Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer freezing after small amount of time


  • This topic is locked This topic is locked
3 replies to this topic

#1 lolwutguy

lolwutguy

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:50 PM

Posted 06 October 2009 - 08:06 PM

Hullo, recently my laptop (Dell Inspiron 6400, running WinXP Media Edition)'s been failing; it freezes anywhere from ten seconds to five minutes after I log in. I'm unable to install an antivirus because the laptop freezes during installation. Safe Mode seems to be, well, safer, although even so it has frozen once.

I've done scans with ComboFix and MBAM; CF found a massive infestation in my pchealth and system32 folders but was able to restore everything. The system freezes just the same even after removing the threats.

I have no idea what's causing the freezing; it freezes anywhere from ten seconds to five minutes after I log in, and even freezes at login if I stay there too long.

The computer is completely frozen; Num Lock / Scroll Lock can't be activated/deactivated, the mouse doesn't move, etc. I can't even shut down without either pulling the plug out or holding onto the power button.

My HD is 91GB (Fujitsu MHV2100BH). There is 14.5GB free, although my F: partition has only 7% (or 4.5GB) free. I have 1GB of RAM installed. I have not had any problems with this laptop until recently. Or no, I have, but not relating to running out of system resources or anything related.

Thanks for reading,
Aar

DDS (Ver_09-09-29.01) - NTFSx86 MINIMAL
Run by test at 17:49:59.37 on Tue 10/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.775 [GMT -7:00]


============== Running Processes ===============

F:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
F:\WINDOWS\system32\svchost.exe -k netsvcs
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\igfxsrvc.exe
F:\Documents and Settings\test\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.trendmicro.com/go/hjt/error/?function%3DmodRegistry%5FIniGetString%26params%3DsFile%3Dsystem%2Eini%2C+sSection%3Dboot%2C+sValue%3DShell%26errorno%3D5%26errortxtInvalid+procedure+call+or+argument%26winver%3DWindows+NT+5%2E01%2E2600%26iever%3D7%2E0%2E5730%2E11%26hjtver%3D2%2E0%2E2
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: CKeyScramblerBHO Object: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - f:\program files\keyscrambler\KeyScramblerIE.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - f:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - f:\progra~1\micros~2\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - f:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - f:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - f:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
mRun: [IntelZeroConfig] "f:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "f:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [SynTPEnh] f:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IMJPMIG8.1] "f:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] f:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] f:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] f:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [snp2std] f:\windows\vsnp2std.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
dRun: [swg] f:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
dRun: [DWQueuedReporting] "f:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [KeyScrambler] f:\program files\keyscrambler\getting_started.html
StartupFolder: f:\docume~1\test\startm~1\programs\startup\rocket~1.lnk - f:\windows\bricopacks\vista inspirat 2\rocketdock\RocketDock.exe
StartupFolder: f:\docume~1\test\startm~1\programs\startup\transbar.lnk - f:\windows\bricopacks\vista inspirat 2\transbar\TransBar.exe
StartupFolder: f:\docume~1\test\startm~1\programs\startup\y'zsha~1.lnk - f:\windows\bricopacks\vista inspirat 2\yzshadow\YzShadow.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\peergu~1.lnk - f:\program files\peerguardian2\pg2.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\post-it.lnk - f:\program files\3m\psnlite\PsnLite.exe
IE: E&xport to Microsoft Excel - f:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - f:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - f:\program files\java\jre1.6.0_05\bin\npjpi160_05.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - f:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - f:\program files\keyscrambler\KeyScramblerIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - f:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - f:\progra~1\spybot - search & destroy\SDHelper.dll
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} - hxxp://s.nx.com/activex/public_new/nxpm.cab
DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - hxxp://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1186542459044
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - f:\progra~1\micros~2\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - f:\progra~1\micros~2\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - f:\docume~1\test\applic~1\mozilla\firefox\profiles\0zlywz5g.default\
FF - prefs.js: browser.startup.homepage - facebook.com | gunz.wikia.com
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - f:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R3 KeyScrambler;KeyScrambler;f:\windows\system32\drivers\keyscrambler.sys [2009-9-18 113896]
R3 vkeyfdo;Virtual Keybord Function Driver;f:\windows\system32\drivers\vkeyfdo.sys [2008-10-2 11336]
S1 vcdrom;Virtual CD-ROM Device Driver;f:\windows\system32\drivers\VCdRom.sys [2001-12-19 8576]
S2 CAMTHWDM;WebcamMax, WDM Video Capture;f:\windows\system32\drivers\CAMTHWDM.sys [2009-7-21 941784]
S2 McrdSvc;Media Center Extender Service;f:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 NetCM;Network Connection Manager;f:\program files\netmeeting\Netsh.exe [2007-7-4 418304]
S2 Port Forward.exe;Port Forward;"f:\program files\tucson software services\port forward\port forward.exe" --> f:\program files\tucson software services\port forward\Port Forward.exe [?]
S2 sbbotdi;sbbotdi;\??\f:\progra~1\speedb~1\sbbotdi.sys --> f:\progra~1\speedb~1\sbbotdi.sys [?]
S2 WMDrive;WMDrive;f:\windows\system32\drivers\WMDrive.sys [2008-11-25 189952]
S3 a016bus;Sony Ericsson Device A016 driver (WDM);f:\windows\system32\drivers\a016bus.sys [2009-5-31 83880]
S3 DADriv1;DADriv1;\??\f:\documents and settings\aaron\desktop\game\maplestory\tehleet\engine\daengine\dak32.sys --> f:\documents and settings\aaron\desktop\game\maplestory\tehleet\engine\daengine\DAK32.sys [?]
S3 dump_wmimmc;dump_wmimmc;\??\c:\ijji\english\gunz\gameguard\dump_wmimmc.sys --> c:\ijji\english\gunz\gameguard\dump_wmimmc.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\f:\docume~1\test\locals~1\temp\everestdriver.sys --> f:\docume~1\test\locals~1\temp\EverestDriver.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\f:\docume~1\zomgad~1.31n\locals~1\temp\prn13.tmp --> f:\docume~1\zomgad~1.31n\locals~1\temp\PRN13.tmp [?]
S3 ggflt;SEMC USB Flash Driver Filter;f:\windows\system32\drivers\ggflt.sys [2009-5-31 13352]
S3 JakNDis;Jaksta Service;f:\windows\system32\drivers\JakNDis.sys [2008-8-4 26656]
S3 白目國中生1;白目國中生1;\??\f:\documents and settings\aaron\desktop\game\maplestory\tehleet\engine\ve5 1032\nvid999.sys --> f:\documents and settings\aaron\desktop\game\maplestory\tehleet\engine\ve5 1032\nvid999.sys [?]
S3 NPF;NetGroup Packet Filter Driver;f:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 npggsvc;nProtect GameGuard Service;f:\windows\system32\gamemon.des -service --> f:\windows\system32\GameMon.des -service [?]
S3 SoRa01;SoRa01;\??\f:\documents and settings\aaron\desktop\game\maplestory\44\haxingkoekjehack pack\engine\sora remak engine 2.6\sora.sys --> f:\documents and settings\aaron\desktop\game\maplestory\44\haxingkoekjehack pack\engine\sora remak engine 2.6\SoRa.sys [?]
S3 sora121;sora121;\??\f:\documents and settings\aaron\desktop\gaming\game\maplestory\12-23\sleepy's v48 hackpack\engines\sora_remake_engine2.90\sora engine2.90\sora12.sys --> f:\documents and settings\aaron\desktop\gaming\game\maplestory\12-23\sleepy's v48 hackpack\engines\sora_remake_engine2.90\sora engine2.90\sora12.sys [?]
S3 sys_com001;sys_com001;\??\f:\documents and settings\aaron\desktop\game\maplestory\newstuff\syscomengine_1059\syscom.sys --> f:\documents and settings\aaron\desktop\game\maplestory\newstuff\syscomengine_1059\syscom.sys [?]
S3 toBzM;toBzM;\??\c:\tobzm.sys --> c:\toBzM.sys [?]
S4 VideoAcceleratorService;VideoAcceleratorService;f:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> f:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
S4 Viewpoint Manager Service;Viewpoint Manager Service;"f:\program files\viewpoint\common\viewpointservice.exe" --> f:\program files\viewpoint\common\ViewpointService.exe [?]

=============== Created Last 30 ================

2009-10-06 00:10 229,888 a------- f:\windows\PEV.exe
2009-10-05 22:05 <DIR> --d----- f:\docume~1\test\applic~1\Malwarebytes
2009-10-05 19:12 <DIR> --d----- f:\docume~1\test\applic~1\AVG8
2009-10-04 23:27 <DIR> --d----- f:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-09-22 19:25 179 a------- f:\windows\system32\msexcr.ini
2009-09-21 19:52 <DIR> --d----- f:\program files\OpenAL
2009-09-21 19:52 413,696 a------- f:\windows\system32\wrap_oal.dll
2009-09-21 19:52 110,592 a------- f:\windows\system32\OpenAL32.dll
2009-09-21 19:51 <DIR> --d----- f:\program files\Livestation
2009-09-21 06:09 <DIR> --d----- f:\program files\FileASSASSIN
2009-09-20 17:05 <DIR> --d----- f:\program files\Spybot - Search & Destroy
2009-09-19 13:25 2,043,678 a------- f:\windows\GBLST.swf
2009-09-19 13:25 903,680 a------- f:\windows\GBLST.scr
2009-09-19 13:25 495,104 a------- f:\windows\GBLST.exe
2009-09-19 13:25 161,078 a------- f:\windows\GBLST.bmp
2009-09-19 13:25 23,558 a------- f:\windows\GBLST.ico
2009-09-19 13:25 670 a------- f:\windows\GBLST.c3
2009-09-19 13:25 670 a------- f:\windows\GBLST.c1
2009-09-19 13:25 639 a------- f:\windows\GBLST.c4
2009-09-19 13:25 0 a------- f:\windows\GBLST.ini
2009-09-19 13:25 <DIR> --d----- f:\windows\GBLST Uninstaller
2009-09-19 13:19 <DIR> --d----- f:\program files\InstantStorm
2009-09-19 09:36 <DIR> --d----- f:\program files\common files\xing shared
2009-09-18 14:08 113,896 a------- f:\windows\system32\drivers\keyscrambler.sys
2009-09-18 14:08 <DIR> --d----- f:\program files\KeyScrambler
2009-09-15 22:36 32,592 a------- f:\windows\system32\msonpmon.dll
2009-09-15 22:21 <DIR> --d----- f:\program files\Microsoft Visual Studio 8
2009-09-15 20:14 <DIR> --d----- f:\program files\trayit_4_6_5_5
2009-09-13 18:42 <DIR> --d----- f:\program files\Tweak-XP Pro 4

==================== Find3M ====================

2009-09-13 18:42 737,280 a------- f:\windows\iun6002.exe
2009-09-10 14:54 38,224 a------- f:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- f:\windows\system32\drivers\mbam.sys
2009-07-13 23:43 286,208 a------- f:\windows\system32\wmpdxm.dll
2008-12-11 18:30 7,874 a------- f:\program files\n
2007-02-11 17:53 251 a------- f:\program files\wt3d.ini
2008-09-08 20:16 32,768 a--sh--- f:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat

============= FINISH: 17:50:50.25 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 23 October 2009 - 03:42 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay of response.

If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.


For your next reply I would like to see:
-The DDS logs
---DDS.txt and Attach logs
-RootRepeal logs
-Description of any remaining problems you may still have.


Thanks again and we apologize for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 26 October 2009 - 07:03 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 from the last day I replied initially, the topic will need to be closed.

Thanks for understanding.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 28 October 2009 - 07:07 PM

Hello.

Due to Lack of feedback, this topic is now Closed

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users