Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

extremely slow computer


  • This topic is locked This topic is locked
29 replies to this topic

#1 firefly52

firefly52

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 17 May 2009 - 09:45 AM

for the past several weeks my pc has been extremely slow. it takes forever to load a page and sometimes never. I have scanned with no results. I cleaned out cookies, temp files, history, uninstalled unused or seldom used programs including firefox and went back to ie, and defragged. This morning 5-17-09 after being unplugged all night, upon bootup, it was much faster for some reason.

I have been instructed by someone in chat to run Rootkit Reveal (which I had to download first) and run it and post the results here.

Here are the results:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Owners 8/25/2008 9:41 PM 0 bytes Hidden from Windows API.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\WUClient-SelfUpdate-Aux~31bf3856ad364e35~x86~~7.2.6001.784 8/25/2008 9:41 PM 0 bytes Hidden from Windows API.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN 5/1/2008 10:44 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\CertMapping 5/1/2008 10:49 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client 11/2/2006 8:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Listener 11/2/2006 8:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Service 11/2/2006 8:54 AM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS 5/1/2008 10:49 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\WinRS\CustomRemoteShell 5/1/2008 10:49 PM 0 bytes Security mismatch.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009 11/2/2006 6:33 AM 0 bytes Security mismatch.

Thanks for any help you can give!

BC AdBot (Login to Remove)

 


#2 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 AM

Posted 17 May 2009 - 10:10 AM

You've already covered some areas that are listed in the following references. But the articles are good ones about slowness issues.
Here are some recommended articles:
See Miekiemoes' Help! My computer is slow!
http://users.telenet.be/bluepatchy/miekiem...owcomputer.html

See Jim Eshelman's Computer Health
http://aumha.org/a/health.htm

Slow Computer/Browser: Check here first!
http://www.bleepingcomputer.com/forums/t/44694/slow-computer/

I'd recommend you scan the system with your antvirus, both in Normal mode and also in Safe mode. If both scans turn up clean, then malware is likely not the issue. {note: cookies do not count )

Tell everyone explicitly which version of Windows is on this system.
Tell also if you ever had or ran peer-to-peer filesharing apps.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#3 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 23 May 2009 - 06:59 AM

Hello, Maurice and thank you for your help. My os is vista by the way. I don't know what peer-to-peer filesharing apps is, but I don't think I've ever used that.

I booted my pc up into safe mode to run avg again but it asked for my user name & password then wouldn't take it saying it's "invalid".

Now what should I do?

#4 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 AM

Posted 23 May 2009 - 03:00 PM

Be sure to check your keyboard to insure that CAPS lock is not on
And if you use a number as part of your account name or user password, that the NUM lock is on if you have a numeric keypad on the keyboard.
Also make sure you are typing in the correct user-account name & password when logging in.

Worst case, if still unable to use Safe mode, go back restart the system into normal mode, and then do a full antivirus scan with your AV.

Next, get download and run the Trend Micro Sysclean Package on your computer.
NOTE! This scan will probably take a long time to run on your computer so be patient and don't use it while it's scanning.
  • Create a brand new folder to copy these files to.
  • As an example: C:\DCE
  • Then open each of the zipped archive files and copy their contents to C:\DCE
  • Copy the file sysclean.com to the new folder C:\DCE as well.
  • Double-click on the file sysclean.com that is in the C:\DCE folder and follow the on-screen instructions.

    After doing all of this, please post back your results, including the log file sysclean.log that will be left behind by sysclean.
How To Use Compressed (Zipped) Folders in Windows XP
Compress and uncompress files (zip files) in Vista

Edited by Maurice Naggar, 23 May 2009 - 03:01 PM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#5 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 23 May 2009 - 04:00 PM

Ok.. I already did a full scan with AVG in normal mode. Then I did a full scan in safe mode. Apparently I had to scroll down to another line in order to run it in safe mode from whatever it was on when I restarted it in safe mode. It didn't show anything.

I'm trying to download the "Trend Micro Sysclean Package" that you recommended. You say it will take a long time to download, which goes without saying as everything takes forever as it is if it even downloads at all. Sometimes a page will finally show up after ages, and sometimes it will tell me "page not found" as if I'm not connected to the internet, which I know I am. This is high speed wireless internet I have. It was faster when I had dial up. That should tell you something about how slow it is now. So downloading something that "takes a long time" will no doubt take forever or never. However, I will try it. I'll get back with you when and if it ever finally does anything.

Thank you for your time and patience in this matter.

#6 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 AM

Posted 23 May 2009 - 10:37 PM

The note said "the scan" by Sysclean run would take a good bit of time (all depending on how many files are on your drives). But not the download of the utility and definitions packages. If you have broadband, the download itself should go fairly quickly.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#7 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 24 May 2009 - 08:36 AM

I downloaded the trend micro sysclean package, virus pattern files and spyware pattern files. When I tried to run it I get two messages:

"Required file SSAPIPTN.DAS is missing... Spyware scan will start disabled. Please downlead a copy from [url="http://www.trendmicro.com""]http://www.trendmicro.com"[/url] and

"Required file "LPT$VPN" is missing... Please download a copy from [url="http://www.trendmicro.com""]http://www.trendmicro.com"[/url].

I went to the site but can't find those two files anywhere to download them.

#8 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 AM

Posted 24 May 2009 - 10:19 AM

See my previous note about Sysclean. There are 3 separate downloads to do. The links are numbered 1. 2. 3.

There is also a link to the README file, which will have more details.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#9 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 24 May 2009 - 05:51 PM

I went back to those sites to download files lpt$vpn.XXX from http://www.trendmicro.com/download/viruspattern.asp and ssapiptn.da5 fromhttp://www.trendmicro.com/download/spywarepattern.asp and I cannot find either one of those two files on those sites.

#10 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 24 May 2009 - 06:27 PM

I found ssapiptn.da5 pattern file: ssapiptn773.zip and am downloading it. I'll keep looking for the other one.

#11 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 26 May 2009 - 10:35 AM

the only file I see under virus pattern files for windows is: lpt150.zip. I don't see lpt$vpn anywhere.

#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:22 AM

Posted 28 May 2009 - 05:27 AM

The LPT zip file is found on this page http://www.trendmicro.com/download/viruspattern.asp
Just be sure you get the Windows version.
The contents of the ZIP file have to be extracted and saved in the folder you created.

The other issue is, you have to get the set of 3 files pretty much in a timely manner, since they are updated frequently.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#13 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 28 May 2009 - 09:22 AM

I guess the other files I downloaded are obsolete now and have to be re-downloaded then? I haven't been able to do much at a time since I have to do this on my days off from work and they take forever to download, but I'll try this again. Thanks for the site.

How do I create a new folder and extract zip files? I was going to do that later after I had all the files downloaded. I'm not sure how long this is going to take, but I'll try to get this all done is the same day. Should I delete the ones I already saved on my desktop?

#14 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 28 May 2009 - 01:20 PM

I downloaded and saved all three files, extracted and saved them to a folder. When I ran it, I still get these messages: "required file SSAPIPTN.DA5 is missing... spyware scan will start disabled" and "required file "LPT$VPN" is missing... spyware scan will start disabled".

I don't know what I'm doing wrong.

#15 firefly52

firefly52
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 28 May 2009 - 01:52 PM

I have both SSAPIPTN.DA5 and LPT$VPN on my desktop, but when I try to open them, I get this message:

"Windows cannot open this file: File: ssapiptn.da5 To open this file, Windows needs to know what program you want to use to open it. Windows can go online to look it up automatically, or you can manually select it from a list of programs that are installed on your computer.

What do you want to do?

Use the web service to find the correct program

Select a program from a list of installed programs"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users