Jump to content

PLz help f/deeper scan Win 7 Can't run Malwarebytes etc


sm7
 Share

Recommended Posts

Thank you. We could have been at this point 2 hrs ago if it wasn't for this additional boot prob. That's why i've been so cautious.. prob too cautious but seems to be going in the right direction now. Sophos looks like it will take awhile, then with MBAM. It looks promising now. TY

Link to post
Share on other sites

  • Replies 52
  • Created
  • Last Reply

Top Posters In This Topic

Update:

After removal by Adw.

All in NORMAL Mode 11/21

- Sophos(looked to freeze since window is small hiding file ext. So I tried to end program to unplug my external drives and program Froze.

- MBAM was able to run in normal with nothing found.

11/22 All NORMAL Mode

- Sophus froze at PARTIAL File NAME ( starting at mid of file name AppHang_(F3364BA0-65B9/RaRules.XML   no sure what this file is. Had to turn off with power button F8 into safe to see what I would find.

ALL Safe Mode

-Sophus ran in 5 sec found nothing. Ran again took 30 min and found nothing,

- Micro Essential Quick scan found nothing.

What I am seeing is the computer is running better. When I have more appln running I get NOT REPONDING from FoxFire then things freeze. During this process a Gray/Silver Win Box pops up and says something to the effect this programs is taking too long do you want to end. I try and click in the box but system is non responsive. C Alt Delete to try and move the system along and sometimes after waiting I can and other I must reboot. Sometimes I believe the box may say Explorer not responding. I'm, lacking one update for EXplorer 11 and I'm trying to get it now... been waiting for 30min and still 0%. Something hangs up the sytem what is this AppHang File ?

I looked in to Recovery, my latest date 11/18 and I wanted and older date to go back to for Recovery but may try it. Would rather not.

Questions ...

Could Explorer along with FoxFire upgrades on an OLD System be creating this situation ?

With what Adw found in the (deleted registry key) does that give a direction to go with a different type scan ?

 

My main concern is why I can't finish running Sophus in NORMAL mode ?

I'll follow your lead but I was planning to try and get this Explr 11 update see what happens? Then try and run Sophus in NORMAL mode then try all Security Software in CLEAN BOOT.  Not sure where to go after that ?

Link to post
Share on other sites

What you said to do is exactly what I'm doing right now in clean boot will update.

Was there anything with this file ?

 Sophus froze at PARTIAL File NAME ( starting at mid of file name AppHang_(F3364BA0-65B9/RaRules.XML   no sure what this file is. Had to turn off with power button F8 into safe to see what I would find.

Link to post
Share on other sites

Thanks for the update, i was half expecting that happening... Do the following:

Click on Start > All Programs > Accessories:

Right-click on the Command Prompt entry

Select "Run as Administrator" accept the UAC prompt - the Elevated Command Prompt window should pop up.

At the Command prompt, type or copy/paste

CHKDSK C: /R

hit the Enter key.

You will get a message that the drive cannot be locked, but that the command can be scheduled to run at the next boot - hit the Y key, press Enter, and then reboot.

The CHKDSK may take a few hours depending on the size of the drive, so be patient!

After the CHKDSK has run use the following instructions to find the log:

Check Disk report:
 
  • Press the WindowsKey + R on your keyboard at the same time. Type eventvwr into the run box and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • You mayl be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

 

 

Link to post
Share on other sites

Thanks in that case I would like to run this check later today or at night. Then I will update.

Is there anything else new I can try ? We found a reg key/or virus which helped ALLOT. My question is since this is an older machine and FF updated and when I looked into their trouble shooting one of the first things it said was make sure all newest drivers were installed. When I checked I was surprised to find there was a NEW driver as of 10/24/16 which is kinda along the time frame I noticed probs (FF crashed many times, now no crashes just freezing). I tried to download the driver and install and at the end when I was suppose to restart I could not get the driver due to lack of adapter on this system ?

I've included attachements. Also FF says to adjust setting in Advanced Settings(Use Hardware Exceleration) .  They say to check and uncheck this for issues and contradict themselves. I've tried both ways checked and unchecked( but maybe the virus removal may have  change things?)

I just wonderif this may be graphic related ? .....and doesn't all run through Explorer in Windows ? whcih i can't get the most current version due to Micro download probs ? Just letting ya know what I've comes across ?

Driver 1.JPG

Driver 2.JPG

Driver 3.JPG

Driver 4.JPG

Driver 5.JPG

Driver 6.JPG

FoxFire .JPG

Link to post
Share on other sites

Those drivers you mention are Network drivers for your internet connection, I was not aware of any connection issues.... Your system freezing will not be related to your network connection.

System freezing can be caused by many different issues, a common one being system overload, CPU or RAM maxing out in limited systems. Using Clean Boot disables all non Microsoft services so should in reality negate that problem.

Another reason is a faulty or outdated driver, or a patched by malware driver. Sophos is being used with the system in Clean Boot yet it still freezes, that could very well be down to malware or infection. Previous scans do not show any real infection being present, only remnants, so that does not seem to be the problem...

Another very common issue is a possibly corrupt or damaged Hard drive, when security software freezes during an indepth scan at what appears to be the same point each time the HDD is a strong possiblity.....

I would rather run CHKDSK now and see what it shows, if the HDD is near to failing we need to know now so that anything important is backed up before a failure happens and all data is lost.....

Link to post
Share on other sites

Finally got Sophus to run Normal Start up and completed with clean. Attachment

I stayed off the computer and did not use any resources. Also interesting not sure if this matters but when I pulled up MSconfig my system was in SELECT START MODE since i've been using it so I thought let me run Sophus once more with all drivers loaded ? it completed with CLEAN.

Do you still need the CHKDSK ?

Sophus clean.JPG

Link to post
Share on other sites

Sophos log only confirms no obvious malware or infection, we still need to find a definite reason for system freezes...I`d still like to see a log from CHKDSK C: /R option when you have time..

Also run the following:

Please download VEW by Vino Rosso from HERE and save it to your Desktop.
 
  • Double-click VEW.exe. to start, Vista and Windows 7/8/10 users Right Click and select "Run as Administrator"
  • Under 'Select log to query...check the boxes for both Application and System.
  • Under 'Select type to list... select both Error and Critical.
  • Click the radio button for 'Number of events...Type 15 in the 1 to 20 box.
  • Then click the Run button.
  • Notepad will open with the output log. It will take a couple of minutes to generate the log, please be patient.



Please post the Output log in your next reply.

Thank you,

Kevin...

Link to post
Share on other sites

Thanks for the follow up let me update you... good news. 

Once i was able to confirm Sophos ran clean on my system I wanted to make sure I had all Win 7 update available because there was a problem with Win 7 Updates svchost hogging resources. It hogged up 60% when looking for updates when set on auto. My machine would start making noises due to the CPU%. I had initially turned off Auto Updates due to this prob. Since you were able to find the reg key prob my system was freed up to down load updates but I could not get updates due to Micro problem (many user complaints). I had remembered during freezing a box would pop up saying Explorer NOT RESPONDING do you want to end. Only way to close was Hard Boot. Read Customer Complaints on how to get updates going again (Set updates to Auto DL and choose to Install). Got updates for NetFramework (Suggested) and most current Explorer (i don't use Explorer but thought update due to Gray pop up box earlier). Installed and now the machine is running really good if not great. I believe my system resources were always very high due to Micro Win 7 update prob and the Bad Reg Key totally slowed me down to freezing.  I want to work with the systsem a few days and see if it maintains it current status. Before I would open multiple Apps, Net, Itunes, etc and my CPU usage would be 70-100% always.  Right now similiar situation and CPU 15%.

http://superuser.com/questions/821032/svchost-exe-high-memory-usage-wuauserv

https://www.technibble.com/forums/threads/solution-to-windows-7-svchost-exe-nightmare.65574/

http://answers.microsoft.com/en-us/windows/forum/all/windows-7-windows-update-stuck-at-0kb-0/e1f898af-572d-4847-92be-d65a5d194a2a

update.JPG

attachment of Win 7 DLs

Link to post
Share on other sites

My system had one more freeze up after all the changes (on Thurs) and DLs but after that one freeze up the system has been responding well and CPU% usage has been low with many applns open.  Please keep this thread open for a couple more days.  i have a few questions before you close the thread.  Thanks for you help Kevin.

Link to post
Share on other sites

My system is running better but it froze on Mon while watching a stream and i had to hard reboot. It froze on Tues morning upon Normal start I hard rebooted and it was good then. This morning Wed when my system booted all program icons did not load in bottom right hand corner(tool bar ?) i rebooted and all has been well so far after. I ran VEW right after so you could see the errors. There are errors and corruption... can you tell anything from this log ?

Attachment

 

VEW2.txt

Link to post
Share on other sites

I do not believe we are dealing with a malware/infection problem, I recommend one of the system guys has look at your problems.....

Open a thread in this forum: https://forums.malwarebytes.org/forum/160-bsod-crashes-kernel-debugging/

Give a link back to this thread and a concise description of the current problem... Let me know the outcome....

Thank you,

Kevin

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.