've installed a driver, as in

modprobe r8169

you could then try the network setup item from the menu again.

I can also see an instance of "dhcpcd" running. But that
isn't going to work, if the network hasn't been discovered
properly yet. I think I had that problem (can't detect RealTek
8169) on my Gentoo distcc machine, and it was a PITA to fix.

Gentoo has some nice web pages available, for fixing stuff.
I seem to be able to find answers slightly better for
Gentoo, in a search engine, than for some other distros.
So there is hope :-) The problem with the Kaspersky Rescue
CD, is a lot of useful tools have been removed.

Paul
 
The download the program today and it is dated (on the programs screen)
today. The card is recognised. just ran it anyway. Looks like it takes a
few hours so will see.
 
Thanks for your help. Kaspersky found reatogo (another boot cd creator)
as melware. But that was about it. Reset displayed a high number of
entries that could not be corrected. Seems strange that uninstalling
Avast and reinstalling it re-enables the anti virus and firewall
(Zonelabs). Reluctant to do that again as i have expensive internet
connection and would have to do a program and definition update again.

Thanks,
J.
 
Jason said:
Thanks for your help. Kaspersky found reatogo (another boot cd creator)
as melware. But that was about it. Reset displayed a high number of
entries that could not be corrected. Seems strange that uninstalling
Avast and reinstalling it re-enables the anti virus and firewall
(Zonelabs). Reluctant to do that again as i have expensive internet
connection and would have to do a program and definition update again.

Thanks,
J.

To be perfectly clear here, reinstalling Avast reenables Zone Alarm ?
I'd be willing to wager that Zone Alarm is the cause of the lockups, the
Access Denied messages, and the 'squareboxes' in the registry.

IMO, Online Armor protects and is compatible with Windows XP yet does
not present the issues often associated with ZA -
http://www.online-armor.com/products-online-armor-free.php

Even if ZA is uninstalled it will leave components of itself on the system.
CheckPoint offers a removal tool for ZA that is meant to be used after
ZA is uninstalled from Add/Remove Programs which can be downloaded from
this page -
http://www.zonealarm.com.au/main/kb_display.asp?KBID=1870


MowGreen
================
*-343-* FDNY
Never Forgotten
================

"Security updates should *never* have *non-security content* prechecked
 
I might be wrong as i downloaded Avast's uninstall tool and used that in
safe mode. Then uninstalled and reinstalled zone alarm then uninstalled
and re-installed spybot. Everything was working other than the following
two programs after re-installing Avast. Looks like i'm going to have to
do the same thing with XP on the c partition also. At the moment the
avast parent directory is renamed (which contain avast and avast 5) so
could do with a proper clean out. I haven't booted up since i have
renamed the folder so will try that first to see if there is a speed issue.
 
Jason said:
then uninstalled and re-installed spybot

Did you disable *all* of Spybot's Resident protections
(Immunize/TeaTimer/Resident SDHelper) prior to uninstalling it ?



MowGreen
================
*-343-* FDNY
Never Forgotten
================

"Security updates should *never* have *non-security content* prechecked
 
Back
Top