Re: Accessing network freezes computer


"Chuck" <none@xxxxxxxxxxx> wrote in message
news:ijg8d1d9inq40893g50hmqqb8vgkkf28mj@xxxxxxxxxx
> On Tue, 12 Jul 2005 15:10:38 -0600, "idaspud" <someone@xxxxxxxxxxxxx>
wrote:
>
> >Hi
> >
> > This problem started suddenly, not over time. The computer will run
fine
> >doing anything else except accessing other computers or the web. So
anything
> >to do with networking. Once you open say, a browser, maybe get to a site
or
> >two, the computer completely freezes up. Accessing another computer on my
> >network has the same results. No BSOD or the like, just a solid freeze. I
> >ran three different spyware programs with no problems detected and two
> >different virus programs with no problems detected. Finally I performed
HP's
> >"full restore" (Hidden Partition type not disks), formatting the HD etc.
> >Same problem with freezing up.
> >
> > The computer is an HP Pavilion XT983, AMD 1.4ghz, 512mb ram, with an
> >onboard Realteck RTL8139. MB is Trigem. I also tried disabling the NIC in
> >Hardware profiles, and installing a known good NIC, but with the same
> >results. At this point I'm thinking hardware failure of some sort.
> >
> > Any Ideas?
> >
> > Thanks Keith
>
> Keith,
>
> Did you do a complete malware exam? Did it end with HijackThis, and if
so, do
> you have a link to a HJT log analysis?
>
<http://nitecruzr.blogspot.com/2005/05/dealing-with-malware-adware-spyware.h
tml>
>
> Start by finding out WHAT the computer is actually doing when it
"freezes". Get
> Autoruns, Filemon, Process Explorer, Regmon, and TCPView, all free, and
all from
> SysInternals.
> <http://www.sysinternals.com/Utilities.html>
>
> Each of these programs need no installation - just copy them to a folder,
make a
> shortcut, or whatever you like to do, and run each one.
> # Autoruns lists each process automatically started by the system, looking
in
> close to a dozen startup lists. It provides a GUI equivalent to
HijackThis, but
> provides much more detail about each entry.
> # Filemon makes a scrolling display of each file as it is accessed,
including
> the process accessing it, the action used in the access, and the status
(success
> / failure).
> # Process Explorer provides a very detailed list of all processes running
on the
> system, including how each process started, what resources each is using,
what
> components are used in each process. I like to add a colum that displays
Start
> Time of each process, then sort by that column. You can watch what just
> started, sometimes with enlightening results.
> # Regmon makes a scrolling display of each registry value as it is
accessed,
> including the process accessing it, the action used in the access, and the
> status (success / failure).
> # TCPView lists all open ports on the system, what process owns each port,
and
> its local and remote endpoints. It complements Process Explorer quite
nicely.
> For a network activity display, or at least a display indicating the
variety and
> volume of network activity, it is essential.
>
> Play with each one a bit, get used to what it shows, then start your
browser,
> and see what interesting information you see.
>
> --
> Cheers,
> Chuck, MS-MVP [Windows - Networking]
> http://nitecruzr.blogspot.com/
> Paranoia is not a problem, when it's a normal response from experience.
> My email is AT DOT
> actual address pchuck mvps org.

Thanks for the response and info. I'll check into it further, using your
suggestions. One thing bothers me however; Having formatted the hd, and
reinstalled xp, and nothing else, why then would there still be malware on
there, and why did it freeze the very first time I tried to use
networking?, (Not the Net but computer to computer) I had also run several
spy/add ware programs before I got radical and wiped 'er clean, as well as
scanned for viruses, with no problems reported. I have since run the
detectors yet again, with no reported problems. I ran Hijackthis before and
after as well, and had searched the web for every entry that even looked a
little suspicious, ("before") with good results for all. I am a VERY careful
NET user, and do regular maintenance to make sure I don't have problems. I
use a firewalled router, and keep resident programs running in the
background, just-in-case I do run into something adverse on the web. So I'm
a little perplexed here.

Cheers
Keith


.