Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very strange freezing


  • Please log in to reply
8 replies to this topic

#1 RareLiving

RareLiving

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 24 January 2017 - 08:33 PM

Windows 7 SP1

 

For months now I've had a problem with my computer freezing up. It seems that various windows services fail, beginning with my internet. For some reason, it will start with various parts of my network failing. It will either be one of my applications (Skype, Discord, Steam, web browser) or I will notice I'm unable to connect to certain sites. Shortly after, Windows will endlessly load and freeze up. I might be able to navigate it for a few seconds to a few minutes, but eventually, the desktop will go white, I won't be able to see anything but my cursor, and it will display a prompt telling me the application failed to respond and ask me if I want to end the process. If I manage to repeatedly press the enter key or try to click "end now" then I will regain my desktop background and any windows I already had open. However, once this happens I cannot do any navigation whatsoever and my only option is to forcibly power down and reboot. What makes this even weirder is that any programs that managed to survive will continue to stay open, but most will lose any internet connection. Oddly enough, my ragnarok online applications I keep running in the background stay completely connected, and I can even continue to play the game and chat in it despite nothing else left open in windows seeming to work or connect to the internet.

 

I have noticed one trend with this issue: The chance of it occurring greatly increases the longer my PC is left on, and has creeped up to happening sooner. It started out happening after a week duration consistently, then about every 48 hours, and now it can happen any time between 24-36 hours of being on. I started shutting down my PC before the 48 hour mark in the past, but now the issue has caught up since a couple weeks ago somehow.

 

Some other issues I think might be related:

 

1) This issue first started in early September, and a week before that, some Windows updates failed to install properly. I cannot remember which, as I have since done multiple system restores and a repair install which also did not fix the problem.

 

2) Once, in the same week this issue first occurred, svchost.exe was caught using a ridiculous amount of cpu, and lead to my PC hanging. This has not since happened again.

 

3) On another boot a couple months ago, countless instances of java.exe were caught running and kept increasing. This has not since happened after a reboot and uninstalling all versions of java.

 

4) Sometimes my PC boots with no network, and will have very laggy internet if I manually activate it until I do a network-successful reboot.

 

5) Today, a few hours before the issue occurred, I noticed the process "Update.exe" make windows load for a few seconds. I had been keeping open task manager just to see if I could track anything happening it when the issue happened next. Something else worth mentioning I've realized. After some updates, svchost.exe (and this time wmiprvse.exe) seem to use more CPU than usual, and for hours. Today I updated internet explorer and my PC is a little more sluggish, and I notice these two processes sometimes shooting up in demands. primarily wmiprvse.exe. Normally this clears up (once updates finish, I suppose?) but it can take hours and hours. I don't even know if my PC can stay on long enough to do it this time. I also, again, saw update.exe flash for a few seconds in the resource monitor and cause my entire system to load a bit.

 

I also haven't had wmiprvse appear to be a problem until today, after updating IE. When I stream video during this higher cpu usage time the audio pops (this does not always happen and seems to have fixed on reboot) and some system sounds seem delayed (this first happened today) and opening applications takes longer. System restore to yesterday fixed this particular issue, so I guess it was IE11 today.

 

I have ran sfc /scannow and chkdsk.

 

I have scanned with just about every anti-malware under the sun, and am no longer finding any threats. Combofix found an infection (c:\windows\SysWow64\drivers\ntfs.sys . . . is infected!!) around September (no idea how that happened with my habits, really) and cleared it up. Nothing has since been found. Adwcleaner also found some minor issues which were also seemingly cleared up. Malwarebytes, avast, trend micro housecall, microsoft safety scanner, rkill, tdsskiller, and some others I cannot recall did not seem to find anything of significance other than a couple false-positives. Also, when the issue started happening prior to 48 hours of uptime, a couple days beforehand some malware was allegedly blocked by Avast from a link I clicked against my better judgment amongst other safe links in a chat. Nothing was found in any supplemental scans.

 

I'm totally out of ideas here other than thinking it might be some kind of weird hardware issue that I can't really pinpoint on my own. My PC is old, so I think it might just be time to replace it soon, however this issue is really bothering me and I want to make sure it doesn't happen on a new system as well.


Edited by RareLiving, 25 January 2017 - 03:41 PM.


BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:56 AM

Posted 25 January 2017 - 07:14 AM

Have you posted over in the Am I Infected forums to be sure that all traces of the malware are gone? http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Please read the pinned topics at the top of the forum for instructions on how to post there.

Let's try looking at these 2 sets of reports:

Report Set #1)  Please run this report collecting tool (even though you may not be experiencing BSOD's) so that we can provide a complete analysis: (from the pinned topic at the top of the forum)   http://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/
FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know.

If you have problems with it running it, there's an alternate tool here (direct download link):  https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe

NOTE:
Please zip up the (.ZIP) files - do not use .RAR or other compression utilities. 
.ZIP is the type file that can be uploaded to the forums.

Report Set #2)  Please do the following:
- open Event Viewer (run eventvwr.msc from the "Run" dialog)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on the "Administrative Events" heading
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).

FYI - If we're looking for Event ID 41 errors (unexplained shutdowns), there's more info on that here:  http://support.microsoft.com/kb/2028504

While waiting for a reply, please monitor your temps with this free utility: 

SpeedFan v. 4.5.1 and later (free from here:  http://www.almico.com/sfdownload.php ) can log temperatures in a CSV file:
You may not need to log temps - if uncertain, please ask.

To make it work (log the temps to a file) you have to do BOTH of the below:

1. Enable logging in general: Configure...Log...check "Enabled" then click on OK to save.

2. Enable logging for specific checks: Configure...Temperatures..left click on each sensor, then click on "Logged" at the bottom of the Window (for our purposes we want them all) then once you've selected "Logged" for all sensors, then click on OK to save.

The log will be located at C:\Program Files (x86)\SpeedFan

Naming: log files are named SFLogYYYYMMDD.csv, where YYYY is the year (four digits), MM is the month (2 digits, zero padded) and DD is the day (2 digits, zero padded). If a file already exists by that name, the file that already exists is renamed according to the following naming scheme: SFLogYYYYMMDD-CCCC.csv, where CCCC is a increasing number. The new file is then created with the standard file name scheme.

Notes: whenever you change the options related with logging, SpeedFan starts a new log file.

NOTE:You may want to turn logging off when we're done - as I don't know it's impact on performance or on the system.



 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 RareLiving

RareLiving
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 25 January 2017 - 07:28 AM

 

Have you posted over in the Am I Infected forums to be sure that all traces of the malware are gone? http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Please read the pinned topics at the top of the forum for instructions on how to post there.

 

 

 

I'll do my best to post there also and will gather the information for this thread. Thank you

 

· OS - Win 7 SP1
· x64
· Win 7
· Full retail version
· System is mostly 6 years old, boot drive is two years old, power supply 5 years old, ram two years old.
· Current OS installation is 2 years old with a repair install being done two months ago.

· CPU - I7 950
· Video Card - GTX 470
· MotherBoard - Asus Sabertooth x58
· Power Supply -
CORSAIR Enthusiast Series CMPSU-850TX

 

 

Edit: uploading the requested files

 

Currently installing and running speedfan to log temps.

Attached Files


Edited by RareLiving, 25 January 2017 - 08:11 AM.


#4 RareLiving

RareLiving
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 28 January 2017 - 06:41 PM

Ah.. One detail I recalled. One of the first times this happened, it happened immediately upon trying to open Firefox.



#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:56 AM

Posted 31 January 2017 - 07:05 AM

My concern with the infections is that they may have caused damage that we can't fix with the usual methods that we use here.
Their advice (the anti-malware experts) may be the difference between us fixing this, or us suggesting that you wipe the system and start over.

Good luck!

 

Issues with Skype in the Admin logfile.  Please uninstall it.
Feel free to reinstall a freshly downloaded copy if you'd like.

 

ESET driver running out of a temp folder in AppData - any idea why this is happening?

Other ESET driver issues also.  Please uninstall it, then use this free removal tool to ensure all components are removed:  http://support.eset.com/kb2289/

Please note (in their reference links) that this might cause networking issues.

 

ComboFix errors in the Admin logfile - that's something for the anti-malware experts to work with.  I have no knownledge about ComboFix - except that it can mess your system up if used improperly.

 

ScpToolkit errors - please uninstall it

 

Avast issues in the registry.  Please uninstall it.

If using more than one antivirus (or more than one firewall) - please stop.

Uninstall all but one.

 

and, of course, a large number of networking issues.

Please download and install updates for ALL of your networking devices (wired, wireless, and bluetooth).

If already updated, please uninstall/download a fresh copy/then reinstall.

 

Only 79 Windows Update hotfixes installed.  Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.
If Windows Update continues to have problems:

- first look at this post:  http://wu.krelay.de/en/

- then, if still not fixed, ask for help with Windows Updates in the Windows 7 forums

 

This device is disabled in Device Manager.  Did you deliberately disable it?  If so, why did you disable it?

 

ASUS 802.11n Wireless LAN Card    PCI\VEN_1814&DEV_0781&SUBSYS_130F1043&REV_00\4&2B6C9483&0&00E5    This device is disabled.

Please re-enable the device and ensure that it's drivers are updated.  Once that's done, feel free to disable it again AFTER the drivers are updated.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 RareLiving

RareLiving
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 02 February 2017 - 09:07 AM

My concern with the infections is that they may have caused damage that we can't fix with the usual methods that we use here.
Their advice (the anti-malware experts) may be the difference between us fixing this, or us suggesting that you wipe the system and start over.

Good luck!

 

Issues with Skype in the Admin logfile.  Please uninstall it.
Feel free to reinstall a freshly downloaded copy if you'd like.

 

ESET driver running out of a temp folder in AppData - any idea why this is happening?

Other ESET driver issues also.  Please uninstall it, then use this free removal tool to ensure all components are removed:  http://support.eset.com/kb2289/

Please note (in their reference links) that this might cause networking issues.

 

ComboFix errors in the Admin logfile - that's something for the anti-malware experts to work with.  I have no knownledge about ComboFix - except that it can mess your system up if used improperly.

 

ScpToolkit errors - please uninstall it

 

Avast issues in the registry.  Please uninstall it.

If using more than one antivirus (or more than one firewall) - please stop.

Uninstall all but one.

 

and, of course, a large number of networking issues.

Please download and install updates for ALL of your networking devices (wired, wireless, and bluetooth).

If already updated, please uninstall/download a fresh copy/then reinstall.

 

Only 79 Windows Update hotfixes installed.  Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.
If Windows Update continues to have problems:

- first look at this post:  http://wu.krelay.de/en/

- then, if still not fixed, ask for help with Windows Updates in the Windows 7 forums

 

This device is disabled in Device Manager.  Did you deliberately disable it?  If so, why did you disable it?

 

ASUS 802.11n Wireless LAN Card    PCI\VEN_1814&DEV_0781&SUBSYS_130F1043&REV_00\4&2B6C9483&0&00E5    This device is disabled.

Please re-enable the device and ensure that it's drivers are updated.  Once that's done, feel free to disable it again AFTER the drivers are updated.

 

No word from the anti-malware experts yet.

 

I have uninstalled and reinstalled everything here, some already in the past a few times. This time I left the ScpToolkit uninstalled, though after updating the Microsoft accessories driver this application had not caused issues for years.

 

I think the ESET anomaly comes from only using their webscanner and nothing else; I did not install anything and only downloaded it recently.

 

I believe the windows update issue is because I used the convenience rollups provided from Microsoft; there are no new recommended updates.

 

 

 

Okay, this might be the most interesting thing. So, while trying to update the Wireless LAN card automatically, I experienced a BSOD. Perhaps this is the source of my issue? Is it safe to assume I should just remove the card entirely? The device was disabled intentionally; ever since I was able to use a direct connection I have been doing so instead.


Edited by RareLiving, 02 February 2017 - 09:11 AM.


#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:56 AM

Posted 02 February 2017 - 10:56 AM

Try physically removing the wireless card and uninstalling it's software then see what happens.
Good luck!

 

FYI - I have seen drivers in memory dumps from devices that are disabled.
So it's possible that a driver from a disabled device can contribute to BSOD's

And, if there's a physical problem with the card, it can make the driver act up.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 RareLiving

RareLiving
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 02 February 2017 - 12:59 PM

Try physically removing the wireless card and uninstalling it's software then see what happens.
Good luck!

 

FYI - I have seen drivers in memory dumps from devices that are disabled.
So it's possible that a driver from a disabled device can contribute to BSOD's

And, if there's a physical problem with the card, it can make the driver act up.

 

I'm not sure how to go about uninstalling after removing the card, as I only used the default drivers and now don't see the device. Regardless, I have felt a performance boost after removing the card and dusting out my pc a bit. I thought my installation and HD were just old, and the slowness was natural, but I have noticed much more responsiveness now that I've removed the card; perhaps this really was the source. It could be placebo, but who knows. It's been a long time since I've really had to fiddle with much inside of my PC aside from installing new drives, so this has kinda made me overcome a bit of anxiety I had about forgetting just how all this stuff pieced together back then.

 

Thank you for your insight. I never would have thought a disabled device could be the problem, but I did suspect it was either a driver or some faulty hardware contributing to very odd issues. I will report back with any new discoveries, and leaving my PC on for a day or two will probably tell me if the issue is gone yet.

 

Again, thanks. Hopefully I won't have much to report.



#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:12:56 AM

Posted 04 February 2017 - 07:50 AM

I've suspected problems with disabled devices for years, but only recently have I found the drivers from a disabled device in memory dumps.

It's a major achievement for me, and it seems to support how I think about the funtions of the OS.

 

As for the hardware being a problem, here's a story....

 

Long ago our house was hit by a lightning strike.  I had surge protectors on all the computers.

Despite that, I had one computer (my youngest son's) who started having BSOD's at the that time.

Being the inquisitive sort, I worked on it intensly.

 

It turns out that the lighting hit our cable line also, went through our cable modem and router, and out into the house.

As I didn't have surge protectors on the ethernet lines, the current surged through that.

Interestingly, the modem and the router had no damage, nor did the rest of the computers in the house (as they were turned off)

 

Even the ethernet on my youngest son's computer wasn't affected.

So where could the BSOD's be coming from?

I finally stripped the computer down and starting testing the parts one-by-one.

It turns out that the surge had damaged the 56k modem in his system - a device that we never used and wasn't connected to anything.

I left it out and the system continued to function reliably for the next couple of years.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users