So I came back from New Years and turn on my computer to find a very unsettling problem. I can open a couple programs no problem, but after a few minutes (it's like it's on a timer) that window freezes. I can minimize it, and when I do i can select something on my desktop but it won't open. Then the whole computer freezes and all I can do is move the mouse. Now the only way it won't do it is if I start in Safe Mode. The weird thing is I just formatted my hard drive like the 17th to get rid of a virus. I've tried everything I can think of: I've scanned for spyware (can't do anti virus because it won't work in safe mode), run two different registry cleaners, and even used system restore to a few days before the problem started. I can't even think of what caused this. When I came back from New Years I did notice my computer's clock was a few hours off from the actual time. Perhaps there was a power outage? But my computer is hooked up to a surge protector and both were off the entire time. I have no idea and all help is appreciated!
Computer Keeps Freezing
- Thread starter Zaza
- Start date
- Status
AlbertLionheart
Posts: 1,997 +3
Has anyone else had access to your computer while you were away?
Bobbye
Posts: 16,313 +36
Computer specs would help like installed RAM, operating system. In the absence of these, I suggest you go to the Event Viewer, check for Error(s) that occur at the same time as the freeze. You can do this in Safe Mode:
Follow this path:
Control Panel> Administrative Tools> Event Viewer> Click on System & Apps, one at a time on the left> look for Errors on the right> right click error> Properties> note description of error, Event# and Source.
There is a "copy" button below the up/down arrows. Click that, then go to any place that allows you to type (ie. notepad, wordpad, this board) and you can paste (use CTRL-V) the entire event details there. It makes for easy reporting of the event.
If you want to paste the Event here, you do not need to include the lines of code that follow the Description- but paste all else. You will be looking for Error(s) that occurs at the time of the problem. Please ignore Warnings.
Also, check the Event Viewer for time you were gone- right before you left and right after you got back. The direction I gave are for Win XP. Vista is slightly different.
Follow this path:
Control Panel> Administrative Tools> Event Viewer> Click on System & Apps, one at a time on the left> look for Errors on the right> right click error> Properties> note description of error, Event# and Source.
There is a "copy" button below the up/down arrows. Click that, then go to any place that allows you to type (ie. notepad, wordpad, this board) and you can paste (use CTRL-V) the entire event details there. It makes for easy reporting of the event.
If you want to paste the Event here, you do not need to include the lines of code that follow the Description- but paste all else. You will be looking for Error(s) that occurs at the time of the problem. Please ignore Warnings.
Also, check the Event Viewer for time you were gone- right before you left and right after you got back. The direction I gave are for Win XP. Vista is slightly different.
I'm running WinXP, 2GB of RAM, and an Intel Pentium D. Tell me if you need anything else.
There's a lot of errors in that log. Seems like most of them are because of missing files. Here's the errors from today:
Date: 1/4/2008
Time: 12:28:05 PM
Description:
The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Date: 1/4/2008
Time: 12:26:49 PM
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Date: 1/4/2008
Time: 12:20:28 PM
Description:
The tmcomm service failed to start due to the following error:
The system cannot find the file specified.
Date: 1/4/2008
Time: 12:20:28 PM
Description:
The hpdj service failed to start due to the following error:
The system cannot find the file specified.
Date: 1/4/2008
Time: 12:03:04 AM
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ......
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
All that was from today. There weren't any errors in the Application tab, only in the System tab. The log started on the time I got back from New Years so I don't know about before. Also, nobody had access to my computer while I was away. Thanks!
There's a lot of errors in that log. Seems like most of them are because of missing files. Here's the errors from today:
Date: 1/4/2008
Time: 12:28:05 PM
Description:
The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Date: 1/4/2008
Time: 12:26:49 PM
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Date: 1/4/2008
Time: 12:20:28 PM
Description:
The tmcomm service failed to start due to the following error:
The system cannot find the file specified.
Date: 1/4/2008
Time: 12:20:28 PM
Description:
The hpdj service failed to start due to the following error:
The system cannot find the file specified.
Date: 1/4/2008
Time: 12:03:04 AM
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ......
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
All that was from today. There weren't any errors in the Application tab, only in the System tab. The log started on the time I got back from New Years so I don't know about before. Also, nobody had access to my computer while I was away. Thanks!
Bobbye
Posts: 16,313 +36
Thanks you for the specs. I did give you directions to copy the information I need in the Event Viewer- all you gave me is the Description. Each Event has an ID# and a Source. I need that info to go with the Description you copied. But I'm going to wing it and give you what I "THINK" they are, with the understanding that I am working backwards:
1.Event Description: "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts." is "probably"
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
And means that incomplete outbound TCP connection attempts were made that exceeded the limit put on by SP2. This frequently is seen on systems with P2p. Or it could mean malware trying to call home. But note, if your Event is the same as this, it is a Warning.
The limit only applies to connections in which the destinations are unreachable. You absolutely should not hit it if you are opening TCP connections to addresses that are live with an active listener on the destination port. It is enforced by the stack and has nothing to do with your firewall software (third party or ours).
So it would appear that something is your system is attempting to access the internet. Because of the nature of this warning, suspect malware.
2. For Description:The tmcomm service failed to start due to the following error: The system cannot find the file specified.
TrendMicro has TmComm Service listed as their A permission error exists that allows anyone to write to the TmComm DoS interface. It has a vulnerability in that a permission error exists that allows anyone to write to the TmComm DoS interface.
From CIAC and TrendMicro Support which should be handled immediately per TM Support Bulletin: http://tinyurl.com/2dmeab
3. For Description "The following boot-start or system-start driver(s) failed to load: Fips, intelppm" this is "probably" the following:
Event # 7026
Event Source: Service Control Manager:
FIPS (Federal Information Processing Standards) are a set of standards that describe document processing, provide standard algorithms for searching, and provide other information processing standards for use within government agencies.
intelppm.sys is a Processor Device Driver from either Microsoft or Intel.
If a device is not working properly, its driver fails to load. A device can be related to a backup tape, cdrom driver, zip drive, any type of hardware. It could be caused by removing a tape driver from a server.
4. For Description: DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF},
the Event is "Probably":
Event ID: 10005
Source: DCOM
This one is self-explanatory. It doesn't work in Safe Mode! Is there any problem in Normal Mode? DCOM Error?
These Events for TCP and tmcomm point to malware in your system. The Events for DCOM and intelppm point to driver failures., taken together point to hardware problems. There's also a possible memory problem-possibly bad modules which need to be run through memtest..Did you install any hardware before you left? Any software? Update any drivers?
Edit to clean up.
1.Event Description: "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts." is "probably"
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
And means that incomplete outbound TCP connection attempts were made that exceeded the limit put on by SP2. This frequently is seen on systems with P2p. Or it could mean malware trying to call home. But note, if your Event is the same as this, it is a Warning.
The limit only applies to connections in which the destinations are unreachable. You absolutely should not hit it if you are opening TCP connections to addresses that are live with an active listener on the destination port. It is enforced by the stack and has nothing to do with your firewall software (third party or ours).
So it would appear that something is your system is attempting to access the internet. Because of the nature of this warning, suspect malware.
2. For Description:The tmcomm service failed to start due to the following error: The system cannot find the file specified.
TrendMicro has TmComm Service listed as their A permission error exists that allows anyone to write to the TmComm DoS interface. It has a vulnerability in that a permission error exists that allows anyone to write to the TmComm DoS interface.
From CIAC and TrendMicro Support which should be handled immediately per TM Support Bulletin: http://tinyurl.com/2dmeab
3. For Description "The following boot-start or system-start driver(s) failed to load: Fips, intelppm" this is "probably" the following:
Event # 7026
Event Source: Service Control Manager:
FIPS (Federal Information Processing Standards) are a set of standards that describe document processing, provide standard algorithms for searching, and provide other information processing standards for use within government agencies.
intelppm.sys is a Processor Device Driver from either Microsoft or Intel.
If a device is not working properly, its driver fails to load. A device can be related to a backup tape, cdrom driver, zip drive, any type of hardware. It could be caused by removing a tape driver from a server.
4. For Description: DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF},
the Event is "Probably":
Event ID: 10005
Source: DCOM
This one is self-explanatory. It doesn't work in Safe Mode! Is there any problem in Normal Mode? DCOM Error?
These Events for TCP and tmcomm point to malware in your system. The Events for DCOM and intelppm point to driver failures., taken together point to hardware problems. There's also a possible memory problem-possibly bad modules which need to be run through memtest..Did you install any hardware before you left? Any software? Update any drivers?
Edit to clean up.
Sorry! Here you go!
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/4/2008
Time: 12:28:05 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 1/4/2008
Time: 12:26:49 PM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-5734B20971
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 1/4/2008
Time: 12:20:28 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The tmcomm service failed to start due to the following error:
The system cannot find the file specified.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 1/4/2008
Time: 12:20:28 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The hpdj service failed to start due to the following error:
The system cannot find the file specified.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 1/4/2008
Time: 1:08:00 AM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-5734B20971
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 1/4/2008
Time: 12:03:04 AM
User: N/A
Computer: YOUR-5734B20971
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Hope that covers it. For #1, I've been using uTorrent alot lately so that could've caused it? Or do you think it's really malware? If so my spyware scanner didn't detect it so what should I do? #2, I think you're saying to update my software? I went to that link and that's what Trend Micro says the fix is. I have it on automatic update so it should've done it, but now I can't because Trend Micro doesn't work in safe mode. #3, I haven't messed with the hardware or drivers for my system at all so I don't know what to do there. Also the only software I installed is a video encoder a few days before. Anything else?
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/4/2008
Time: 12:28:05 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 1/4/2008
Time: 12:26:49 PM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-5734B20971
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 1/4/2008
Time: 12:20:28 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The tmcomm service failed to start due to the following error:
The system cannot find the file specified.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 1/4/2008
Time: 12:20:28 PM
User: N/A
Computer: YOUR-5734B20971
Description:
The hpdj service failed to start due to the following error:
The system cannot find the file specified.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 1/4/2008
Time: 1:08:00 AM
User: NT AUTHORITY\SYSTEM
Computer: YOUR-5734B20971
Description:
DCOM got error "This service cannot be started in Safe Mode " attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Type: Warning
Event Source: Tcpip
Event Category: None
Event ID: 4226
Date: 1/4/2008
Time: 12:03:04 AM
User: N/A
Computer: YOUR-5734B20971
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Data:
0000: 00 00 00 00 01 00 54 00 ......T.
0008: 00 00 00 00 82 10 00 80 ....‚..€
0010: 01 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Hope that covers it. For #1, I've been using uTorrent alot lately so that could've caused it? Or do you think it's really malware? If so my spyware scanner didn't detect it so what should I do? #2, I think you're saying to update my software? I went to that link and that's what Trend Micro says the fix is. I have it on automatic update so it should've done it, but now I can't because Trend Micro doesn't work in safe mode. #3, I haven't messed with the hardware or drivers for my system at all so I don't know what to do there. Also the only software I installed is a video encoder a few days before. Anything else?
Bobbye
Posts: 16,313 +36
I did all the work already! You just had to say that my input was correct. The only one I didn't have was Event Type: Error, Event Source: Service Control Manager, Event ID: 7000 for tmcomm. But the information for the fix is correct.
Please handle all the Events as I outlined. It just required a lot more work and time without the Event ID# and Source.
Your questions: #3. Go to the Device Manager: Control Panel> System Hardware tab> Device Manager> click on the + sign by system Devices to expand> look for any devices with a yellow triangle with black exclamation point in it. This is for the problems. Do a right click on that Device> 'scan for hardware changes'> then right click> update driver if needed.
For #2 the TM update you're going to have to wait until you can work in Normal Mode. But as soon as you can, get this update.
For #1: BitTorrent (protocol) is a peer-to-peer file sharing (P2P) communications protocol. BitTorrent client is a program that downloads files using the BitTorrent protocol. µTorrent (also microTorrent or uTorrent) is a freeware proprietary BitTorrent client.
When a user engages in Peer2Peer file sharing, the user is allowing other users to access the computer and the user is seeking files from others. this is a dangerous practice. Most people using it have no idea of this. I strongly recommend stopping this use and protecting your system. Think of using someone else's toothbrush- bad, huh? You can get their 'germs' and vice verse- welcome to Bit Torrent!
Edit for format.
Please handle all the Events as I outlined. It just required a lot more work and time without the Event ID# and Source.
Your questions: #3. Go to the Device Manager: Control Panel> System Hardware tab> Device Manager> click on the + sign by system Devices to expand> look for any devices with a yellow triangle with black exclamation point in it. This is for the problems. Do a right click on that Device> 'scan for hardware changes'> then right click> update driver if needed.
For #2 the TM update you're going to have to wait until you can work in Normal Mode. But as soon as you can, get this update.
For #1: BitTorrent (protocol) is a peer-to-peer file sharing (P2P) communications protocol. BitTorrent client is a program that downloads files using the BitTorrent protocol. µTorrent (also microTorrent or uTorrent) is a freeware proprietary BitTorrent client.
When a user engages in Peer2Peer file sharing, the user is allowing other users to access the computer and the user is seeking files from others. this is a dangerous practice. Most people using it have no idea of this. I strongly recommend stopping this use and protecting your system. Think of using someone else's toothbrush- bad, huh? You can get their 'germs' and vice verse- welcome to Bit Torrent!
Edit for format.
Bobbye
Posts: 16,313 +36
Please bring the system up in Safe Mode. Once there, run the Windows XP Error Checking:
Control Panel> System> Tools tab> Error check> check both boxes on the screen that come up> OK.
Close the nag message that come us and Reboot. Let the Error Check finish. Computer will reboot when finished. See if that helps.
Bobbye
Control Panel> System> Tools tab> Error check> check both boxes on the screen that come up> OK.
Close the nag message that come us and Reboot. Let the Error Check finish. Computer will reboot when finished. See if that helps.
Bobbye
Bobbye
Posts: 16,313 +36
Zaza said:
Look, if you want help, you're going to have to be more generous with your words!
You did what that came up with nothing? You said you ran the Error Check, fine. That wasn't meant to resolve the Errors you found in the Event Viewer. It was meant to verify and repair the integrity of the file system on that chosen volume.
The errors seen in the Event Viewer are specific. I gave you information on handling them. What have you done?
I'm sorry. I think we are misunderstanding each other, so I'm going to try to address everything.
I've used alot of bit torrent as of late, do you think this has something to do with it or is it malware?
The site says that it should come with an update. I'm unable to do that at the moment because TM only works in Normal Mode.
I looked at the drivers you specified. I noticed no yellow triangles, so I guess not a driver problem?
I'm not familiar with memtest so I am unable to do that. No hardware installations or driver updates. I installed an encoder before I left, could that be it?
I ran the error checker and noticed no change in performance (same problem) what am I to do now?
I hope that helps the situation. I apologize if I came off as rude, but I know absolutely nothing when it comes to fixing a computer and I feel like I'm shooting in the dark.
I've used alot of bit torrent as of late, do you think this has something to do with it or is it malware?
The site says that it should come with an update. I'm unable to do that at the moment because TM only works in Normal Mode.
I looked at the drivers you specified. I noticed no yellow triangles, so I guess not a driver problem?
I'm not familiar with memtest so I am unable to do that. No hardware installations or driver updates. I installed an encoder before I left, could that be it?
I ran the error checker and noticed no change in performance (same problem) what am I to do now?
I hope that helps the situation. I apologize if I came off as rude, but I know absolutely nothing when it comes to fixing a computer and I feel like I'm shooting in the dark.
AlbertLionheart
Posts: 1,997 +3
Zaza, I think your hard drive is past it's best. Sorry if this sends you down another route but perhaps the best, cheapest and quickest way forward would be for you to take it to a shop for checking.
Bobbye
Posts: 16,313 +36
"I've used alot of bit torrent as of late, do you think this has something to do with it or is it malware?"
I answered this already: For #1: BitTorrent (protocol) is a peer-to-peer file sharing (P2P) communications protocol. BitTorrent client is a program that downloads files using the BitTorrent protocol. µTorrent (also microTorrent or uTorrent) is a freeware proprietary BitTorrent client.
When a user engages in Peer2Peer file sharing, the user is allowing other users to access the computer and the user is seeking files from others. this is a dangerous practice. Most people using it have no idea of this. I strongly recommend stopping this use and protecting your system. Think of using someone else's toothbrush- bad, huh? You can get their 'germs' and vice verse- welcome to Bit Torrent!
The limit imposed is usually three unsuccessful attempts to access the internet. Yes, it is very possible that your system is infected and something in your computer is trying to call home.
" I installed an encoder before I left, could that be it?" Yes, uninstall it.
You would be wise to save what you don't want to lose from your hard drive and let a technician do a hands-on help for your system
I answered this already: For #1: BitTorrent (protocol) is a peer-to-peer file sharing (P2P) communications protocol. BitTorrent client is a program that downloads files using the BitTorrent protocol. µTorrent (also microTorrent or uTorrent) is a freeware proprietary BitTorrent client.
When a user engages in Peer2Peer file sharing, the user is allowing other users to access the computer and the user is seeking files from others. this is a dangerous practice. Most people using it have no idea of this. I strongly recommend stopping this use and protecting your system. Think of using someone else's toothbrush- bad, huh? You can get their 'germs' and vice verse- welcome to Bit Torrent!
The limit imposed is usually three unsuccessful attempts to access the internet. Yes, it is very possible that your system is infected and something in your computer is trying to call home.
" I installed an encoder before I left, could that be it?" Yes, uninstall it.
You would be wise to save what you don't want to lose from your hard drive and let a technician do a hands-on help for your system
- Status
Latest posts
-
10 Things We Hate About Nvidia- MarcusNumb replied
-
4K QD-OLED vs. 4K WOLED: What You Need to Know- Burty117 replied
