Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

[SOLVED] XP-Prof. Boot Problem

- - - - -

  • Please log in to reply
20 replies to this topic

#1
jomajo

jomajo

    Newbie

  • Member
  • 10 posts
  • Joined 18-November 07
hello,
all the sudden my Xp machine takes several minutes to boot up.
After the splash screen comes up a black screen with only the mousepointer working,
then after 3 to 5 minutes appears the login window and even after logging in the user ( or admin) account it takes a little bit toolong until getting a usable desktop.
I can boot into safe mode without delays, but I have no idea how to solve.
I did a repair-reinstall , but it did not solve the problem.
On the same machine there is a Linux Ubuntu distro installed and that system is still working as before, so I would like to esclude hardware problems.

If someone has an idea how to solve this problem I would appreciate a lot.
Thanks

attached there is a CPU-Z report describing the hardware

Attached Files


Edited by jomajo, 26 April 2013 - 12:26 PM.



How to remove advertisement from MSFN

#2
submix8c

submix8c

    Inconceivable!

  • Patrons
  • 4,410 posts
  • Joined 14-September 05
  • OS:none specified
  • Country: Country Flag
I'd venture to say - Trojan/Virus starting up and "eating" your CPU cycles since Safe Mode is fine...

1 - Safe Mode With Networking
2 - Get MalwareBytes, install, Update, and Run it (Full Scan).

If you DO need to Reboot, always use "Safe Mode + Networking" until MalwareBytes finds NOTHING then attempt to Normal Boot.

Side Note - Repair Install will sometime NOT rid you of Malware as it is "hidden" in another file and Registry Entries is firing it up during StartUp.

Someday the tyrants will be unthroned... Jason "Jay" Chasteen; RIP, bro!

Posted Image


#3
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,852 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag
Additionally, NOT alternatively, run Combofix:
http://www.bleepingc...to-use-combofix

jaclaz

#4
jomajo

jomajo

    Newbie

  • Member
  • 10 posts
  • Joined 18-November 07
hello
I did all the cleaning both of you suggested but there was not found anything remarkable.
Malwarebytes signed as hacktool an utility that is used to find the serial number of the distro and another utility useful to find forgotten passwords in an emailclient.
Anyway after let remove those two files and two reboots into safemode nothing else was found anymore.
After I did the other scan with Combofix, without any result.

And the problem persists.

#5
-X-

-X-

    Member

  • Patrons
  • 2,454 posts
  • Joined 08-January 04
  • OS:XP Pro x86
  • Country: Country Flag

Donator

Run msconfig by typing msconfig in the run box. Select diagnostic startup. Click apply, close and restart when prompted. Is the problem still there?
[ Download all Windows XP Post SP3 High-Priority Updates with a simple double click @ xdot.tk Posted Image ]
If someone helps you fix a problem, please report back so they and others can benefit from the solution. Thanks!

#6
dencorso

dencorso

    Iuvat plus qui nihil obstat

  • Supervisor
  • 6,115 posts
  • Joined 07-April 07
  • OS:98SE
  • Country: Country Flag

Donator

Next step: RootkitRevealer...

#7
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,852 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag
I would also explore other (non-malware related) hypothesis, a good idea would be to make a full boot with log:
http://support.micro...kb/833721/en-us
and if nothing "strange" is logged in Ntbtlog.txt proceed with a full Boot time logging with procmon:
http://technet.micro...s/bb896645.aspx
WARNING this will create a BIG file.

Another tool that tends to be forgotten nowadays is Bootvis:
http://en.wikipedia.org/wiki/BootVis
(the wikipedia page provides links to some other similar tool) available from Softpedia:
http://www.softpedia...k/BootVis.shtml

It could well be a "problematic service" :unsure:.

jaclaz

#8
rilef

rilef

    Junior

  • Member
  • Pip
  • 59 posts
  • Joined 08-April 10
  • OS:none specified
  • Country: Country Flag
Although never as bad as you portray, booting my XP system also slows down over time. Perhaps I've just been fortunate, but this slowdown has never resulted from a virus or other malware. Instead, I've always been able to correct the problem as follows:

Run "CCleaner" to clean the hard disk of unnecessary files and the Windows Registry of unnecessary entries.

Disable any unneeded programs that start up with Windows, such as programs that "check for updates".

Run "MyDefrag" to defrag the C-drive or system disk, and move system files, to that part of the hard disk where these files can be accessed more readily.

Run "Auslogics Registry Defrag" to defrag the Windows Registry.

Run "Smart Defrag 2" to defrag remaining system files that can only be defragged at boot time.

#9
Ponch

Ponch

    MSFN Junkie

  • Patrons
  • 3,319 posts
  • Joined 23-November 05
  • OS:none specified
  • Country: Country Flag
If this is after a .NET update, check this.

#10
jomajo

jomajo

    Newbie

  • Member
  • 10 posts
  • Joined 18-November 07
Hello

So I made a bootlog.txt file ( have a look at the attachment).
Bootvis I tried already and even procmon, unfortunately both of them are creating big files impossible to attach here, and what is worse not comprehensive for me.

Attached Files



#11
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,852 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag

Hello

So I made a bootlog.txt file ( have a look at the attachment).
Bootvis I tried already and even procmon, unfortunately both of them are creating big files impossible to attach here, and what is worse not comprehensive for me.

There seems to me there is not any particular issue in the log.
I see that you have Comodo installed, maybe it's part of the issue?

Run a procmon boot log, compress the biggish result .pml file with 7-zip or similar, upload to *any* free hosting site, post a link to it.

You can also try setting verbose status on, see:
http://support.micro...kb/325376/en-us
but usually you don' t get anything of use from it.

jaclaz

#12
My2GirlsDad

My2GirlsDad

    Junior

  • Member
  • Pip
  • 98 posts
  • Joined 28-December 08
  • OS:Vista Home Premium x86
  • Country: Country Flag

There seems to me there is not any particular issue in the log.
I see that you have Comodo installed, maybe it's part of the issue?


Right you are jaclaz!

The latest version of CIS v6.1 has an issue with XP.

See the post at the Comodo Forum here.

Their recommendation is to reinstall v6.0 in XP.

Hope this helps.

M2GD

#13
jomajo

jomajo

    Newbie

  • Member
  • 10 posts
  • Joined 18-November 07
great idea

here is the link to the bootlog.pml made with processmonitor
http://www2.zshares.net/wwss8fiy6naz

and here is the link to the file ( i don't know if it is right to call it a logfile or not) created by bootvis
http://www2.zshares.net/uf7jggemudrk


Both files are compressed in 7z format.

Thanks

Edited by jomajo, 26 April 2013 - 12:14 PM.


#14
dencorso

dencorso

    Iuvat plus qui nihil obstat

  • Supervisor
  • 6,115 posts
  • Joined 07-April 07
  • OS:98SE
  • Country: Country Flag

Donator

The latest version of CIS v6.1 has an issue with XP.

See the post at the Comodo Forum here.

Their recommendation is to reinstall v6.0 in XP.


Would you please quote the info about the issue here? TIA.

#15
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,852 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag
No. :no:
That stupid 4shared site wants me to log in in order to download that file. (besides attempting to trick me into downloadin iLivid, etc. :ph34r: ).
Upload here:
http://www2.zshares.net/

and post the links.

jaclaz

#16
jomajo

jomajo

    Newbie

  • Member
  • 10 posts
  • Joined 18-November 07
I have changed the links to

http://www2.zshares.net/wwss8fiy6naz
for the bootlog created with Sysinternals Procm.

and

http://www2.zshares.net/uf7jggemudrk
for the file created by Microsoft Bootvis

Meanwhile I gave a try to solve the question by disinstalling Comodo CIS version 6.1 and that was the solution.
It must have been e recent autoupdate that created the problem because I used alredy CIS for a while.

Thanks to all of you who spent time in helping me to solve this problem.

#17
jaclaz

jaclaz

    The Finder

  • Developer
  • 14,852 posts
  • Joined 23-July 04
  • OS:none specified
  • Country: Country Flag
Everything is well that ends well. :yes:

jaclaz

#18
My2GirlsDad

My2GirlsDad

    Junior

  • Member
  • Pip
  • 98 posts
  • Joined 28-December 08
  • OS:Vista Home Premium x86
  • Country: Country Flag

The latest version of CIS v6.1 has an issue with XP.

See the post at the Comodo Forum here.

Their recommendation is to reinstall v6.0 in XP.


Would you please quote the info about the issue here? TIA.


For dencorso and others who are interested, this is from Comodo Forum,

"From what I see on the forum you are not alone who face this type of behavior.
Best wait the next update that will be out next week. Again is a small update
that will fix the network issue, but who knows, you should try it. If you experience
the same issue, return to 6.0."

"I too observed the same problem on 3 XP machines. None of them have any
other Secuirty or Virtualisation suites installed. Uninstallers/registry cleaners did not help.
Besides, reverting back to 6.0.2708 completely eliminates the problem.
For now, I suggest to all those who are facing this problem to uninstall CIS6.1, install 6.0
and disable "automatic program updates", wait for a fixed build..."


M2GD

#19
dencorso

dencorso

    Iuvat plus qui nihil obstat

  • Supervisor
  • 6,115 posts
  • Joined 07-April 07
  • OS:98SE
  • Country: Country Flag

Donator

Thanks a lot, M2GD, you rock! :thumbup

#20
My2GirlsDad

My2GirlsDad

    Junior

  • Member
  • Pip
  • 98 posts
  • Joined 28-December 08
  • OS:Vista Home Premium x86
  • Country: Country Flag
For all who are interested again:

Comodo issued their new version 6.1.276867.2813 today.

From their website:

Version 6.1.276867.2813
28 April / 2013 Fixes
Firewall slows down internet connection under some conditions
Memory leak when firewall blocks the packets
Antivirus does not detect some packed samples
Windows XP boots very slowly
Blank message boxes appear during program updates


I just installed it on XP SP3 system and it booted right up as normal.

M2GD

#21
dencorso

dencorso

    Iuvat plus qui nihil obstat

  • Supervisor
  • 6,115 posts
  • Joined 07-April 07
  • OS:98SE
  • Country: Country Flag

Donator

:thumbup




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users