TechSpot

Windows XP SP3 random freezes (not BSOD)

By jwazevedo
Feb 2, 2009
  1. I have an aging Sony FX36a laptop updated to SP3. With increasing frequency, Windows has been freezing. The mouse and keyboard stop functioning, and the only way to get out is to turn off the power and start over. When I check the Event Viewer, I see nothing about the freeze, and there is no minidump. This happens about once every day or so (but twice today!). So how can I troubleshoot this problem?

    Thanks!

    Best,
    Jerry
     
  2. mflynn

    mflynn TS Rookie Posts: 2,793

    Hi Jerry

    Well lets begin with a cleanup.

    Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.

    KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
    Fantastic cleaner.

    Then boot to Safe Mode with Networking, and run them once more before continuing below.

    Do the TechSpot 8 steps: http://www.techspot.com/vb/topic58138.html

    Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).

    Most importantly update MalwareBytes and SuperAntiSptware!

    Mike
     
  3. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    From here: http://esupport.sony.com/US/perl/select-system.pl?PRODTYPE=24&NAVDISP=pc
    This computer is over 7 years old !
     
  4. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Sorry I garbled the model name. It's actually PCG-FXA36, and the Sony support page is here:

    http://esupport.sony.com/US/perl/model-home.pl?mdl=PCG-FXA36&region_id=1

    Mike, I've attached the logs from the 8-step program.

    The computer runs AVG, Spybot S&D (resident). It has 256MB RAM. Windows is up-to-date. The freezing behavior has been very infrequent in the past, more frequent recently.

    I'm trying to find a way to diagnose the freeze in the absence of any obvious logs or dumps. Hope you can help. Thanks.

    Best,
    Jerry
     
  5. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Yes mflynn, can you perform a miracle on this one ?
    Personally I wouldn't know where to begin :confused:

    Edit:

    You are running a Small office/home office setup
    And you have about ~ 30 Members signed up under your IP, over the 5 years you've been at TechSpot (?)

    jwazevedo, why would you be using AVG8 anyway?
    Wasn't this discussed fully in your last thread?
    Pretty sure I said no to that, but here you are today with a Virus/Malware issue (?)

    All your posts come across as someone who is technically knowledgeable (or experienced)
    But sumthin aint right here :confused: Perhaps you could help me understand?
    Because your above posts and logs seem... well... not you (?)
    .
     
  6. mflynn

    mflynn TS Rookie Posts: 2,793

    Hi Jerry

    Run HJT Scan only remove the below entry.
    R3 - Default URLSearchHook is missing

    OK no Malware so it is a system and more likely the Hardware issue. XP needs more ram than 256 and even more after SP3.

    So we will attack this with cleanup and general maintenance.

    We are going to Shotgun the system with most everything, so this is a long post but it is not as complex as it seems. Do it one step at a time.

    The first thing I want you to do is go carefully thu Add/Remove programs and uninstall all unused programs.

    Did you get and use CCleaner from the 8 Steps and run it? If not do so now.

    Run CCleaner again twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.

    Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.

    KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
    Fantastic cleaner.
    -------------------------------------------------------------------------------------

    Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Recommended cleanup at TechSpot".

    Then Start-Programs-Accessories-System Tools-Disk Cleanup
    Click OK to accept C:
    Select all Boxes
    Then click More Options
    Here click System Restore and OK to "Are you sure" and the OK to Run.

    As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

    It clears what is known as Shadow copies which are used by specialized back up programs.

    This is if you have the Volume Shadow Copy running which is the default.

    Then reboot before continuing

    Update then run SAS
    Click Preferences-Repairs
    Then counting down from top do the following entries
    Numbers 6, 8, 11, 12, 13, 16, 18, 19, 20, 21, 23, 24 25, 26 and 27!

    Then another Reboot and continue

    Download Dial-A-Fix (DAF)
    http://wiki.djlizard.net/Dial-a-fix#...C_and_articles
    http://djlizard.net.nyud.net:8080/software/Dial-a-fix-v0.60.0.24.zip

    Have XP CD available in case DAF needs a file.

    Check all boxes on the screen (clear any restrictions if it shows any)
    Then click GO!

    When the entire page is finished click the HammerHead at bottom to go to the second DAF page.

    Here 1 at a time do the below

    Flush DNS
    Flush Icons
    Process Idle Tasks
    Reset Networking Interfaces
    Reset WMI/WBEM (not reinstall)
    Repair Permissions

    Watch for any File not found or other errors and make note as this may lead to the fix!

    Final Reboot here before continuing below.

    Download AutoRuns http://technet.microsoft.com/en-us/s.../bb963902.aspx
    Run it let it scan, then when it says ready at bottom left corner click File at top and then Find.

    Type in the find box file not found and hit enter and delete all lines that have file not found.

    There is a bunch of old stuff that M$ thought you might or would need that no longer exist or for computers that are assumed to have SCSI or AMD processors but do not or you have AMD so there is some Intel stuff!

    Then look carefully through all the other entries and delete anything that you may have had but uninstalled and thought was gone. If you are sure delete these also.

    Then get...

    RunScanner http://technet.microsoft.com/en-us/s.../bb963902.aspx

    Click Scan computer

    Double click all Red lines to select, then click Item fixer and remove them.

    Then click Extra stuff again select all Red lines.

    Then click back to Malware hunting and Click the Item fixer again and remove these.

    Same as already said on AutoRuns stuff that was assumed to be need but you do not have.

    None of these items can run as the file is missing so most of the improvement you may see comes as a quicker startup as windows no longer searches or tries to load some of these. But some have noticed a faster shutdown also.

    Reboot and recheck with both AutoRuns and RunScanner.

    Lastly

    Clean and tweak services

    In services stop and disable all of the below just to get them out of the way for now for trouble shooting purposes.

    Nothing is un-installed or deleted only disabled from running!

    They can be put back anytime later but I would not, as none of them are needed by most home users and very few business users. Basically stuff M$ thought you should have.

    Disabled uses no memory (RAM) and no CPU cycles.
    Manual uses the RAM but a small amount of CPU.
    Auto and not started they use even more RAM and CPU.
    Auto and started even more RAM and CPU ..

    Now in this case we disabling for trouble shooting purposes. But when we finish if you leave them all off until it is noticed that you need one (not likely for 99%) then it can be enabled.

    Leaving these all off, then becomes a performance tweak/boost as they free some RAM and CPU cycles! Special note. If you are going to pick and choose then be aware that the small amount of RAM and CPU cycles of each one individually is not significant but as a group it is! So if you need most of them (or just think you do because you don't) then just as well enable them all)!

    Distributed Link Tracking Client
    Distributed Transaction Coordinator
    DNS Client
    Fast User switching
    Health Key and Certificate Management Service
    Indexing service
    Messenger
    Net logon (needed only for logging on to some Domain Servers)
    Net.TCP Port Sharing
    NetMeeting Remote Desktop Sharing
    IPsec services
    QoS RSVP
    Remote Registry (additionally is a security threat)
    Uninterruptable power supply
    Universal Plug and play
    Web Client
    Windows media player Network Sharing

    IF you are using a wired network card and "NOT" using wireless on this computer then you can
    also disable

    Wireless Zero configuration

    Wireless Zero configuration is only used on computers with a wireless NIC like a Laptop. Do not disable Wireless Zero configuration on a Laptop. Has nothing to do with other wireless hardware like wireless routers etc.

    In short if this computer has a CAT 5 or 6 cable and no ability to connect wirelessly if that cable is unplugged, then you can disable Wireless Zero configuration.

    This is not to be confused with Wired Auto Config do not disable that!

    Let me know when you have finished with all the above, then run for a few days to see if we made progress!

    Mike
     
  7. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Well I'll say thorough ;)
    But a concern for Autoruns. Some of these not required auto starting items may stop the computer from running if disabled

    I find Autoruns to be a very sensitive area, before disabling any item (other than "not found" entries) it's best to confirm the item specifically, you could start with Google on this. Instead of disabling any programs, always uninstall them first (preferably)
     
  8. mflynn

    mflynn TS Rookie Posts: 2,793

    No these are missing files and could not run even if they are in a Startup!

    Can't run a missing file!:D

    Have you recovered from your vacation yet?

    Go get some coffee!:)

    Mike
     
  9. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Oh :eek:

    I'm getting some coffee :chef:
     
  10. itguy7305

    itguy7305 TS Rookie Posts: 21

    Update Video drivers and if they the most current try the Omega Drivers. This sounds more like hardware that virus\spy issue.

    http://www.omegadrivers.net/


    Peace
     
  11. mflynn

    mflynn TS Rookie Posts: 2,793

    Good advice from itguy but don't mix it in with my post.

    Do my post completely first.

    Then if still issues do a restore point then update the driver advised by itguy!

    Mike
     
     
  12. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Thanks, Mike. I'll work through your list and report back.

    Kimsland, I'm exactly who I say I am and nothing more. Can you PM me with your concerns? Thanks.

    Best,
    Jerry

    Hi Mike,

    I got this far and then got stuck:

    What is SAS?


    Also, two questions came up during the first part of the process.

    1. KCleaner couldn't remove: c:\documents and settings\myname\cookies\index.dat

    I checked the file system and in fact couldn't find a folder of that name (hidden files are set to show). So that's a mystery.

    2. Do any of these steps need to be repeated under the 'administrator' account? On this computer, I have only my own account and the so-called 'administrator', which isn't listed under User Accounts but is available in safe mode. When I ran some of the tests yesterday in safe mode, I used the 'administrator' account, but now I'm running tests in standard mode and therefore under my own account. Any difference?

    Thanks.

    Best,
    Jerry
     
  13. mflynn

    mflynn TS Rookie Posts: 2,793

    Appearently you skiped this step tisk, tisk, tisk or you would know tha SAS is SuperAntiSpyware and MBAM is MalwareBytes AntiMalware.
    This is your best chance to fix this as if it don't you will know it is hardware.

    Just go carefully thu the steps at your on pace but don't skip steps.:)

    Mike
     
  14. gbhall

    gbhall TechSpot Chancellor Posts: 2,348   +50

    I think this is all a wild goose chase. At 7 years old, it would much more likely to be a hardware issue, and the obvious place to start is open the case and blow out the fluff. On standard PC's which are not able to download anything (i.e. business) they do start to randomly seize up at that age, and the reasons are :

    40% shorts on video card or memory due to dust and static buildup
    40% failing hard drive
    10% failure of fans
    5% failure of CPU paste seal to cooling fins due to 1000+ heat cycles
    5% failure of power supply

    That's my experience. Don't have very much experience of laptops, but clearly power pack comes much higher in that case
     
  15. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Thanks, gb. I had the case open to install a new hard drive three months ago. Just another bit of info.

    Best,
    Jerry

    Thanks, Mike. I didn't skip anything, but I can't always keep straight the alphabet soup of computing. I'll continue with your list now.

    Best,
    Jerry
     
  16. mflynn

    mflynn TS Rookie Posts: 2,793

    No problem just step thu it! If it does turn out to be hardware then it will be clean and fast between crashes.:)

    Mike
     
  17. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Mike,

    I've just finished with your shotgun list, aka the wild goose chase. All went smoothly but for two exceptions. The first was the ghost cookies\index.dat file, as mentioned previously. The second glitch was while running DAF. While resetting WMI/WBEM, I got an error: "Access violation at address 77CO154D in module "version.dll" read of address 00000004". The error prevented DAF from proceeding with that fix, and I had to X out of it.

    The only unexpected results were that one of these tools keeps resetting my Word options, which I find a bizarre side-effect, and the Spybot S&D resident quick launch icon has disappeared.

    So the computer is clean now, and as per your suggestion I'll give it a few days and see if the frequency of freezes diminishes.

    Thanks for your help.

    Best,
    Jerry
     
  18. mflynn

    mflynn TS Rookie Posts: 2,793

    Run DAF and post me its log, to the right of the hammerhead.

    The index.dat is OK it was set to delete on reboot!

    Mike
     
  19. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Mike,

    Here's the DAF log. You'll notice that it abruptly ends with the notice that it has registered cimwin32.dll. That's not exactly true. What actually happened was that there was that error message at the start of the 'reset wmi/wbem' process, and then DAF hung. For 15 minutes, it said that it was registering cimwin32.dll, but nothing was happening. I finally close that window and then X'ed out of DAF (saving the log just before I went). So the WMI/WBEM step never completed.

    Best,
    Jerry
     
  20. mflynn

    mflynn TS Rookie Posts: 2,793

    This will fix issues that were found by DAF!

    Download Windows Resource kit: http://www.microsoft.com/downloads/...69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en

    After installed

    Left Drag mouse and Copy for Pasting all text in the box below.
    Make sure the slider bar goes to bottom from the @ to the end of the second exit.
    Then paste to the black screen of an open command prompt.

    Code:
    @echo off
    
    cd\"\Program Files\Windows Resource Kits"
    
    subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
    subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
    subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
    subinacl /subdirectories %SystemDrive% /grant=administrators=f
    
    subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
    subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
    subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
    subinacl /subdirectories %SystemDrive% /grant=system=f
    
    @Echo =========================
    
    @Echo Finished.
    
    @Echo =========================
    
    @pause
    exit
    exit
    It may run for an hour or more give it time close it and reboot then run DAF again, it should complete now.

    Mike
     
  21. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Mike,

    I downloaded subinacl.exe separately (to save some time on my dial-up) and ran your script in a CMD window. There were three "failures" reported in the HKEY_LOCAL_MACHINE arena, presumably the Windows locked files, maybe the same one that is giving DAF a fit (?). Whatever, DAF had the same error again. I can try rebooting to a DOS prompt and running the script that way to get around Windows, or maybe you have another idea. Whatever your advice, I'll do it tomorrow when I have some time. Thanks.

    Best,
    Jerry
     
  22. mflynn

    mflynn TS Rookie Posts: 2,793

    This happens so don't be concerned.

    Don't do it again.

    For now..

    Just run for a few days to see if thr problem has improved!

    Mike
     
  23. jwazevedo

    jwazevedo TS Rookie Topic Starter Posts: 54

    Will do. Thanks, Mike.

    Best,
    Jerry
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.