Fresh Windows XP Install hangs?

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780
Hi everyone,

Late lastnight I was attacked by a nasty virus that wouldn't give control of my computer back, every attempt at a "System Restore" was met by the virus blocking my attempt. I was able to do a "System Restore" via "Safe Mode" but strange things began to happen even after the restore point, so I saved as many family pictures as possible. Bottomline, is there a safe way to scan my thumb drive for virus so that I can add my family pictures to my new fresh install?

Thank you, I appreciate any assistance!

Regards, Systemlord.
 
Solution
Boot into safe mode with networking. Download, install, and update malwarebytes. Do a full system scan, including your flash drive.
http://www.malwarebytes.org/

manojgj

Distinguished
Dec 21, 2009
1,087
0
19,460
Cd or Dvd is better option for backup data's from virus infected system, bcz virus easily move to pendrives,

.. try to get hirens bootcd & use live xp to copy your files to pendrive, it may save you..make sure that "show hidden files & folders " is enabled & uncheck "hide extension for known file types & hide procted OS files" it may help to avoid selecting only photos while moving to pendrive rather than selecting hidden virus in the folders.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780
Thanks guys for the helpful advice, I just downloaded the Malware program and for the record in the five years of owning my two computers I have never added any virus killing software. I have some backed up files on DVD-R and some on thumb drives, do I install what's on the DVD-Rs then run the malware scan or can I scan just the disc before I copy the files to my computer? I have a few questions regarding programs like the Malware program, calling it malware does this program find just malware or does it also take care of viruses also? Is it the kill all be all defence for my computer that will take care of any threat?

Thank a lot guys, Systemlord!
 
I believe malwarebytes will scan DVDs. I'm not sure if I've tried that. It for sure will scan flash drives. You just plug them in, and check mark the box to scan it.

Plug in the flash drive, put your disc in the tray, and when you're in safe mode with networking, do the steps I mentioned above. If you've got malware (trojans, worms, adware...etc), Malwarebytes will likely find and remove it.

The free version of Malwarebytes is just a scanner. It doesn't provide real time protection. For that, I use Avira. It's got real time protection, and live updates.
http://www.avira.com/en/pages/index.php
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780
I ran the malware program (full scan) with the link provided and it found a total of three infected files, two within Windows and one in my thumb drive. How in the world did malware get into my 12 hour old fresh install of Windows XP? Should I just install what's on my DVD-R and run full scan? Also should I delete the infected files in quarantine?


Files Infected:
C:\System Volume Information\_restore{D7DF6C2A-03A1-471C-B78A-BA654CBE7F04}\RP12\A0000954.dll (Trojan.PWS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D7DF6C2A-03A1-471C-B78A-BA654CBE7F04}\RP12\A0002204.dll (Trojan.PWS) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe (Trojan.PWS) -> Quarantined and deleted successfully.


 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780


How will I know what to delete and what not to delete, if you hadn't told me that I needed that file for my profile I would have deleted it! Now you know why I refrained from using these types of programs, a false positive could just as well be my next wrench in the machine. Now I am unsure about using these types of programs, how in the future will I know if it's a false positive?

Thanks
Systemlord.
 
:) Don't worry. Malwarebytes is a very good program. 99% of the time, if it thinks it's malware, it is. That's why running Avira will help confirm it.

Any AV can have false positives.

If by chance, you do delete a system file, you can replace it by repairing your windows install, using your windows disc.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780


If I run Avira won't I have to unquarantine those suspected files?

Regards, Systemlord.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780


When you say, "that files is necessary to log into your profile", would that profile effect shutting down and/or restarting my computer properly? The reason I ask is because a few times today I went to "Restart" and "Turn Off" my computer today with those 3 files quarantined and my system hanged forever several minutes before shutting off, before I quarantined those files shutdown would take less than 8 seconds to turn completely off from desktop.

Files Infected:
C:\System Volume Information\_restore{D7DF6C2A-03A1-471C-B78A-BA654CBE7F04}\RP12\A0000954.dll (Trojan.PWS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D7DF6C2A-03A1-471C-B78A-BA654CBE7F04}\RP12\A0002204.dll (Trojan.PWS) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe (Trojan.PWS) -> Quarantined and deleted successfully.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780


Event viewer, huh? Anyways I installed XP all over again because of this hanging issue, when I go to "Restart" or "Turn Off" my computer it hangs for 2-5 minutes! While hanging if I'm able to move my pointer around, when I click on IE8 or any short-cut on my desktop it says, " "aborted Windows is trying to close", not exact words but close enough. I have never had this kind of problem before, is this a hardware issue or is windows screwing with me? I find it hard to believe it to be Windows because I have had two different fresh installs of Windows XP, please help me! :(
 
It sounds like a program or service is having a hard time closing. The event viewer is the place to look.
start-->control panel-->administrative tools-->event viewer-->look under system and applications for any errors with a timestamp around when you're shutting down the computer.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780



I took a look at applications, three warnings and System. "Warning Windows Management" says, "HiPerfCooker_v1 has registered in the WMI namespace Root/WMI, to use localsystem account this account is privileged and the provider may cause a security violation", my username and computer name are almost same. These only three warning messages under "Application" and two under "System", thanks for any help!

Applications

1. Warning message:

Source: WinMgmt
Type: Warning
User: NT AUTHORITY\SYSTEM
Computer: GAMING-MACHINE

"HiPerfCooker_v1 has registered in the WMI namespace Root/WMI,
to use localsystem account this account is privileged and the provider may cause a security violation"

2. Warning message:

Source: WinMgmt:
Type: Warning
User: GAMING-MACHINE\Doug
Computer: GAMING-MACHINE

"HiPerfCooker_v1 has registered in the WMI namespace Root/WMI,
to use localsystem account this account is privileged and the provider may cause a security violation"

3. Warning message:

Source: Windows Product Activation
Type: Warning
User: N/A
Computer: GAMING-MACHINE

System

1. Error

Source: Windows Update Agen
Type: Error
User: N/A
Computer: GAMING-MACHINE


2. Error

"Boot-start or system start drivers failed to load". This error was caused by my displayer drivers for my graphics card, it's happened before.

Source: Service Control Manager
Type: Error
User: N/A
Computer: GAMING-MACHINE
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780


After running Prime95 and Memtest overnight without any issues, I disabled "Windows Update" like you said to and right when I clicked on "Restart" is hung for about 1-2 minutes. I tried launch programs during this hang and everytime it said, "The Application Failed To Inialize because Windows is shutting down". Right after the hang I went into Event Viewer, but don't see any new errors or warning logs. I don't see how two completely different fresh installs of Windows XP can cause this to happen, what to do? Something is seriously wrong and I doubt it's software based!

Thanks,
Systemlord.
 
Re-enable your windows updates. Go to the update site, and see if there are any updates ready for download. If yes, either download them, or choose not to. While you're there, check out the download history, to see if there is an update that's been failing.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780



This time around when I installed Windows XP for the second time I created a clean fresh restore point without any drivers installed in case I had any problems, well I did restore to the very early restore point. I still have no drivers installed and I'm going to keep it this way for a few days, then I'll install one driver every two days so that if my hanging problem starts happening again I'll know which driver is causing the hanging issue. My OS is fully updated and very responsive, it now turns off very quickly! I haven't been able to recreate the hanging issues when Turning Off or Restart my computer, now that everything is fully updated what else can I do to diagnose a potential problem with say my Raptor hard drive? Maybe a Bios issue, motherboard did fine on the Prime95 and Memtest overnight, what would normally be the cause for Windows hanging upon Turning Off or Restarting?

Thanks,
Systemlord.
 

systemlord

Distinguished
Jun 13, 2006
2,737
0
20,780



I did have an error in Event Viewer - System, "installation failure for Windows Internet Explorer 8". The reason it failed to properly install is because the system hanged on the restart that was required for the update! I'll run the HDD utility that you linked to me and let you know how things progress over the next few days, I'll install the video drivers on friday after spending time restarting and turning off my computer, then the audio drivers on Monday until I rule out the problem. Is there anything else I should try?

Thanks,
Systemlord.