Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Running Slow


  • This topic is locked This topic is locked
34 replies to this topic

#1 Cjshoop9

Cjshoop9

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 22 March 2011 - 07:29 PM

Hi, I'm having problems running programs in Windows 7. As the title says, Windows runs really slowly. This problem started about a week and a half ago (though most of this time I was away on spring break). What usually happens is after turning on the computer, I'll start using Firefox, iTunes, etc, and things slow down to the point that the computer might as well be frozen. The program will not respond for a while, but pressing the "x" to close them does nothing until everything unfreezes anyway. I open the task manager (which takes time) and under processes everything looks normal, except that I've noticed that sometimes there is an itunes.exe process running, though I have no iTunes window open. I think this might just happen when my iPod is plugged in and the computer is slow opening iTunes just like it's slow with everything else. I can still click things while the computer is frozen, for example the start menu button, and the animation of the button being pressed happens, but the menu doesn't pop up, just as clicking on a program pinned to the task bar will also show the animation but nothing will happen. Eventually everything unfreezes for a bit. I can end the iTunes process, and any other processes that shouldn't be there which can help keep whatever program I have open be more stable (though not completely normal). But, as soon as I try using two programs, the slow down gets much worse.

The first time it started was just after installing a new program (called F.lux), so I thought the new program was the problem. This wasn't the case, I uninstalled the program and checked to see if it was malicious, and it isn't. I've scanned for malware using Malwarebytes, Spybot S&D, and Windows Defender runs scans every night by itself. No viruses have been found. I booted my computer using a Dr. Web disk and scanned from there, and again nothing was found (though there were some files with errors). I've also run checkdisk and my hard drive is set to automatically defrag every week. None of these have fixed anything. Does anyone have any suggestions on how to fix this problem?

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 PM

Posted 24 March 2011 - 06:44 PM

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 14 April 2011 - 12:10 PM

Hi again, sorry for the long silence. Soon after posting my problem here, things seemed to clear up on my computer. I hadn't actually done anything more to try to fix it, so I thought there was a chance it might start happening again. Unfortunately, it has. For the past few days, thing have temporarily froze/not responded. Last night I ran the ESET scan, and when I got up this morning, it said there were no infected items, so I don't have a list of found threats to post in this reply.

Things have become worse just since then though. When I saw there were no threats found, I tried using firefox to get to this website to give a reply. Because of the freezing, it took firefox a few minutes to start up. When it finally did open, it was unresponsive. I waited, and eventually hit ctrl alt del, to just end the program. Even this didn't work. Instead of the security screen with logon options, task manager, etc appearing, a box popped up saying, "the windows security screen could not be opened, try again or restart your computer." That's a rough paraphrase, because as you are about to find out, I can't get to that message anymore. I restarted my computer. During the restart, once the windows boot screen was loading up, the computer restarted itself. This time, the option came up to start windows normally or go to startup repair. I tried startup repair, which got as far as the windows logon screen (except there is no user to log on to, its just the background). I let it sit there for awhile, but eventually restarted again and tried a normal startup, which again caused the computer to restart. Now, I went to the startup repair, which is having the same result (just the windows logon background) and that is how my computer currently sits.

If any of this is confusing, I apologize, I wrote this all out from my phone. Let me know if there's anything I can clear up. Thanks for the help!

Edited by Cjshoop9, 14 April 2011 - 02:15 PM.


#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 PM

Posted 14 April 2011 - 05:20 PM

I have asked for some assistance from some of our experts. Hang in there.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,638 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:02 PM

Posted 14 April 2011 - 06:42 PM

Hi, :welcome:

We will need to view the system status from an external environment. You will need a USB drive and a CD to burn. There will be several steps to follow.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh to your USB drive
  • Also Download Query.exe to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.
  • Remove the USB & CD and insert them in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Then type bash driver.sh -af
  • Press Enter
  • You will be prompted to input a filename.
  • Type the following:

    Winlogon.exe

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    explorer.exe

  • Press Enter
  • After it has completed the search enter the next file to be searched
  • Type the following:

    Userinit.exe

  • Press Enter
  • After the search is completed type Exit and press Enter.
  • After it has finished a report will be located in the USB drive as filefind.txt
  • While still in the Open Terminal, type bash query.sh
  • Press Enter
  • After it has finished a report will be located in the USB drive as RegReport.txt
  • Then type dd if=/dev/sda of=mbr.bin bs=512 count=1


    Leave a space among the following Statements:

    dd is the executable application used to create the backup
    if=/dev/sda is the device the backup is created from - the hard drive when only one HDD exists
    of=mbr.bin is the backup file to create - note the lack of a path - it will be created in the directory currently open in the Terminal
    bs=512 is the number of bytes in the backup
    count=1 says to backup just 1 sector


    It is extremely important that the if and of statements are correctly entered.

  • Press Enter
  • After it has finished a report will be located in the USB drive as mbr.bin
  • Plug the USB back into the clean computer, zip the mbr.bin, and except for the mbr.bin zipped file, post the contents of the report.txt, filefind.txt and RegReport.txt in your next reply. The mbr.bin zipped file must be attached to your reply.

Edited by Budapest, 14 April 2011 - 06:47 PM.
Moved from AII ~Budapest

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 14 April 2011 - 09:03 PM

Hey thanks for the help guys. Before I do any of that stuff, I did eventually get the startup repair working. I had left it at the frozen screen for awhile, and then just turned it off. After a while I tried one more time and the startup repair didn't freeze. It was unable to fix anything, but did leave these details when it finished trying:

Problem Signature:
Problem Event Name : StartupRepairOffline
Problem Signature 01: 6.1.7600.16385
Problem Signature 02: 6.1.7600.16385
Problem Signature 03: unknown
Problem Signature 04: 538
Problem Signature 05: AutoFailover
Problem Signature 06: 1
Problem Signature 07: BadPatch
OS Version : 6.1.7600.2.0.0.256.1
Locale ID : 1033


Let me know if I should continue with what you had said above, or if there's something else you think I should be doing based on this information.

#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,638 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:02 PM

Posted 14 April 2011 - 10:14 PM

I am sorry, but that report has no meaning to us. Please try the instructions above and post the reports.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 15 April 2011 - 12:54 AM

Ok, just thought I'd check, though now my computer is back up and running (not sure why). After that startup repair had finished, I decided to run a memory diagnostic as long as I was just waiting for a reply here. Well after you guys had replied it still hadn't finished, but I decided to let it continue. Once finished my computer automatically rebooted, and this time it worked, and I'm actually using it to post this. Let me know what I should do next, I assume I won't need to be viewing my computer from an outside environment (though if I should still do it, please let me know).

#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,638 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:02 PM

Posted 15 April 2011 - 01:13 AM

Perhaps was just a flick, but just to make sure it was not due to malware, perform the online scan as requested in Post 2.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 15 April 2011 - 01:20 AM

I performed the ESET scan last night, just before these other problems started cropping up. This morning I checked it, the scan was complete and it hadn't detected anything. That's when I restarted my computer and couldn't get it back turned back on, until now. Do you want me to scan it again though it didn't detect anything last night?

Edited by Cjshoop9, 15 April 2011 - 01:41 AM.


#11 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 15 April 2011 - 10:09 AM

I did another ESET scan overnight just to be sure. Again, nothing was detected.

#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,638 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:02 PM

Posted 15 April 2011 - 12:43 PM

That is quite odd.

Scan with Combofix as follows:

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      If AVG or CA Internet Security Suite is installed, you must remove these programs before using Combofix. If any of these applications will not uninstall, it is first recommended to uninstall it with AppRemover by Opswat. http://www.appremover.com/supported-applications. Do not use AppRemover on Norton

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 15 April 2011 - 08:31 PM

Ok, followed the Combofix instructions, here's the log:

Attached Files



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,638 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:02 PM

Posted 15 April 2011 - 09:47 PM

All seems clear. You are running a defragmenation program that launches at startup. That may contribute to the computer being slow.

How is it doing?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 Cjshoop9

Cjshoop9
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:02 PM

Posted 15 April 2011 - 10:11 PM

That's good. It's been fine so far, did Combofix remove anything of note? What defragmentation program runs at startup?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users