Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Windows 7 keeps freezing, Safe Mode works. Here's my logs!  (Read 26208 times)

0 Members and 1 Guest are viewing this topic.

Aartemisia

    Topic Starter


    Rookie

    • Experience: Beginner
    • OS: Windows 7
    Windows 7 keeps freezing, Safe Mode works. Here's my logs!
    « on: March 24, 2014, 08:19:54 AM »
    Hello, I'm Alli. I apologize for putting this in the wrong thread initially, and thank you for redirecting me here.  I have a Asus Laptop Model number U46E-RAL5, which is running Windows 7 Home Premium. Yesterday, I started having trouble loading Windows 7 on my computer. Windows 7 loads up normally, albeit slowly, but then once I try to click on any programs, it freezes and goes to "not responding." Thinking it had something to do with the windows update, I simply did a system restore in safe mode and that seemed to do the trick. However, when I shut down my computer and booted it back up this morning, I found that the problem was still persisting. This time I ran MalwareBytes and it came up with Trojan virus, which I quickly deleted. However, when I restarted my computer again, the problem didn't go away, so I did an earlier System Restore, and after that I did another MalwareBytes scan, which showed a few errors, but not Trojan, so I deleted them. This was around the time I posted in the Windows 7 thread (very sorry), and after seeing the reply, I went through and acquired the logs requested. During this process, I noticed that I was able get on to the internet using Firefox in Normal mode, but my computer froze up again when I went to open MalwareBytes. I had to go back to Safe mode, but it was encouraging to see I could get onto the internet, no matter how briefly.

    The logs requested:

    AdwCleaner:

    AdwCleaner v3.022 - Report created 24/03/2014 at 22:11:55
    # Updated 13/03/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Alli - ALLI-PC
    # Running from : C:\Users\Alli\Downloads\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\ProgramData\AVG Security Toolbar
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Users\Alli\AppData\Local\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\Alli\AppData\LocalLow\AVG SafeGuard toolbar
    Folder Deleted : C:\Users\Alli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    File Deleted : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\BrowserMngr_extensions.sqlite
    File Deleted : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\browsermngr_prefs.js
    File Deleted : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\searchplugins\bingp.xml
    File Deleted : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\searchplugins\safeguard-secure-search.xml
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
    File Deleted : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\AVG SafeGuard toolbar
    Key Deleted : HKCU\Software\Cr_Installer
    Key Deleted : HKLM\Software\AVG SafeGuard toolbar
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\BrowserMngr
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
    Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
    Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>;*.local

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16843

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [NOOO]

    -\\ Mozilla Firefox v27.0.1 (en-US)

    [ File : C:\Users\Alli\AppData\Roaming\Mozilla\Firefox\Profiles\ltqzc4oc.default\prefs.js ]

    Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110796&tt=3612_3&babsrc=HP_ss&mntrId=be5d5a9d000000000000bc7737a98658");
    Line Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
    Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
    Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
    Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
    Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
    Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=110796&tt=3612_3");
    Line Deleted : user_pref("extensions.BabylonToolbar.babext", "babExt");
    Line Deleted : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
    Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "9");
    Line Deleted : user_pref("extensions.BabylonToolbar.bbdpng", 9);
    Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "US");
    Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
    Line Deleted : user_pref("extensions.BabylonToolbar.dfltlng", "en");
    Line Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
    Line Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "production");
    Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.firstrun", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "5F2AA2542DB3EB0F9115064DC3592C5D");
    Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.hrdid", "be5d5a9d000000000000bc7737a98658");
    Line Deleted : user_pref("extensions.BabylonToolbar.id", "be5d5a9d000000000000bc7737a98658");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15591");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlday", "15591");
    Line Deleted : user_pref("extensions.BabylonToolbar.instlref", "sst");
    Line Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
    Line Deleted : user_pref("extensions.BabylonToolbar.keywordurl", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1212:41:19");
    Line Deleted : user_pref("extensions.BabylonToolbar.lastdp", 9);
    Line Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
    Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
    Line Deleted : user_pref("extensions.BabylonToolbar.newtab", "false");
    Line Deleted : user_pref("extensions.BabylonToolbar.newtaburl", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
    Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
    Line Deleted : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
    Line Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
    Line Deleted : user_pref("extensions.BabylonToolbar.sg", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar.srcext", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar.srch", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", "");
    Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
    Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=be5d5a9d000000000000bc7737a98658&q=");
    Line Deleted : user_pref("extensions.BabylonToolbar.tlbrid", "tb9");
    Line Deleted : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=be5d5a9d000000000000bc7737a98658&q=");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1212:41:19");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
    Line Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1212:41:19");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110796&tt=3612_3");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
    Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1212:41:19");
    Line Deleted : user_pref("extensions.crossrider.bic", "139a6fa6bd7c44291275404b9c1c8f4f");
    Line Deleted : user_pref("sweetim.toolbar.previous.browser.search .defaultenginename", "Search the web (Babylon)");
    Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110796&tt=3612_3&babsrc=HP_ss&mntrId=be5d5a9d000000000000bc7737a98658");

    -\\ Google Chrome v33.0.1750.154

    [ File : C:\Users\Alli\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [18181 octets] - [24/03/2014 22:08:49]
    AdwCleaner[S0].txt - [18148 octets] - [24/03/2014 22:11:55]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18209 octets] ##########



    Malware

    This is the most recent one, done after I found the right thread. I can also post the one I did after my most recent system restore as well if necessary.

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.03.24.02

    Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
    Internet Explorer 10.0.9200.16844
    Alli :: ALLI-PC [administrator]

    3/24/2014 10:43:23 PM
    mbam-log-2014-03-24 (22-43-23).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 219747
    Time elapsed: 6 minute(s), 8 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    Security Check

    Results of screen317's Security Check version 0.99.81 
     Windows 7 Service Pack 1 x64 (UAC is enabled) 
     Internet Explorer 10 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````[/u]
     Windows Security Center service is not running! This report may not be accurate!
     Windows Firewall Enabled! 
    AVG AntiVirus Free Edition 2014   
    McAfee VirusScan Enterprise       
     Antivirus up to date!   
    `````````Anti-malware/Other Utilities Check:`````````[/u]
     Malwarebytes Anti-Malware version 1.75.0.1300 
     AVG PC TuneUp   
     AVG PC TuneUp Language Pack (en-US)
     Adobe Flash Player 10 Flash Player out of Date!
     Adobe Flash Player 12.0.0.77 
     Mozilla Firefox 27.0.1 Firefox out of Date! 
     Google Chrome 33.0.1750.146 
     Google Chrome 33.0.1750.154 
    ````````Process Check: objlist.exe by Laurent````````[/u] 
    `````````````````System Health check`````````````````[/u]
     Total Fragmentation on Drive C: 
    ````````````````````End of Log``````````````````````[/u]


    Thank you so Much!

    SuperDave

    • Malware Removal Specialist


    • Genius
    • Thanked: 985
    • Certifications: List
    • Experience: Expert
    • OS: Windows 8
    Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
    « Reply #1 on: March 24, 2014, 12:38:45 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    Did you make any changes to your computer prior to this problem occurring such as installing new hardware or software?
    The Security log shows you have two AV's active on your computer; AVG AntiVirus Free Edition 2014 and McAfee VirusScan Enterprise This could very well be one cause of the problems you're having. One will need to be de-activated/uninstalled. Having more that one AV and one Firewall active on your computer could cause conflicts.
    You really should update your IE.


    Update your Adobe Reader. get.adobe.com/reader.

    Be sure to uncheck the Free McAfee Security Scan so it isn't installed.

    *********************************************
    Please download Junkware Removal Tool to your desktop.

    Warning! Once the scan is complete JRT will shut down your browser with NO warning.

    Shut down your protection software now to avoid potential conflicts.

    •Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

    •Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

    •The tool will open and start scanning your system.

    •Please be patient as this can take a while to complete depending on your system's specifications.

    •On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

    •Copy and Paste the JRT.txt log into your next message.
    **********************************************
    Malwarebytes' Anti-Rootkit

    Please download Malwarebytes' Anti-Rootkit and save it to your desktop.
    • Be sure to print out and follow the instructions provided on that same page for performing a scan.
    • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
    • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
    • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
    • Copy and paste the contents of these two log files in your next reply.
    Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

    Aartemisia

      Topic Starter


      Rookie

      • Experience: Beginner
      • OS: Windows 7
      Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
      « Reply #2 on: March 25, 2014, 01:54:15 AM »
      Hi Dave, thank you for your help.

      You asked: Did you make any changes to your computer prior to this problem occurring such as installing new hardware or software?

      I did not. The day before the problem started, the only thing I did was download an album off of iTunes and had a a windows update.
      initially I thought the update was causing the problem, so I did a system recovery. However, the problem persisted.

      I have unistalled McAfee Virus Scan

      When I tried to update my adobe reader, it failed because it said "Windows Installer service could not be accessed." Is this because I was running in safe mode?

      I just Downloaded IE 11. When it finished, it asked to restart my computer, which I allowed. This is when things got weird. My computer started doing a Chkdsk on the c: drive. I remember reading about this in a forum, so I thought maybe it was a good thing. I let it run its course and then my computer started up in Normal mode again, acting just like it had before the problem started. I was thrilled. However, as I was typing this message, my computer went to a BLUE screen and said Windows had encountered a problem and it was going to shut down and restart to prevent further damage. I'm a bit scared now. I don't know what to do. It seems to have reconfigured the updates that I got rid of during the system restore, could they be it?

      here are the logs you requested. I did these before I installed window 11, so I will probably do them again to make sure, but here are the current logs for now, in case something happens.

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Thisisu
      Version: 6.1.3 (03.23.2014:1)
      OS: Windows 7 Home Premium x64
      Ran by Alli on Tue 03/25/2014 at 13:13:11.47
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      ~~~ Services



      ~~~ Registry Values

      Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
      Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-826472085-932608800-1280656658-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
      Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

          Value Name          Type                             Value Data                     
      ========================================================================================
          isapu    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Alli\AppData\Roaming\isapu.dll",MemberDescr_Type




      ~~~ Registry Keys

      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASAPI32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASMANCS
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASAPI32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASMANCS
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS



      ~~~ Files

      Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
      Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"



      ~~~ Folders

      Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{14B52EA5-CBAC-439B-A3B9-610A91E45FCA}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{35F37D67-32E3-46A1-9F01-EF8824DD7EE9}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{380A549D-6D84-42A2-A8B5-FCA891BA873C}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{3BA8C18B-F3DD-4B5F-9254-51D9EA5043F0}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{4E238FD7-3E02-4465-BB08-C5CC1739DF79}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{85114018-702B-4AF6-954C-0B5C6AA57CF1}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{A8E9A3DD-7F27-40C4-9E64-76F4FC7C2481}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{B440FE58-8F68-4DCF-9C8B-9C65DF71E4FB}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{B9223385-9B6B-4E3C-8F13-0FD7C0DD5793}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{C6D39DC5-B878-433E-907D-7F294EC1321A}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{D632B495-125C-4837-86EA-34D137B54053}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{D6BE2BDA-DED9-4451-B268-1D15DBE8A3AA}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{D6FBE90E-39C5-4E44-9B7F-7B60455BEA39}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{E94C6228-8F00-4F7F-87D9-6EC1D0B8D316}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{EE1DB21F-7D8A-4CE9-85DB-AAAC7294C198}
      Successfully deleted: [Empty Folder] C:\Users\Alli\appdata\local\{FD70F259-CEDD-4737-B1B8-F1E60C497FF1}



      ~~~ FireFox

      Successfully deleted: [File] C:\user.js
      Emptied folder: C:\Users\Alli\AppData\Roaming\mozilla\firefox\profiles\ltqzc4oc.default\minidumps [472 files]



      ~~~ Event Viewer Logs were cleared





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Tue 03/25/2014 at 13:15:56.36
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      About the antiroot kit, I had it scan my computer twice and it said there was no malware, so it didn't do a cleanup or give me a log of any kind. Did I do something wrong?

      Aartemisia

        Topic Starter


        Rookie

        • Experience: Beginner
        • OS: Windows 7
        Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
        « Reply #3 on: March 25, 2014, 02:59:02 AM »
        Hi Dave, Here is the second JRT log

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        Junkware Removal Tool (JRT) by Thisisu
        Version: 6.1.3 (03.23.2014:1)
        OS: Windows 7 Home Premium x64
        Ran by Alli on Tue 03/25/2014 at 16:55:16.12
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




        ~~~ Services



        ~~~ Registry Values

        Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

            Value Name          Type                             Value Data                     
        ========================================================================================
            isapu    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Alli\AppData\Roaming\isapu.dll",MemberDescr_Type




        ~~~ Registry Keys



        ~~~ Files



        ~~~ Folders



        ~~~ Event Viewer Logs were cleared





        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        Scan was completed on Tue 03/25/2014 at 16:57:52.15
        End of JRT log
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


        Looks like Trojan Virus. Once again the Antiroot scan came up clean.


        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 985
        • Certifications: List
        • Experience: Expert
        • OS: Windows 8
        Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
        « Reply #4 on: March 25, 2014, 12:05:17 PM »
        Quote
        When I tried to update my adobe reader, it failed because it said "Windows Installer service could not be accessed." Is this because I was running in safe mode?
        That's possible. Did you try it in Normal Mode?
        Quote
        About the antiroot kit, I had it scan my computer twice and it said there was no malware, so it didn't do a cleanup or give me a log of any kind. Did I do something wrong?
        No, that's ok.

        1. Click Start, click Run, type chkdsk /f /r, and then click OK.
        2. At the command prompt, type Y to let the disk scanner run when you restart the computer.
        3. Restart the computer.
        4. Chkdsk will run.
        *************************************
        * Go to Start > Run and type mrt.exe then press Enter on the keyboard).
        * (Vista and Windows 7 users go to Start and type mrt.exe in the search box then press Enter on the keyboard.
        * Click Next.
        * Choose Full Scan and click Next.
        * Once the scan is finished click View detailed results of the scan.

        Look through the list and let me know if anything was found infected.
        ******************************************
        Please download and run MicroSoft Safety Scanner. This will take about 20 minutes to run and will produce a log if your computer was infected. Please post the log. This scanner only has a shelf life of 10 days so you will need to download a new one if you want to run a scan after the trial period has expired.
        Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

        Aartemisia

          Topic Starter


          Rookie

          • Experience: Beginner
          • OS: Windows 7
          Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
          « Reply #5 on: March 25, 2014, 03:59:48 PM »
          When I ran the chkdsk, I only got a small amount of text that said something about being clean I think. I will try and run it again if you'd like. I apologize for not  remembering, I saw your message at 3 am here and thought I'd get the ball rolling. haha, prolly not the best idea. I can run it again if you'd like, but I'll show you about the other stuff first.

          When I performed the mrt.exe, it was able to find an infection in JS/Medfos and delete it. I clicked in it to learn more and came back with this:

          http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Trojan%3aJS%2fMedfos.A

          It says it's called Trojan:JS/Medfos.A

          I do primarily use Firefox, so it makes sense.

          I also downloaded and ran Microsoft safety scanner after mrt.exe. I wasn't sure which one to choose, but I chose Quick Scan. I hope that's ok? If not, I can do a full scan. It came back saying my computer was clean, though. It didn't produce a log.
           

          SuperDave

          • Malware Removal Specialist


          • Genius
          • Thanked: 985
          • Certifications: List
          • Experience: Expert
          • OS: Windows 8
          Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
          « Reply #6 on: March 25, 2014, 07:14:55 PM »
          Quote
          When I ran the chkdsk, I only got a small amount of text that said something about being clean I think.
          That's ok. It was just to find and repair bad sectors on your harddrive.

          Malwarebytes' Anti-Rootkit

          Please download Malwarebytes' Anti-Rootkit and save it to your desktop.
          • Be sure to print out and follow the instructions provided on that same page for performing a scan.
          • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
          • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
          • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
          • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
          • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
          • Copy and paste the contents of these two log files in your next reply.
          Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

          Aartemisia

            Topic Starter


            Rookie

            • Experience: Beginner
            • OS: Windows 7
            Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
            « Reply #7 on: March 25, 2014, 09:34:05 PM »
            Hi. MalwareBytes AntiRootkit came back clean.

            I'm still not able to use Normal mode however. I can get it to start up, maybe open Firefox or IE, but pretty soon it does freeze. Right now, I have it so steam starts up when I am booting up as well, and since this problem started, it seems be the first thing to freeze. I was wondering if I should disable it at start up? I don't really know how to do this, so if you think it could be a problem, could you help me disable it at startup?

            Also, I was wondering, since the Trojan virus came from a firefox add on, and I have no idea which one it is, should I uninstall and reinstall firefox?

            A couple things I noticed. My computer is asking me to Turn on Windows Security Center, and To Solve a Problem with Windows Server 2008 R2. Am I able to do those things in Safe mode with Networking, as that is the only way I can get my computer to not freeze. Also, when I was in Normal mode before it froze, I noticed that it wanted me to do a Windows Update by shutting down. I haven't tried it yet, since it froze on me before I got the chance, but do you think I should.

            I apologize for my large amount of questions. My computer knowledge leaves much to be desired.

            SuperDave

            • Malware Removal Specialist


            • Genius
            • Thanked: 985
            • Certifications: List
            • Experience: Expert
            • OS: Windows 8
            Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
            « Reply #8 on: March 26, 2014, 12:22:46 PM »
            Quote
            Also, I was wondering, since the Trojan virus came from a firefox add on, and I have no idea which one it is, should I uninstall and reinstall firefox?
            If FF is working correctly, that won't solve much.

            Quote
            My computer is asking me to Turn on Windows Security Center, and To Solve a Problem with Windows Server 2008 R2. Am I able to do those things in Safe mode with Networking, as that is the only way I can get my computer to not freeze
            Yes, you should turn on the Security Center. You may be able to find more information about the problem with Windows Server 2009 R2 here.
            StartupLite

            Download StartupLite by MalwareBytes to your Desktop.
            Doubleclick StartupLite.exe to launch the program.
            Ensure the Disable box is checked.
            Click Continue.
            A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
            Re-start your computer.
            ************************************
            Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
            Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
            Click on View > Select Colunms.
            In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
            Go File>Save As, and save the report as Procexp.txt.
            Attach the file to your next reply.
            Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

            Aartemisia

              Topic Starter


              Rookie

              • Experience: Beginner
              • OS: Windows 7
              Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
              « Reply #9 on: March 26, 2014, 03:02:40 PM »
              Hi Dave.

              I noticed the Turn on Windows Security Center message only appears in Safe mode. In Normal mode, this message does not appear. When I went to try and download the program you linked to regarding the Window Server 2008 R2, it said it could not run in Safe mode. I tried to go into Normal mode, but unfortunately Firefox froze when I tried to click on the link you provided. I also tried to click on the message directly, but the action center also froze. I then tried to shut down the computer to see if it would update at shutdown, like usual, but the log off process also froze. I'm now in Safe mode and clicked on the action center and it brought me to this. http://support.microsoft.com/kb/2632149
              Should I do what it says on the page? Will it work in Safe mode?

              I ran Startuplite in Safe mode with Networking and restarted my computer. It didn't have any visible effects. Is it because I ran it in Safe mode? I can't run it in Normal mode as the computer freezes if I try to open any programs, including internet explorer.

              I ran Process Explorer in Safe mode. I have attached the txt document.

              [recovering disk space, attachment deleted by admin]

              SuperDave

              • Malware Removal Specialist


              • Genius
              • Thanked: 985
              • Certifications: List
              • Experience: Expert
              • OS: Windows 8
              Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
              « Reply #10 on: March 26, 2014, 04:56:22 PM »
              We can't pinpoint the problem while running in Safe Mode. The only thing I can suggest is to open the Task manager in Normal mode and stop the highest usage processes until you find the one that causing the freezing. You can stop any process except explorer.exe
              Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

              Aartemisia

                Topic Starter


                Rookie

                • Experience: Beginner
                • OS: Windows 7
                Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
                « Reply #11 on: March 26, 2014, 07:14:41 PM »
                Oh dear, I'm afraid I've been doing all of the scans you advised me in Safe Mode with Networking. I can try and go back and redo them all if you'd like, although I'm not sure how many of them I will be able to do.

                I was able to run Process explorer in Normal mode. I have attached the file.

                I was able to open Task Manager. but I was a bit confused on your directions. There were about 129 processes going on on my computer. Can I really stop any and all of them except window Explorer? Even Java and the Windows Desktop manager? I stopped Skype, Steam, the Side Bar, and something called Pando Media something.  I was not able to run Startuplite. I will try again shortly, but here is the process file for now.

                [recovering disk space, attachment deleted by admin]

                SuperDave

                • Malware Removal Specialist


                • Genius
                • Thanked: 985
                • Certifications: List
                • Experience: Expert
                • OS: Windows 8
                Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
                « Reply #12 on: March 26, 2014, 07:56:07 PM »
                Quote
                Oh dear, I'm afraid I've been doing all of the scans you advised me in Safe Mode with Networking. I can try and go back and redo them all if you'd like, although I'm not sure how many of them I will be able to do.
                No problem. It's just the last two scanners, StartupLite and Process Explorer that need to be run in Normal mode to see what's actually running.
                Have you noticed what the CPU usage is when the computer freezes? You will need the Task Manger open to see this.
                We can try test the RAM.


                That could be a problem with bad RAM. Please run this check just to eliminate that possibility.
                Test your RAM here.
                Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

                Aartemisia

                  Topic Starter


                  Rookie

                  • Experience: Beginner
                  • OS: Windows 7
                  Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
                  « Reply #13 on: March 26, 2014, 08:28:07 PM »
                  Hi.

                  That's good to hear. I thought I had done something terribly wrong. I ran in Normal mode and opened IE to see if I could do the Memtest in Normal mode. IE was the first thing to freeze and at the time the CPU peaked at 50% but average was around 36%. I tried to go close IE in the task manager but despite going through, the window didn't disappear, and it was still running, but the CPU had dropped to lowest 9% and averaging 26-9%. I then tried to go into Start and that's when the whole computer went into not responding. Unfortunately, I had minimized the Task Manager window so I didn't see what it was when the whole computer froze.

                  About the ram tester, Can I run it in Safe mode? I have downloaded it and extracted the files, but I wanted to make sure I wasn't supposed to put it in Normal mode first. Ah, and it says I need a usb flashdrive, I currently only have my terabyte external harddrive. I will run and get a USB Flashdrive, as the program mentioned it would delete everything on the flashdrive? Or did I misunderstand it?

                  Aartemisia

                    Topic Starter


                    Rookie

                    • Experience: Beginner
                    • OS: Windows 7
                    Re: Windows 7 keeps freezing, Safe Mode works. Here's my logs!
                    « Reply #14 on: March 27, 2014, 12:06:23 AM »
                    Sorry for the second reply in a row, I was able to perform the ram test in Safe mode with networking, but am still working on getting it to work in Normal mode. I ended up using the CD method instead of the USB. I have attached the log.

                    While trying it in Normal mode, my computer stopped responding (I could still move my mouse, but couldn't click on any programs) when I was trying to install my new USB. This time, the CPU percentage was as low as 9% and at the highest around 15%.



                    [recovering disk space, attachment deleted by admin]