If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Very Slow Start Up, Running And Close Down After Trojan Removal
Hi. I have a friend with a windows XP home edition PC which was infected with
several Trojan and other viruses. So far we have run Avast virus removal tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools Threatfire. After cleaning the system up, we ran Hijackthis, pasted the result into an online analyser and deleted a few entries as recommended. It appears the system is now clear of infection. However it is running very very slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands and about another 5 minutes to shut down. We have installed Zonealarm free firewall, PC Tools free antivirus and Threatfire and uninstalled all other firewall and antivirus programmes. Can anyone offer any help please. Thanks |
Ads |
#2
|
|||
|
|||
Very Slow Start Up, Running And Close Down After Trojan Removal
Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was infected with several Trojan and other viruses. So far we have run Avast virus removal tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools Threatfire. After cleaning the system up, we ran Hijackthis, pasted the result into an online analyser and deleted a few entries as recommended. It appears the system is now clear of infection. However it is running very very slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands and about another 5 minutes to shut down. We have installed Zonealarm free firewall, PC Tools free antivirus and Threatfire and uninstalled all other firewall and antivirus programmes. Can anyone offer any help please. Thanks Keep in mind that the possibility exists that malware (or its traces) are still wreaking havoc with your system. Sometimes, the wisest move is to copy all the data and perform a Clean Install. That being said, what SP level is your friend's PC at? Does it have the latest XP security patches installed? What are the specs of the PC? I'm especially interested in how much RAM is installed. Also, which version of IE is installed? How about physically disconnecting from the Internet and then configure a Clean Boot: http://support.microsoft.com/kb/310353 Reboot. Now how long does it take to boot up, respond to commands, and shut down? In the event the PC is truly malware-free, it's very possible that one, two, or all of the three installed programs you cited are responsible for the performace problem. There are far better (and *free*) alternatives to all those programs. Finally, you should check to make sure the hard drive mode didn't slip from DMA to PIO: http://www.technize.com/2007/08/02/i...while-copying/ http://winhlp.com/node/10 |
#3
|
|||
|
|||
Very Slow Start Up, Running And Close Down After Trojan Removal
Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was infected with several Trojan and other viruses. So far we have run Avast virus removal tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools Threatfire. After cleaning the system up, we ran Hijackthis, pasted the result into an online analyser and deleted a few entries as recommended. It appears the system is now clear of infection. However it is running very very slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands and about another 5 minutes to shut down. We have installed Zonealarm free firewall, PC Tools free antivirus and Threatfire and uninstalled all other firewall and antivirus programmes. Can anyone offer any help please. Thanks Keep in mind that the possibility exists that malware (or its traces) are still wreaking havoc with your system. Sometimes, the wisest move is to copy all the data and perform a Clean Install. That being said, what SP level is your friend's PC at? Does it have the latest XP security patches installed? What are the specs of the PC? I'm especially interested in how much RAM is installed. Also, which version of IE is installed? How about physically disconnecting from the Internet and then configure a Clean Boot: http://support.microsoft.com/kb/310353 Reboot. Now how long does it take to boot up, respond to commands, and shut down? In the event the PC is truly malware-free, it's very possible that one, two, or all of the three installed programs you cited are responsible for the performace problem. There are far better (and *free*) alternatives to all those programs. Finally, you should check to make sure the hard drive mode didn't slip from DMA to PIO: http://www.technize.com/2007/08/02/i...while-copying/ http://winhlp.com/node/10 |
#4
|
|||
|
|||
Very Slow Start Up, Running And Close Down After Trojan Removal
Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was infected with several Trojan and other viruses. So far we have run Avast virus removal tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools Threatfire. After cleaning the system up, we ran Hijackthis, pasted the result into an online analyser and deleted a few entries as recommended. It appears the system is now clear of infection. However it is running very very slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands and about another 5 minutes to shut down. We have installed Zonealarm free firewall, PC Tools free antivirus and Threatfire and uninstalled all other firewall and antivirus programmes. Can anyone offer any help please. Uninstall ZoneAlarm. Uninstall PC Tools. Uninstall Threatfire. Use the built-in Windows XP firewall, ensure you know what exceptions are being allowed (if any.) Use either Avira AntiVirus (free) or eSet NOD32 AntiVirus (AV only - not the suite.) Use either MalwareBytes (free) or MalwareBytes (cost) - depending on if you want to pay or not and want the resident protection or not. If you were to take the above advice - you would spend between $0 and $85 U.S. dollars for some very good and well tested protection that uses very little resources so your system still runs at top speed. My guess at the slowness - leftover damage and/or still not cleaned. Whether or not you have done any of this - I suggest you do it again and in the order given. Start button -- RUN (no "RUN"? Press the "Windows Key" + R on your keyboard) -- type in: winver -- Click OK. The picture at the top of the window that opens will give you the general (Operating System name) while the line starting with the word "version" will give you the rest of the story. Post _both_ in response to this message verbatim. No paraphrasing - instead - ensure character-for-character copying. What version of Internet Explorer are you currently using? Easy to find out. Open Internet Explorer and while that is in-focus, press and hold the "ALT" key on your keyboard. With the "ALT" key still pressed, press (just once, no holding) the "H" key. Now, with the "ALT" key still pressed, press (just once, no holding) the "A" key. That will bring up the "About Internet Explorer" window. It will give you the exact version you are using - repeat what you see there in response to this message. Reboot and logon as administrative user. Fix your file/registry permissions... Ignore the title and follow the sub-section under "Advanced Troubleshooting" titled, "Method 1: Reset the registry and the file permissions" http://support.microsoft.com/kb/949377 *will take time ** Ignore the last step (6) - you should already have SP3, but if not - now is not the time to do it. Skip step 6. You will likely see errors pass by if you watching, even count up. No worries *at this time*. Reboot and logon as administrative user. Search your registry for %fystem and replace the "f" with an "s". May be three or four matches, may be none. You may even have to take ownership of the keys in order to make the change. *After* that is done, continue on to the next part where you clean off some excess (unnecessary) files. It only removes those you definitely do not need, if you follow the directions *as given* and do not deviate. So reboot (for each of these steps, it is just best to reboot right before - but I will continue to point that out) and logon as an user with administrative priviledges. Download/install the "Windows Installer CleanUp Utility": http://support.microsoft.com/kb/290301 After installing, do the following: Start button -- RUN (no "RUN"? Press the "Windows Key" + R on your keyboard) -- type in: "%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g! -- Click OK. (The quotation marks and percentage signs and spacing should be exact.) It will flash by *quick*, don't expect much out of this step to get excited about. But the cleaner your machine is to start with, the better your luck will be later (not really luck - more like preparedness, but that's not as fun to think about, eh?) Yeah - you will get tired of rebooting - but let's soldier on and reboot again and logon as an user with administrative priviledges. This time (and this is one of the more time-consuming steps) you will be running (one at a time with reboots in-between each) three different anti-spyware/anti-malware applications to ensure you come up clean. Download, install, run, update and perform a full scan with the following (freeware version): SuperAntiSpyware http://www.superantispyware.com/ Reboot and logon as administrative user. Download, install, run, update and perform a full scan with the following (freeware version): MalwareBytes http://www.malwarebytes.com/ Reboot and logon as administrative user. Download and run the MSRT manually: http://www.microsoft.com/security/ma...e/default.mspx You may find nothing, you may find only cookies, you may think it is a waste of time - but if you do all this and report back here with what you do/don't find as you are doing all of it - you are adding more pieces to the puzzle and the entire picture just may become clearer and your problem resolved. Reboot and logon as administrative user. Download/Install the latest Windows Installer (for your OS): ( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe ) http://www.microsoft.com/downloadS/d...displaylang=en Reboot and logon as administrative user. Download the latest version of the Windows Update agent from here (x86): http://go.microsoft.com/fwlink/?LinkID=91237 .... and save it to the root of your C:\ drive. After saving it to the root of the C:\ drive, do the following: Close all Internet Explorer windows and other applications. Start button -- RUN and type in: %SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE -- Click OK. (If asked, select "Run.) -- Click on NEXT -- Select "I agree" and click on NEXT -- When it finishes installing, click on "Finish"... Reboot and logon as administrative user. Visit this web page: How do I reset Windows Update components? http://support.microsoft.com/kb/971058 .... and click on the "Microsoft Fix it" icon. When asked, select "RUN", both times. Check the "I agree" box and click on "Next". Check the box for "Run aggressive options (not recommended)" and click "Next". Let it finish up and follow the prompts until it is done. Close/exit and reboot when it is. You should now perform a full CHKDSK on your system drive (C... How to scan your disks for errors http://support.microsoft.com/kb/315265 * will take time and a reboot You should now perform a full Defragment on your system drive (C... How to Defragment your hard drives http://support.microsoft.com/kb/314848 * will take time Reboot. Log on as an user with administrative rights and open Internet Explorer and visit http://windowsupdate.microsoft.com/ and select to do a CUSTOM scan... Every time you are about to click on something while at these web pages - first press and hold down the CTRL key while you click on it. You can release the CTRL key after clicking each time. Once the scan is done, select just _ONE_ of the high priority updates (deselect any others) and install it. Reboot again. If it did work - try the web page again - selecting no more than 3-5 at a time. Rebooting as needed. The Optional Software updates are generally safe - although I recommend against the "Windows Search" one and any of the "Office Live" ones or "Windows Live" ones for now. I would completely avoid the Optional Hardware updates. Also - I do not see any urgent need to install Internet Explorer 8 at this time. Seriously - do all that. This is like antibiotics - don't skip a single step, don't quit because you think things will be okay now - go through until the end, until you have done everything given in the order given. If you have a problem with a step come ask and let someone here get you through that step. If you don't understand how to do a step, come back and ask here about that step and let someone walk you through it. Then - when done - let everyone here know if it worked for you - or if you have more issues. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
#5
|
|||
|
|||
Very Slow Start Up, Running And Close Down After Trojan Removal
Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was infected with several Trojan and other viruses. So far we have run Avast virus removal tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools Threatfire. After cleaning the system up, we ran Hijackthis, pasted the result into an online analyser and deleted a few entries as recommended. It appears the system is now clear of infection. However it is running very very slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands and about another 5 minutes to shut down. We have installed Zonealarm free firewall, PC Tools free antivirus and Threatfire and uninstalled all other firewall and antivirus programmes. Can anyone offer any help please. Uninstall ZoneAlarm. Uninstall PC Tools. Uninstall Threatfire. Use the built-in Windows XP firewall, ensure you know what exceptions are being allowed (if any.) Use either Avira AntiVirus (free) or eSet NOD32 AntiVirus (AV only - not the suite.) Use either MalwareBytes (free) or MalwareBytes (cost) - depending on if you want to pay or not and want the resident protection or not. If you were to take the above advice - you would spend between $0 and $85 U.S. dollars for some very good and well tested protection that uses very little resources so your system still runs at top speed. My guess at the slowness - leftover damage and/or still not cleaned. Whether or not you have done any of this - I suggest you do it again and in the order given. Start button -- RUN (no "RUN"? Press the "Windows Key" + R on your keyboard) -- type in: winver -- Click OK. The picture at the top of the window that opens will give you the general (Operating System name) while the line starting with the word "version" will give you the rest of the story. Post _both_ in response to this message verbatim. No paraphrasing - instead - ensure character-for-character copying. What version of Internet Explorer are you currently using? Easy to find out. Open Internet Explorer and while that is in-focus, press and hold the "ALT" key on your keyboard. With the "ALT" key still pressed, press (just once, no holding) the "H" key. Now, with the "ALT" key still pressed, press (just once, no holding) the "A" key. That will bring up the "About Internet Explorer" window. It will give you the exact version you are using - repeat what you see there in response to this message. Reboot and logon as administrative user. Fix your file/registry permissions... Ignore the title and follow the sub-section under "Advanced Troubleshooting" titled, "Method 1: Reset the registry and the file permissions" http://support.microsoft.com/kb/949377 *will take time ** Ignore the last step (6) - you should already have SP3, but if not - now is not the time to do it. Skip step 6. You will likely see errors pass by if you watching, even count up. No worries *at this time*. Reboot and logon as administrative user. Search your registry for %fystem and replace the "f" with an "s". May be three or four matches, may be none. You may even have to take ownership of the keys in order to make the change. *After* that is done, continue on to the next part where you clean off some excess (unnecessary) files. It only removes those you definitely do not need, if you follow the directions *as given* and do not deviate. So reboot (for each of these steps, it is just best to reboot right before - but I will continue to point that out) and logon as an user with administrative priviledges. Download/install the "Windows Installer CleanUp Utility": http://support.microsoft.com/kb/290301 After installing, do the following: Start button -- RUN (no "RUN"? Press the "Windows Key" + R on your keyboard) -- type in: "%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g! -- Click OK. (The quotation marks and percentage signs and spacing should be exact.) It will flash by *quick*, don't expect much out of this step to get excited about. But the cleaner your machine is to start with, the better your luck will be later (not really luck - more like preparedness, but that's not as fun to think about, eh?) Yeah - you will get tired of rebooting - but let's soldier on and reboot again and logon as an user with administrative priviledges. This time (and this is one of the more time-consuming steps) you will be running (one at a time with reboots in-between each) three different anti-spyware/anti-malware applications to ensure you come up clean. Download, install, run, update and perform a full scan with the following (freeware version): SuperAntiSpyware http://www.superantispyware.com/ Reboot and logon as administrative user. Download, install, run, update and perform a full scan with the following (freeware version): MalwareBytes http://www.malwarebytes.com/ Reboot and logon as administrative user. Download and run the MSRT manually: http://www.microsoft.com/security/ma...e/default.mspx You may find nothing, you may find only cookies, you may think it is a waste of time - but if you do all this and report back here with what you do/don't find as you are doing all of it - you are adding more pieces to the puzzle and the entire picture just may become clearer and your problem resolved. Reboot and logon as administrative user. Download/Install the latest Windows Installer (for your OS): ( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe ) http://www.microsoft.com/downloadS/d...displaylang=en Reboot and logon as administrative user. Download the latest version of the Windows Update agent from here (x86): http://go.microsoft.com/fwlink/?LinkID=91237 .... and save it to the root of your C:\ drive. After saving it to the root of the C:\ drive, do the following: Close all Internet Explorer windows and other applications. Start button -- RUN and type in: %SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE -- Click OK. (If asked, select "Run.) -- Click on NEXT -- Select "I agree" and click on NEXT -- When it finishes installing, click on "Finish"... Reboot and logon as administrative user. Visit this web page: How do I reset Windows Update components? http://support.microsoft.com/kb/971058 .... and click on the "Microsoft Fix it" icon. When asked, select "RUN", both times. Check the "I agree" box and click on "Next". Check the box for "Run aggressive options (not recommended)" and click "Next". Let it finish up and follow the prompts until it is done. Close/exit and reboot when it is. You should now perform a full CHKDSK on your system drive (C... How to scan your disks for errors http://support.microsoft.com/kb/315265 * will take time and a reboot You should now perform a full Defragment on your system drive (C... How to Defragment your hard drives http://support.microsoft.com/kb/314848 * will take time Reboot. Log on as an user with administrative rights and open Internet Explorer and visit http://windowsupdate.microsoft.com/ and select to do a CUSTOM scan... Every time you are about to click on something while at these web pages - first press and hold down the CTRL key while you click on it. You can release the CTRL key after clicking each time. Once the scan is done, select just _ONE_ of the high priority updates (deselect any others) and install it. Reboot again. If it did work - try the web page again - selecting no more than 3-5 at a time. Rebooting as needed. The Optional Software updates are generally safe - although I recommend against the "Windows Search" one and any of the "Office Live" ones or "Windows Live" ones for now. I would completely avoid the Optional Hardware updates. Also - I do not see any urgent need to install Internet Explorer 8 at this time. Seriously - do all that. This is like antibiotics - don't skip a single step, don't quit because you think things will be okay now - go through until the end, until you have done everything given in the order given. If you have a problem with a step come ask and let someone here get you through that step. If you don't understand how to do a step, come back and ask here about that step and let someone walk you through it. Then - when done - let everyone here know if it worked for you - or if you have more issues. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
Thread Tools | |
Display Modes | |
|
|