programs slow to start (Windows7)

Discussion in 'Malware Help (A Specialist Will Reply)' started by deletesystem32, Jul 1, 2013.

  1. deletesystem32

    deletesystem32 Private E-2

    My Mom's laptop has recently been running very slow. The laptop would get to the user desktop, but then slow to a hault from there. There were no slowdowns in safemode though.

    I've gone though the Vista & Windows 7 Malware Removal/Cleaning Procedure in safe mode, and when I restart in normal mode I'm greeted with a black screen and a cursor for a few minutes (task manager failing twice to start) before I get to the desktop. Any program or task I run (browsing explorer, starting a web browser, changing websites, shutting down) has a very long delay. Throughout this, I'm not sure if the CPU ever rose above 2%, or the memory above 2.38GB.

    The computer is a Toshiba Satellite P755, with 6GB RAM and 500GB of free space, running Windows 7 Home Premium SP1. It's also running McAfee Total Protection.
     

    Attached Files:

    deletesystem32, Jul 1, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    It does not sound like you are having malware problems. Sounds like a what your are running problem.

    • Uninstall Spybot completely and then reboot your PC?
    • Any change? If no, continue to the below.
    • Uninstall McAfee completely and then reboot your PC?
    • Any change?
    Report back on your status.
     
    chaslang, Jul 1, 2013
    #2
  3. deletesystem32

    deletesystem32 Private E-2

    Her computer seems to be running normally again after removing McAfee. I find it odd because it wasn't giving us any trouble before, and all our computers use McAfee. Anyways, thanks for the quick help!
     
    deletesystem32, Jul 2, 2013
    #3
  4. deletesystem32

    deletesystem32 Private E-2

    Well my dad immediately installed Norton to replace McAfee, and now the computer's freezing up again. He's absolutely convinced Norton isn't the cause and says it must be something else like a hardware problem.
     
    deletesystem32, Jul 2, 2013
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I cannot say whether you are having hardware issues or not. That would be a topic for our Hardware Forum. However I can say it was not malware. You do have some junkware that could be cleaned up which we will do below.

    It would have been better not to have immediately installed Norton so that we could check a few logs out from NORMAL boot mode first. In fact the READ & RUN ME FIRST instructions specifically stated not to do anything we do not ask you to do. It makes our job more difficult.

    Your previous logs were safe boot mode and that is not good enough to tell us what is happening in normal mode. So uninstall Norton now and then do all of the below in Normal boot mode. Also make sure that you still have Spybot uninstalled. You do not want SpybotSD TeaTimer running with either Norton or McAfee!!!!


    Please download OTM by Old Timer and save it to your Desktop.
    • Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
    • Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
      (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
      the code box
    Code:
    :Processes
explorer.exe


:Files
C:\Program Files (x86)\StartNow Toolbar
C:\ProgramData\AVAST Software
C:\windows\TEMP\
C:\Users\Jon\AppData\Local\Temp\*.*

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"StartNow Search Protect"=-
"Google Update"=-
"SpybotSD TeaTimer"=-

[HKEY_USERS\S-1-5-21-340388046-2656400037-716458570-1000\Software\Microsoft\Windows\CurrentVersion\run]
"swg"=-
"StartNow Search Protect"=-
"Google Update"=-
"SpybotSD TeaTimer"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{FFFFDD05-F8A1-4CFB-A75A-C695F9996714}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9CBE491E-4009-45E7-B7AD-F364C685ADC4}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
:Commands
[purity]
[EmptyTemp]
[start explorer]
[Reboot]
    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
      ) and choose Paste.
    • Now click the large http://forums.majorgeeks.com/chaslang/images/MoveIt!.png button.
    • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
    • Close OTM.
    Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
    saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
    this log file to your next message.

    Now please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.
    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • the C:\_OTM\MovedFiles log
    • the JRT.TXTlog
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Jul 2, 2013
    #5
  6. deletesystem32

    deletesystem32 Private E-2

    Thank you for your reply.
    Unfortunately, after consulting with an IT guy for 3+ hours, we decided to send it in for repair :-o

    I did notice a few more things before we called it quits: After we switched to Windows Essentials, I noticed the system ran fine for the first few minutes (running microsoft programs, playing youtube videos), but would slow back down later and take forever to shut down. Also, chkdsk /r would freeze during step 5 at 15%.

    Thanks again for the assistance.
     
    deletesystem32, Jul 3, 2013
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Hope you find the issue.
     
    chaslang, Jul 3, 2013
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds