Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: W7/64 freeze after few seconds; strange items in WMI

09 Apr 2017   #11
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I use Macrium Reflect to make backup's and Clones.
They are install on external ssd's.

I used one the other day because of a infection. As a matter of fact I'm on the Clone at the present time. It works like the older install, except without the infection. Just like it was designed to do.

Jack


My System SpecsSystem Spec
.
09 Apr 2017   #12
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

For what it is worth I agree with what the others are saying and personally that chkdsk I always run with the /r switch which unless I am terribly mistaken goes through the /f during the chkdsk operation.
With the Kaspersky I find that it will pick up a lot of stuff in a basically non Windows based program ie FF and Thunderbird. So what would be interesting to know is at what levels of security/sensitivity you have set in the KISS too I find using high level settings in Web Antivirus and Mail Antivirus settings for example do tend to make the KISS overly sensitive to what else goes on with Windows.
But this is only my two cents worth and what the others are saying and advising ie imaging is so important and me I do mine on regular basis and for the tie it takes it is not worth the grief.
My System SpecsSystem Spec
09 Apr 2017   #13
Fenichel

Windows 7/64 Pro SP1
 
 

Just to give you all a progress report: MalwareBytes found some strange-looking registry entries (not just GUIDs, which are always strange), and these (see attachment) were quarantined. Eset is doing an end-to-end scan, and has about 400 GB of stuff to go through. So far (1 hour 16 minutes, 580K items checked), it has found 12 files it doesn't like, but I won't know what they are until it's done.

When Eset finishes, I'll probably accept all of its quarantine recommendations, but before trying another Normal-mode boot I'll be back here for last-minute advice. Since starting this thread, I've made some parallel attempts to find the problem, and in some ways I seem to have made things worse.
  1. I had had only about 13% free space on my C: drive, so I extended it.
  2. In my first Normal-mode boot after this expansion, the freeze didn't happen until after close to a minute after the desktop appeared. I don't know if the volume-expansion had anything to do with this. In any event, I now had time to get into ProcMon and ask for a bootlog.
  3. On the next Normal-mode boot, I expected ProcMon to tell me it had a boot log waiting, but it didn't. I saved the log it did have (probably useless non-boot stuff), and you can see it, if you wish, on my Web site here.
  4. I tried to do another ProcMon run, thinking that I might have missed some part of the boot-log-capturing procedure (ProcMon is not a program I am at all familiar with). I set it up, rebooted, and during the reboot encountered an AVGUI error. I pushed ahead, but now I have no Normal-mode desktop. Instead, there is an all-cream screen (no task bar, no Start menu) with a tiny white legend claiming (falsely) that my copy of Windows is not a legal one.


Attached Files
File Type: txt MWB results.txt (5.7 KB, 6 views)
My System SpecsSystem Spec
.

09 Apr 2017   #14
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Now I did ask if you have any really hard settings in the Kaspersky so have you?? If that MBAM is a free one then ok but if it is a real time / paid for then again Kaspersky does not like playing with other AV's like that.
My System SpecsSystem Spec
09 Apr 2017   #15
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

From you log.

Quote:
PUP.Optional.Conduit, C:\USERS\ROBERT R. FENICHEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\702QQ0Q4.DEFAULT\PREFS.JS, Replaced, [522], [301520],1.0.1694
Conduit is very worrisome.

I have always removed all PUP's found by Malwarebytes and or Eset. Never had any problems.

Malwarebytes 3.0 Trial version will act just like the paid for version until the time expires.

I have been running Malwarebytes 3.0 Premium along side MSE for about a week and have had no problems.
I have no idea if it runs well with other anti virus programs. Malwarebytes says it okay with other anti virus programs but one will just have to test to make sure.

TFC by Old Timer doesn't get along with Malwarebytes 3.0. I had to remove TFC.

If I don't have any problems with Malwarebytes 3.0 for about another week I will upgrade my other system to 3.0.

Jack
My System SpecsSystem Spec
09 Apr 2017   #16
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Quote:
Conduit is very worrisome.
Yes Jack have come across this a few moons ago and it was ugly then I did find this though
What is Conduit browser hijacker? - Definition from WhatIs.com

It would be worth running this if it hasn't already
SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

I still would like to know about those Kaspersky settings as well.
My System SpecsSystem Spec
09 Apr 2017   #17
Fenichel

Windows 7/64 Pro SP1
 
 

In Safe Mode, I am not sure how to access my Kaspersky settings. I have the paid, full version of Kaspersky.
My System SpecsSystem Spec
09 Apr 2017   #18
Fenichel

Windows 7/64 Pro SP1
 
 

I have a question for the clone-experienced contributors. When I first thought about cloning, quite a few years ago, I thought that it couldn't work. My thought was that most disk drives have a few unusable sectors here and there, identified to prevent their being allocated, but straight copying of one HDD onto another would not take proper account of the receiving HDD's bad sectors. Now, obviously my thinking was wrong, but what did I miss?
My System SpecsSystem Spec
09 Apr 2017   #19
Fenichel

Windows 7/64 Pro SP1
 
 

SuperAntiSpyware found lots of tracking cookies, but only 2 files of interest. One was Borland's Package Collection Editor; this dates from 2002, and I strongly suspect that it's a false positive. The other is Unlocker, that I use only every year or so to get rid of files that appear to be open by nonexistent userrs. I haven't used either of these for a very long time.

I can't find any trace of Conduit on my machine, but I haven't used any specialized tools to find it.

In view of the bizarre difficulty I had when I last tried to get into Normal mode (see message #13), is there anything I should do before trying again?
My System SpecsSystem Spec
09 Apr 2017   #20
ICIT2LOL

Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
 
 

Ok mate have just tried it out in safe mode on my tester as I have never used safe mode for disabling it.

Now get into safe mode Start > All programs > open the Kaspersky program listing >open the Kaspersky GUI > click on Settings (lower left) of GUI > go to the General tab > then turn off that other button to activate Protection > it will open a small window asking you to choose how long you want ti pause the pritection > do that and if you have protected the Settings it will ask you to type the password for that > then Enter.

The prog rm will switch off for that allocated time. It is a good idea to add a permission viw=a your own password to change settings in case someone inadvertently or maliciously tries to reset the level of protection with in your AV.

Just tip make sure you have the current edition of the program by clicking on the small icon in blue circle. You should do that after each install or major updates after a reboot from those updates - not the malware database ones.

Pics are of my small 10 laptop but will look the same in 7/


Attached Thumbnails
W7/64 freeze after few seconds; strange items in WMI-kiss-1.png  
Attached Images
W7/64 freeze after few seconds; strange items in WMI-kiss-2.png 
My System SpecsSystem Spec
Reply

 W7/64 freeze after few seconds; strange items in WMI




Thread Tools




Similar help and support threads
Thread Forum
high dpc latency 3.8 seconds! ataport.sys intermittent a/v buzz/freeze
Microsoft drivers are running the onboard hd audio, the realtek drivers don't seem to load; i've downloaded some updates for this jurassic MB from asus for windows 7 and they can't find the hd audio device so they won't install. i've also downloaded some updated drivers from realtek but haven't...
Sound & Audio
Strange items in Downloads folder and disposal?
Absolutely not a clue how they ( see att) got there. Can anyone give me a clue what they are for and where they would normally reside? Can I just delete them, or should I ensure they exist elsewhere?
General Discussion
Firefox problem - Freeze a couple of seconds, a windows open & closes
Hi guys. I've been having this problem and it's driving me nuts. Literally. The title of the thread is a bit ambiguous. Let me explain. In certain circonstences, I don't know what they are (maybe around Flash objects), I am browsing normally, closing & opening tabs and sometimes, Firefox...
Browsers & Mail
My computer will freeze up/lock up every seconds at login
Help! My computer that I've had since '09 has been freezing up every few seconds at startup, for example, the start button glows on mouse over and when i click the start menu doesn't come up, then if I move my mouse the windows logo is still glowing, same goes for the notifications triangle. Other...
BSOD Help and Support
Freeze about 5-10 seconds after log in
This issue just started occuring today and it has me completely stumped. As I recall, I don't believe I was doing anything out of the ordinary (browsing youtube and facebook) when my system locked up then restarted after about 20 seconds. After I booted back up to the log in screen, typed in my...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:27.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App