Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very very slow start up and I'm out of ideas...


  • Please log in to reply
8 replies to this topic

#1 gate34

gate34

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 06 February 2011 - 07:30 AM

I'm a average user at best so all help will be appreicated.

I woke up a few days ago to see my comptuer had a black screen stating there was a problem with hibernation and it had to be restarted, I have never seen this before. When I restarted my computer, it came up really really slow, it takes about 40-50 minutes to load up everything and I noticed my gadgets dont ever load. I restarted it to allow Windows to try to repair it, it went through its process and restarted but it again loaded up very very slowly.

In the Task Manager the CPU goes to 4% max and Memory is a about 1.83. I dont know if that is normal. Also, in processes, I noticed a lot of svchost.exe, one that is 138, 796K, but after consulting google, I really dont know if its normal or not.

I have run, AVG, Malwarebytes, Ad-Aware, Spybot, and Windows Registry Repair. As well as every little Windows diagnostic that i could figure out. I'm out of ideas on how to fix my computer.

Additionally I noticed when I try to play media player or VLC it slows then crashes after a couple of mintues, I'm not sure if that is useful.

I did a hijackthis scan and I attached the results. I dont know what is useful but attached is the whole scan.

I have a HP with Intel Core i7, 1.60GHZ. 6.00 GM of RAM. 64 bit OS.

Any help would be greatly appreciated and let me know if you have any more questions.

Thanks.

Update: Again, I'm not sure if this is useful. To get on the wireless where I'm at, I have to connect to a wireless network then VPN into the network. Doing that I see two connections which I am told is normal. Yesterday, I saw up to 4 other internet connections. One was similar in naming convention to the wireless connection I'm using and the other three said Unknown connection. That is not normal I'm sure but I dont know how to stop it.

Thanks again.

Attached Files


Edited by gate34, 07 February 2011 - 05:39 AM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 gate34

gate34
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 09 February 2011 - 12:09 PM

My computer is still sucking. Any ideas?

#3 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:26 AM

Posted 09 February 2011 - 03:37 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

We need to create a New FULL OTL Report
  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.


Why we request you disable CD Emulation when receiving Malware Removal Advice

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.

Best Regards,
oneof4.


#4 gate34

gate34
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 12 February 2011 - 01:31 PM

oneof4,

My issue has not been resolved. I still would appreciate any help.

I did the OTL scan and attached the reports. I wrote everything I could think of in my initial post.

I think I had all my AnitVirus programs disabled, I'm not sure. In my initial report I said I tried a lot of programs so I'm not sure if I turned them all off.

I have a 64 bit OS so I cant do the GMER thing.

Thanks and let me know what I need to do.

Attached Files



#5 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:01:26 AM

Posted 13 February 2011 - 08:44 AM

Hello gate34 (and thanks oneof4),

Not real sure the problems you are describing are the result of malware. The logs show a "controller error" in a location that "may" reflect hidden malicious activity, but more likely non-malware problems needing to be addressed. But we will run a scan to check the malware end of that.

More important, the logs show you have two antivirus programs installed, with an older AVG version, and Ad-Aware, which is now an antivirus program. More than one of these will have each corrupting the other, and cause system slowness and corruption as well. You need to uninstall both (not worth guessing if either is now corrupted or now), then reinstall which ever you choose afterwards. Not quite the right stage set for malware checking, but until we verify the possible malware involvement, just be sure to have both completely disabled while running the scan.

I noticed a lot of svchost.exe, one that is 138, 796K, but after consulting google, I really dont know if its normal or not.

Completely normal. Those allow a more secure, safer and quicker method for services to load and run on the system.

VPN into the network

I can't picture why that would be required. Suddenly "seeing" new, previously unseen wireless networks, even if not identified, is not something usually suggesting bad ideas are involved, but I am not clear on the use of VPN in your arrangements.



Uniblue RegistryBooster
Free Window Registry Repair


Registry "cleaner/booster/optimizer/speeder-upper" apps usually have very convincing website's or vendor produced write-ups, absolutely "proving" the merits of their products. And tend to pick up the same harmless remnants that are always in a Windows Registry, present those using RED markings or alert wording, and too often, then demand payment for what little they might do. The names themselves sound more like automobile gas additive ads, which also have a long history of being of questionable value. Instead, these Registry "cleaner/booster/optimizer/speeder-upper" apps can make incorrect changes, and add to problems. I cannot recommend their use, for any reasons. The logs also show ParetoLogic's DriverCure as having been installed at one point. Programs claiming to resolve actual device driver problems have begun to appear more often lately. If any could do what they tout they can do, that would eliminate the need for the thousands of websites and help discussions about locating the correct drivers. Of course, they all are still needed. Paretologic also has a RegCure program, so maybe "cleaner/booster/optimizer/speeder-upper/cure" apps would be a more accurate list. But up to individuals to decide for themselves.


Enough orating.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here. Windows 7, so be sure to run any of our scan files by right clicking - Run as administrator.


Click here and download Kaspersky's TDSSKiller to your desktop, then unzip that and place a copy of the TDSSKiller.exe file on your desktop. Then click that to open the scanner.

In the display that opens click Start scan. Once that completes, it will show a list of any malware it locates. For now, we don't want to take any action, until additional info is known, so use the drop down (upper right), and change it to "Skip" for each item found.

When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt
Ad eundum quo no duck ante iit

#6 gate34

gate34
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 14 February 2011 - 11:53 AM

Jintan,

First off, right now my computer is working much better. I'm not sure what I did that made it working like normal.

I only installed the extra Anti Virus, and registry stuff after I had the problems....but I uninstalled everything, including those registry fixers, and then reinstalled AVG.

When I restarted my computer after uninstalling everything, my computer shut down at a normal speed, not the 30 minutes it has been taking lately. As it restarted it wanted to do a Check Disk on the C drive. So I let it do its thing. It said it fixed a couple of things in the process.

I let AVG run its initial scan and it pulled discovered a corrupt file on Magic Jack, I let it put in the vault.

I have not been seeing the multiple connections to the same router anymore. For my internet connection I have to connect to the router than click on a short cut, called broadband connection to type in a password to get a connection. I guess I don't really know if that is a VPN connection...it just says that in the window where I type in my password. I'm deployed in Afghanistan paying for some while US wireless internet service.

I disabled my AVG and did the TDSS Killer scan and attached the file.

I think everything is good now. Like I said, I'm not really sure what helped. But whatever you did thank you. I hope you don't notice anything wrong in the TDSS Killer file.

Thanks for your help!

Please let me know if you think I should do anything else.

Attached Files



#7 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:01:26 AM

Posted 15 February 2011 - 09:35 PM

I can't picture what setup they provide for access where you are, and can see how the added security of VPN (a kinda security tunnel) would be in use. Good you have things in better working order.

For the corrupted files issues, you may want to run a chkdsk, use the system for a while, then run it again - even put a day in between those. Chkdsk really shouldn't have any finds, or perhaps locate one glitch every so often. Just go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

chkdsk /r

Then due to the volume being in use, type "Y" for check disk to run at reboot. Just as a precaution, to make sure you aren't developing hardware problems.

For malware, run an additional scan to do a sweep of things. Remember - right click - Run as administrator.

Click here and download the esetsmartinstaller_enu.exe Eset installer. Then click that file to start the scanner.

Check the following boxes:

Remove found threats
Scan unwanted applications


Next to "Current scan targets: Operating memory, Local drives", click the "Change" word. Make sure you place a check next to all disk drives, including any external drives that are attached (no need to check off the floppy or DVD/CD-Rom drives).

Click Start. This scan may take a while, so please be patient. A log may open when the scan is complete (if not, go to C:\Program Files\EsetOnlineScanner\ and open the file log.txt). Click Edit - Select All then copy/paste that log back here please.
Ad eundum quo no duck ante iit

#8 gate34

gate34
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 17 February 2011 - 09:24 AM

Jintan,

I typed in the Check Disk Command for the restart.

I downloaded the Eset scanner and started scanning. A warning appeared saying that I should be careful about using more than one Anti-Virus program, and I remembered you saying that I should not use more than one because files can become corrupt. But, I clicked through the warning because I figured you knew best. And at about 25% complete my computer started slowing down the way it did that caused me to start this plea for help. While my computer was hanging doing nothing I saw warning messages in the bottom right of my computer stating that AVG files were corrupt. So doing what you told me before I restarted my computer (which took about an hour) (Also, I canceled the Check Disk) and started in safe mode so that I could uninstall the Eset Scanner. I couldn't uninstall AVG in Safe Mode. When I started my computer normally it came up ok but the warning messages came up again saying the AVG files were corrupted. I couldn't uninstall AVG because I got and error and through Google I found an .exe that let me uninstall AVG. I restart my computer this time doing the Disk Check and let it do its thing. It took a few hours to complete. Several things were noted and fixed. When my computer started it was back to working great again.

So, I'm currently re-installing AVG. I don't think I want to try doing that Eset scan again because that is the only thing I did different that caused the same problems I was having. I plan on doing the Check Disk a few more times like you recommended.

I don't know if this was a Malware issues. I did not assign this under this section.

If you think I should try something else please let me know. But I think my problems were the result of some disk errors.

What do you think?

Thanks again.

Edited by gate34, 17 February 2011 - 09:27 AM.


#9 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:01:26 AM

Posted 21 February 2011 - 08:28 PM

As I just posted in a different thread, my infrequent thread work here leaves me sometimes wandering locating open threads. So sorry for this delay. I am not seeing malware as an issue here so far, and more an issue of unhelpful or conflicting/corrupted security softwares. I posted a minimized version of the steps for the Eset scan. The "theme" throughout all the steps is to be sure security software is disabled before doing each, which really is a must when running the Eset online scanner. So it did conflict with AVG. The AVG uninstaller you located was here?

If you have AVG now reinstalled, and both it and the system are not having any problems, I don't sense a need to look for malware there now. There are some programs you need to update, to get the benefit of the updated security improvements, so let's do that now, then if everything is doing fine there do some final cleaning up steps.

You have an older and more vulnerable install of Adobe reader, so go here and download and click to install the latest version of Adobe Reader (version 10 as of the last check I did). I suggest you opt out of allowing it to install the McAfee scan it has pre-checked to download.

-------------------

You also have older and more vulnerable Java version installed there, so need to remove that and update to the latest version.

Go here and download the latest version of Sun Java Java Runtime Environment (JRE) 6 Update 24.

I recommend you choose to download the "Windows 7/XP/Vista/2000/2003/2008 Offline" by clicking on that to download the installer. The current file name for that is jre-6u24-windows-i586-s.exe. Although your system is 64 bit, your browsers are using the 32 bit version, so be sure you select the 32 bit option.

When you have done that, Go to Add/Remove Programs in Control Panel and uninstall all versions Java/JRE (Sun Java Runtime Environment/J2SE Runtime Environment) showing below, and reboot after.

Java™ 6 Update 15

Then be sure to disable all security software, and click that downloaded jre-6u24-windows-i586.exe to install the latest Java version there, being sure to reboot after.

---------

Then go here and do any recommended updates for Adobe's Flash Player.

Once you have done those be sure to reboot, to complete the changes. Then post back here on any issues we still need to address please.
Ad eundum quo no duck ante iit




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users