Critical Object Termination on running System Restore


  1. beadsland
    Posts : 3
    Windows 7 Home Premium x64
       New #1

    Critical Object Termination on running System Restore


    Background
    I got home on Friday night to be informed by my roommate that they had been conned by a scam operation claiming to be "Microsoft Certified Technicians".

    They called her in the afternoon, and claimed that her computer had been infected by Trojan.w32.sober since September. They read of a string of random numbers and letters, claiming it was her "computer license ID", that only authorized technicians would have, and then proceeded to walk her through opening msconfig and counting the number of services listed as "stopped", which they then spun as evidence of virus infection and the need to pay them to fix the problem. Similar game was played opening event viewer. All standard spiel for this sort of con.

    At this point, they tried to get her to download and run TeamviewerQS to remotely access her machine. Now, I already have the latest Teamviewer running on the computer, so TeamviewerQS would have thrown up a prompt saying something was already running. As she recalls, they had her click "OK" (rather than "Show running Teamviewer"), then directed her to a version page on the Teamviewer web site to download version 7 of the same app. (So far as I can tell, all versions downloaded were version 7.) When this didn't work, the scammer told her he'd have a supervisor call.

    A few hours later, another phone call. I can't get a clear recount of the story from that point, but apparently they figured out how to drive the machine remotely, because I can see four system restore points created at that time. Roommate ended the call and session when they started asking for hundreds of dollars for a support plan. The scammers called again late that night, and twice more the next day.

    System Restore Crashes
    According to System Restore, HP Support Assistant and HP Solutions Framework were uninstalled, two unnamed Windows Modules were installed. Add/Remove programs shows nothing as installed that day. So I decide safest thing to do is restore to an earlier restore point.

    System Restore starts up fine, but then spontaneously reboots shortly after getting started. Windows comes back up saying it has recovered from an error. Separate dialog indicates that System Restore failed to complete. Try again on another restore point. Spontaneous reboot. This time, c:/windows/registration permissions are hosed and require resetting just to get into safe mode. All system restore points similarly reboot (thankfully without again hosing permissions).

    Minidump shows Critical_Object_Termination each time. I try running from safe mode, from clean boot, and from Win7 repair disc. Ran sfc /scannow, disk check and Seatools. Memtest runs without errors 16 passes. Malwarebytes, Bootkitremoval and TDSSKiller find nothing. Clear temp files, uninstall Zonealarm and try again. Spontaneous reboot.

    Tell Driver Verifier to watch everything. Machine is slow, but steady. Try system restore again with Driver Verifier. Spontaneous reboot, only this time no minidump generated. I'm presently running Symantec's Sober Removal tool just to sanity check that they didn't *install* a virus while they had remote access, but again, Zonealarm, Malwarebytes, etc. gave clean bills of health.

    What now?
    At this point, I don't know if the critical_object_termination is down to scam artist tampering, or if it's down to an incompatible driver that would have bit us in the ass whenever we tried to run a System Restore, even without con-artist tampering.

    I'm prepared to run Driver Verifier in batches, trying to get a minidump that says something other than critical_object_termination, as I really don't want to go through the rigmarole of doing a clean install of the OS and reinstalling applications, especially if at the end of the process we might be right back at the same place with some incompatible driver killing System Restore.

    But before I do, I figured I'd ask ya'll and see if there's something obvious I might be missing.

    Unhelpfully, I ran the dm log collector, waited 45 minutes for it to complete, only for it to generate an empty zip file on my desktop, so I've nothing to upload at the moment. Will run it again.

    ----

    Ran dm log collector again. Empty zip file again. Noticed SF debug files folder this time, so zipped and attached that.
    Last edited by beadsland; 01 Nov 2015 at 18:10. Reason: Upload SF debug files.
      My Computer
    Quote Quote

  3. beadsland
    Posts : 3
    Windows 7 Home Premium x64
    Thread Starter
       New #2

    Just added debug files zip to OP.
      My Computer
    Quote Quote

  4. beadsland
    Posts : 3
    Windows 7 Home Premium x64
    Thread Starter
       New #3

    During reboot cycle running though permutations of Verifier settings, Windows installed a critical update. After which, the Critical_Object_Termination failure preventing System Restore from running was eliminated.

    So I guess Microsoft must have broken something with a recent update, and fixed it with the critical update pushed tonight. Annoyed that I wasted two days trying to troubleshoot the problem only to have it resolved by a hotfix I didn't even ask for, but at least it's resolved.
      My Computer
    Quote Quote

 

  Related Discussions
BSOD Critical Object Termination
in BSOD Help and Support

For the past few days I've been getting BSODs around 3-4 times a day periodically. At times it would happen back to back or after a few hours at a time. I've included the attachments as instructed. I'm stumped at what I can do and have little to no experience with this kind of thing.
I hope someone can help me with this issue. I have an Asus G74S which I have sent back twice due to BSOD issues. The first time Asus replaced a memory stick and the system board. The second time they replaced the CPU. I'm still getting BSOD errors. oh, and fun fact: This laptop is a replacement...
BSOD Critical Object Termination F4
in BSOD Help and Support

I tried using the SF diag tool and it kept giving me errors. I ran as administrator, changed the compatability mode and disabled symantec. Any advice on the dumps that i attached in the zip would be helpful. Its a Dell E6400, with a new M4 SSD (256 gb). Win 7 Pro SP1, 2.4ghz Core2 Duo, 2X2gb...
BSOD critical object termination
in BSOD Help and Support

I don't know what had happened to my computer but it just had BSOD suddenly 021312-15085-01.dmp here is the dmp file and i wish someone can help me with this, im about to explode ps: i just installed drop box 30min ago before the bsod happened during restart
BSOD F4 Critical Object Termination
in BSOD Help and Support

Need help solving this problem. Machine occasionally crashes w BSOD at start of day. After reboot (sometimes needing to boot in "safe" mode) machine works fine the rest of day. Can't seem to find a pattern. I have uploaded the perfmon and BSOD Files Gateway SX 2850 Windows 7 Home Premium...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 23:35.
Find Us