Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 7 Laptop freezes regularly, but only 1 instance of BSOD

windows 7 bsod freeze

  • Please log in to reply

#16
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Sorry for the delay in update, I wanted to give it a few days to see how it did. Unfortunately, it froze twice while running CCleaner (until I ran it in safe mode). It also froze while browsing the web, and while trying to shut down. Response time has been sluggish, when going to Windows update or add/remove programs, and during regular internet browsing.


  • 0

Advertisements


#17
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Please download Rkill by Grinler and save it to your desktop.

  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

There will be a Rkill.txt file created (a log of what was done and found). Please post that log here for review.


  • 0

#18
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/18/2015 10:53:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 2784) [WD-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 06/18/2015 10:55:43 PM
Execution time: 0 hours(s), 2 minute(s), and 39 seconds(s)

  • 0

#19
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

After running Rkill did the system seem better / more stable?

 

Did you ever install any EasyBits for Kids or EasyBits Media software?  Neither is in the installed programs listing but it could be part of something you installed for children to use the computer so I am asking.


  • 0

#20
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

I actually haven't been using it, because I didn't reckon I'd hear back from you tonight, and I was afraid it would freeze up and I'd have to reboot and run it again. I'll put it through some paces though.

 

As far as EasyBits software goes, I don't recall installing it, and at least one site stated that it can install itself with Skype.


  • 0

#21
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

So, I opened control panel and began loading the add/remove programs service. After about 10 minutes, it had not finished loading. In the mean while, Google Chrome would open new tabs, but would not load any webpages, not even an error saying page not found. It would just keep a blank tab with whatever address I had plunked in. I was eventually able to close control panel, though the icon remained open on the bottom bar. Chrome gave an unresponsive message and I closed it too. I could not get it to reopen, and could not open task manager via ctr+alt+del. The start menu was able to open and I was able to log out after a delay.

Do you want me to run rkill again, since I logged out?


  • 0

#22
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Boot into Safe Mode and run this FRST script.  This should remove EasyBits from your system.
 

Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter.  Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
 

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
C:\Program Files (x86)\EasyBits For Kids
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-08] (EasyBits Software Corp.)
C:\Windows\SysWOW64\ezUPBHook.dll
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
S2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
C:\Windows\SysWOW64\ezSharedSvcHost.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
RemoveProxy:
EmptyTemp:
Reboot:
end


NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 by right clicking on the FRST64.exe file, selecting "Run as Administrator..".  The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.  

The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on.  Press the Fix button just once and wait.  The tool will create a restore point, process the script and ask for a restart of your system.

Press%20the%20FIX%20button_zpsdd5zi3mt.p

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


  • 0

#23
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Alex&Sarah at 2015-06-19 22:44:41 Run:2
Running from C:\Users\Alex&Sarah\Desktop
Loaded Profiles: Alex&Sarah (Available Profiles: Alex&Sarah)
Boot Mode: Safe Mode (with Networking)
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
C:\Program Files (x86)\EasyBits For Kids
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-08] (EasyBits Software Corp.)
C:\Windows\SysWOW64\ezUPBHook.dll
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
S2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
C:\Windows\SysWOW64\ezSharedSvcHost.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
 
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Easybits Recovery => value removed successfully
C:\Program Files (x86)\EasyBits For Kids => moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found. 
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found. 
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found. 
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E54729E8-BB3D-4270-9D49-7389EA579090} => value removed successfully
"HKCR\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}" => key removed successfully
C:\Windows\SysWOW64\ezUPBHook.dll => moved successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found. 
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => key not found. 
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key not found. 
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => key not found. 
ezSharedSvc => Service removed successfully
C:\Windows\SysWOW64\ezSharedSvcHost.exe => moved successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2027058201-1080275423-1503600345-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2027058201-1080275423-1503600345-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
EmptyTemp: => 462.6 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 22:44:57 ====

  • 0

#24
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Boot into Normal mode and run RKill again.  Please post the log here.
 

Please download Rkill by Grinler and save it to your desktop.

  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

  • 0

#25
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/19/2015 11:24:54 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 06/19/2015 11:27:39 PM
Execution time: 0 hours(s), 2 minute(s), and 44 seconds(s)

  • 0

Advertisements


#26
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

How is the system running now?


  • 0

#27
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Performance has been great since running Farbar again. I can kick it around tonight and see how it does. I work overnights, so I'll be up till 7. I can post any issues in the a.m. if you'd like.


Edited by alexander4, 19 June 2015 - 10:52 PM.

  • 0

#28
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

That would be great; I will be looking for your report whenever you get a chance.  Thanks and have a great evening.


  • 0

#29
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

Ok, so last night went well, I was able to browse without any slowness or freezing. I only ran into trouble when I pulled up add/remove programs. That loads probably 90-95% of the way (green load bar for the folder), but never finishes loading. If I try to close it, it does not respond for several minutes, before it finally closes.The icon stays open in the taskbar, and then nothing else responds. I couldn't even get it to shut down after that. I do not actually know if this is related to the issue we've been working on.

 

I gave my mate the laptop a little later to test Netflix on. She got several episodes in before it started having trouble loading, but that may be Netflix being Netflix. She was able to close it and shut down the laptop without any issues, which is something we couldn't do before, so I hesitate to say that that is related. Submitted in full for your consideration.


  • 0

#30
alexander4

alexander4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts

I don't know what it is about add/remove programs that continues to give trouble. There are only 37 items in there. It's not that it takes a while to load completely, it just doesn't seem to finish loading, period, and even when I manage to close it, the laptop is screwed afterwards, it just doesn't respond well after that, if at all. I got a bluescreen error trying to shut down after doing the above. Startup repair ran and said it repaired a corrupted file, but I'm not sure what. I can't seem to zip the minidump folder to attach it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP