A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Performance and Maintainance of XP
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Very Slow Start Up, Running And Close Down After Trojan Removal



 
 
Thread Tools Display Modes
  #1  
Old January 1st 10, 01:40 PM posted to microsoft.public.windowsxp.perform_maintain
Jon
external usenet poster
 
Posts: 72
Default Very Slow Start Up, Running And Close Down After Trojan Removal

Hi. I have a friend with a windows XP home edition PC which was infected with
several Trojan and other viruses. So far we have run Avast virus removal
tool, Super Antispyware, Windows Live Onecare and scanned with PC Tools
Threatfire. After cleaning the system up, we ran Hijackthis, pasted the
result into an online analyser and deleted a few entries as recommended. It
appears the system is now clear of infection. However it is running very very
slowly. It takes 10 minutes to boot up, 20 seconds to respond to commands
and about another 5 minutes to shut down. We have installed Zonealarm free
firewall, PC Tools free antivirus and Threatfire and uninstalled all other
firewall and antivirus programmes. Can anyone offer any help please. Thanks
Ads
  #2  
Old January 1st 10, 05:42 PM posted to microsoft.public.windowsxp.perform_maintain
Daave[_8_]
external usenet poster
 
Posts: 2,461
Default Very Slow Start Up, Running And Close Down After Trojan Removal

Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was
infected with several Trojan and other viruses. So far we have run
Avast virus removal tool, Super Antispyware, Windows Live Onecare and
scanned with PC Tools Threatfire. After cleaning the system up, we
ran Hijackthis, pasted the result into an online analyser and deleted
a few entries as recommended. It appears the system is now clear of
infection. However it is running very very slowly. It takes 10
minutes to boot up, 20 seconds to respond to commands and about
another 5 minutes to shut down. We have installed Zonealarm free
firewall, PC Tools free antivirus and Threatfire and uninstalled all
other firewall and antivirus programmes. Can anyone offer any help
please. Thanks


Keep in mind that the possibility exists that malware (or its traces)
are still wreaking havoc with your system. Sometimes, the wisest move is
to copy all the data and perform a Clean Install.

That being said, what SP level is your friend's PC at? Does it have the
latest XP security patches installed? What are the specs of the PC? I'm
especially interested in how much RAM is installed.

Also, which version of IE is installed?

How about physically disconnecting from the Internet and then configure
a Clean Boot:

http://support.microsoft.com/kb/310353

Reboot. Now how long does it take to boot up, respond to commands, and
shut down?

In the event the PC is truly malware-free, it's very possible that one,
two, or all of the three installed programs you cited are responsible
for the performace problem. There are far better (and *free*)
alternatives to all those programs.

Finally, you should check to make sure the hard drive mode didn't slip
from DMA to PIO:

http://www.technize.com/2007/08/02/i...while-copying/

http://winhlp.com/node/10


  #3  
Old January 1st 10, 05:42 PM posted to microsoft.public.windowsxp.perform_maintain
Daave[_8_]
external usenet poster
 
Posts: 2,461
Default Very Slow Start Up, Running And Close Down After Trojan Removal

Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was
infected with several Trojan and other viruses. So far we have run
Avast virus removal tool, Super Antispyware, Windows Live Onecare and
scanned with PC Tools Threatfire. After cleaning the system up, we
ran Hijackthis, pasted the result into an online analyser and deleted
a few entries as recommended. It appears the system is now clear of
infection. However it is running very very slowly. It takes 10
minutes to boot up, 20 seconds to respond to commands and about
another 5 minutes to shut down. We have installed Zonealarm free
firewall, PC Tools free antivirus and Threatfire and uninstalled all
other firewall and antivirus programmes. Can anyone offer any help
please. Thanks


Keep in mind that the possibility exists that malware (or its traces)
are still wreaking havoc with your system. Sometimes, the wisest move is
to copy all the data and perform a Clean Install.

That being said, what SP level is your friend's PC at? Does it have the
latest XP security patches installed? What are the specs of the PC? I'm
especially interested in how much RAM is installed.

Also, which version of IE is installed?

How about physically disconnecting from the Internet and then configure
a Clean Boot:

http://support.microsoft.com/kb/310353

Reboot. Now how long does it take to boot up, respond to commands, and
shut down?

In the event the PC is truly malware-free, it's very possible that one,
two, or all of the three installed programs you cited are responsible
for the performace problem. There are far better (and *free*)
alternatives to all those programs.

Finally, you should check to make sure the hard drive mode didn't slip
from DMA to PIO:

http://www.technize.com/2007/08/02/i...while-copying/

http://winhlp.com/node/10


  #4  
Old January 1st 10, 07:13 PM posted to microsoft.public.windowsxp.perform_maintain
Shenan Stanley
external usenet poster
 
Posts: 10,523
Default Very Slow Start Up, Running And Close Down After Trojan Removal

Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was
infected with several Trojan and other viruses. So far we have run
Avast virus removal tool, Super Antispyware, Windows Live Onecare
and scanned with PC Tools Threatfire. After cleaning the system
up, we ran Hijackthis, pasted the result into an online analyser
and deleted a few entries as recommended. It appears the system is
now clear of infection. However it is running very very slowly. It
takes 10 minutes to boot up, 20 seconds to respond to commands and
about another 5 minutes to shut down. We have installed Zonealarm
free firewall, PC Tools free antivirus and Threatfire and
uninstalled all other firewall and antivirus programmes. Can
anyone offer any help please.


Uninstall ZoneAlarm.
Uninstall PC Tools.
Uninstall Threatfire.

Use the built-in Windows XP firewall, ensure you know what exceptions are
being allowed (if any.)
Use either Avira AntiVirus (free) or eSet NOD32 AntiVirus (AV only - not the
suite.)
Use either MalwareBytes (free) or MalwareBytes (cost) - depending on if you
want to pay or not and want the resident protection or not.

If you were to take the above advice - you would spend between $0 and $85
U.S. dollars for some very good and well tested protection that uses very
little resources so your system still runs at top speed.

My guess at the slowness - leftover damage and/or still not cleaned.
Whether or not you have done any of this - I suggest you do it again and in
the order given.

Start button -- RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
-- type in:
winver
-- Click OK.

The picture at the top of the window that opens will give you the general
(Operating System name) while the line starting with the word "version" will
give you the rest of the story. Post _both_ in response to this message
verbatim. No paraphrasing - instead - ensure character-for-character
copying.

What version of Internet Explorer are you currently using? Easy to find
out. Open Internet Explorer and while that is in-focus, press and hold
the "ALT" key on your keyboard. With the "ALT" key still pressed, press
(just once, no holding) the "H" key. Now, with the "ALT" key still
pressed, press (just once, no holding) the "A" key. That will bring up
the "About Internet Explorer" window. It will give you the exact version
you are using - repeat what you see there in response to this message.

Reboot and logon as administrative user.

Fix your file/registry permissions...

Ignore the title and follow the sub-section under
"Advanced Troubleshooting" titled,
"Method 1: Reset the registry and the file permissions"
http://support.microsoft.com/kb/949377
*will take time
** Ignore the last step (6) - you should already have SP3, but if not - now
is not the time to do it. Skip step 6.

You will likely see errors pass by if you watching, even count up. No
worries *at this time*.

Reboot and logon as administrative user.

Search your registry for %fystem and replace the "f" with an "s". May be
three or four matches, may be none. You may even have to take ownership
of the keys in order to make the change.

*After* that is done, continue on to the next part where you clean off
some excess (unnecessary) files. It only removes those you definitely
do not need, if you follow the directions *as given* and do not deviate.
So reboot (for each of these steps, it is just best to reboot right
before - but I will continue to point that out) and logon as an user with
administrative priviledges.

Download/install the "Windows Installer CleanUp Utility":
http://support.microsoft.com/kb/290301

After installing, do the following:

Start button -- RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
-- type in:
"%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g!
-- Click OK.
(The quotation marks and percentage signs and spacing should be exact.)

It will flash by *quick*, don't expect much out of this step to get
excited about. But the cleaner your machine is to start with, the
better your luck will be later (not really luck - more like preparedness,
but that's not as fun to think about, eh?)

Yeah - you will get tired of rebooting - but let's soldier on and reboot
again and logon as an user with administrative priviledges.

This time (and this is one of the more time-consuming steps) you will be
running (one at a time with reboots in-between each) three different
anti-spyware/anti-malware applications to ensure you come up clean.

Download, install, run, update and perform a full scan with the following
(freeware version):

SuperAntiSpyware
http://www.superantispyware.com/

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

MalwareBytes
http://www.malwarebytes.com/

Reboot and logon as administrative user.

Download and run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

You may find nothing, you may find only cookies, you may think it is a
waste of time - but if you do all this and report back here with what you
do/don't find as you are doing all of it - you are adding more pieces to
the puzzle and the entire picture just may become clearer and your
problem resolved.

Reboot and logon as administrative user.

Download/Install the latest Windows Installer (for your OS):
( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe )
http://www.microsoft.com/downloadS/d...displaylang=en

Reboot and logon as administrative user.

Download the latest version of the Windows Update agent from here (x86):
http://go.microsoft.com/fwlink/?LinkID=91237
.... and save it to the root of your C:\ drive. After saving it to the
root of the C:\ drive, do the following:

Close all Internet Explorer windows and other applications.

Start button -- RUN and type in:
%SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE
-- Click OK.

(If asked, select "Run.) -- Click on NEXT -- Select "I agree" and click on
NEXT -- When it finishes installing, click on "Finish"...

Reboot and logon as administrative user.

Visit this web page:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

.... and click on the "Microsoft Fix it" icon. When asked, select "RUN",
both times. Check the "I agree" box and click on "Next". Check the box
for "Run aggressive options (not recommended)" and click "Next". Let
it finish up and follow the prompts until it is done. Close/exit and
reboot when it is.

You should now perform a full CHKDSK on your system drive (C...

How to scan your disks for errors
http://support.microsoft.com/kb/315265
* will take time and a reboot

You should now perform a full Defragment on your system drive (C...

How to Defragment your hard drives
http://support.microsoft.com/kb/314848
* will take time

Reboot.

Log on as an user with administrative rights and open Internet Explorer
and visit http://windowsupdate.microsoft.com/ and select to do a
CUSTOM scan...

Every time you are about to click on something while at these web pages -
first press and hold down the CTRL key while you click on it. You can
release the CTRL key after clicking each time.

Once the scan is done, select just _ONE_ of the high priority updates
(deselect any others) and install it.

Reboot again.

If it did work - try the web page again - selecting no more than 3-5 at a
time. Rebooting as needed.

The Optional Software updates are generally safe - although I recommend
against the "Windows Search" one and any of the "Office Live" ones or
"Windows Live" ones for now. I would completely avoid the
Optional Hardware updates. Also - I do not see any urgent need to
install Internet Explorer 8 at this time.

Seriously - do all that. This is like antibiotics - don't skip a single
step, don't quit because you think things will be okay now - go through
until the end, until you have done everything given in the order given. If
you have a problem with a step come ask and let someone here get you
through that step. If you don't understand how to do a step, come back
and ask here about that step and let someone walk you through it.

Then - when done - let everyone here know if it worked for you - or if
you have more issues.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


  #5  
Old January 1st 10, 07:13 PM posted to microsoft.public.windowsxp.perform_maintain
Shenan Stanley
external usenet poster
 
Posts: 10,523
Default Very Slow Start Up, Running And Close Down After Trojan Removal

Jon wrote:
Hi. I have a friend with a windows XP home edition PC which was
infected with several Trojan and other viruses. So far we have run
Avast virus removal tool, Super Antispyware, Windows Live Onecare
and scanned with PC Tools Threatfire. After cleaning the system
up, we ran Hijackthis, pasted the result into an online analyser
and deleted a few entries as recommended. It appears the system is
now clear of infection. However it is running very very slowly. It
takes 10 minutes to boot up, 20 seconds to respond to commands and
about another 5 minutes to shut down. We have installed Zonealarm
free firewall, PC Tools free antivirus and Threatfire and
uninstalled all other firewall and antivirus programmes. Can
anyone offer any help please.


Uninstall ZoneAlarm.
Uninstall PC Tools.
Uninstall Threatfire.

Use the built-in Windows XP firewall, ensure you know what exceptions are
being allowed (if any.)
Use either Avira AntiVirus (free) or eSet NOD32 AntiVirus (AV only - not the
suite.)
Use either MalwareBytes (free) or MalwareBytes (cost) - depending on if you
want to pay or not and want the resident protection or not.

If you were to take the above advice - you would spend between $0 and $85
U.S. dollars for some very good and well tested protection that uses very
little resources so your system still runs at top speed.

My guess at the slowness - leftover damage and/or still not cleaned.
Whether or not you have done any of this - I suggest you do it again and in
the order given.

Start button -- RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
-- type in:
winver
-- Click OK.

The picture at the top of the window that opens will give you the general
(Operating System name) while the line starting with the word "version" will
give you the rest of the story. Post _both_ in response to this message
verbatim. No paraphrasing - instead - ensure character-for-character
copying.

What version of Internet Explorer are you currently using? Easy to find
out. Open Internet Explorer and while that is in-focus, press and hold
the "ALT" key on your keyboard. With the "ALT" key still pressed, press
(just once, no holding) the "H" key. Now, with the "ALT" key still
pressed, press (just once, no holding) the "A" key. That will bring up
the "About Internet Explorer" window. It will give you the exact version
you are using - repeat what you see there in response to this message.

Reboot and logon as administrative user.

Fix your file/registry permissions...

Ignore the title and follow the sub-section under
"Advanced Troubleshooting" titled,
"Method 1: Reset the registry and the file permissions"
http://support.microsoft.com/kb/949377
*will take time
** Ignore the last step (6) - you should already have SP3, but if not - now
is not the time to do it. Skip step 6.

You will likely see errors pass by if you watching, even count up. No
worries *at this time*.

Reboot and logon as administrative user.

Search your registry for %fystem and replace the "f" with an "s". May be
three or four matches, may be none. You may even have to take ownership
of the keys in order to make the change.

*After* that is done, continue on to the next part where you clean off
some excess (unnecessary) files. It only removes those you definitely
do not need, if you follow the directions *as given* and do not deviate.
So reboot (for each of these steps, it is just best to reboot right
before - but I will continue to point that out) and logon as an user with
administrative priviledges.

Download/install the "Windows Installer CleanUp Utility":
http://support.microsoft.com/kb/290301

After installing, do the following:

Start button -- RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
-- type in:
"%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g!
-- Click OK.
(The quotation marks and percentage signs and spacing should be exact.)

It will flash by *quick*, don't expect much out of this step to get
excited about. But the cleaner your machine is to start with, the
better your luck will be later (not really luck - more like preparedness,
but that's not as fun to think about, eh?)

Yeah - you will get tired of rebooting - but let's soldier on and reboot
again and logon as an user with administrative priviledges.

This time (and this is one of the more time-consuming steps) you will be
running (one at a time with reboots in-between each) three different
anti-spyware/anti-malware applications to ensure you come up clean.

Download, install, run, update and perform a full scan with the following
(freeware version):

SuperAntiSpyware
http://www.superantispyware.com/

Reboot and logon as administrative user.

Download, install, run, update and perform a full scan with the following
(freeware version):

MalwareBytes
http://www.malwarebytes.com/

Reboot and logon as administrative user.

Download and run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

You may find nothing, you may find only cookies, you may think it is a
waste of time - but if you do all this and report back here with what you
do/don't find as you are doing all of it - you are adding more pieces to
the puzzle and the entire picture just may become clearer and your
problem resolved.

Reboot and logon as administrative user.

Download/Install the latest Windows Installer (for your OS):
( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe )
http://www.microsoft.com/downloadS/d...displaylang=en

Reboot and logon as administrative user.

Download the latest version of the Windows Update agent from here (x86):
http://go.microsoft.com/fwlink/?LinkID=91237
.... and save it to the root of your C:\ drive. After saving it to the
root of the C:\ drive, do the following:

Close all Internet Explorer windows and other applications.

Start button -- RUN and type in:
%SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE
-- Click OK.

(If asked, select "Run.) -- Click on NEXT -- Select "I agree" and click on
NEXT -- When it finishes installing, click on "Finish"...

Reboot and logon as administrative user.

Visit this web page:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

.... and click on the "Microsoft Fix it" icon. When asked, select "RUN",
both times. Check the "I agree" box and click on "Next". Check the box
for "Run aggressive options (not recommended)" and click "Next". Let
it finish up and follow the prompts until it is done. Close/exit and
reboot when it is.

You should now perform a full CHKDSK on your system drive (C...

How to scan your disks for errors
http://support.microsoft.com/kb/315265
* will take time and a reboot

You should now perform a full Defragment on your system drive (C...

How to Defragment your hard drives
http://support.microsoft.com/kb/314848
* will take time

Reboot.

Log on as an user with administrative rights and open Internet Explorer
and visit http://windowsupdate.microsoft.com/ and select to do a
CUSTOM scan...

Every time you are about to click on something while at these web pages -
first press and hold down the CTRL key while you click on it. You can
release the CTRL key after clicking each time.

Once the scan is done, select just _ONE_ of the high priority updates
(deselect any others) and install it.

Reboot again.

If it did work - try the web page again - selecting no more than 3-5 at a
time. Rebooting as needed.

The Optional Software updates are generally safe - although I recommend
against the "Windows Search" one and any of the "Office Live" ones or
"Windows Live" ones for now. I would completely avoid the
Optional Hardware updates. Also - I do not see any urgent need to
install Internet Explorer 8 at this time.

Seriously - do all that. This is like antibiotics - don't skip a single
step, don't quit because you think things will be okay now - go through
until the end, until you have done everything given in the order given. If
you have a problem with a step come ask and let someone here get you
through that step. If you don't understand how to do a step, come back
and ask here about that step and let someone walk you through it.

Then - when done - let everyone here know if it worked for you - or if
you have more issues.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 07:20 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.