Solved

Slow XP start up

Posted on 2011-03-18
15
453 Views
Last Modified: 2013-11-22
Working on a computer running Windows XP home edtion Version 2002 Service pack 3
AMD Turion 64 Mobile
Technology ML-32
1.79 GHz 512 MB of Ram

I was told that the computer was running at a snails pace and they were about to throw it away. Once I got the computer I ran Malware Bytes in safe mode and the computer had 786 items. I let MalByte do what it does and it deleted everything. I then ran HitMan Pro and it removed a few more that MalByte did not find. Computer started running better. Still sluggish so I ran Combofix and it found a whole host of other items. After that I reran everything and it reported nothing found. The computer was running a 100 times better. I let the computer run overnight not connected to the net. I turned the computer on and off a number of times and it was booting fine and appeared to be healed. I left it off for 2 days and when I booted it up again it took 8 mins to boot up...( i timed it). I have rerun MalBytes and Hitman in safe mode and regular mode and it came back clear.

Can anyone give me an idea of what might have happend or what could be causing this?
0
Comment
Question by:caustin5042
15 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 35165062
Your newest attempt - which included running MBAM in Normal Mode may have helped, and you can also review this Article and give "RogueKiller" a try.

http://www.experts-exchange.com/A_4922.html
0
 
LVL 29

Accepted Solution

by:
Randy Downs earned 300 total points
ID: 35165150
The best policy is to wipe and start over. In the long run you will save time.
0
 

Author Comment

by:caustin5042
ID: 35165156
yes I agree but I am using this as a learning opportunity.
0
 
LVL 4

Expert Comment

by:MaurizioSchmidt
ID: 35165159
you should first boot the system from an anti virus boot cd,

get one here:

http://devbuilds.kaspersky-labs.com/devbuilds/11.0.1.400/MasterCD/

or here:

http://download.bitdefender.com/rescue_cd/

todays viruses are not that simple to delete anymore, they moprh, they wait for special triggers, they detect that you try to remove them etc etc.
if the files and the system is not important for you, you should completly format the system and reinstall it.

if this not an option, you should boot from a anti virus boot cd like i said before,
after that, run the machine in safe mode and delete all profiles on the machine.
after that check

run -> msconfig [ enter ]

remove any startup scripts/tools/programs in there which are not absolutly necessary.

go to:

http://www.hijackthis.de/en

download the little tool, make the test and remove any findings.

after that  install:

http://www.safer-networking.org/en/index.html

and

http://www.lavasoft.com/products/ad_aware_free.php

scan your system with both tools, immunize your system with spybotsearchanddestroy ( first link ).

that should help.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165343
Booting to a CD will not help identify the processes causing these symptoms and will not allow you to correct the behavior.

The system MUST be booted into Normal Mode - with the proper tools to both identify the processes and repair the infection.
0
 

Author Comment

by:caustin5042
ID: 35165384
younghv do you have a suggestion as to the proper tools?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165402
caustin5042 - I just published this Article on EE yesterday and I suggest you try "RogueKiller"
(just click on this link)

http://www.experts-exchange.com/A_4922.html
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:caustin5042
ID: 35165471
younghv:Your newest attempt - which included running MBAM in Normal Mode may have helped, and you can also review this Article and give "RogueKiller" a try.

http://www.experts-exchange.com/A_4922.html

Ran the program and it reported nothing found any other thoughts?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165528
Post the Report that was generated.
You did select 1. Scan (Enter) after the program started...right?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165576
Also note that a 'follow up' scan by MBAM is recommended.
Use the "Save As" function to get a clean version of the mbam...setup.exe file.

From:
http://www.experts-exchange.com/A_1940.html

Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
0
 

Author Comment

by:caustin5042
ID: 35165589
yes I did here is the log
 RKreport-1-.txt
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165636
Looks good.

Do the "clean" MBAM scan - and if it comes up clean - clear all of your system restore points, then turn it back on.

I think you will be good to go.
0
 

Author Comment

by:caustin5042
ID: 35165761
still clear but still running slow. Any other thoughts?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165785
Have you checked your 'msconfig' "Startup" programs?

The user could have any number of applications loaded and running at startup.
0
 

Author Closing Comment

by:caustin5042
ID: 35166074
After everything I tried the learning experince was that sometimes its better to just start from stratch. Thanks to everyone for the advice and time on this problem
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now