26 total posts
What often happens
What often happens, is people get careless and just blindly click the "next" button during installs, and don't see that in an effort to generate a little cash, some kind of search toolbar or whatever else has been tossed into the installer. Unless you specifically opt not to install it, it will be installed along with the program you intended to install. So make sure going forward that you are careful to watch for these things.
So basically what you are saying is........
This site places malicious software in it's downloads that could destory a computer. Because that's the situation I'm in right now. This is not just a toolbar, this is something that is disabling my computer.
Before anyone gets mad..
I know this site is not developing the software, but it's a portal for downloads. The link that I clicked on to get hjsplit is still out there, ready for anyone to download. Ready for the next potential victim. Right now I just need help in resolving this from anyone that can help.
Try pressing F11 during bootup
and see if you have the option to do a factory recovery. Be advised, it will erase all data on the hard drive. You may also have the option to repair Windows.
Thanks for this info.
No, I'm saying that they might include some program which isn't malicious, but many people may find annoying, in order to cover things like bandwidth costs. I don't like it, but "free" services have to be paid for somehow, so think of it like a necessary evil. Of course if you and a few thousand of your closest friends all want to chip in a few bucks on a regular basis, CBS might consider offering a premium version of the site without those programs.
Thanks for asking
It's a Samsung rv711 running Windows 7 Home Premium. 64 Bit Operating System, 4G Ram, intel core I3 processor. I've had it @ 2 years. I also run the pay version of ZoneAlarm Extreme Security, which obviously is trash, since this happened.
I'm on the computer now (home for lunch). It's a little better, but there is still something on it. It freezes up about every 3 or 4 minutes, and then un-freezes.
Tell me about
Tell me about using canned air on the vents.
I don't write more about that since your answer determines what I write next.
-> At the link to Grif's scans, the output of RKILL is always interesting. I'd like to see that.
Hang in there. Maybe we can avoid the reload.
I guess you lost me there. I don't know what that means.
Oh that kind of canned air.
Interestingly enough, This computer is vey quiet, never makes much sound, so I've wondered if there was even a fan on it.
I'm back at work now. I'll have the Rkill info later today.
See the results below........any info appreciated.
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 03/04/2013 12:57:43 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* Advanced Explorer Setting Removed: HideIcons [HKCU]
* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]
Backup Registry file created at:
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Firewall Disabled
"EnableFirewall" = dword:00000000
Checking Windows Service Integrity:
* Windows Management Instrumentation (Winmgmt) is not Running.
Startup Type set to: Automatic
* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 03/04/2013 12:58:09 PM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)
GOOD TO SEE THAT!
Nothing seems bad there. HOWEVER there is a slim clue in there so let's check a few things.
1. The canned air was used and the work is done.
2. With step one out of the way and the scans completed as shared by Grif let's try a simple test.
Head to the control panel, users and create a new user account. Make it an Admin one.
Log out and then into that new account and test drive the machine a while.
OK This is where I'm at:
The Super Anti Spyware found 347 threats, which I'm not surprised at because I've never ran one on this computer, even though I probably should have. All of those were removed.
I tried your simple test, and unless it's takes a very long time to create the desktop of the new user account, that's not working. The computer freezes up while trying to create the account. It says it's preparing the desktop, but the mouse pointer is in constant rotation freeze. I've tried it 2 times. The only message I do get when trying to create this new account is that Windows Media Player is having trouble registering.
During all of these operations, the computer freezes up constantly. I've had to restart is no less than 10 times because anything can make it freeze up. For example, just going into the control panel. So this is not just about the browser. In fact, the browser is better now than before. I did blow it out,not with a can but with a shop vac.
So at this point malwarebytes has supposedly did everything and all the spybot stuff is deleted using those tools. And a new user account can't be created because doesn't have the firepower to get much of anything done without freezing up.
What is your analysis now? And thank you for your advice.
The combofix & SuperAntiSpyware scan was in safe mode with networking right??
Have you checked your hard drive for errors?? Run > CHKDSK /F shut down restart.
At 347 threats your machine was already sick. Highly doubt downloads.com had anything to do with it.
I'll try this later
Thanks for the advice. I don't know what things to try so I'll take any advice I can get. What I have done so far is as technical as I have ever gotten.
What if the hard drive says it has errors? Does it give me the option to fix them with the simple press of a key.
I did go ahead and order an additional 4 Gig of Ram last night just to be on the safe side. I honestly didn't realize it only had 4 Gig until this happened. I probably would have installed it a long time ago.
Also, another poster said press F11 contstantly to get the system to restore, but that didn't work. Does anyone else know how to get this computer to restore without the disk?
Just to Clarify on Freezing Up
The freeze does not last forever. For example, a website or the control panel operations will freeze up @ every 2-3 mintues, and then they will unfreeze about 1-2 mintues later. But some operations, such as trying to create a new user account, was froze up for at least 15 minutues, before I re-booted. A few others things have frozen up for a long time too, requiring a reboot, but I can't remember all of them.
That sort of pause can be heat or hard drive.
You have a lot of work to do in order to figure this out. I don't have a clear answer about the canned air so I wonder if you are like most that want it to be a setting or infection and don't want to do the maintenance. That's OK but the symptom is consistent with all three issues.
It might be a few things.
Some more likely, in my experience than others.
The first thing that normally pops into mind is malware of some nature.
Upon selecting my weapons to remove it. I update them. I then make a restore point. Anti-virus/Malware I generally use ComboFix or Microsoft essentials, with SuperAntiSpyware in Safe mode. You get to safe mode by pressing F8 as the machine is booting up. So lets say the machine still stalls???
Well second thing would be to check the hard drive: In windows thats start > RUN> then type CHKDSK /F press enter. You then shutdown and then restart. And allow the scan to do its work. Don't let the screen scare you,its normal. It should run through 5 steps. . The /F means fix. Note there is a space between the CHKDSK and the /F.
Another excellent program for this is called Spinrite. If it finds errors, then there is probably your to the slow downs and lock-ups.
The third and probably least likely in my experience is ram. Have a friend download a copy of memtest v420 for you and burn it to disk. Then boot off the disk. It will scan your ram for any errors. If you decide to change the ram yourself . Please remember to ground yourself before opening the ram or back of computer case. This is especially important in cooler weather periods when humidity may be low. Please, also remember to remove BOTH the power supply AND the battery before doing this process and then press the power button. You want NO electricity in that board while you work on it. Better to be extra cautious , than gain a new paper weight that was your PC.
I forgot heat.
Heat of course can do it as well but , if you blew air through the fans. And the fans are working. You should be ok. There's always re-applying thermal paste. But that operation, would be expensive (professional IT labor), to the point of not being worth it. Generally, not a DYI job.
Thank you for all this. I'll be going at it again tonight.
I'm still getting ready to run the restore more than likely, no matter what. I just don't have the disk in this case. I still wish someone knew how I can restore without the disk, because that is my fallback. I should have never trusted that I could run the restore without the disk.
I don't mean any disrespect to anyone but I would prefer to restore rather than spend lot's and time and work to get it fixed. There's not much for me too loose from a files standpoint.
I realize I could still have a problem after restore but I would cross that bridge when that happens.
Some Good News
Everyone, I was finally able to access the recovery through safe mode, and I was able to restore back to 7 days ago.
The computer is in fact, acting like it was 7 days ago. Translated.............there are still some minor freeze ups that I was never concerned about before. I guess all things came together over the weekend to create a perfect storm.
It's obvious that I need to do some things to help out. In other words, maintenance I was not doing before. The additional RAM should help out as well.