Screen freezes

Status
Not open for further replies.

lyrklaunavan

Posts: 12   +0
Hi,

I have a problem with a virus. When I start Internet explorer or Mozilla , windows freezes and I have to restart. This is for 2 weeks like that. I tried to turn off system restore and installed AVG Free, Kaspersky Internet Security 2009, Combofix, Nod32, MalwareBytes, AD-Aware Anniversary Edition, Spybot, CWShredder and Dr Web. Evryone of them found different viruses or trojans ... They deleted all of them but my computer keeps on freezing when I open internet explorer. I am writing this thread now because now it looks okey. I do not know what will happen next. (I formatted my harddisks and reinstalled vista 2 or three times but this thing is still freezing!!!!) Maybe it is not in harddisk. Can you help me please? I can not do any work for 2 weeks in this computer. Thanks in advance (I wanted to add MalwareBytes log also but Vista screen freezes while it is scanning so I could not get the report)(Screen freezes becoming more common on the last two days)
 
Please follow the steps here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

When you have finished, attach all 3 logs.

installed AVG Free, Kaspersky Internet Security 2009, Combofix, Nod32, MalwareBytes, AD-Aware Anniversary Edition, Spybot, CWShredder and Dr Web.

Please get this down to:
One antivirus program
One firewall
Two or more spyware/adware programs.


You note 3 AV: AVG, Kaspersky, Nod32. You can't run AVG, Nod32 and KAV together.

Real Time Protection needs to be temporarily disabled during the scans. If AdAware has AdWatch running, disable it:
AD-AWARE AD-WATCH
* Right click on the Ad-Watch icon in the system tray.
* At the bottom of the screen there will be two checkable items called "Active" and "Automatic".
o Active: This will turn Ad-Watch On\Off without closing it.
o Automatic: Suspicious activity will be blocked automatically.
* Uncheck both of those boxes.
* (When done, you can re-enable it using the same steps but this time check both boxes.)
Kaspersky Internet Security 2009 put you out $60 so you may want to keep it. It has AV, firewall and other protection. IF you were doing a trial only, then decide if you want to keep it.

You're also running SpywareTerminatorShield.Please see this image to know where to UNCHECK the Shield feature:
main_rts.jpg


After you have completed all of the above, THEN follow the Steps in the Malware thread. Since you have Malwarebytes on the system already, UPDATE it and run a new scan.
 
Thanks Bobbye for the reply. I am struggling. I downloaded malware bytes from another PC and I put it into my pc because Internet is down. I am writing this from another computer. I could not do complete scan in MAlware Anti bytes because screen freezes while it is scanning. I tried countless times but no way. I did what the guide says as you told. Still the same.
 
Try running it in Safe Mode:

Boot into Safe Mode
  • Restart your computer and start pressing the F8 key on your keyboard.
  • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
 
I opened in safe mode and tried to perform MAlware Full Scan but it freezes in the middle of the scan in Safe mode and I could not succeed in getting the log for Malware again. I became angry and I installed my old Windows XP SP2 then. (I thought maybe XP can work. I reinstalled Vista a couple of times with formatting Hard Drive first and it continued to make the same freeze in new installation also). So I run the softwares in new XP SP2 installation and I succeded in getting the logs this time. (At least Malware worked successfully till end) Can you please check them? But still freezing in XP again. I sense that when I try to open a site with a lot of macromedia flash banners vs... it freezes instantly. But If I open a site with mostly text it keeps working more. MAybe macromedia flash virus?(Dunno if a virus like that exists?) Formatting harddisk or reinstalling OS do not affect this thing!! Thanks (I do not know if it was a good idea to reinstall XP but there is a saying " You can not get different results by doing the same thing" ) (By the way I installed Zonealarm and AVGFree as suggested in Virus and Malware Removal Guide.)

I am struggling with this virus for 2 weeks. I will return it to the shop maybe hardware error huh?
 
You are a student in the Middle East Technical University- is that correct?

When you installed Windows XP over Vista, you changed the entire system, what's in it.

By the way I installed Zonealarm and AVGFree as suggested in Virus and Malware Removal Guide.)
You misunderstood the antivirus recommendation- it a problem we've been having. The step says that if you DON'T have an antivirus program, Avira or Avast is recommended. The AVG recommendation was misleading. You had Avira which was a better AV program, now you have AVG.

Did you do a full system scan with AVG after you downloaded and installed it? If not, please do that and attach the log.

Formatting harddisk or reinstalling OS do not affect this thing!!
It should if it's software related-unless you downloaded corrupt software back on.

I sense that when I try to open a site with a lot of macromedia flash banners vs... it freezes instantly. But If I open a site with mostly text it keeps working more.

So the problem is in viewing flash, correct? The system freezes and won't display flash? Do you have Flash installed? Go to the Control Panel> Add/Remove Programs> look for:
Adobe Flash Player
Adobe Shockwave Player
Do you have either or both of these? What version is each?

I see you are using Firefox. What version? Do you have any add-ons that prevent flash like No Flash, Flash Killer, Flashblock or any other flash blocking add-on?
Do you have the Adobe Flash Player plug-in for Firefox?

I'm not sure exactly what is being blocked but I found two entries in the HijackThis log I want you to remove:

Please open HijackThis, and select Do a system scan only.

Place a checkmark next to the following entries (if present):
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001

Please remove this also:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Baðlantýlar

Then, close all other open windows, leaving only HijackThis open, and select Fix checked.

The first 2 entries are from Macrovision Europe Ltd. Cleanup OR Adobe Photoshop OR
This is as good a description as I could find:
On the Windows 2000/XP operating system the license manager is installed as a manually started, LocalSystem service named “Macromedia Licensing Service”. An additional process related to the license manager is called “~e5d141.tmp”. Two instances of this process are present when a Macromedia application is running.

So, bottom line is that you DO have some Macromedia app running and it sound like it's corrupt. IF you have either of the Adobe (Macromedia) programs in the Control Panel Add/Remove Programs, Uninstall each one, one at a time, then download fresh. Here are the sites:

Download Adobe Flash Player HERE and save to your desktop:
Double click to run> follow the screen prompts to install.
Reboot the computer

Down Adobe Shockwave Player HERE and save to your desktop
Double click to run> follow the screen prompts to install
Reboot the computer.

Open Internet Explorer> Tools> Manage Add-on> find both Flash and Shockwave and click to highlight each> Enable.

Now try the sites.

But I also want to see the virus log so please attach it. After you do these things, I'll see if anything else is needed. Please don't reformat or reinstall while I'm helping you.

By the way, Adobe bought Macromedia: http://www.tnl.net/blog/2005/04/18/adobe-acquires-macromedia/
 
Thanks so much

Thank you Bobbye. Thank you so much. Problem solved :))
I made the log below while I was trying your suggestions.




"You are a student in the Middle East Technical University- is that correct?"
Yes. I was.




Before

Adobe Flash Player 10 Plugin version: 10.0.22.87
Java 2 Runtime Environment, SE v1.4.2_05
Java (TM) 6 Update 13 Version 6.0.130
Adobe Acrobat Professional 7.0: Shareware


"Do you have the Adobe Flash Player plug-in for Firefox?"

Yes. I only have Adobe Flash Player 10 Plugin installed.
(Flash player and Flash player plugin different things?) I will now install from the links you gave me.)
I do not have shockwave player.

""I see you are using Firefox. What version? Do you have any add-ons that prevent flash like No Flash, Flash Killer, Flashblock or any other flash blocking add-on?
Do you have the Adobe Flash Player plug-in for Firefox?""

Firefox 3.0.10. I do not have any add on in Firefox.



I ran AVG Free. I put results in a different file attached.

"""Place a checkmark next to the following entries (if present):
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001"""

No entries like above. So I did not delete in HJThis.

""Please remove this also:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Baðlantýlar""

I removed this.

Lastly I downloaded Adobe Shockwave and Adobe Flash from the links you supplied.
I opened add ons and I noticed there was 3 entries of the same type.I incluede it in the attachments. (Explorer add-ons)
I disabled 3 of them and I left one of them active. (Java Plugins). I remember I installed it 3 or 4 times maybe deactivation of them caused to the solution in addition to installing shockwave.

And Bingo...

No problems...

The problem was Shockwave. After I installed it I could open the websites without freezing. Techspot rocks...
 
So glad that took care of it! Wasn't sure from the description which it was.

To prevent the Tracking Cookies in Firefox, install the following:
AdBlock Plus: https://addons.mozilla.org/en-US/firefox/addon/1865
Easy List: http://easylist.adblockplus.org/ ( Get 1 & 2)

When you have the Manage Add-ons box open, the dialog box at the top has two settings:
1. Add-ons currently on the system.
2. Add-ons previously on the system.

Adobe Flash Player and Shockwave Flash Object are 2 separate entries in the Add-ons box.

Edit: Forgot 2 steps:

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTCleanIt by OldTimer:
Save it to your Desktop.
Double click OTCleanIt.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.

You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:
  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
  • Click "OK" to select the partition or drive you desire.
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.
 
You're welcome. I forgot to mention to empty the Recycle Bin- so if you have not, go ahead and do that. Please let us know if you need any more help./
 
Status
Not open for further replies.
Back