9 replies to this topic

[brentorama]

Hey guys, first off thanks for taking the time to review my post - secondly I want to preface this by saying that I'm very close to chucking in the towel and doing a reformat, but before I do that I thought maybe I'd give the Windows forums a shot.

 

I am running Windows 7 Pro on a 7 year old Toshiba Qosmio laptop

 

So, looks like I fouled up my system with a torrent about a month back, and furthermore I think I made the problem worse by doing some harebrained home remedies including using Wise Registry Cleaner - I know, dumb.

 

Symptoms now include the system slowing down to a grind within 5 minutes of starting windows,  unable to shut down, unable to open the start menu and a strange "Exception thrown" error when Express VPN tries to load.  System works pretty good in safe mode and with the network card disabled.  The last error I got while running some tests was : Microsoft Windows, The application is not responding.  The program may respond again if you wait.  Do you want to end the process?

 

user Tomk on the Malware forum has been helping me out up to this point and it's on his suggestion that I'm here.  

 

If you think there's any hope of salvaging the system without doing a "nuke and pave" then please let me know.

 

Thanks for your time.

 

Brent

[paws]

Hi Brent,

Sorry to hear about the problems you are experiencing with your computer.
I took a look at the logs you were working with Tomk over in the virus and Spyware removal forum and its good to know that Tom thinks its a system problem rather than malware that is at the root of the problems.
 
It may be that a format and reinstall will be called for if it proves too difficult or time consuming to get it all working properly by using a piecemeal type of repair approach. so just in case please make sure that your back ups are all working Ok, comprehensive, include everything that's important to you on your computer and that you have several copies on removable media with at least one copy kept safe offsite together with a bootable disc....( just in case Windows fails to start anytime.)
 
If your Win 7 Toshiba is working well enough then be sure to make a "Repair disc" and also a disc image (system image ) if you haven't already done so.
 
Ok once that's all done to your satisfaction and you have tested everything to make sure it all works Ok...(no point in having back ups or system images that don't work reliably!) we can start with some diagnostics and potential fixes:
 
1 Please shut down your computer in the normal way (a complete shutdown not just a sleep/hibernate) remove the power cord from the wall socket and then from the Toshiba.
 
2 Turning the Toshiba over so you can see its underside remove the battery and place it somewhere safe ( we will be replacing it shortly so temporary storage will do just fine)
 
3 Press and hold the power on button ( still with the above disconnected) for 30 seconds, and then release it. Press and hold the power on button again for a further 10 seconds and then release it.
 
4 Reconnect the battery then when the battery is locked in position turn the computer the right way up and now connect the power cord to the Toshiba and then to the wall socket.

NOTE please follow the order exactly as stated above and make the timings as exact as you can. This procedure will have drained the internal capacitors of their electrical charge and allow the best opportunity for the diagnostic/fix to work correctly.

 

5 Start up your computer by pressing the power on button for 2 seconds and when you get to the desktop, wait 4mintes and then open Control Panel, and go to "User Accounts" set up a new account, (call it Brent01) and make sure to give it administrative status. Do not ( at this stage) make the account Brent01 password protected.... when this has been completed and the account set up then please close down your machine in the usual way( full shutdown, not a sleep/hibernate)

 

6 Wait 2 minutes ( by the clock please) then restart your computer and log in to the new account you have just created.

 

7 Wait 4 minutes (by the clock) and then try to use Internet Explorer to access the Internet,

 

8 Report back and let us know how things go when logged into your new account

 

Do not be alarmed if you cannot access your documents/photos, at this stage we are just trying to establish if you have a corrupted user account under the previous log in..... if this is the case then your new Brent01 account., will work reasonably well and can be adapted to enable access to your document/photos etc.,

 

Regards

paws

[Ztruker]

A side note: Now would be a very good time to do an image backup of your system. I recommend using Macrium Reflect Free or Pro and backup to an external USB hard drive. Then no matter what happens you can always get back to where you are now.

[paws]

Wise words from Rich,

A good disc image using something like Macrium Reflect free is a most useful thing to have in addition to your system image and repair disc using the inbuilt Windows tools.

 

Having two images created with different software and kept safe on different media adds a first class element of redundancy.

 

If you take up Rich's most excellent suggestion then be sure to also create the bootable rescue media... Macrium Reflect free makes this very easy to do. ( just follow the onscreen prompts)

Regards

paws 

[brentorama]

Hi Paws, hi Rich.  So, I've done as instructed, with a few exceptions.

 

I did not make the backup image as I've already backed up my important files.  Plus, I wasn't able to create a system image in safe mode.  Also, when creating the new user account I did that in safe mode with the network card turned off.

 

When testing the new user account I switched the network card on and booted regularly.

 

Performance is like this:  Unresponsive to opening the Start Menu, unresponsive to starting Chrome (IE wasnt available from the desktop).  System seems gummed up like before.  I clicked on the start menu about 5 minutes ago and it still hasn't opened. The mouse will track and icons will occasionally highlight. I think we can rule out a corrupted user account.

[paws]

Yep, I reckon your are right. We can practically rule out a corrupted user account as a likely suspect.

Here's the next steps:

 

1 From an "elevated" command prompt run sfc (System File Checker) with the scannow switch, the command you need is:

sfc /scannow

and press Enter

(note the space twixt the "C and the forward slash, as it needs to be there)

 

2 The scan should probably take at least 20 minutes or so, so keep an eye on it and tell us if sfc finds corrupted windows protected system files that it cannot repair. 

 

3 From the same elevated command prompt run chkdsk with the r switch, the command you need is :

chkdsk /r

(note the space, it needs to be there)

 

You will receive a warning accept this by pressing Y and then Enter

at the flashing cursor type

exit and press Enter

 

4 Close down your computer (a full shutdown) and then restart it and chkdsk will start..DO NOT interrupt it or allow it to be interrupted.

 

5 Be prepared for chkdsk to take several hours to complete all 5 passes.... when it has finished it will restart your computer, and it may be necessary to run it again and then follow up with a further rerun of sfc /scannow.

 

6 Perform a final restart and see how things go

Let us know how it reacts and if there is any improvement..... especially when using Internet Explorer ( you can try running it from task manager using the command

iexplore.exe

and pressing the Enter key)

Let us know how things go and we will advise the next steps...

Presumably all important Windows updates have been installed?

Regards

paws

[brentorama]

Apologies for the long delay, Its been a gruesome week.  I'm doing the scannow... now.  Will be back within a few hours with the report.

 

Brent

[paws]

NO problem...

We are no strangers to gruesome weeks!

 

Post back whenever convenient, we will still be here.

Regards

paws

[brentorama]

Thanks guys.  Ok here's the news:  First off, as far as windows updates are concerned, I never actively prevented any updates from happening, and there seems to be a good list of Microsoft updates installed, but I can't say for certain that every last and latest Windows 7 update is among them.

 

I ran Scannow from Safe Mode with the network card disabled.  Only one bad cluster showed up - it was:

 

file 135940

\Progra~3\Kasper~3\AVP16.0.1\Data\iswift.dat

 

After that was done I rebooted in regular mode and did the chkdsk /r.  No problems.

 

I did a little test last night to see how Chrome was behaving.  All good.

 

Again this morning, I booted up and started Chrome and played a few Youtube videos.  No problems.   

 

So by all appearances the system is working - however, this is the same situation I had a month ago the last time I ran scannow and chkdsk - the system worked fine and then a few days later went back to slowing down to a grind.  For the time being, I can't diagnose any problems - except one thing. Express VPN spits out an error on bootup:

 

"Application Failed to start,

 

[TargetInvocationException] Exception has been thrown by the target of the invocation.: [WebException] Unable to connect to the remote server: [Socket Excepetion] No connection could be made because the target machine actively refused it. 127.0.0.1:2015"

 

I've gotten this error consistantly when booting in regular mode for the last month.

[brentorama]

System seems to be working, this is test night #2 and looking good so far