Windows 7 Freezes with no response.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by MrJokster, May 13, 2012.

  1. MrJokster

    MrJokster Private E-2

    I'll try to be brief. When Facebook changed their crap last (a few months ago) is basically when I started having problems [with freezing browser] so I just chopped it up as just too much crap going on with them and to be honest I really dont have problems when doing anything else, thus the reason I never tried to check in to anything, all I would do is "end process" in task manager and restart browser and everything is fine. At this point, I dont know if my current problems have any significance to that, or if its just coincidence. Anyways... The significant system issues started about 2 weeks ago. I'm a VERY light gamer, my Laptop is really basic: (Toshiba Satellite L755d ) Windows 7 64bit, 4 gigs Ram.

    While playing a game in Steam, the first few minutes I would get a lot of choppy graphics (meaning multiple 'pop' freezes. I guess its called lag) after a few minutes it would clear up and would be fine for the remainder of my play time. During this time slowly Firefox began to freeze more often than what I would call normal, whether its just browsing in google, or just facebooking (mostly with facebook). Within those 2 weeks I got the BSoD twice (maybe 3 times) this happened overnight when I was sleeping, I would wake up go to my laptop and see the BSoD on there. 3 days ago with when things really got bad, while playing in Steam (same game) The game froze for a good 10 seconds. Now again, not sure if the browser freezing is connected to the gaming.

    Now what brought me here today. Yesterday while searching random things in google (never actually opened any site) while still in google search results, browser froze. I figure, meh just the same ol' thing. I right clicked on task bar to open task manager as usual and nothing happened. I clicked on the START button and the whole screen turned to a very translucent blue (really only noticeable on the task bar) and everything went unresponsive. Couldnt click on any icons, nor the start button. I had no choice but to remove all power to shut it down. I rebooted and got the screen to open normally or in safe mode, I chose normal and everything booted up as normal. From then on everything stayed unresponsive. At first I could pass over all icons with mouse and they would highlight, but as soon as I clicked on anything I get the freeze.

    Last night I opened in Safe Mode and ran a check with SpyBot and it got hung up on fakealert.msg, I tried a second time and when it got hung up, I left it alone and went to bed. Woke up this morning and looked like it just needed to be given time, I corrected errors that were found. I brought my laptop to work to keep working on it, I ran a scan with Eset and it got stuck on fakealert.msg again and fraudsysguard, I gave it some time and it passed over both, but that is what brought me here. I ran the awesome SUPERAntiSpyware and Malwarebytes (which have always been my fave's) made the corrections found.

    After still having some symptoms I went again through all the processes found in your "READ & RUN ME FIRST. Malware Removal Guide thread" and made some decent progress, but it all ended up back to the same and actually seems to be worse including taking much longer to start up now.

    Couldnt do the RootRepeal do to 64bit. Cant run Combofix. I disabled all my anti-virus's as commanded. I get a dos window that is blue and not black that says (iirc), " attempting to create new restore point" another window pops up (a combofix window) looks like its scanning and states its saving files 0 of 11 files and does complete the saving of all 11 files, that window disappears, dos window is still there. A curser is blinking. Ten minutes of nothing I go to move the window to see if it probably froze up again... Sure enough did. I rebooted in Safe Mode yet again to reattempt Combofix. I got as far as last time, about 8 minutes in I got message to the affect that It can take up to 10 mins and can double for highly infected computers. 10 minutes after that (20 mins total) it began Stage 1, Stage 2 etc. 10 MORE minutes it finally got to Stage 50. Curser was now in a different spot so I knew it was done and doing something else. Blue dos screen cleared and said, "Preparing Log Report. Do not tun any programs until ComboFix has finished". An ADDITIONAL 10-15 minutes I get a window stating, "[OpenEvent] Failed to perform desired action. Error Code 2" As soon as I clicked on the screen after this message, yet again everything was frozen (every time I've said frozen in this post, never did I get the "non responsive" prompt on top bar of window. Everything is untouchable, only mouse is able to move, but no response to clicking ms1 or ms2 buttons) and this is the first time that has happened in Safe Mode.

    I've only been infected 2 maybe 3 times in the last 8 years (which is when I first began working online), this is the first time I've failed to fix the problem and the first time its taken more than maybe 3 hours.

    Total time with no results, 8 hours... I'm done.
     

    Attached Files:

  2. thisisu

    thisisu Malware Consultant

    Welcome to Major Geeks, MrJokster :)

    Try these scans:

    [​IMG] I want you to read and follow these instructions: TDSSKiller - How to run


    [​IMG] Please download aswMBR to your desktop.
    • Double-click aswMBR.exe to run (Vista/7 right-click and select Run as Administrator)
    • Select No when asked "Would you like to download latest Avast! virus definitions?"
    • Click the [Scan] button.
    • On completion of the scan click [Save log], save it to your desktop and attach this log to your next message. (How to attach)
     
  3. MrJokster

    MrJokster Private E-2

    Thank you for the welcome, too bad it couldnt be under different circumstances :)

    Ok, so I ran the TDSSkiller. I followed the instructions from the "How to Run" thread and one threat was detected (Unsigned file Service: IDriverT Suspicious object, medium risk), however one of the steps states "After clicking Next, TDSSKiller applies selected actions and outputs the result" There was no "Next" button to click only a Continue. When I click continue, the window closes and the "Start Scan" window is still there. so I have nothing to post there rolleyes:

    [​IMG]

    I do have attached the file I did find.


    So now I've just run aswMBR... :hammer BSoD! 0x24

    BAD_POOL_HEADER
     

    Attached Files:

    Last edited by a moderator: May 14, 2012
  4. thisisu

    thisisu Malware Consultant

    You can exit out of TDSSKiller if you have not already. You completed the scan successfully.
    0x24 is usually a sign of data corruption. The problems you are experiencing may not be malware related. Proceed below:


    1.Please download HitmanPro.
    • For 32-bit Operating System - [​IMG].
    • This is the mirror - [​IMG]
    • For 64-bit Operating System - [​IMG]
    • This is the mirror - [​IMG]
    2.Launch the program by double clicking on the [​IMG] icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

    3.Click on the next button. You must agree with the terms of EULA.

    4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

    5.Click on the next button.

    6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

    7.When the scan is done right click on the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!

    8.Click on the next button.

    9.Click on the "Export scan results to XML file".

    10.Save that file to your desktop and zip and attach it in your next reply.
     
  5. MrJokster

    MrJokster Private E-2

    Ok its all been done, but you said 2-3 minutes how dare you! It took 5 LoL :p

    Ok so you said "right click on the found entries (if any) and choose - Apply to all => Ignore" Right clicking gave no results, but each entry had a drop-down menu which had the options to choose ignore [which I did] and I clicked next. I didnt like the idea of ignoring to remove a trojan found, but I trust the experts :) and I hope using the drop down 'ignore' was the right thing to do.

    I kept ignoring the BSoD because they always said it had something to do with recently added hardware and/or software, but when I bought this Laptop, I bought with the idea of not putting ANYTHING into it as to never have problems. Is there a short way to explain what could have caused this error, or could this to been a result of some type of entity?


    log attached.

    thanks
     

    Attached Files:

  6. thisisu

    thisisu Malware Consultant

    :-D

    HitmanPro only detected one of our scanning tools as a trojan. It is safe in fact I need you to scan with it right now before I can declare your system clean.

    Follow these instructions if you haven't done so already. Otherwise, just attach MGlogs.zip. - Using MGtools
     
  7. MrJokster

    MrJokster Private E-2

    I have followed instruction sire [​IMG]
     

    Attached Files:

  8. thisisu

    thisisu Malware Consultant

    Your logs are clean.

    The BSODs could be related to data corruption.

    Check to see if performance is improved after running the following: Puran Defrag Free Edition
    Push the Boot Time Defrag button and choose -> Restart-Defrag-Restart + Full Disk Check
    This process can take a few hours. Further assistance should be sought out at our Software forum.

    __

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis if it present
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work through the below link:
    Be safe :)
     
  9. MrJokster

    MrJokster Private E-2

    Ok, so after doing the defrag it had seemed to have worked. I was able to use my laptop practically flawlessly. (basically back to the same crap I USED to have before these last horrific issues). I cant remember exactly the order, but I believe I either shut it all down or it froze again, either way I had to reboot for whatever reason. When I did, nothing happened. I got stuck on a black screen with my mouse cursor sitting there (movable) trying to load. I got fed up and shut it down and left it. That was Monday. Yesterday I attempted to reboot a few times, all times failed (all this at the worst time ever, I needed internet badly for a job I'm doing :() anyways, after countless attempts to load in all 3 types of safe mode I just left it. I came back (I dont know how long after) and I saw the screen where you would click the icon to log in, I've never had to do that, however the account wasnt mine, I think it said "New User" or something to that effect. I said oh well and clicked it. Everything froze :rolleyes. Got my hopes up :( anyway, I just quit and began the the job I had blindly. I dont know how long it had been, but when I came back in, windows was loaded! [in safe mode] I didnt question it, I just began using it for what I needed. Since then, I havent rebooted because I dont want my laptop to fail again. Everything is running fine, and to be honest its running rather quick too.

    As I said in my original post, I dont have anything important in this hard drive, its empty other than the gamer junk. If companies still sold their computers with Windows boot discs as they always had, I would have just reloaded the hard drive :/ now would that have solved everything? Any suggestions what I can do about getting a new boot disc with out having to sell my kids?
     
  10. thisisu

    thisisu Malware Consultant

    Yes, but only if there isn't any hardware failure.

    These are priced by Microsoft. See here: http://windows.microsoft.com/en-US/windows/shop/windows-7
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds