131 replies to this topic

[Happy]

I attempted to run this scan last night, it ran for quite some time, and then I received a few error notifications that seemed to reference an inability to write temporary data into a few different files before the whole thing crashed and went blue screen. I am trying to re-run the scan now. It's been approximately 20 or more minutes, and for the last 15 or so of that time, it's been stuck on Scanning service: stisvc....

[LDTate]

Did you ever get the chance to have this file checked?

Please go to , http://www.virustota.../en/indexf.html click on Browse, and upload the following file for analysis:

c:\windows\system32\drivers\spfbmy.sys

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for me to see.

If virscan.org is too busy you can try these.

http://virscan.org/

http://www.kaspersky...anforvirus.html

[Happy]

No, I had not. Since it just blue screened again, I'll try to reboot and give that a shot and reply back as soon as possible.

[LDTate]

[Happy]

* Sigh * I've tried to get to a point that I could access the internet using the affected machine, but I continue to get an alert: "Windows - Delayed Write Failed. Windows was unable to save all the data for the file C:\Documents and Settings\All Users\Application Data\AVG10\log\avgwd.log. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this data elsewhere." The machine continues to seem to be trying hard to process information, but not really getting anywhere before ultimately blue screening.

[LDTate]

Try this instead.

This file will fit on your thumb drive.
http://www.snapfiles...nsockxpfix.html

Get a copy of winsockxpfix.exe, save it to the thumb drive and copy it to the infected computer.

You just run it by double clicking on the downloaded file after you copy it to the non-working computer.
Things should work OK after it reboots your system.

[Happy]

Ok, trying to execute as requested. I did sucessfully download the file as requested to my zipdrive. However. the start up was not stable enough on the affected machine to get through the start-up process far enough to even have a chance to copy/run winsockxpfix.html... it would simply fail in the same manner as I've previously described. So, out of frustration, I booted the system in Safe Mode and forced the copy of winsockxpfix to the desk top that way. I tried to run the executable in safe mode, then rebooting to 'regular' mode a few times. The performace (as it may be) seemed to SLIGHTLY improve with each effort. Long-story short, I was finally able to get to a point that I could QUICKLY run winsock in standard mode. It seemed to run normally and I tried to reboot. Now I'm getting an error mesage saying that the Delayed Write Failed. [This is in the reboot mode of Windows] Windows was unable to save all the data for the file C:\Windows\ie7. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere. I hit 'OK' and I intend to see where this goes. I'm not expecting big things, though it continues to try to install update 1 of 1. ... and blue screen...

Edited by Happy, 11 February 2011 - 10:23 PM.

[Happy]

OK, just tried to plow through the same process again ( ok, a few more times), and now have managed to get to a reboot where it's trying to install updates 1 of 3.... it seems to have done that, and it is now rebooting.

[Happy]

Ok, now, for reasons unknown, the machine is running a chkdsk that has a list of 'Recovering orphaned file's that I cannot begin to detail for you ... though it seems to be correcting errors... 'n-stuff.

[LDTate]

After chdsk ran, is it still blue screening?

[Happy]

Yep. Just tried to boot-up, and it was really struggling getting a lot of Delay Write Failure notices, it blue screened.

[LDTate]

I'm out of ideas. You could try our Windows Forum and see if the Tech Team has any ideas.

[noahdfear]

Happy, Please open the case of your computer and verify that the CPU and/or case fan(s) are running, and that the inside is not in need of a dusting (with compressed air or a small brush - no vacuum cleaners!). Excessive heat could be contributing to the BSODs. While you're in there, shut it down and reseat the RAM, and check that cables are securely connected. Let us know if that makes any difference in system stability.

[Happy]

Dave, thank you for the suggestion, but nice the affected machine is a laptop and not a traditional PC with a tower, I'm a little nervous about tring to crack open the case. I keep it on a cooling tray that is functioning, and if we're down to that I'll do it, but I'm still hoping to get something else to work. Every one of the Delay Write Failures that I'm getting seem to involve AVG and AdAware, so I cannot get away from the notion that those two are still conflicting with one another. [This is just my theory, so tell me if I'm high.] What about trying to run some of the suggested fixes in Safe Mode - would that give me any kind of a fighting chance? So, with that in mind, I booted in Safe Mode and was able to run the winsockfix again and it rebooted. While still in Safe Mode, I ran AppRemover, and again it only found Spybot S&D - so I figured what-the-hell, and I removed went ahead and uninstalled. Then I rebooted again, normally, and tried to run Winsockfix again. It's been running for some over a half hour... "ResettingTCP Parameterswith Netshell... and there is a C:\WINDOWS\System32\netsh.exe window open, but i really cannot see much else happening. Hey, at least it hasn't blue screened... yet. So, I'm trying to decide if I need to terminate, or if I just continue to let it run. Any thoughts?

[noahdfear]

I really do feel it would be good if you are able to check for dust buildup. I've seen quite a number of laptops with a healthy layer between the fan and cooling fins of the exhaust port. Many manufactures have step-by-step instructions for removing the keyboard, processor, memory, etc, and it's quite possible there's something available for your's that would be very helpful in simplifying the task. If you can't find something, provide the make and model and I can try to dig something up too.

Please download and run the AVG Removal tool.
http://www.avg.com/u.../download-tools

Reboot when done then download and run ComboFix as described here and post the resulting log.