PC freezing every couple of minutes

[Oranappleade]

Hi there.

 

As as the title says, for the past week or so my PC has had a habit of freezing up every minute for about 3-5 seconds, then returning to normal. The cursor also has issues switching between various icons/pointers.

 

I've done everything that my limited knowledge can do eg virus scans, malware scans, but nothing is coming back. Help would be very much appreciated.

 

Thanks, Oran

[Oranappleade]

It may also be worth noting that my PC doesn't do this during SAFE MODE.

[KenB]

Hi and welcome to ExTS

 

If your machine does not do this during Safe Mode - it is likely that the problem is driver related,

 

Have you up-dated / installed any drivers recently ?

 

What did you use for the malware scan ?

[Oranappleade]

The only ones I can think of that have been updated are things like my graphics card.

 

I used Malwarebytes to scan my computer both in safe and out of safe mode.

 

I can post my specs if that makes things any easier?

[KenB]

The only ones I can think of that have been updated are things like my graphics card.

That could be it.

Go to Device Manager > click on the + next to "Display Adapters" > Properties > Driver > Roll Back Driver

This will un-install the recent update and revert back to the old driver for the device

 

To get to Device Manager ...... Start ....type in .....devmgmt.msc .....ENTER

 

==================

 

Malwarebytes produces a log.

Just to be on the safe side - can you open MBAM > Logs click on the most recent.

It will open in Notepad.

Copy the complete log and post it here please.

[Oranappleade]

After my comp having a bit of an issue loading that up, it managed to revert back, and from what I can tell it seems to have stopped, but its also created a new problem...

Now it seems that explorer keeps crashing, so I end up getting the classic blank screen and no icons. and no task bar etc

 

And, apparently I can't read, because I just read through the Log quickly before posting it and it did have malicious software going on...

 

Malwarebytes Anti-Malware 1.75.0.1300

http://www.malwarebytes.org

 

Database version: v2013.11.02.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

Oran :: ORAN-PC [administrator]

 

02/11/2013 18:10:12

mbam-log-2013-11-02 (18-10-12).txt

 

Scan type: Full scan (C:\|F:\|W:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 621235

Time elapsed: 2 hour(s), 41 minute(s), 46 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0789AECC-51A5-6FC6-7544-9CD72459F23B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 10

C:\Program Files (x86)\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\ProgramData\InstallMate\{52FEEB2D-4A95-42DA-A031-02B7891DC9DB}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.

C:\ProgramData\InstallMate\{52FEEB2D-4A95-42DA-A031-02B7891DC9DB}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.

C:\ProgramData\YTD YouTube Downloader & Converter\ytd_installer.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\camfrog.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\DTLite4461-0327.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\ManyCamSetup(1).exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\SlaveMaker3.3.04c.*******.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\SoftonicDownloader_for_microsoft-visual-c.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.

C:\Users\Oran\Downloads\SoftonicDownloader_for_photoscape-portable.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.

 

(end)

[KenB]

Thanks for the log.

 

I will ask one of our security experts to take a look and advise you further.

There is a time zone to take account of for one of them so please be patient.

[Oranappleade]

No problem, thanks for the help so far! :)

[Starbuck]

Hi Oranappleade

 

Let's make sure that all of the Adware has been removed.

Then we'll give it a quick check with another type of malware scanner.

 

Step 1

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

 

 

 

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
  
• Double click on adwcleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
  
• Click on the Scan button.
  
• AdwCleaner will begin to scan your computer.
  
• After the scan has finished...
  
• Click on the Clean button.
  
• Press OK when asked to close all programs and follow the onscreen prompts.
  
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  
• After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  
• Copy and paste the contents of that logfile in your next reply.
  
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

Step 2

Download RogueKiller and save it to your desktop.

• Close all the running processes
  
• Double click RogueKiller icon to run the program
  Vista/Win7 users should right click the icon and select Run as Administrator.
  
• Wait for the Prescan to finish.
  
• Now click the Scan button.
  
• Please copy and paste the report in your next reply.

A copy of the RKreport.txt can be found on your desktop.

 

Note:

If RogueKiller is blocked, do not hesitate to try running it again.

If it still fails to run, right click on the downloaded icon and select 'Rename'.....rename it to winlogon and try again.

 

 

In your next reply, please submit:

JRT.txt

AdwCleaner report

RKreport

 

 

Thanks.

[Oranappleade]

JRT report-

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Ultimate x64

Ran by Oran on 15/11/2013 at 16:03:19.85

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{81441108-4F3D-4B73-B1AC-361D1E9BA768}

Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"

Successfully deleted: [Folder] "C:\Users\Oran\appdata\locallow\ytd"

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\user.js

Emptied folder: C:\Users\Oran\AppData\Roaming\mozilla\firefox\profiles\k6n5nw0s.default\minidumps [111 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 15/11/2013 at 16:11:10.41

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

ADwcleaner report-

# AdwCleaner v3.012 - Report created 15/11/2013 at 16:40:59

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Oran - ORAN-PC

# Running from : C:\Users\Oran\Downloads\AdwCleaner(1).exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16736

 

 

-\\ Mozilla Firefox v25.0 (en-US)

 

[ File : C:\Users\Oran\AppData\Roaming\Mozilla\Firefox\Profiles\k6n5nw0s.default\prefs.js ]

 

 

-\\ Google Chrome v31.0.1650.57

 

[ File : C:\Users\Oran\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [7911 octets] - [15/11/2013 00:36:58]

AdwCleaner[R1].txt - [1447 octets] - [15/11/2013 16:39:37]

AdwCleaner[s0].txt - [7762 octets] - [15/11/2013 00:38:34]

AdwCleaner[s1].txt - [1368 octets] - [15/11/2013 16:40:59]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1428 octets] ##########

 

 

 

RKill Log report-

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 11/15/2013 04:56:38 PM in x64 mode.

Windows Version: Windows 7 Ultimate Service Pack 1

 

Checking for Windows services to stop:

 

* No malware services found to stop.

 

Checking for processes to terminate:

 

* No malware processes found to kill.

 

Checking Registry for malware related settings:

 

* No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

* Windows Defender Disabled

 

[HKLM\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware" = dword:00000001

 

Checking Windows Service Integrity:

 

* Windows Defender (WinDefend) is not Running.

Startup Type set to: Manual

 

Searching for Missing Digital Signatures:

 

* No issues found.

 

Checking HOSTS File:

 

* HOSTS file entries found:

 

 

 

 

Program finished at: 11/15/2013 04:57:51 PM

Execution time: 0 hours(s), 1 minute(s), and 13 seconds(s)

[Starbuck]

Hi Oranappleade

 

Ok, that was interesting...............

I didn't give a link to RKill.

The links i gave were for direct downloads.

Unless you clicked on RKill from the page before the RogueKiller popped up.

 

Anyway it doesn't really matter, RKill has told us what we wanted to know.

The Adware has now been removed and no obvious signs of any other Malware infection.

 

Double click on AdwCleaner.exe to run the tool again.

• Click on the Uninstall button.
  
• Click Yes when asked are you sure you want to uninstall.
  
• Both AdwCleaner.exe, its folder and all logs will be removed.

 

JRT and Rkill can now be removed also. (right click on the required icon and select delete)

 

We could dig deeper, but i think it's best that we let the guys look into the possibility that it may be a driver issue.

If no reason can be found, we can always take a deeper look then.

[Oranappleade]

Adwcleaner.exe was removed along with all the logs, and rkill and JRT. So far everything seems to be going smoothly again.

 

Thanks for the help guys! ^_^

 

Also, I noticed it was only certain programs that caused explorer to crash, and it was because they needed updating and the auto up-dater wasn't initializing for whatever reason.

[Starbuck]

Thanks for the update.

Any more problems.... just post back.

 

Safe surfing. http://fc08.deviantart.net/fs71/f/2010/033/b/3/Computer_addict__by_Sinister_Starfeesh.gif

[KenB]

So far everything seems to be going smoothly again.

Can we mark this one as "solved" ? :)

[Oranappleade]

Me again...Terribly sorry, but it's started happening again as of about 20 minutes ago. I haven't updated anything in terms of drivers, and not downloaded anything except Batman, via steam, so I'm really confused what it could be, perhaps my HDD is failing? or on its way out?

[KenB]

Terribly sorry, but it's started happening again

No need to apologise :)

 

Did you roll back the video drivers as I suggested earlier ?

[Oranappleade]

I knocked them back when you suggested yes

[KenB]

Hi again

 

Which AntiVirus are you using ?

 

==============

 

Try the following: ( Copied .....saves typing :) )

 

 

• Open System Configuration by clicking the Start button http://res2.windows.microsoft.com/resbox/en/windows%207/main/4f6cbd09-148c-4dd8-b1f2-48f232a2fd33_818.jpg, clicking Control Panel, clicking System and Security, clicking Administrative Tools, and then double-clicking System Configuration.* http://res2.windows.microsoft.com/resbox/en/windows%207/main/18abb370-ac1e-4b6b-b663-e028a75bf05b_48.jpg If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
   
   
   
  
• Click the General tab, click Diagnostic Startup, click OK, and then click Restart.
  If the problem occurs now, then basic Windows files or drivers might be corrupted. ( suspect it is a driver )
  If this is the case we may have to look at the "Startup Repair" option
   
  If the problem does not occur, then we will need to use Selective Startup mode to try to find the problem by turning individual services and startup programs on or off.
  This will be a long process.
   
   
   
  

[Oranappleade]

After trying to switch it into the start up method you said, the application froze, and then force closed itself, also causing explorer to crash at the same time. Normally I would restart explorer through the task manager but every time I do, It won't load. The PC also take upwards of 20 minutes to shut down. Not because of updates or anything either which is irritating.

 

Now, my PC explorer has reverted itself to have a resemblance to windows xp, my computer either crashes every time I try loading something, or explorer crashes, and I can no longer connect wirelessly to the internet like I used to. Currently having to post from my phone.

[KenB]

Can you boot up in Safe Mode?

 

If you can try the following:

 

Start ......type in ......cmd ......right click on cmd.exe that will appear top left of screen > click "Run as Administrator"

At the prompt type ..... sfc /scannow ......hit ENTER [ there is a space after sfc ]

 

This will scan the system files and attempt to fix any problems found.

You can run this twice as sometimes it will find things on the second run.

 

================

 

If no improvement....

From Safe Mode try "Last Known Good Configuration "

 

================

 

If no better ....

Can you try the above ( Post 18 ) if you boot up in Safe Mode ?

 

===============

 

If still no better ....

Things are not looking good.

If you can boot up you need to back up files etc that you don't want to lose.

 

===============

 

I don't suppose that you have a Win 7 installation disk do you ?

[Oranappleade]

And now its stopped doing it...

 

I ran the sfc/scannow twice and nothing came back, although, I did recently install a new processor, and GPU. I don't know whether that fixed anything, but it is certainly running better after a few teething problems.

 

It seems that my PC is very much a swinger in terms of performance xD

[KenB]

And now its stopped doing it...

 

Nothing as strange as computers :)

 

Monitor it for a few days and let us know how it goes.

[Osprey]

Hi there.

 

As as the title says, for the past week or so my PC has had a habit of freezing up every minute for about 3-5 seconds, then returning to normal. The cursor also has issues switching between various icons/pointers.

 

I've done everything that my limited knowledge can do eg virus scans, malware scans, but nothing is coming back. Help would be very much appreciated.

 

Thanks, Oran

 

 

I had this ... tuned out that the latest NVIDIA driver was the cause ........ so on advice from manufacturrer went back from 330.11 to 270.61 not had the issue since.

[Osprey]

I had this ... tuned out that the latest NVIDIA driver was the cause ........ so on advice from manufacturer went back from 330.11 to 270.61 not had the issue since.

 

The freezing of PC returned .. spent many hrs trying to resolve ... eventually removed GPU .. and it run fault free off built in graphics.

Contacted supplier - and found card has 3 yr warranty - swapped out card ... new card running Drv 8.17.12.7061 been fine.

MSI advise not to use latest drivers.

Edited January 3, 2014 by Osprey