When I log on, my computer freezes after about 30 seconds

Status
Not open for further replies.
D

DaMaluJordan

Posts: 65   +0
I think my computer has just been infected with some type of virus. I am running Windows Vista Home Premium 64-bit. When I get to the log on screen, I input my password and it takes me to my desktop. After about 30 seconds, an unusual icon appears in the system tray. It is a gray circle that seems to be broken up into small squares inside. I have no clue what that. My brother says that it looks similar to the Adobe Acrobat system tray icon. As soon as it appears, my computer freezes. I can't access anything. The only thing I can do is press Ctrl+Alt+Del. When I do that, I can choose to start the task manager but that does me no good. The task manager does come up but it is completely untouchable. I can't end any processes or anything. The entire dialog box is frozen. The only real option I have is to log off from the screen that comes up in Vista when you press Ctrl+Alt+Del. In the approximately 30 seconds that I have between log on and complete freeze, I tried to figure out what process it was in task manager which caused my computer to freeze. I really couldn't find anything that appeared when that icon appeared. I'm not sure what to do. I managed to get AVG to start scanning my computer in that 30 seconds that I had but I'm not sure if I'll be able to do anything with it once the scan is complete. What should I do? By the way, I am writing this message on my Windows XP on another computer in my house.
 
Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).

Most importantly update MalwareBytes (MBAM) and SuperAntiSpyware (SAS)!

Before you scan with either MalwareBytes or SuperAntiSpyWare do the Extra Configs below these have become most important lately

SuperAntispyware extra config

After installed double-click the icon on your desktop to run it.

Update the program definitions.

Click the Preferences button.

Then Scanning Control.

In Scanner Options make sure all boxes are checked except #3 Ignore System Restore.. are checked:

MalwareBytes extra config

After update but before running
Click settings and confirm all are Checked.

I repeat Update these 2 programs.

Run them and attach their logs.

Do this correctly and we will make a short job of this!

Mike
 
I'll try to do all of this but I'm not sure if I can. Like I said earlier, my computer basically completely freezes after about 30 seconds. After that 30 seconds, I can't access anything. I don't think I will be able to do some of these things in less than 30 seconds but I'll try.
 
Yea you did say that!

I meant to tell you to boot to Safe Mode with Networking. It may be OK there. Let me know if it is.

Mike
 
I was able to enter safe mode with networking. It didn't freeze. I'll try and do all the steps now. I'll reply back once I complete the steps. Thanks.
 
There's another problem now. AVG won't run in safe mode. It keeps saying: License number could not be fully verified. I'm using Microsoft's License number for it so I'm not sure why it's not working. It worked fine before. Reinstalling it doesn't work either. Should I skip the AVG step?

Actually, disregard that last statement I made. I was able to go into normal mode and quickly install each program after logging off and logging back on 4 times. Right now I'm running the scans in the normal mode. Once they are complete, I will attach them. By the way, I think I've pinpointed the process that caused my computer to freeze. I think it's something called rlvknlg.exe*32. It's something called Relevant Knowledge. When I ended that process, the icon didn't appear in the system tray so my computer didn't freeze anymore. I'll still run all the scans just in case. I'm sure just ending that process alone didn't solve the problem. I'm sure it's still there somewhere.
 
Well actually my message at the top I advised to not install a Virus scanned if you already had one. Did you not have a virus scanner already?

But proceed I will see it in the logs.

Mike
 
Finished

Something went wrong with AVG so I had to reinstall it. Anyway, I think everything is fixed. I have the three log files attached though. Please take a look and tell me if there is anything left that I should do. Thanks.
 
-> No action taken on MBAM scan, for found issues
Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected. <========= Not Done
Click to expand...

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"

By the way, you will need to then restart, and run (and attach) a new HJT log

---------------

By the way, you presently have AVG8 (not ideal)

Uninstall your AVG Antivirus
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe

Restart

Install Avira free AntiVirus

Then run Malwarebytes ;)
 
Ok

I've removed AVG and installed Avira. I'm rescanning with Malwarebytes right now. Once it's done, I'll remove everything, which I'm sure I did before but I guess something happened. I'll rescan with Hijackthis after and attach both log files when I'm done.
 
Get ready for the Avira "found Virus" notifications :D
You need to quarantine them manually each time one is found

To avoid watching the screen for this, you can run a full scan with Avira first
On the first found Virus, you can select Quarantine (as per usual) but this time you can tick, make this the default action (no need to stay and watch then) :grinthumb
 
Logs

Well, I was right about the Malwarebytes thing. I did remove them before. I rescanned and found nothing this time. I'll attach the latest log. I'll also attach the latest log of hijackthis.
 
You know I'm going to contact Malwarebytes over this
Because your last log said, "No action taken" But it still removes them anyway :)confused: )
This has happened a lot of times on many threads

I haven't viewed the HJT log as yet, but did Avira find any more Virus or Malwares?

I need to sign off soon, and checking the log takes some concentration, which I'm presently losing :zzz:
 
Avira is almost done scanning. It is currently at 99.8%. If Avira finds stuff, I'll quarantine it. If it comes with a log, I'll show you that as well.

Here is a log from Avira. It found some things but it didn't give me any option to get rid of them so I'm not sure. If it was those rare popups from avira, I've deleted or quarantined those files. Should I do anything else or am I good?
 
Looks good :grinthumb

Clear & Reset System Restore's Cache

Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply, and then OK
 
Good morning

I too have noticed several people say they removed and the 2nd run was different or clean.

Thread Closing-------------------------------------------------------------------

Some of these tools update so often they require downloading again later if needed. But keep and run MBAM and SAS to maintain.

Remove ComboFix
Start-Run
type
combofix /u
Hit enter or click OK.

Please download OTCleanIt http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe

Save to desktop.

This will remove all the tools we used to clean your computer.


Double-click OTCleanIt.exe. Click CleanUp. Yes to the "Begin cleanup Process?"

Approve all if prompted by Firewall. Approve Widows Defender or other guards or security programs while OTCleanIt attempting access to the Internet to allow all.

If prompted to Reboot click, Yes.
OTCleanit will delete itself when finished, If not delete it by yourself.

-------------------------------------------------------------------------------------
Run CCleaner http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.

Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.

KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner.
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below

Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "After cleanup at TechSpot".

Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.

As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

It clears what is known as Shadow copies which are used by specialized back up programs.

This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------

Every two weeks or so, run MBAM and SAS until clean.

They take a while, so leave scanning while you are sleeping working or watching TV. If not done under the gun they can be scheduled not to interfere with computer time.

If they find something they can not clean, then get back to us.

Additionally run CCleaner. ATF-Cleaner and KCleaner.
----------------------------------------------------------------------------------------
I have been using ThreatFire for more than a year, it just went from ver 3 to ver 4.

It was designed to be used with and to co-exist with other Virus scanners.

Additionally it uses a totally different process to protect. While conventional Virus scanners work from definitions ThreatFire works on recognizing Virus/Malware activity.

It's like looking at it with 2 sets of eyes and from a different angle.

It works like some Firewalls do to learn what is good/bad.

After install it will ask you about everything that could be a security issue. For example the first time you run IE or FireFox it will prompt you. You would answer to approve and remember the setting. From then on no more prompts about IE or FireFox unless the exe changes like in an update.

As it queries you about the prompt to help you determine to approve or not you can google it with one click.

http://www.threatfire.com/Download/
-------------------------------------------------------------------------------------
Look at http://www.javacoolsoftware.com/spywareblaster.html

Run SpyBot ocassionally and use the Immunize function.
http://www.safer-networking.org/en/download/

I highly reccomend Hostman: Hostman http://majorgeeks.com/HostsMan_d4592.html

Download install run and allow it to disable DNS Client and select all Host files and then Update and install all host files.

A Disk Scan (chkdsk) and Defrag are in order.

Mike
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
475
eriksnyman1
E
H
Freezes after BSOD
Replies
10
Views
1K
bazz2004
B
midian182
HP Smart app mysteriously appears on non-HP Windows PCs
Replies
1
Views
305
Mark Fuller
M

Latest posts

Back