Solved: Performance Degredation Leading to Deadlock

karlmd · 16-Apr-2008, 02:24 PM #1

Within the last week or so I logged into my computer and it was responding so slowly that I rebooted, hoping things would get better. They did not. Sometimes I can log in and actually click the start button, but generally after that everything comes to a halt. My computer is very old and I know I am way low on RAM to run Windows XP, which is my operating system. However, it has always been manageable enough to get by. All I am trying to do is ride it out for a couple more months until I get a new computer.
I followed most of the standard protocol. I can startup in Safe Mode and I ran Defrag and ad-aware and spybot. I also deleted all my temp internet files and removed almost everything from startup using msconfig. Unfortunately, the problem still persists. Things are so slow I eventually give up and reboot. Although I can't connect to the internet, I can download application files at work, then load them and run them on the problem computer at home. Any thoughts/suggestions/advice would be greatly appreciated!!

karlmd · 23-Apr-2008, 09:06 AM #2

Still experiencing the same problems. I can get into Safe Mode with no problems. If I do a standard login, thing start out slow and get progressively worse until everything basically stops and I am forced to shut down. Here is the HJT log from last night:'

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:53:39 PM, on 4/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Dell Home - {08DCFC6C-B6E4-480C-95A4-FC64F37B787E} - http://www.dellnet.com/ (file missing) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1135790454859
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe

--
End of file - 4750 bytes

I will wait to hear on the best way to proceed.

karlmd · 23-Apr-2008, 09:14 AM #3

Bump!

**cybertech** · 26-Apr-2008, 01:00 PM #4

Is McAfee up to date?

Have you run a disk check to eliminate the problem being a bad hard drive?

karlmd · 28-Apr-2008, 09:29 AM #5

I can't really connect to the internet since this all started happening - I can connect but by the time I try to run anything (i.e. McAfee updates) it has already slowed down to an unusable speed. The last time McAfee was updated was 4/8/08 and I am running version 4.0.5269. I ran the 'Scan Absolutely Everything' option in Safe Mode and it didn't find anything.

I had run Check Disk before, but I ran it again last night with the options set to Fix any problems and Fix bad sectors. It took longer but still completed successfully without any warning flags. I was looking for a log but couldn't find anything.

Regardless, after running both of those, the problem still persists. After logging in normally, things are very slow but get progressively worse until I have to log out altogether.

Let me know what you think I should try next.

**cybertech** · 28-Apr-2008, 01:13 PM #6

Try a new profile (user account) and see if that is the same or better.

karlmd · 29-Apr-2008, 08:03 PM #7

I logged into Safe Mode and created a new user account and set it up with administrator rights. Then I rebooted and logged in normally with that user account. The performance problems that were exhibited with my normal user account did NOT occur for the new profile. I was able to navigate, open applications, connect to the internet, and even update McAfee to get the definitions up to date. After 10 minutes, things were still moving along at a normal pace. I didn't actually use a lot of the applications, because when I tried to start them they would ask for a new user registration. This was especially true of my email; I couldn't get into my email because the Outlook wizard fired up and asked me to establish my new email account. I couldn't remember how to fill out all the fields so I just gave up on that (for now). The great news is that the new account is definitely not being affected by whatever is ruining my normal profile.
So the question is, do I try to switch everything over to this new account, and delete my old one? Or should I try to fix my old one?

**cybertech** · 30-Apr-2008, 11:47 AM #8

If the profile is corrupt it's easier to move your data to the new one than to try and fix the old one. I would say eventually you can delete the old one but leave it for now, until you are 100% sure you have everything you need in the new one.

Here is how to Copy files to the new user profile

You may need to log into the old one to figure out your e-mail. Also if you have personal folders you will need to find the location of those and move them too.

karlmd · 02-May-2008, 09:52 AM #9

Well I am not sure why that worked so well the other day because it sure is not now. I started to follow the Microsoft directions you gave me via the link, and I went into Safe mode and created a 3rd user account. So then I rebooted and tried to log in with that 3rd user account, and it was a total no go. In fact, while it was trying to load the new personalized settings, it just completely froze up and never even finished building the desktop. So I rebooted and tried the other (2nd) new user account I had setup the other day when you first requested it. Now that one is a no go too - performance was so bad it never finished loading. I tried multiple times, rebooting and trying the different user accounts. Now they are all the same - terrible performance to the point it is unusable. It looked so promising, but apparently that wasn't the solution.
Any other ideas?

**cybertech** · 02-May-2008, 01:59 PM **#10**

First thing that comes to mind is perhaps you copied these files
• Ntuser.dat
• Ntuser.dat.log
• Ntuser.ini

That would move the corrupt registry to the new profile so you do not want to do that.

If you did not do that the next thing I would suggest is backing up your important data and doing a full format and reload.

karlmd · 02-May-2008, 02:10 PM **#11**

Sorry I should have been a little more clear about that. I never even got to point where I copied any files. The slowdown happened before I could even begin the actual process.

Are there instructions anywhere for the full format and reload?

**cybertech** · 02-May-2008, 04:32 PM **#12**

Yes, we have a thread here:
Guide to Reinstall Windows

Feel free to make a new thread in the XP forum if you need some help.

karlmd · 07-May-2008, 01:18 PM **#13**

Sorry for the long delay since the last post, it takes a while to get anything done because the performance is so poor.

I was able to backup my important files after logging into my original user account that has been causing all the problems. After that, I followed the instructions to do the No-Reformat, Nondestructive Total-Rebuild Option for XP. That seemed to work correctly. I got to the end of the process and got the 'Thank You' screen but instead of rebooting as the instructions suggested, it just froze up. So I rebooted, and logged in normally using my standard profile.

The good news is that it definitely helped. I can navigate around and connect to the internet and things generally work. However, something is still not right. It is still slower than it ever was before all this started, and it has been inconsistent. I have tried to log in a handful of times after reloading XP and sometimes it seems ok, but other times it starts out slow and gets progressively slower.

It just seems like I have some malware or something on there that is screwing things up. Last time I had this problem (when I posted my first-ever message on here) the suggestion I got was to download the free trial of the Ewido anti-malware application and run it and post the log. I am wondering if there are any similar products that I could try this time? Also, I installed and ran the Kaspersky free online virus scan (another suggestion from the last time I was having problems). I attached the log file from that process. I have no idea if it will help, but I figured I would at least put it out there.

Any other suggestions or recommendations would be helpful!

**cybertech** · 07-May-2008, 02:51 PM **#14**

These are the infected files:
C:\QUARANTINE\5F3EDBFBd01.Vir
C:\QUARANTINE\063ED047d01.Vir
C:\!KillBox\NPONFLOW.DLL
C:\!KillBox\onflowreport.exe
C:\!KillBox\A0009809.exe

You can delete the killbox folder and empty the quarantine. Based on the usage of killbox, which I did not request, I can only guess something was removed that should not have been or your machine is having hardware problems.

I would not have used the nondestructive method. That has the possiblity of bringing back problems.

karlmd · 07-May-2008, 03:02 PM **#15**

The Killbox folder was created after I logged my first issue in this forum in December '05. It was at the advice of Cookiegal that I downloaded and ran that program, and it has just been sitting out there since.

I thoutght the non-destructive method was the one I was supposed to use. I can reload XP again and do the normal reformat and reload if you think it will help.

I will delete those files you listed and see if performance improves.

Search
Search in:
Show Threads Show Posts
Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)