Jump to content


Photo
- - - - -

Bizarre Windows XP issue


  • Please log in to reply
15 replies to this topic

#1 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 12 March 2012 - 04:35 AM

Alright, so I'm running a 3-year-old installation of WinXP on a box of mine and I REALLY don't want to reload the OS. That said, this is the issue I've been having:

Computer runs fine, everything is nice and smooth and quick. After running for a large amount of time (1-2 days? sometimes under an hour), new processes take a long time to start. (No signs of them starting for 1-5 minutes.) Once a process starts, it runs fine. This is especially frustrating when using tabbed browsing with Chrome, since each tab is its own process.

#2 wwwd40

wwwd40

    DDP Fan club member

  • Members
  • 53 posts
  • Gender:Male

Posted 12 March 2012 - 06:03 AM

Could of suggestions: Could be the AV checking the exe prior to opening. Try diabling the AV and seeing if that makes a difference. Do you have a memory leaky programme - What do your memory usage stats tell you? Do you have the recommended memory for running the OS (you didnt mention what SP etc it is)? Is the machine paging a lot?

Is this running in a VM or is it the host OS on the machine?

#3 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 12 March 2012 - 06:36 AM

This is the host OS, no virtualization.

The AV isn't the issue, or it wouldn't take 1-5 min. to open a new tab in Chrome; it's not scanning a new executable.

Memory isn't the issue either, that was the first place I looked; I assumed it was just too little RAM and a horribly fragmented pagefile. (Again, I now realize this would cause other programs to run slowly, which is not the case.

#4 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 12 March 2012 - 12:59 PM

things to try (in this order)


test hdd for errors/ bad sectors
disable all chrome addons/reset/reinstall/update chrome
check for rrootkitswith gmer then do a scan with mbam to ensure of no infections
try in a different browser and see if similar issues are occuring
re-register dlls with dialafix
try in different user account or create new user account to test in
do repair install of xp


chrome does open up new tabs in new processes if i am not mistaken. and also +1 for double checking that theres no av running in the background

#5 Seal

Seal

    Not a fan of clubs.

  • Agents of the Revolution
  • 2,440 posts
  • Country:
  • Gender:Male
  • Location:Canada

Posted 12 March 2012 - 07:49 PM

Maybe this will be a dud too, but perhaps start process explorer and see if you can glean clues about what the process is doing during those long stretches between when you execute it and when it finishes loading up.

#6 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 12 March 2012 - 09:20 PM

things to try (in this order)


test hdd for errors/ bad sectors
disable all chrome addons/reset/reinstall/update chrome
check for rrootkitswith gmer then do a scan with mbam to ensure of no infections
try in a different browser and see if similar issues are occuring
re-register dlls with dialafix
try in different user account or create new user account to test in
do repair install of xp


-Tested HDD, all green.

-It's not just chrome, it's every new process I start once the issue kicks in.

-I've done a thorough rootkit inspection.

-Again, it's not just chrome, it's any new process, even opening a new window of Windows Explorer, since that's a new process.

-Re-register dlls? What's this all about?

-I'll give the new user account a shot and let you know what comes up.

-I'm trying to avoid a repair install since it overwrites some files that've been updated and I worry this'll cause problems further down the road. Repair install would be a last resort.

#7 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 12 March 2012 - 09:43 PM

Maybe this will be a dud too, but perhaps start process explorer and see if you can glean clues about what the process is doing during those long stretches between when you execute it and when it finishes loading up.


You mean the process tab of taskman or a third-party program? The process tab of taskman shows nothing and then the process just appears 1-5min later.

#8 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 12 March 2012 - 10:01 PM

You mean the process tab of taskman or a third-party program? The process tab of taskman shows nothing and then the process just appears 1-5min later.



Process explorer is a 3rd party program and it's pretty much taskman on steroid and speed: http://technet.micro...ernals/bb896653

It can show you what DLLs are in use by what processes; something taskman cant do. It also shows you hooks being used by each process.


Sometimes system DLLs become corrupt. Using dial-a-fix can unregister and re-register DLLs and it often fixes common issues in XP: http://wiki.lunarsof...wiki/Dial-a-fix

from their site:

Dial-a-fix is an advanced utility for 32-bit versions of Microsoft Windows written by DjLizard in Borland Delphi 7 that repairs various Windows problems, such as:
Windows Update errors and problems with Automatic Updates
SSL, HTTPS, and Cryptography service (signing/verification) issues
COM/ActiveX object errors and missing registry entries
and more.
Dial-a-fix (hereafter known as "DAF") is a collection of known fixes gleaned from Microsoft Knowledgebase articles, Microsoft MVPs, and other important support forums, that will assist you in repairing problems with your system. Although this tool is ordinarily meant for power users, technicians, and administrators, it is quite safe to use even without technical guidance (although guidance is recommended). Simply choose the solutions you wish to apply via checkmarks, and click GO. There are other buttons and tools present on the main dialog as well, such as the policy scanner. All tools and checkmarks identify their purpose when you mouse over them.
DAF's primary philosophy is to fix problems by setting various things back to their original Microsoft defaults. DAF currently does not interface with or repair any third party programs (and there are no plans to do so).
DAF works on all pertinent 32-bit versions of Windows: 98, 98SE, Me, 2000, XP, and Server 2003. Dial-a-fix dynamically disables functions that are not applicable to your version of Windows. The version of Windows with the most support and functionality is currently Windows XP.




there are other programs that do similar fixes like dial-a-fix. One of them is D7 and another batch of tools can be found in super anti spyware; http://www.superantispyware.com/

i usually use the portable version. super anti spyware is a pretty damn through spyware/malware scanner too btw.

What AV are you currently running? If you're not running any AV at the moment perhaps there are parts of an old scanner left on your machine. Two AVs that I find troublesome are AVG and norton. Often traces of these programs are left behind and can still do real-time scanning even after they appear to be uninstalled.

If in doubt run norton removal tool from http://symantec.com/nrt and http://www.avg.com/ca-en/utilities for avg removal tool.




also, you can try running this from the command line:

sfc /purgecache
sfc /scannow

these commands check your system files. for more info go here: http://msdn.microsof...re/gg463455#END


also, check your startup items and your startup services. I'd use hijackthis to go through your startup items. hijackthis: http://download.cnet...4-10227353.html


and finally, you can use this site: http://support.microsoft.com/fixit/


let us know what you find!

Edited by Afterm4th, 12 March 2012 - 10:04 PM.


#9 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 13 March 2012 - 03:15 AM

I periodically run through startup entries with Spybot and kill anything that sneaks in there that I don't want (i.e. adobe speed launcher, etc).

I'm grabbing process explorer and dial-a-fix right now, I'll give them a go and see if that fixes it. I run Kaspersky AV and it's all tuned properly; AV ain't the issue.

My objection to the sfc is the same as to repair install; it uses the original version of the files, disregarding any updates, and could cause problems down the road.

Many thanks!

Edited by serrath, 13 March 2012 - 03:31 AM.


#10 Powermaniac7

Powermaniac7

    mad 1337

  • Members
  • 138 posts
  • Country:
  • Gender:Male

Posted 13 March 2012 - 04:47 AM

How long has this been happening for. It may actually be caused by an update itself. Recently had an issue with Windows 7 a while back that it updated and BSODed while it did so. So then the computer started BSODing and I assumed it was those updates fully installed them afterwards and all was well...

Too bad it came back though...Seemed to be a Catalyst Control Driver from AMD so had to revert that and so far it is okay...Although it did BSOD yesterday but that had something to do with me using CCleaner...

That's an idea try CCleaner and delete all the shit that builds up from Chrome and the Registry, although be prepared to reinstall your drivers with updated versions again because it can sometimes delete important things in the Registry and cause BSODs...But it is somewhat good. Also try AusLogics Defragmenter which is a lot better then say Windows degragmenter oh and optimise it not just defragment the drive.

Otherwise you don't have a Linux Variation that you could install and see if it is just your hardware and not just software slowing things down?

Although it may just be Windows XP =\ or just a gathering of old invalid registry files and things running in the background or just a collection of files on the disc.

Wait that might be of interest what size is this HDD and how full is it, note the fuller a HDD gets the slower it gets, yes it begins to slow down?

#11 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 13 March 2012 - 05:59 AM

I periodically run through startup entries with Spybot and kill anything that sneaks in there that I don't want (i.e. adobe speed launcher, etc).

I'm grabbing process explorer and dial-a-fix right now, I'll give them a go and see if that fixes it. I run Kaspersky AV and it's all tuned properly; AV ain't the issue.

My objection to the sfc is the same as to repair install; it uses the original version of the files, disregarding any updates, and could cause problems down the road.

Many thanks!



Which files are you concerned with changing (or not changing)? Its my understanding that an sfc scan will only look for corruption of system files.

Forgive my ignorance and please enlighten me :)

What could you change within these files and why would you change them?







spybot might show you startup items but I would still suggest a look with hijackthis. Also, take a look at your services by going start -> run -> services.msc .. dont disable services from msconfig because you should always check your dependencies before disabling services.


Another thing you can do to look for clues is in the event viewer.
you can get there by right clicking computer and going to manage. Filter out all the "information" events to help remove unneeded info.






keep us posted :)

Edited by Afterm4th, 13 March 2012 - 06:06 AM.


#12 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 13 March 2012 - 08:01 AM

Event viewer was one of the first places I hit, but nothing helpful in there.

SFC scans some subset of all your system files and restores them to their original versions. Since windows updates may alter these files, SFC will undo those changes with any of these files it replaces. I assume it only overwrites files which are corrupted and not simply updated, but it can only replace them with the original copy. (Obviously this can be helpful when one of these files is corrupted and preventing some essential function, but MS updated the file for a reason and I don't like to muck with that rats nest on a machine I intend to leave an image on for a long time. A machine that gets wiped every year or two, go ahead; you'll probably never run into trouble.)

Edited by serrath, 13 March 2012 - 08:05 AM.


#13 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 13 March 2012 - 09:10 PM

Event viewer was one of the first places I hit, but nothing helpful in there.

SFC scans some subset of all your system files and restores them to their original versions. Since windows updates may alter these files, SFC will undo those changes with any of these files it replaces. I assume it only overwrites files which are corrupted and not simply updated, but it can only replace them with the original copy. (Obviously this can be helpful when one of these files is corrupted and preventing some essential function, but MS updated the file for a reason and I don't like to muck with that rats nest on a machine I intend to leave an image on for a long time. A machine that gets wiped every year or two, go ahead; you'll probably never run into trouble.)



Is downtime that much of an issue with this computer?

I'd do the dialafix, sfc, then check for all updates. Then i'd update all the programs I use with ninite.com

Reinstall the chipset driver maybe?

Edited by Afterm4th, 13 March 2012 - 09:11 PM.


#14 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 14 March 2012 - 01:54 AM

I ran dialafix, waiting to see if that fixed it before I go "fixing" something that might not be broke. Thanks, man. :)

#15 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 14 March 2012 - 01:08 PM

no problemmo. let us know if it works!

#16 Afterm4th

Afterm4th

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 399 posts
  • Country:
  • Gender:Male
  • Location:way up north eh

Posted 14 March 2012 - 01:08 PM

no problemmo. let us know if it works!




BinRev is hosted by the great people at Lunarpages!