Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random programs locking up among other things


  • Please log in to reply
8 replies to this topic

#1 black1

black1

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 23 October 2015 - 10:42 PM

Hello, I have been having an issue with one of my computers for a while now. I get lockups with various programs such as photoshop, indesign, corel, excel and a few others. I also have issues with the computer being unusable for about 15 minutes after reboot. I run Avast for virus scanning and frequently run malwarebytes. I keep up with windows updates as well. I recently did a boot time scan with Avast and found a few trojans. I then ran many other programs listed here such as adwcleaner, jst, rootkitremover etc. When I scan with everything I have now comes up clean yet I am still having the odd issues. They have been slowly getting worse over the last 2 years since it was built. The computers specs are as follows:

 

i7-3820 3.6ghz

256 corsair force ssd

128 corsair force ssd (for Abobe scratch disk)

32gb ddr3

Asus hd7850

 

By now I would have just formatted and started from scratch but that is currently not an option. I am wondering where to start beyond what I have done already. Thank you in advance.

 

 



BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:05 AM

Posted 24 October 2015 - 04:56 AM

There's 2 common problems with removing malware on your own (IME):

- missing infections

- leftover damage (caused by the infections) that isn't repaired.

 

I'd suggest posting over in the Am I Infected forum:  http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
Please read the pinned topics at the top of the forum for instructions on how to post there.

 

Also, please provide these reports so we can see if there's anything obvious causing a problem:

 

Let's try looking at these reports:

1)  Please provide this information (even though you may not be reporting BSOD's) so we can provide a complete analysis (from the Pinned Topic at the top of the forum):  http://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/

2)  Please do the following:
- open Event Viewer (run eventvwr.msc from the "Run" dialog)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on Administrative Events
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).

FYI - If we're looking for Event ID 41 errors (unexplained shutdowns), there's more info on that here:  http://support.microsoft.com/kb/2028504

While waiting for a reply, please monitor your temps with this free utility:  http://www.cpuid.com/softwares/hwmonitor.html

 


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 black1

black1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 24 October 2015 - 09:32 AM

Thank you for your reply. I have attached the Event Viewer logs. I  will now head over to the other Am I infected portion. Oh, I also am running the temp program and it shows my temps for the cpu running at roughly 105 farenheit. Under the CPUTIN section it does say roughly 200 farenheit but upon further reading I  think that reading is bogus.

Attached Files



#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:05 AM

Posted 25 October 2015 - 04:46 PM

To test the temp, either use an IR thermometer or put your hand close (DO NOT TOUCH - you will get burned) to see if it feels too hot.  There is a huge difference between 105ºF (~41ºC)and 200ºF (~93ºC)

 

Still need these reports:

Please provide this information (even though you're not reporting BSOD's) so we can provide a complete analysis (from the Pinned Topic at the top of the forum):  http://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/

Please start by running these free diagnostics:  http://www.carrona.org/hwdiag.html

Please be sure to run the hard drive tests as there are issues noted with it in the Admin event logfile.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 black1

black1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 25 October 2015 - 05:17 PM

Thank you for your reply. I have attached a zip file that has the perfmon and Sysnative reports.

Attached File  Reports.zip   1.65MB   1 downloads

 

Forgot to add that the Corsair Toolbox shows both drives as being healthy and passes all tests. I will run other test in the meantime. As far as the cpu temp goes I can just check it in bios. I have been gathering the reports over a remote connection but will be able to do that tomorrow.


Edited by black1, 25 October 2015 - 09:14 PM.


#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:05 AM

Posted 26 October 2015 - 03:56 AM

The benefit of the tool that I suggested is that it records maximum temperature and you're able to check it while the system is running.

 

The hard drive errors are controller errors - so they may not be blaming the hard drives themselves.
What we do is we check the hard drives and if there's no warnings, then we move on to other tests.

 

In this case, I'd suggest running "chkdsk /r /f" (without the quotes) from an elevated (Run as administrator) Command Prompt

 

The Intel Management Engine Interface (MEI) isn't installed.  Please download and install the latest compatible version available from the motherboard manufacturer's support website.

 

Only 229 Windows Updates installed.  Most systems with SP1 have 300 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).

Other than these issues, there's not much wrong with the system that I can see.

But there are many, many crashes in many different DLL's (in the WER section of MSINFO32).

So, I'd most likely expect damage from the trojans that you've found.

 

Another thing to try would be running SFC.EXE /SCANNOW from an elevated (Run as adminsitrator) Command Prompt.

Beyond that, either a repair install of W7 or a clean install may be requited to remedy this.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 jack handy

jack handy

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 26 October 2015 - 12:45 PM

The one simple thing that I didn't think about (not sure why) was the chkdsk. I am posting the results of it down below. I'm sorry that it is a bit jumbled up but I think you can get the jist from it. As far as installing the "Intel Management Engine Interface" goes: The reason I usually don't install that when I do a build is due to my thinking of it being irrelevant. I could be wrong (please correct me if I am) about that but from what I have always read it is generally not needed as it is (in the most simplest form) used for communication between the bios and the os for remote administration. Regarding the Windows updates, I will check into that as I always try to stay updated and as far as I know it is fully updated. If I go there right now and manually tell it to update it only has the optional updates available and no hidden updates. I have also done an SFC scan with no errors found. 

 

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x32d61.
  770560 file records processed.                                          File verification completed.
  1452 large file records processed.                                      0 bad file records processed.                                        2 EA records processed.                                              60 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
  844704 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
  770560 file SDs/SIDs processed.                                         Cleaning up 2730 unused index entries from index $SII of file 0x9.
Cleaning up 2730 unused index entries from index $SDH of file 0x9.
Cleaning up 2730 unused security descriptors.
CHKDSK is compacting the security descriptor stream
  37073 data files processed.                                            CHKDSK is verifying Usn Journal...
  34824856 USN bytes processed.                                             Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  770544 files processed.                                                 File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  45415713 free clusters processed.                                         Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 234195967 KB total disk space.
  51357276 KB in 190535 files.
    296224 KB in 37076 indexes.
         0 KB in bad sectors.
    879611 KB in use by the system.
     65536 KB occupied by the log file.
 181662856 KB available on disk.

      4096 bytes in each allocation unit.
  58548991 total allocation units on disk.
  45415714 allocation units available on disk.

Internal Info:
00 c2 0b 00 24 79 03 00 10 92 06 00 00 00 00 00  ....$y..........
a3 01 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....<...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
 



#8 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:05 AM

Posted 27 October 2015 - 05:40 PM

In this case Windows says that MEI is not working - so the solution to that problem is to install it so that it works.

My method of troubleshooting is to try to fix problems that I notice - and this was one of the problems that I noticed.

 

The same goes with the optional updates.  Why not install them?

Do you think that Microsoft takes the time to develop optional updates for no reason?

And, do you think that the information available for Windows Updates, Intel updates, and BIOS updates includes and explanation of every single code change that they made?

 

Rant follows and is hidden in the Spoiler tag below.  Click on "Show" to reveal them.

Spoiler

 

There's 2 ways to do what I suggest:

- do things all at once

- do things one at a time.

 

Doing things all at once will get your system fixed the quickest.  The downside is you may not know exactly which thing fixed your problems.

Doing things one at a time has the benefit of letting you know if what you've done has fixed the system.  The downside is that it's going to take a long time as you have to test each fix individually  before moving on to try the next fix.


Edited by usasma, 27 October 2015 - 05:40 PM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#9 black1

black1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:05 AM

Posted 27 October 2015 - 09:33 PM

I have now installed the MEI and all windows updates except for the language packs and skype (unless you think those will be beneficial). I will test it for awhile and see if it smoothes out a bit. If not then I will have to assume that the trojans found have done enough damage to do a clean install. Thank you again for your assistance in all of this. I really do appreciate it. If there is anything else you would like me to do then I will and if not I will report back in a few days to see if there are any more bad event logs.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users