Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blue screen error/sudden reboot - no virus found with MSE


  • Please log in to reply

#16
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I have a question for you, do you think this problem that I'm having could be related to hardware problem? I mean, I have already tried many spyware, malware, virus removal programs, but they never find anything in my computer and these problems that i have only happen in a period of time, which is when i turn on my PC, and everyday when I start my computer up, it has all kinds of problems(blue screen, screen freezing, sudden reboot, crashing with a loud beep etc...) but after some time of crashing and etc, it starts working normally until the next day when i turn it on again.
But anyway, i had no problems in following your instructions but I can't know for sure if it fixed my problems, i guess we'll have to wait :upset:

AdwCleaner log
# AdwCleaner v2.306 - Relatório criado em 25/07/2013 às 15:39:56
# Atualizado em 19/07/2013 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (32 bits)
# Usuário : Pedro - PEDRO-PC
# Modo de Boot : Normal
# Executado de : C:\Users\Pedro\Downloads\AdwCleaner.exe
# Opção [Remover]


***** [Serviços] *****

Encerrado & Removido : WebCake Desktop Updater

***** [Arquivos/Pastas] *****

Arquivo Removido : C:\END
Arquivo Removido : C:\user.js
Pasta Removido : C:\Program Files\Conduit
Pasta Removido : C:\Program Files\MagniPic
Pasta Removido : C:\Program Files\WebCake
Pasta Removido : C:\ProgramData\Ask
Pasta Removido : C:\ProgramData\clsoft ltd
Pasta Removido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Pasta Removido : C:\ProgramData\ParetoLogic
Pasta Removido : C:\ProgramData\Premium
Pasta Removido : C:\ProgramData\Tarma Installer
Pasta Removido : C:\Users\Pedro\AppData\Local\Conduit
Pasta Removido : C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Pasta Removido : C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejpcolehiecjkanilhmblkbndaomhpc
Pasta Removido : C:\Users\Pedro\AppData\LocalLow\Conduit
Pasta Removido : C:\Users\Pedro\AppData\LocalLow\MagniPic
Pasta Removido : C:\Users\Pedro\AppData\Roaming\DriverCure
Pasta Removido : C:\Users\Pedro\AppData\Roaming\ParetoLogic
Pasta Removido : C:\Users\Pedro\AppData\Roaming\WebCake

***** [Registro] *****

Chave Removida : HKCU\Software\AppDataLow\Software\SmartBar
Chave Removida : HKCU\Software\AppDataLow\SProtector
Chave Removida : HKCU\Software\Conduit
Chave Removida : HKCU\Software\Google\Chrome\Extensions\kejpcolehiecjkanilhmblkbndaomhpc
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Removida : HKCU\Software\PrivitizeVPNInstallDates
Chave Removida : HKCU\Software\Softonic
Chave Removida : HKCU\Software\StartSearch
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar.CT2849856
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Chave Removida : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Chave Removida : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Chave Removida : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Chave Removida : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Chave Removida : HKLM\Software\Conduit
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\kejpcolehiecjkanilhmblkbndaomhpc
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chave Removida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Chave Removida : HKLM\Software\SP Global
Chave Removida : HKLM\Software\SProtector
Chave Removida : HKLM\Software\Tarma Installer
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]

***** [Navegadores] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registro está limpo.

-\\ Google Chrome v28.0.1500.72

Arquivo : C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[S1].txt - [6905 octets] - [25/07/2013 15:39:56]

########## EOF - C:\AdwCleaner[S1].txt - [6965 octets] ##########
  • 0

Advertisements


#17
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Ok, i checked only the Nvidia services this time and I had the problem, my screen froze :o
  • 0

#18
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Hello again vermelho3!

Please bear with me. I think we are really close to targeting that pesky service.

We need to narrow down the list a little more.

Once again, follow the instructions for a clean boot. This time, please check the following on the list and leave the other services unchecked:

  • NVIDIA Display Driver Service
  • NVIDIA Update Service Daemon
  • PnkBstrA
  • Samsung AllShare PC
  • SimpleSlideShowServer
  • Skype C2C Service
  • Skype Updater

Click OK and restart your computer when prompted.

Is the problem still present?

Once again, I apologize that this is taking so long. Hopefully the answer is right around the corner!
  • 0

#19
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
No problem nathdep, there is no need for you to apologize as you're just trying to help me! :happy:
I have uninstalled samsung program so I didn't check Samsung AllShare PC and SimpleSlideShowServer as they were no longer available.
But once again my screen froze and I had to restart my PC.
  • 0

#20
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts

No problem nathdep, there is no need for you to apologize as you're just trying to help me! :happy:


Thank you for understanding! :)

Please follow the instructions for clean boot again. This time, check the following services but leave the other services unchecked:

  • Steam Client Service
  • NVIDIA Steroscopic 3D Driver Service
  • Adobe Switchboard

Click OK and restart your computer when prompted

How are things running now?
  • 0

#21
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Nothing happened this time!
  • 0

#22
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts

Nothing happened this time!


I think we're getting somewhere! :)

Now, follow the instructions for a clean boot. This time check the following while the other items unchecked:

  • Steam Client Service
  • Adobe Switchboard

Click OK and restart your computer when prompted.

Is your computer freezing again?
  • 0

#23
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
No, it did not freeze again
  • 0

#24
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Ok. Try those instructions again but only check Adobe Switchboard

How are things now?
  • 0

#25
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Nothing happened again! But it might be that my PC decided not to crash today as nothing has happend so far
  • 0

Advertisements


#26
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
I think we've narrowed it down to Adobe Switchboard! :)

Do you still have problems with your computer?
  • 0

#27
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Nope, I tried checking only Adobe Switchboard today again and nothing happened!
  • 0

#28
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts
Looks like we only have a few more steps! :thumbsup:

First, open OTL.
  • Click CleanUp
  • Follow the prompts and restart your computer when prompted

Next, open AdwCleaner.
  • Click Uninstall
  • Follow the prompts to uninstall the program

Next, you need to run Malwarebytes Anti-Malware

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Next, please make sure that you keep Windows up to date. Doing so will leave your computer extremely vulnerable. It will help both you and I save time as updating helps to prevent malware from causing problems again. Please update your version of Windows by visiting this site: Microsoft Update

Next, I noticed that you have Microsoft Security Essentials installed. Please know that it is very dangerous to keep more than one antivirus running. Make sure that you always keep Microsoft Security Essentials updated.

Also, do you have any other questions?

In your next post, be sure to include:
  • the MBAM log
  • A report on if you had any difficulties while following the above instructions

  • 0

#29
vermelho3

vermelho3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I have one question, but it is not actually related to my problem, but here it goes, why is it dangerous to have more than one antivirus running?
Mbam actually found no malwares on my computer,and no, I had no problems following your instructions!, :thumbsup: here is the log:


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versão da Base de Dados: v2013.07.31.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Pedro :: PEDRO-PC [administrador]

31/07/2013 17:21:50
mbam-log-2013-07-31 (17-21-50).txt

Tipo de Verificação: Verificação Rápida
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM | P2P
Opções de verificação desativadas:
Objetos escaneados: 233027
Tempo decorrido: 7 minuto(s), 12 segundo(s)

Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)

Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)

Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)

Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)

(fim)
  • 0

#30
nathdep

nathdep

    Member

  • Member
  • PipPipPip
  • 587 posts

Mbam actually found no malwares on my computer


That's good! :thumbsup:

I have one question, but it is not actually related to my problem, but here it goes, why is it dangerous to have more than one antivirus running?


Here is a quote from an article I found here: Don't use two antivirus programs at once

Antivirus programs monitor your computer's behavior for signs of viruses. The problem is that some of those monitoring activities can look like virus activity. So one antivirus program can appear to another as a virus.


So, in short, running two antivirus programs will counteract each other and actually compromise the overall security of your system.
  • 1






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP