Solved

Slow XP start up

Posted on 2011-03-18
15
472 Views
Last Modified: 2013-11-22
Working on a computer running Windows XP home edtion Version 2002 Service pack 3
AMD Turion 64 Mobile
Technology ML-32
1.79 GHz 512 MB of Ram

I was told that the computer was running at a snails pace and they were about to throw it away. Once I got the computer I ran Malware Bytes in safe mode and the computer had 786 items. I let MalByte do what it does and it deleted everything. I then ran HitMan Pro and it removed a few more that MalByte did not find. Computer started running better. Still sluggish so I ran Combofix and it found a whole host of other items. After that I reran everything and it reported nothing found. The computer was running a 100 times better. I let the computer run overnight not connected to the net. I turned the computer on and off a number of times and it was booting fine and appeared to be healed. I left it off for 2 days and when I booted it up again it took 8 mins to boot up...( i timed it). I have rerun MalBytes and Hitman in safe mode and regular mode and it came back clear.

Can anyone give me an idea of what might have happend or what could be causing this?
0
Comment
Question by:caustin5042
15 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 35165062
Your newest attempt - which included running MBAM in Normal Mode may have helped, and you can also review this Article and give "RogueKiller" a try.

http://www.experts-exchange.com/A_4922.html
0
 
LVL 29

Accepted Solution

by:
Randy Downs earned 300 total points
ID: 35165150
The best policy is to wipe and start over. In the long run you will save time.
0
 

Author Comment

by:caustin5042
ID: 35165156
yes I agree but I am using this as a learning opportunity.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 4

Expert Comment

by:MaurizioSchmidt
ID: 35165159
you should first boot the system from an anti virus boot cd,

get one here:

http://devbuilds.kaspersky-labs.com/devbuilds/11.0.1.400/MasterCD/

or here:

http://download.bitdefender.com/rescue_cd/

todays viruses are not that simple to delete anymore, they moprh, they wait for special triggers, they detect that you try to remove them etc etc.
if the files and the system is not important for you, you should completly format the system and reinstall it.

if this not an option, you should boot from a anti virus boot cd like i said before,
after that, run the machine in safe mode and delete all profiles on the machine.
after that check

run -> msconfig [ enter ]

remove any startup scripts/tools/programs in there which are not absolutly necessary.

go to:

http://www.hijackthis.de/en

download the little tool, make the test and remove any findings.

after that  install:

http://www.safer-networking.org/en/index.html

and

http://www.lavasoft.com/products/ad_aware_free.php

scan your system with both tools, immunize your system with spybotsearchanddestroy ( first link ).

that should help.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165343
Booting to a CD will not help identify the processes causing these symptoms and will not allow you to correct the behavior.

The system MUST be booted into Normal Mode - with the proper tools to both identify the processes and repair the infection.
0
 

Author Comment

by:caustin5042
ID: 35165384
younghv do you have a suggestion as to the proper tools?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165402
caustin5042 - I just published this Article on EE yesterday and I suggest you try "RogueKiller"
(just click on this link)

http://www.experts-exchange.com/A_4922.html 
0
 

Author Comment

by:caustin5042
ID: 35165471
younghv:Your newest attempt - which included running MBAM in Normal Mode may have helped, and you can also review this Article and give "RogueKiller" a try.

http://www.experts-exchange.com/A_4922.html 

Ran the program and it reported nothing found any other thoughts?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165528
Post the Report that was generated.
You did select 1. Scan (Enter) after the program started...right?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165576
Also note that a 'follow up' scan by MBAM is recommended.
Use the "Save As" function to get a clean version of the mbam...setup.exe file.

From:
http://www.experts-exchange.com/A_1940.html

Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
0
 

Author Comment

by:caustin5042
ID: 35165589
yes I did here is the log
 RKreport-1-.txt
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165636
Looks good.

Do the "clean" MBAM scan - and if it comes up clean - clear all of your system restore points, then turn it back on.

I think you will be good to go.
0
 

Author Comment

by:caustin5042
ID: 35165761
still clear but still running slow. Any other thoughts?
0
 
LVL 38

Expert Comment

by:younghv
ID: 35165785
Have you checked your 'msconfig' "Startup" programs?

The user could have any number of applications loaded and running at startup.
0
 

Author Closing Comment

by:caustin5042
ID: 35166074
After everything I tried the learning experince was that sometimes its better to just start from stratch. Thanks to everyone for the advice and time on this problem
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question