TechSpot

Computer running slow

By theRadiantChild
Jul 4, 2010
  1. I've noticed lately my computer at home has been running a little slow. I'm running windows 7. I did the 8 step process. Can't seem to find any viruses. GMER will not run for some reason. Says C:\system32\config\system: The system cannot find the file specified. When I went to look for this file myself I noticed it has a padlock on it. So im assuming that file is locked. I couldn't figure out how to unlock it. I tried running in administrator to no avail. I'll post what I have so far though. Thanks for any help offered.
     

    Attached Files:

  2. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    GMER won't run on 64-bit system.

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:



    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  3. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    as requested:

    too many characters so had to post the txt files instead :)
     

    Attached Files:

  4. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O4 - HKLM..\Run: []  File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
      O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
      O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
      O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      O33 - MountPoints2\{8e08b6bd-c0b9-11de-b64a-00044b15fcd3}\Shell - "" = AutoRun
      O33 - MountPoints2\{8e08b6bd-c0b9-11de-b64a-00044b15fcd3}\Shell\AutoRun\command - "" = G:\Installer.exe -- File not found
      O33 - MountPoints2\F\Shell - "" = AutoRun
      O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
      @Alternate Data Stream - 1266 bytes -> C:\Users\Phil\AppData\Local\Temp:EWO5KAoOVf2tXfUhAFTwx9de
      @Alternate Data Stream - 1132 bytes -> C:\ProgramData\Microsoft:LgZk4WP12JOthwjYcyadeYh5Ex
      @Alternate Data Stream - 1131 bytes -> C:\ProgramData\Microsoft:e2nP92cpoMVHedNwVdUXi5kRBg
      @Alternate Data Stream - 1065 bytes -> C:\ProgramData\Microsoft:RJJS9aMUd12DnbbSG2xM2jLd
      
      :Services
      
      :Reg
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
     
  5. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    per request
     

    Attached Files:

  6. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    So far, I don't see much here...

    1. Download Temp File Cleaner (TFC)
    Double click on TFC.exe to run the program.
    Click on Start button to begin cleaning process.
    TFC will close all running programs, and it may ask you to restart computer.


    2. Go to Kaspersky website and perform an online antivirus scan.

    1. Disable your active antivirus program.
    2. Read through the requirements and privacy statement and click on Accept button.
    3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    4. When the downloads have finished, click on Settings.
    5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

    • Spyware, Adware, Dialers, and other potentially dangerous programs
      [*] Archives
      [*] Mail databases
    6. Click on My Computer under Scan.
    7. Once the scan is complete, it will display the results. Click on View Scan Report.
    8. You will see a list of infected items there. Click on Save Report As....
    9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
     
  7. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    So far kaspersky hasn't found anything. I'm at the 30min mark. I'll keep you posted. Maybe it has nothing to do with a virus. I noticed firefox runs like complete *** and internet explorer seems to run smooth. I've also noticed my icons on my desktop refresh really slow. The icons disappear to a generic icon. Some don't always refresh.
     
  8. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Maybe, but when we're done with cleaning, at least, you'll know, it's something else.
     
  9. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    whoa this will take awhile. already a little over an hour into scanning and only 20% complete! yowzers!!
     
  10. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Kaspersky takes time :(
     
  11. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    looks clean to me.
     

    Attached Files:

  12. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Very good :)

    OTL Clean-Up
    Clean up with OTL:

    * Double-click OTL.exe to start the program.
    * Close all other programs apart from OTL as this step will require a reboot
    * On the OTL main screen, press the CLEANUP button
    * Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    ==================================================================

    Your computer is clean [​IMG]

    1. Turn off System Restore:

    - Windows XP:
    1. Click Start.
    2. Right-click the My Computer icon, and then click Properties.
    3. Click the System Restore tab.
    4. Check "Turn off System Restore".
    5. Click Apply.
    6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
    7. Click OK.
    - Windows Vista/7:
    1. Click Start.
    2. Right-click the Computer icon, and then click Properties.
    3. Click on System Protection under the Tasks column on the left side
    4. Click on Continue on the "User Account Control" window that pops up
    5. Under the System Protection tab, find Available Disks
    6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
    7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
    8. Click OK

    2. Restart computer.

    3. Turn System Restore on.

    4. Make sure, Windows Updates are current.

    5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    7. Run defrag at your convenience.

    8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    9. Please, let me know, how is your computer doing.
     
  13. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Any word about your computer?
     
  14. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    seems like its working great! my other pc not so much. The windows live mail program preview pane is blank whenever i click on a message. where would I post that problem at?
     
  15. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Thanks for posting back :)

    Hmmm...start new topic at Windows forum (regarding the other computer).
     
  16. theRadiantChild

    theRadiantChild TS Enthusiast Topic Starter Posts: 364

    ok thanks and thanks for all of your support!
     
  17. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    You're very welcome [​IMG]
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...