Random crashes / freezes, docs open slowly

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mondola, Aug 8, 2015.

  1. mondola

    mondola Specialist

    McAfee is running, and may be the culprit as seems to utilise a lot of resources, as does WD backup.

    However, my friend says that:

    • Internet Explorer freezes / crashes
    • Excel crashes often
    • Docs open slowly
    • Internet opens slowly
    • Watchdog error - possibly down to wrong Bluetooth driver

    Logs attached.

    Thanks!

    :cool
     

    Attached Files:

    mondola, Aug 8, 2015
    #1
  2. mondola

    mondola Specialist

    Last log
     

    Attached Files:

    mondola, Aug 8, 2015
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    • Re run Hitman Pro and have it remove all that it finds.
    • Let me know whether this machine is deliberately set up to use a proxy or not....
     
    Kestrel13!, Aug 9, 2015
    #3
  4. mondola

    mondola Specialist

    Hi, no not set up to use a proxy. Have re-run HitMan Pro. WIll attach new logs.
     
    mondola, Aug 9, 2015
    #4
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi mondola, I would have answered you last night only this website wouldn't load for me, I tried for ages. :(

    Gotta pop into work soon for a little while but when I get back I'll post a fix. :)
     
    Kestrel13!, Aug 10, 2015
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Disable or uninstall antivirus before doing this as the fix may not implement.

    [​IMG] Fix items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate these detections:

    • [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    • [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    • [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    • [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    • [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:62025;https=127.0.0.1:62025 -> Found
    • [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:62025;https=127.0.0.1:62025 -> Found
    • [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:62025;https=127.0.0.1:62025 -> Found
    • [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:62025;https=127.0.0.1:62025 -> Found

    Place a checkmark next to each of these items, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.



    This takes a long time to run, so go off and do something else for a bit ;)

    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
    • Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
    • Now select the Start Repairs tab.
    • The click the Start button.
    • Create a System Restore point if prompted.
    • On the next screen, click the Unselect All button to first deselect all repairs.
    • Now select the following repair options:
      • Reset Registry Permissions
      • Reset File Permissions
      • Register System Files
      • Repair WMI
      • Repair Windows Firewall
      • Remove Policies Set By Infections
      • Repair Winsock & DNS Cache
      • Repair Proxy Settings
      • Repair Windows Updates
      • Set Windows Services To Default Startup
    • Now on the lower right side check the box to Restart/Shutdown System When Finished
    • Then make sure the Restart System radio button is enabled.
    • Shutdown any other programs that you are running now before continuing.
    • Now click the Start button.
    • Be patient while the tool repairs the selected items.
    • It should reboot automatically when finished.


    Now rescan with RogueKiller and attach latest log.
     
    Kestrel13!, Aug 10, 2015
    #6
  7. mondola

    mondola Specialist

    Hello Kestrel,

    Sorry for the delay on this one. I was helping this person out as a friend of a friend because I "work in computers".

    I was helping her all remotely because she wanted to keep working on the machine.

    The Windows Repair just hung, so it was stopped. The RogueKiller Log reported that the Proxy was still enabled.

    In between, it seems she's had other people like her father and some tech at work tinker with it and run registry repairs.

    As a result, I suggested that the best action would probably now be a backup and rebuild - if only to fix it once and for all and stop her tinkering.

    She now claims she's managed to fix it, but hasn't elaborated on what, who, or how, so I do believe our work here is done, and I can only apologise for wasting your time. I wouldn't be able to determine what state the machine was in anymore anyhow.

    I think I will just point people here in future and get them to do the stuff themselves rather than act as the go between. If they're not technical enough to do that, they really shouldn't be tinkering with the workings of the computer to start with!

    :)
     
    mondola, Aug 19, 2015
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Ahh no worries mondola, and good idea on referring them here to do the hard work for themselves, I think. ;)
     
    Kestrel13!, Aug 19, 2015
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds