Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop halts and nothing short of a reboot will release it.


  • Please log in to reply
5 replies to this topic

#1 justincasermm

justincasermm

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 02 July 2014 - 08:17 AM

There is something happening on a clients laptop that has the machine basically disabled.  

  • Any attempt to run Malwarebytes has the app closing within seconds.
  • I have a HijackThis log, but once the HJT scan has completed the system locks up
  • Windows Defender did a full scan last night but didn't detect anything.
  • Any attempt to use Explorer causes the system to go "busy (blue spinner)" and the only remedy is a hard reboot.
  • We've tried to run System Restore - there is a restore point available from 6/24/14 but it never completes the restore.

 

Running out of options / ideas on what to do with this thing.    Help?

 



BC AdBot (Login to Remove)

 


#2 McSheHe

McSheHe

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:51 PM

Posted 02 July 2014 - 08:28 AM

Have you tried running anything in safe mode?



#3 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:51 PM

Posted 02 July 2014 - 08:53 AM

What you describe could be caused by software, hardware or overheating.

 

Try using RKill to suppress malware that could be cause of not being able to use security programs. Do not

reboot after running RKill but immediately try to update and run a scan using MBAM.

 

When attempting to run RKill, if a malware terminates it please try a different filename offered in the downloads here:

RKill Download


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 justincasermm

justincasermm
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 02 July 2014 - 11:22 AM

Thank you for the reply(s).  We have tried in safe mode but no difference.

 

 

RKILL terminates two processes:  WrtMon.exe and WrtProc.exe  then completed successfully, however when I tried running Malwarebytes, it closed immediately.  Again.. Grrrr



#5 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:51 PM

Posted 02 July 2014 - 12:25 PM

You can start a new topic where the pros/ experts will assist you. It may take a few days for them to

get to you. Not sure of how long a delay it may be.

 

Follow the directions in the link below for posting a DDS log. Do Not Bump Your Topic. Wait for a response first. 

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help - Virus, Trojan, Spyware, and Malware Removal Logs

Post the log in the linked forum below:

Virus, Trojan, Spyware, and Malware Removal Logs Forum - BleepingComputer.com


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 buddy215

buddy215

  • Moderator
  • 13,092 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:51 PM

Posted 02 July 2014 - 01:06 PM

I looked up one of those file names for a process Rkill ended. One website says that file name is used

by a key logger. You probably know what that means. You should let the user know that a keylogger can

record key strokes such as passwords and account info from screen shots..from any financial action.

 

Source: What is Wrtmon.exe – Is it a Genuine File or Malware? | Instant-Registry-Fixes.org


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users