Computer sluggish, then freeze.

Discussion in 'Malware Help (A Specialist Will Reply)' started by thatnovaguy, Jan 10, 2010.

  1. thatnovaguy

    thatnovaguy Private E-2

    Hey, I've been having some serious compy issues. Started off with my computer restarting itself with no warning. After that, it would slow down and eventually freeze everything but the mouse, and shortly after even the mouse. Oddly, enough it seemed to only freeze when connected to the net, but it's not doing that now. It seems to freeze no matter what.

    I've ran everything in the read and run first section, except for rootrepeal, because it would cause a freeze in both normal and safe mode, and caused the bsod on the second attempt. I have most of the log files handy. So long as my compy doesn't freeze in the meanwhile. I thought it was fixed after I used the mgtools, and began playing bfh, but it froze with a buzzing sound in my speakers, so I did a hardboot.
    I fear it may be a hardware issue, and not malware, or maybe even both.
    My specs are:

    Mobo: Asus p5n32-sli se deluxe (with latest bios)
    Cpu: Intel Core2 Extreme x6800
    RAM: Corsair xms3 ddr2 800mhz timed at 4-4-4-12
    Gpu: 2x Evga 9800gt
    Sound: bGears B-enspirer
    and a vid-capture card.

    I think I did everything by the books on your read and run first thing, other than running chkdsk after regrepeal bsod'd.
    Please help if you would.
     

    Attached Files:

    thatnovaguy, Jan 10, 2010
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Moving to malware, since your scanning for malware you might be best there. In the meantime, pull some ram, check your hard drive for errors and make sure all fans are cooling properly.
     
    Major Attitude, Jan 10, 2010
    #2
  3. thatnovaguy

    thatnovaguy Private E-2

    I actually hasn't froze or anything since last night. After it froze then, I pulled a stick of ram to see if it might've been that, and tho it seemed to run a lil better, I put the stick back in to make sure that it was the ram, and it seems to be just fine, so I dont know that the ram was the problem. It froze mid-game the last time it froze, so I ran the game again to see if it was that, but it ran perfectly and I enjoyed playing it for about an hour. It even ran good enough that I installed ubuntu 9.10 on a partition just to see if it was my windows install that was buggy and not a hardware issue, and now I have 2 OSes running on my rig with no bugs. The only changes I truly made was that I uninstalled Alcohol 120% and Openoffice, and that was only because I was getting error messages from them on startup. I'm hoping that I have somehow miraculously fixed my compy, but I highly doubt it. I'll let you know when I have my next problem. :major
     
    thatnovaguy, Jan 11, 2010
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You need to attach the logs from SUPERAntiSpyware and ComboFix that were requested.

    Your problem is not related to memory problems. You have a master boot record infection that needs to be removed. Please do the below:

    Run the below tool from Prevx

    Prevx 3.0 use the button that says Download Prevx 3.0

    After running the Prevx scan. Reboot and then continue with the below.


    Now download the current version of MGtools and save it to your root folder. Overwrite your previous copy.

    Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )




    Now attach the below log:
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Jan 13, 2010
    #4
  5. thatnovaguy

    thatnovaguy Private E-2

    Ok, I ran prevx like you said and it didn't find anything. I forgot, after I ran chkdsk in windows recovery, I also ran fixmbr, and something else...fix(something). Sorry I forgot the superantispyware and combofix texts.
    Unfortunately when looking for my Sas log I realized that I unknowingly deleted it. I ran another scan and included a current log.
    Sorry and thanks,
    Andrew
     

    Attached Files:

    thatnovaguy, Jan 13, 2010
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes because unknown to us, you had already run fixmbr which fixed the MBR infection. You can uninstall PrevX now.

    We have a little more cleanup to do.


    Now we need to use ComboFix
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    • If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Also delete all files and subfolders in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
    C:\WINDOWS\Temp
    C:\Documents and Settings\Andrew\Local Settings\temp\

    Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

    Now attach the below log:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Jan 16, 2010
    #6
  7. thatnovaguy

    thatnovaguy Private E-2

    Ok, so things have been running pretty smoothly outside of playing Battlefield Heroes. It started freezing with a looping sound last night, I can usually get about 20-25 minutes in before it freezes. The odd thing is that (since I'm fortunate enough to have my girlfriend playing beside me) my character stays logged in the game as if I were still playing. It's just idling. Outside of that, everything seems to be shiny.
    Here is my new logs.
    Thanks,
    Andrew
     

    Attached Files:

    thatnovaguy, Jan 16, 2010
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I just want you to run a few more scans and attach the logs.

    Please download the following & save to your Desktop


    GMER's MBR.exe
    • Double click on the MBR.exe file to run it.
    • A log will be produced & saved to the desktop, called MBR.log.
    • Attach this log to your next message.

    Delete the current mbr.log file and then try to run the below instructions.
    Click Start > Run and copy & paste the following textin the code box into the Run box and then click OK:
    Code:
    [B]"%userprofile%\desktop\mbr.exe" -f[/B]
    Now double click on the mbr.exe file and attach the new mbr.log

    If it says you already attached it, then don't worry about it since it means it is the same as the previous log.




    Now go to TDSSKiller and Download TDSSKiller.zip to your Desktop
    • Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any subfolder of the Desktop.
    • Click Start > Run and copy/paste the following bold command into Run box and hit Enter.
    "%userprofile%\Desktop\TDSSKiller.exe" -v
    • Follow the instructions to type in "delete" when it asks you what to do when if finds something.
    • When done, a log file should be created on your C: drive named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )
     
    chaslang, Jan 18, 2010
    #8
  9. thatnovaguy

    thatnovaguy Private E-2

    Here's the mbr.log
     

    Attached Files:

    • mbr.log
      File size:
      327 bytes
      Views:
      2
    thatnovaguy, Jan 20, 2010
    #9
  10. thatnovaguy

    thatnovaguy Private E-2

    Sorry the mbr.log is in a different post, I got ahead of myself, but when I tried to add the second one, it said it was already on this thread. Here's tdskiller log.
    Thanks for putting out so much effort to help me, not many people are willing to do as much as you have. I'll repay you if I can.
     

    Attached Files:

    thatnovaguy, Jan 20, 2010
    #10
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Your logs are clean.



    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    chaslang, Jan 22, 2010
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds