caustin5042
asked on
Slow XP start up
Working on a computer running Windows XP home edtion Version 2002 Service pack 3
AMD Turion 64 Mobile
Technology ML-32
1.79 GHz 512 MB of Ram
I was told that the computer was running at a snails pace and they were about to throw it away. Once I got the computer I ran Malware Bytes in safe mode and the computer had 786 items. I let MalByte do what it does and it deleted everything. I then ran HitMan Pro and it removed a few more that MalByte did not find. Computer started running better. Still sluggish so I ran Combofix and it found a whole host of other items. After that I reran everything and it reported nothing found. The computer was running a 100 times better. I let the computer run overnight not connected to the net. I turned the computer on and off a number of times and it was booting fine and appeared to be healed. I left it off for 2 days and when I booted it up again it took 8 mins to boot up...( i timed it). I have rerun MalBytes and Hitman in safe mode and regular mode and it came back clear.
Can anyone give me an idea of what might have happend or what could be causing this?
AMD Turion 64 Mobile
Technology ML-32
1.79 GHz 512 MB of Ram
I was told that the computer was running at a snails pace and they were about to throw it away. Once I got the computer I ran Malware Bytes in safe mode and the computer had 786 items. I let MalByte do what it does and it deleted everything. I then ran HitMan Pro and it removed a few more that MalByte did not find. Computer started running better. Still sluggish so I ran Combofix and it found a whole host of other items. After that I reran everything and it reported nothing found. The computer was running a 100 times better. I let the computer run overnight not connected to the net. I turned the computer on and off a number of times and it was booting fine and appeared to be healed. I left it off for 2 days and when I booted it up again it took 8 mins to boot up...( i timed it). I have rerun MalBytes and Hitman in safe mode and regular mode and it came back clear.
Can anyone give me an idea of what might have happend or what could be causing this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you should first boot the system from an anti virus boot cd,
get one here:
http://devbuilds.kaspersky-labs.com/devbuilds/11.0.1.400/MasterCD/
or here:
http://download.bitdefender.com/rescue_cd/
todays viruses are not that simple to delete anymore, they moprh, they wait for special triggers, they detect that you try to remove them etc etc.
if the files and the system is not important for you, you should completly format the system and reinstall it.
if this not an option, you should boot from a anti virus boot cd like i said before,
after that, run the machine in safe mode and delete all profiles on the machine.
after that check
run -> msconfig [ enter ]
remove any startup scripts/tools/programs in there which are not absolutly necessary.
go to:
http://www.hijackthis.de/en
download the little tool, make the test and remove any findings.
after that install:
http://www.safer-networking.org/en/index.html
and
http://www.lavasoft.com/products/ad_aware_free.php
scan your system with both tools, immunize your system with spybotsearchanddestroy ( first link ).
that should help.
get one here:
http://devbuilds.kaspersky-labs.com/devbuilds/11.0.1.400/MasterCD/
or here:
http://download.bitdefender.com/rescue_cd/
todays viruses are not that simple to delete anymore, they moprh, they wait for special triggers, they detect that you try to remove them etc etc.
if the files and the system is not important for you, you should completly format the system and reinstall it.
if this not an option, you should boot from a anti virus boot cd like i said before,
after that, run the machine in safe mode and delete all profiles on the machine.
after that check
run -> msconfig [ enter ]
remove any startup scripts/tools/programs in there which are not absolutly necessary.
go to:
http://www.hijackthis.de/en
download the little tool, make the test and remove any findings.
after that install:
http://www.safer-networking.org/en/index.html
and
http://www.lavasoft.com/products/ad_aware_free.php
scan your system with both tools, immunize your system with spybotsearchanddestroy ( first link ).
that should help.
Booting to a CD will not help identify the processes causing these symptoms and will not allow you to correct the behavior.
The system MUST be booted into Normal Mode - with the proper tools to both identify the processes and repair the infection.
The system MUST be booted into Normal Mode - with the proper tools to both identify the processes and repair the infection.
ASKER
younghv do you have a suggestion as to the proper tools?
caustin5042 - I just published this Article on EE yesterday and I suggest you try "RogueKiller"
(just click on this link)
https://www.experts-exchange.com/A_4922.html
(just click on this link)
https://www.experts-exchange.com/A_4922.html
ASKER
younghv:Your newest attempt - which included running MBAM in Normal Mode may have helped, and you can also review this Article and give "RogueKiller" a try.
https://www.experts-exchange.com/A_4922.html
Ran the program and it reported nothing found any other thoughts?
https://www.experts-exchange.com/A_4922.html
Ran the program and it reported nothing found any other thoughts?
Post the Report that was generated.
You did select 1. Scan (Enter) after the program started...right?
You did select 1. Scan (Enter) after the program started...right?
Also note that a 'follow up' scan by MBAM is recommended.
Use the "Save As" function to get a clean version of the mbam...setup.exe file.
From:
https://www.experts-exchange.com/A_1940.html
Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
Use the "Save As" function to get a clean version of the mbam...setup.exe file.
From:
https://www.experts-exchange.com/A_1940.html
Download, install, and run
Malwarebytes (MBAM) (http://www.malwarebytes.org/mbam.php)
When downloading, save to your "Desktop" and use the "Save As" function (Internet Explorer) to rename the file.
The instructions are included right in that link.
ASKER
yes I did here is the log
RKreport-1-.txt
RKreport-1-.txt
Looks good.
Do the "clean" MBAM scan - and if it comes up clean - clear all of your system restore points, then turn it back on.
I think you will be good to go.
Do the "clean" MBAM scan - and if it comes up clean - clear all of your system restore points, then turn it back on.
I think you will be good to go.
ASKER
still clear but still running slow. Any other thoughts?
Have you checked your 'msconfig' "Startup" programs?
The user could have any number of applications loaded and running at startup.
The user could have any number of applications loaded and running at startup.
ASKER
After everything I tried the learning experince was that sometimes its better to just start from stratch. Thanks to everyone for the advice and time on this problem
ASKER