• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

  • Due to the complexity and risks involved our formally trained malware staff will be the only ones allowed to help with malware removal advice. Thank you.

Browser keeps freezing

Kate

FPCH New Member
Joined
Feb 5, 2012
Messages
4
PC Experience
Beginner
#1
My browser keeps freezing, whether it be Internet Explorer or Google Chrome. It sometimes freezes when all I do is try to open it, or when I click on links, or midway through streaming...Sometimes websites just suddenly stop responding without being prompted by any action on my part. I did an anti-virus scan, ran Spybot, deleted Temporary Files/Cookies, did a Disk Cleanup, ran the Defragmenter, disabled File Sharing...I'm at a loss as to what to do next. Any help would be greatly appreciated :)
 

KenB

Administrator
Joined
Oct 19, 2008
Messages
9,129
Location
Wirral UK
#2
Hi Kate and welcome to FpcH

I have deleted your other post - nothing gained in duplicating it :)

Download MBAM from here: ( Click on Products > you want the free version )
http://www.malwarebytes.org/products/malwarebytes_pro

You may get re-directed to a mirror site - don't worry about this it is a security thing.

Install > Update > Run it.
A log will be created - copy this entirely and post it here.

If there is anything there that needs attention one of our security experts will advise you further.

Just a note:
Spybot is a bit dated - in future I suggest you use MBAM for your regular scans.
 

Kate

FPCH New Member
Joined
Feb 5, 2012
Messages
4
PC Experience
Beginner
#3
Below is the log MBAM came up with:

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.05.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Protection: Enabled
05/02/2012 15:52:38
mbam-log-2012-02-05 (15-52-38).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343457
Time elapsed: 3 hour(s), 1 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{BAA57DFA-F744-AD7D-418C-D0FA6544F3E7} (Trojan.Agent) -> Data: C:\Users\RS\AppData\Roaming\Ombu\ajyv.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Users\RS\AppData\Roaming\Ombu\ajyv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\MicroGaming\Poker\LadbrokesMPP\install.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully.
(end)
 

KenB

Administrator
Joined
Oct 19, 2008
Messages
9,129
Location
Wirral UK
#4
Hi,

There are a couple of things that may need looking at.
I will ask one of out security experts to take a look and advise further.

Please be patient - they are busy people but one of them should get to you within a day or so. :)
 

Starbuck

Admin & Security Team
Joined
Feb 19, 2010
Messages
4,436
Location
Midlands, UK
PC Experience
Very Experienced
#5
Hi Kate,

disabled File Sharing..
This doesn't sound good.
I'll move this thread to the malware removal forum, just in case.

P2P Warning
Please note that as long as you're using any form of Peer-to-Peer networking ( Frostwire, Limewire, Bit Torrent etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.
Once upon a time, P2P file sharing was fairly safe. That is no longer true.
P2P programmes form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

Many of the programmes come bundled with other unwanted programmes, but even the ones free of any bundled software are not safe to use.
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

You may decide to continue P2P sharing, but keep in mind that this practice may be the source of future malware infestation.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programmes, we may refuse to help you.


Step 1
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2






This is an example, you may rename ComboFix to anything you want.

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with the running of ComboFix.
    For more information read:
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

    Then:

    Double click on Combo-Fix.exe & follow the prompts.

    Vista/Win7 users should right click on the icon and select Run as Administrator.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    If running Vista/Win7, you will not see the recovery console screens as they are Win XP related
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


Step 2
  • Download OTL to your desktop.
    right click on the link and select 'Save Link/Target As'.

    if you have problems, try this download link:
    OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check
.

.


Now copy the lines in bold below.

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\*
%USERPROFILE%\..|smtmp;true;true;true /FP
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT


  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.


    .
  • Click the Run Scan button.


  • Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.


In your next reply, please submit:
Combofix.txt
Both reports from OTL.


Thanks.
 

Kate

FPCH New Member
Joined
Feb 5, 2012
Messages
4
PC Experience
Beginner
#6
This scan seems to have fixed the problem ! Thank you so much ! :)
 

Kate

FPCH New Member
Joined
Feb 5, 2012
Messages
4
PC Experience
Beginner
#7
The MBAM scan was enough. Sorry I didn't update you earlier but I wanted to be 100% sure it was the case before starting popping the champagne corks. And about file sharing, I think there was a misunderstanding. I meant files I share on my home network. I'm not very good with computer, just followed the advice of some other person on the Internet :)
 
Last edited:
Top Bottom