Frozen P.C.

[spaceodds]

Mr PC keeps getting frozen, just now Windows 7 did an automatic update and when the system was rebooted, the PC froze and was rebooted again before it worked properly. I've already had two frozen incidents this week, I ran Malwarebytes and my anti viral software and it has come up with zero, can you please tell me what else I can do?

 

THANKS

[AdvancedSetup]

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment. 

• When done, DDS will open two (2) logs:
• DDS.txt
• Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  You can ignore the note about zipping the Attach.txt file

 

 

 

[spaceodds]

Thanks for your reply. Here are the logs, as you requested.attach.txtdds.txt

[AdvancedSetup]

Please run the following and then also run the other steps below.

 

Please create an mbam-check log:

• Download mbam-check.exe from here and save it to your desktop
• Double-click on mbam-check.exe to run it, it should then open a log file
• Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post
• Please run the following and post back all the logs as ATTACHMENTS by clicking on the More Reply Options button.
  
  
  STEP 01
  
  Backup the Registry:
  
  Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE:  Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe
    
    
    STEP 02
    
    Please download Malwarebytes Anti-Rootkit from HERE
    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
    STEP 03
    
    Please download Junkware Removal Tool to your desktop.
    • Shutdown your antivirus to avoid any conflicts.
    • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next reply message
    • When completed make sure to re-enable your antivirus
    STEP 04
    
    Please download AdwCleaner by Xplode to your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • If prompted by the User Account Control click Yes to allow it to run.
    • Under Actions click on the Delete button.
    • Click OK on all prompts.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the entire contents of that logfile to your next reply.
    • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.
    STEP 05
    
    
    
    Please go here to run the online antivirus scannner from ESET.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked
    • Click on Advanced Settings and ensure these options are ticked:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click Scan
    • Wait for the scan to finish
    • If any threats were found, click the 'List of found threats' , then click Export to text file....
    • Save it to your desktop, then please copy and paste that log as a reply to this topic.

[spaceodds]

Hi, I downloaded and ran Malwarebytes Anti-Rootkit twice, and there were no threats detected whatsoever. Please find enclosed the log file, as you requested. I did not complete any of the other steps. Can you please tell if I have to continue with them?

system-log.txt

[AdvancedSetup]

Where is the other log from MBAM?  It's up to you if you want to continue or not but I would advise running the other tools to scan and clean up the system.

[spaceodds]

Sorry, here it is.

CheckResults.txt

[AdvancedSetup]

Well if you don't want to run the other scanners and cleaners then not much else I can do to assist you. 

If you have dump logs you may be able to visit one of the other sites that specialize in dump analysis and see if they can assist you with what might be causing this issue for you.

 

Thanks

[spaceodds]

Did all that you asked, and here are the results. Please let me know what action to take next.

 

Thanks

 

 

JRT.txt

AdwCleanerS3.txt

ESET.txt

[AdvancedSetup]

Please delete this file.

 

C:\Users\wpacheco\AppData\Local\Temp\DFC4A269-BAB0-7891-866A-627541F4DACE\Latest\BExternal.dll

 

Please run a Full Disk Check on your computer.

Then reboot the computer 2 times once the disk check has completed.

 

Then run the following please.

 

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

•  
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Devices
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

[spaceodds]

Hello again, I apologise for not getting back to you sooner. I did a full disk check, and I ran the MiniToolBox download. Please find enclosed the results.

 

Thanks again.

Result.txt

[AdvancedSetup]

Please visit the following site and run the Microsoft Fixit for this error in your logs
Event ID 10 is logged in the Application log


Your logs also show that you have the following error from what appears to be a print driver from a Samsung device.
Unless you want to further troubleshoot it in a General PC Support forum then I'd recommend based on advice found from other resource forums to simply disable it or if you no longer have a Samsung device you can even unintall the software.
 

The DgiVECP driver is the Virtual ECP Parallel Port driver. I believe it's used for systems connecting to networked printers where there's a need to go through a parallel port. It allows the printer to connect to a "virtual" parallel port.

Open a command console as Administrator and run:
 

SC CONFIG dgivecp start= disabled

Note the space after "start=" is REQUIRED.



You appear to also be having an issue with a wireless card from    Realtek Semiconductor Corp.
You may want to visit the support site for you make and model of computer and see if they have an updated driver for your card and try reinstalling the drivers

Error: (07/15/2013 02:49:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126



You also seem to have something wrong with one of your Lenovo power control files which again perhaps a reinstalled driver may correct.

Lenovo\Power Dial

Error: (07/15/2013 06:30:02 AM) (Source: Service Control Manager) (User: )
Description: The LitModeCtrl service has reported an invalid current state 32.



Please check for updates with your Kaspersky antivirus and do a Full System scan and let me know if it finds anything or not.
The disk check appears to have corrected some issues as they no longer show in the Event Logs which is good.


Most of what is left appears to be driver and general PC issues and not malware.  Unless you want to run some other scanners for possible infection I think at this point you simply need to work on correcting the driver issues shown in the logs.

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.