Windows XP shutdown is incredibly slow

If your computer shuts down extremely slowly in this kind of manner: “…every time I click the start menu button and then the shutdown button my computer takes like 5-10 minutes before the screen dims and I get the “standby, shutdown, restart” menu. Then it takes several more minutes before I get the blue “windows is shutting down” screen and then a few more minutes before it actually turns off,” you might also find that you can’t use Microsoft Update, which used to be called Windows Update. If either or both of those symptoms are evident, click here! to read a useful thread on a computer forum that provides a remedy for the problem.

For an example of a very slow shutdown, read the following Q&A.

Shutdown of my Windows XP PC takes up to 30 minutes and the taskbar and icons have vanished

Problem

I suspect that my Windows XP Home computer has been infected by a virus, because it takes up to 30 minutes to shut down. AVG AntiVirus showed no infection, so I bought and installed the award-winning Steganos malware scanner. On restarting the PC, Steganos started a scan, but, 15 minutes into it, the taskbar and icons vanished and I couldn’t open the Task Manager and had to power down. The same happened during the next restart, so I restarted and aborted the virus scan. Windows XP took about 30 minutes to repeat the cycle without the scan. On the next restart, I stopped the scan and tried using System Restore to restore a restore point that predated the problem, but do that didn’t work.

Answer

The problem could have a number of causes. The trouble in running a virus scan and the slow shutdown can be caused by faulty hardware. However, both symptoms could also be caused by a rootkit infection, or it could just be that Windows itself has become corrupt. Alternatively, a device driver or other software could be responsible.

You can start by running a malware scanner to find out if it has the same problems performing a scan as Steganos and then try eliminating a rootkit infection as the cause. Use the search query free rootkit scanners to find them. Make sure that it updated before use. I use the free rootkit scanner from Malwarebytes, which is incorporated into its free and paid-for Pro malware scanner. Here is the link to it. Beta means that it is a test program not yet fully developed:

https://www.malwarebytes.org/antirootkit/

Rootkits don’t usually work in Safe Mode, so start up in Safe Mode by pressing the F8 key repeatedly during the short interval that occurs after the initial BIOS checks and when the first Windows splash screen appears. You can also set Windows to start in Safe Mode by entering msconfig in the Start => Run box and then selecting the option for a Diagnostic Startup. When in Safe Mode, run the standalone rootkit scanner or run the option (if one is available) to scan for rootkits from within a malware scanner.

Use your common sense when interpreting the results of a rootkit scan, because not all of the reports reveal genuine rootkits; they can often be genuine Windows files that should, of course, not be removed.

If you have ruled out malware and a rootkit being the cause, a number of hardware issues could be responsible, such as faulty RAM memory, or a faulty motherboard. However, a hard-disk-drive problem is the most likely cause. The hard drive’s file system might be corrupt, it could have bad sectors, or the drive itself might be failing and locking up periodically.

You can try using the hard-drive diagnostic utility provided by its manufacturer’s website, or the diagnostic software that comes with many PCs. With most Dell computers, pressing the F12 key during startup brings up a menu that includes diagnostics. The diagnostics are then either run from a CD that came with the computer, or from a hidden partition on the hard drive. With Dell’s diagnostics, if you choose the System Locks Up option, it runs motherboard tests, memory tests, and thorough hard-drive tests. Your PC might provide similar diagnostics that will be explained in its user manual.

If you need a memory diagnostic program, use Memtest86+ from http://www.memtest.org/ or the Windows Memory Diagnostic tool from Microsoft.

The Ultimate Boot Disk from ultimatebootcd.com provides a very good collection of free diagnostic utilities that are downloaded as ISO image, which when burned to a CD/DVD creates a bootable CD. The hard-drive utility on the CD is called MHDD, which is not very user-friendly. It can also be downloaded from hddguru.com.

Note that it is always advisable to make restorable backups of the system, or, at least, valued data files before you run diagnostic tests on a hard-drive that is suspected of being faulty, because the additional stress placed on it by the tests could make it fail for good. The tests can tell you why the anti-virus software locks up, but might not provide the reason for the slow shutdown.

A slow shutdown is usually caused by a process or service not responding properly, or by problems when Windows attempts to write settings to its Registry.

A buggy device driver is most commonly responsible, but there are a few bugs in Windows that can be responsible on certain systems. To fix the Windows issues, visit Windows Update on Microsoft’s website and choose the Custom option. It includes many patches not rated as Critical, and also provides many device-driver updates. However, note well that Windows Update is not the best source for driver updates. It can install the wrong drivers, causing serious problems. The best source of device drivers are the components’ manufacturers’ websites.

The Nvidia Driver Helper service can be the cause of an extremely slow shutdown. To disable it, if it is present, enter msconfig in the Start => Run box. Click the Services tab. To make the search easier, enable the Hide All Microsoft Services option. If it is present, disable the Nvidia service by removing the check mark in its box with your mouse.

In Windows XP Professional Edition, to run the Group Policy editor, enter gpedit.msc in the Start => Run box. In the windows that comes up, navigate to Computer Configuration => Windows Settings => Security Settings => Local Policies => Security Options. If you find a setting called Shutdown: Clear virtual memory pagefile, right-click on it and enable the Disable setting, because it slows the shutdown down. Windows XP Home Edition doesn’t have the Group Policy editor, but you should be able to find the setting in it by conduction a search of the Registry, which is done by entering regedit in the Start => Run box. Search for Clear virtual memory pagefile. Right-click on the setting’s DisplayType and choose Delete.

Remember that you should always create a System Restore (Start=> Accessories => System Tools) restore point before editing the Registry so that if Windows fails to boot or causes trouble, you can restore the restore point from within Safe Mode, which is part of the boot menu that is brought up by pressing the F8 key repeatedly at startup.

Note that a program that makes a backup at shutdown can be very slow, especially if it hangs when looking for an external drive to back up to that isn’t available.

If updating device drivers doesn’t work and you can’t fix the problem by disabling a startup program or service, check the Event Viewer log. Make a note of the time on the computer’s clock before shutdown and note the time that shutdown takes. Then, restart and enter eventvwr.msc in the Start => Run box. Look under Application and System. Click the Time heading and look at the entries for that time period. Error and Warning messages may indicate the cause of shutdown delays.

Don’t be concerned about every error you see, because there are warnings and errors produced during a normal shutdown. Only look for entries that might be the cause of a substantial delay. The information in the Source column would provide the source of a delay.

Note that corruption of the log files can be the cause of a delay, so try clearing the log files in the Event Viewer before shutting down by using the Action => Clear all Events option.