Windows 7 Issues

[myviolinsings]

I stumbled on this thread trying to research what has happened to my always-worked-great-till-now laptop (acer aspire 8930g). I started a couple wks ago with a bsod which lead to a device failure, and in DM saw a new network adapter never seen before: turedo pseudo tunneling something. I researched its relevance and uninstalled the device. I downloaded a complete hardware tester as I feared cpu was going out since Norton alerts on all high usage programs and google chrome, windows host process, and others always show plenty of ram/page files etc, only almost all of at least one cpu (have 2) is maxed. Performance monitor constantly shows 100% usage. The only error I could get was an access violation on the hdd that a "file was not accessible" during the test. Even thot I might have a rootkit or something nasty, so I ran npe from norton and 2 other deeply rooted bug killers with clean results. I have started with device drivers now, since my realtek audio & nvidea video/audio latest drivers were downloaded from those sites respectively vs. the ones supported on acers site for driver downloads, and even tho they have worked since I installed a new hdd in Feb 2012, I installed the older versions approved by acer to work with my system. Issue remains. As of today, everytime I start a download on bigfishgames (downloads in google are extremely slow, but don't freeze the mouse) my mouse freezes, have to wait 20-30 sec for it to come back and its like moving thru mud. Pause the download, computer goes back to normal. Norton continues to report high cpu usage on carbonite backup, and google chrome, plus bigfish game manager. I use tuneup utilities 2012 to keep sys/registry clean and have for 6 months. This is a new issue that only started after that network adapter issue. The freezing did not start till today. I'm not an expert, but I build my own pcs and have for years. Any help would be appreciated as I don't want to suddenly wake up to a dead laptop with no clue as to why if I can head it off at the pass. I am going to go check event log and will post back any criticals I find at the time of these freezes today. Here are my sys specs:


EVEREST Home Edition (c) 2003-2005 Lavalys, Inc. ]------------------------------------------------------------ Version EVEREST v2.20.405 Homepage Computer Diagnostics & Network Audits Software | Lavalys.com Report Type Report Wizard Computer MOMSLAPTOP Generator Sheila Flanagan Operating System Windows 7 Professional Media Center Edition 6.1.7601 Date 2012-04-25 Time 18:36--------[ Summary ]----------------------------------------------------------------------------------------------------- Computer: Operating System Windows 7 Professional Media Center Edition OS Service Pack - DirectX 4.09.00.0904 (DirectX 9.0c) Computer Name MOMSLAPTOP User Name Sheila Flanagan Motherboard: CPU Type Intel Pentium III Xeon, 2000 MHz Motherboard Name Unknown Motherboard Chipset Unknown System Memory 4092 MB BIOS Type Unknown Display: Video Adapter NVIDIA GeForce 9600M GT Video Adapter NVIDIA GeForce 9600M GT Monitor Generic PnP Monitor [NoDB] Multimedia: Audio Adapter High Definition Audio Controller [NoDB] Storage: IDE Controller Intel(R) ICH9M-E/M SATA AHCI Controller Disk Drive ST95005620AS (465 GB, IDE) Disk Drive ST9500325AS (465 GB, IDE) Optical Drive HL-DT-ST BDDVDRW CT21N SMART Hard Disks Status FAIL Partitions: C: (NTFS) 476837 MB (367616 MB free) D: (NTFS) 231811 MB (127294 MB free) E: (NTFS) 226200 MB (107886 MB free) Total Size 912.9 GB (588.7 GB free) Input: Keyboard Microsoft eHome MCIR 109 Keyboard Keyboard Microsoft eHome MCIR Keyboard Keyboard Microsoft eHome Remote Control Keyboard keys Keyboard Standard PS/2 Keyboard Mouse HID-compliant mouse Mouse Synaptics PS/2 Port TouchPad Network: Network Adapter Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) Network Adapter Intel(R) WiFi Link 5100 AGN (192.168.1.136) Modem Agere Systems HDA Modem Peripherals: Printer \\HOMEPC\HP Officejet 6500 E709n Series Printer Bookkeeper PDF Printer Printer Fax Printer Microsoft XPS Document Writer USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2934 [NoDB] USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2935 [NoDB] USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2936 [NoDB] USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2937 [NoDB] USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2938 [NoDB] USB1 Controller Intel(R) ICH9 Family USB Universal Host Controller - 2939 [NoDB] USB2 Controller Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A [NoDB] USB2 Controller Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C [NoDB] USB Device Acer HD Crystal Eye webcam USB Device USB Composite Device USB Device Validity Sensor Battery Microsoft AC Adapter Battery Microsoft ACPI-Compliant Control Method Battery Battery Microsoft Composite BatteryI have available the complete hardware report from everest if needed.Thx

Additional data could be useful:
I did find this error in event log and haven't a clue what this is (15 of these occured since one wk ago, 11 of them today). BIOS update? there's not one available from acer since the last one I installed a year ago, but I'll check:
Log Name: System
Source: ACPI
Date: 4/25/2012 2:47:57 PM
Event ID: 13
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: momslaptop
Description:
: The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACPI" />
<EventID Qualifiers="49157">13</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-04-25T18:47:57.947147600Z" />
<EventRecordID>15023</EventRecordID>
<Channel>System</Channel>
<Computer>momslaptop</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Binary>0000C00001000000000000000D0005C000000000000000000000000000000000000000000000000096BA1D001209FFFF72000900122A0C008200A000A2092702122A0F003284040010284E00600010005000FFFF700040001008090080000400100815002227060012094E0062000D005200FFFF72000D00122A09008200A100A2092D02122A0D00328405001028540060000F005000FFFF7000400010080900800004001008140022270B00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000</Binary>
</EventData>
</Event>


Then there were 4 of these tonight only:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 4/25/2012 6:30:24 PM
Event ID: 5038
Task Category: System Integrity
Level: Information
Keywords: Audit Failure
User: N/A
Computer: momslaptop
Description:
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.


File Name: \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>5038</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>12290</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2012-04-25T22:30:24.950287200Z" />
<EventRecordID>6413</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="64" />
<Channel>Security</Channel>
<Computer>momslaptop</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">\Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64</Data>
</EventData>
</Event>
TWO were the above and 2 were:
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.


File Name: \Device\HarddiskVolume6\Users\SHEILA~1\AppData\Local\Temp\EverestDriver.sys

 

[-RockMan-]

Re: Windows 7 freeze up; related to ???

Unbelievable..... check your network settings and see which lan is active and valid.
Check windows firewall security settings and windows update and make sure it is up to date and valid.

Everest the one you have is abit outdated, can you download Malwarebytes free edition and start a quick scan and see what it picks up ?

Finally download either messentials or avast latest versions and install and see what they pick up.

Welcome to tech-forums by the way.

 

[myviolinsings]

My home network is up and running and laptop is connected to it. No other networks show up. Here's the quick scan results from Malwarebytes (let me know if I should do the other 2 scans):
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download


Database version: v2012.04.26.02


Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sheila Flanagan :: MOMSLAPTOP [administrator]


Protection: Enabled


4/26/2012 10:48:34 AM
mbam-log-2012-04-26 (10-48-34).txt


Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 256064
Time elapsed: 31 minute(s), 7 second(s)


Memory Processes Detected: 0
(No malicious items detected)


Memory Modules Detected: 0
(No malicious items detected)


Registry Keys Detected: 0
(No malicious items detected)


Registry Values Detected: 0
(No malicious items detected)


Registry Data Items Detected: 0
(No malicious items detected)


Folders Detected: 0
(No malicious items detected)


Files Detected: 0
(No malicious items detected)
ONE MORE THING: could my video card be dying? I told you I went backwards on the driver to acer spec and in the past 24 hours I have had 4 black screens then windows alerts the video driver has stopped responding & recovered. The video card is the original Nvidea 9600 GT and I'd have to open up and double check, but don't think it's integrated on mobo.
I will post back results fro messentials/avast. Thanks for your help.

Video card not integrated; biosupdateplus caused earlier bsod today (it didn't support win7 oops) flash test in malwarebytes found nothing; currently running ms essentials scan, slooooow going;99-100% cpu usage continues; have not had mouse freeze up, but haven't used game manager; but chrome is being slow, could be scan running. newly installed kingston report is too long to post here; if you need to see it, can email.

I'm wracking my brain, but the h/w test I used was: hot cpu tester pro version 4.0, which found nothing, but if video card is failing, would it show that? Thanks

ms essentials says I'm clean; I don't see the post I entered earlier about windows updates (had a bsod shortly hereafter..so) but nothing was missing except 2 optional updates for, amazingly, my wifi and lan. Took them. have rebooted since...still slow. Gonna try big fish game manager again to be sure the issue is prevailing, but since I'm still being alerted constantly for any program I use, everest, chrome, ms essentials, upgrading video driver device failed due to time out, etc. the cpu constantly at 99-100% has me stumped.

Is there anyway to isolate a problem from resource monitor? or is there another app that can pinpoint what is draining both cpus at 100%? I've updated video driver to an even newer version with no issues, no more driver failures, but system is still maxed out at cpu. ram is only 40-50%; am gonna run the cpu test again, takes a while, so will report back after. Thx

 

[-RockMan-]

Re: Windows 7 freeze up; related to ???

Is there anyway to isolate a problem from resource monitor? or is there another app that can pinpoint what is draining both cpus at 100%? I've updated video driver to an even newer version with no issues, no more driver failures, but system is still maxed out at cpu. ram is only 40-50%; am gonna run the cpu test again, takes a while, so will report back after. Thx

Your first good one would be windows task manager itself, look at the processes.
Then click the tab that says show all processes, find the program that is doing 45% or higher.

If you don't know what it is, copy the program name you see in the processes and run a search on bing or google.
If there is a way to stop it safely or remove it, whatever search results you may pull, someone may have had that problem answered and posted it up elsewhere if any.

 

[myviolinsings]

ran hot cpu lite version and again the only issue is non accessible file from hdd; should I buy the s/w and test max all? Please help.

decided to download hijackthis and have a log file..but other than missing files..don't see anything relevant..should I post the log here?

hijack this log has alot of service files missing, i.e. windows files, that doesn't seem right. Also, didn't know this was relevant, but for the last few weeks upon restart, I always get the message Sticky Notes Application cannot start. cannot find file. No big deal I thought, but after ensuring it was enabled in startup, rebooting, got same error msg, I went to the file location in sys32 and told it run as admin and it started. Am posting the service portion of hijack log and would love to know how these important files became missing..if it's cause I deleted that turedo pseudo tunnelling adapter from MS or what?

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CarboniteService - Carbonite, Inc. (Online Backup) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: CGPS Service (IDVaultSvc) - Unknown owner - C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

Process window doesn't show percentages but they start with biggest memory use and go down: 1st is windows host services at 112,036k, 2nd/3rd/4th/8th/9th are chrome (why I don't know I only have 4 tabs open) 106,160k 1st chrome, the others consistently change ranging from 75,000k down to 30,000k. the inbetween chrome processes are malawarebytes, ms essentials & explorer. And btw, looking at perf monitor today, the cpu is jumping up/down from 30 -55%. But the hijack this log shows a lot of missing files. why/how did these go missing & are they really missing? cause i failed to mention that past few weeks at startup, I get error msg that StickyNotes cannot start. the file is missing. Today I go to the file in sys32 and rightclick run as admin and it worked. What's up with that?

 

[KSoD]

Re: Windows 7 freeze up; related to ???

The thing with the (file missing) entries in HiJack This is easily explained. HiJack This checks for startup processes and running processes. So while those programs can be listed in the startup process location, they may not be active at the time of scan and only become active upon request of the user for a specific function. So I really wouldnt worry to much about those files that are stated as missing, as it could easily just be they were not active at the time of scan.

Your MBAM log is clean and your HJT log is as well. So the machine is not infected and causing you the issues you are experiencing. I would open up the command prompt.

Start>Cmd>right click and select Run as Admin.

From there type in this command:

sfc /scannow

Type it in exactly how you see it. That will run the system file checker and check the integrity of your Windows files and let you know if there is an issue with Windows core files.

 

[myviolinsings]

Re: Windows 7 freeze up; related to ???

Actually, I had already deduced this to be the next step and no loss of integrity in sys files. However, I have found the issue causing all this: by deleting that microsoft teredo tunneling adapter, my network now has no ipv6 connections and that is what's causing the slowdown internet & I guess overall cpu usage. I have looked everywhere and cannot find the correct driver for this. I restored to the point where I had 2 critical windows updates wherein the issue first appeared and where I found this in my dm and simply disabled. So i have it back now, but it still has the yellow exclamation, code 10 device cannot start and unless I can find the correct driver or a windows update to fix this (some discussion found that a windows update had previously caused this same device to stop working...don't know if that's the case here). The only reliable source I have found on fixing this (which involves reg editing etc) is here and I would like your thoughts on the validity of it actually fixing this before I go through all of it. I did find a site which claimed cnet had the driver for download, but clicking the cnet link caused a bsod, so I am being very careful. CPU still maxing, norton still reporting high usage, but at least I have the adapter back and if I can fix the code 10 or you can help me get ipv6 connectivity showing back up on my wireless network connection status; right now it states "no network access" only ipv4 is working. I appreciate all your help. Hope we can get to the bottom of this. Thx.