LETHARGIC computer

My computer is PAINFULLY slow.
I can only imagine I've got something slowing it down (other than XP!!).

I have a Dell 8300 with an Intel Pentium 4 CPU 3.00 GHz, 1 GB of Ram running Windows XP Home Edition 2002, Serivce Pack 2.

I ran Hijack this - as it seems to be something I see in alot of other people trying to solve a similar problem. I can't understand much in there - but thought it might be helpful.

Thanks for any help or suggestions you can offer.

Chris

 

Hi cheffernan2,
Welcome to MajorGeeks!

Painfully slow may be due to malware, but could also be hardware problems like faulty sectors on the disk or problems with ram or it could be due to a software conflict. I would like for you to do a disk scan first, and if that comes up ok, to then proceed with the instructions in the READ ME.

First I want to ask you if the Painfully Slow occurred suddenly or if it gradually got slower. If it occurred suddenly, please go back to an earlier restore point and see if this fixes the problem. If you've never done this before, go to Start / All Programs / Accessories / System Tools / System Restore
check the box to Restore my computer to an earlier time and click on Next. You'll see a calendar with highlighted dates. Choose one of the dates just preceeding these problems and allow your system to return to that date.

If the above doesn't help, be sure to return to the current restore point and then do the following: Go to Start / My Computer and in the window that opens up, right-click on the drive where your operating system is located and select properties. Go to the Tools tab and choose the first option which is in the box which looks for physical errors on the disk. Click on the button to start the scan and allow it to go to completion. If it finds errors, it will attempt to fix them.

If that does not help, please go to the READ & RUN ME FIRST and attach the requested logs. If your problem is related to malware, you will find some relief in running through these procedures. The logs will allow us to see which files still need to be removed.

I've removed your inline log. We only use attachments.
Thanks.
abri

 

Abri,

Thank you for the help.
I followed your directions 100% and I'm attaching all the logs as directed.

Here's an update on what I did.

1. I ran a disk scan - but did not select either of the 2 options (both automatic fixes) as you did not direct me to do so. Net result - it was unable to complete the scan.

2. Basic Computer Maintenance Everyone Should Do -
a) Removed programs I no longer use...
b) ALready had CCLeaner - and ran it along with the removing invalid registry values
c) Minimized start up items
d) Defragmented my hard drive with IOBIT SmartDefrag
e) uninstalled Malware via Add/Remove
f) msconfig for normal startup - did this
g) i have mcAfee - not norton
h) emptied recycle bin
i) ensured I can see all hidden files

2. I ran the following and have attatched 2 of the logs here and will post the other 2 to this as well.
a) SUPERAntiSpyware
b) SpyBot - Search & Destroy
c) Malwarebytes Anti-Malware
d) combofix.exe
e) MGtools.exe

Let me know what I need to do next.
Thank you again for the help.

 

Here's the other attachments

 

Hi cheffernan2,

If we ask you to do a scan which fixes things, we want you to fix them. It sounds like the physical scan of your harddrive encountered some things that need fixing and that your computer would be helped by going back and redoing the physical scan of your disk and allowing it to fix whatever it found. The same is true for Spybot S&D. I'll repost the instructions for the physical scan:

I'm missing your MGlogs.zip. If you installed and ran the MGTools according to the instructions, you will find this zip file among the files directly under C:\
Please attach it. If you didn't do this, please go to Using MGTools and follow the instructions.

Thanks.
abri

 

Abri,

Sorry if there was any confusion.
I did all these things and fixed them myself. The disk scan when I first did it yesterday didn't give me any option to fix anything - just said it can't be completed. Today, after doing all the other steps - it ran with no problem.

Here's the other log.
Thank you again for your help.

Chris

 

Hi cheffeman2,



1) To begin with, please disable Spybot's TeaTimer. This can be done two ways.
First:

• Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)
• If you have the new version 1.5, Click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
• If you have Version 1.4, Click on Exit Spybot S&D Resident

or Second, For Either Version :

• Open Spybot S&D
• Click Mode, choose Advanced Mode
• Go To the bottom of the Vertical Panel on the Left, Click Tools
• then, also in left panel, click Resident shows a red/white shield.
• If your firewall raises a question, say OK
• In the Resident protection status frame, Uncheck the box labeled Resident "Tea-Timer"(Protection of over-all system settings) active
• OK any prompts.
• Use File, Exit to terminate Spybot

After you disable Teatimer, please update Spybot S&D and allow it to run all the way through. When it's finished, have it fix everything it finds!


2) Please disable your guest account if this hasn't already been done.


3) Go to add/remove programs and uninstall the below:

"DisplayName"="J2SE Runtime Environment 5.0 Update 11"
"DisplayName"="J2SE Runtime Environment 5.0 Update 2"
"DisplayName"="J2SE Runtime Environment 5.0 Update 4"
"DisplayName"="J2SE Runtime Environment 5.0 Update 5"
"DisplayName"="J2SE Runtime Environment 5.0 Update 6"
"DisplayName"="J2SE Runtime Environment 5.0 Update 9"
"DisplayName"="Java 2 Runtime Environment, SE v1.4.2_06"
"DisplayName"="Java(TM) 6 Update 2"
"DisplayName"="Java(TM) 6 Update 3"
"DisplayName"="Java(TM) 6 Update 5"
"DisplayName"="Java(TM) SE Runtime Environment 6 Update 1

4) Reboot after uninstalling the above.

5) Install the current version of Sun Java from: Sun Java Runtime Environment

6) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger


7) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (Note: if using Vista, don't double click, use right click and select Run As Administrator). Select Do a system scan only). In the box that opens, find the following entries and put a checkmark next to them (if you need some of them to be in the trusted zone, leave them). After check-marking them, close all your open browser windows and click on FIX:


O2 - BHO: (no name) - {424B6AD1-785D-43e7-9C9B-AB96E77477D0} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

Do you need the following to run at startup? If not, please fix it as well.

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

Did you set the following? If not, please fix them as well.

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - AutorunsDisabled - (no file)

After you click fix, just close hijackthis.


8) Now run CCleaner at the default setting with the Windows tab as the top one.

9) Combofix was not able to run GMER. I think this may have been because Spybot's Teatimer was enabled. Please go to Running GMER to detect rootkits and allow it to run to completion.

10) Please run C:\MGtools\GetLogs.bat and attach the fresh MGlogs.zip along with the GMER log.


Let me know how things are running now?

abri

 

Abri,

Seems much faster....but I guess these logs will tell you.
Can't thank you enough for your help!

I attached the 2 logs you requested.
Let me know if you see more for me to fix.

Chris

 

Hi cheffernan2/Chris,

Please go ahead with the final cleanup instructions. The GMER scan didn't produce the expected results. In the first case, it said you didn't have administrative rights. In the second case, it looks like McAfee blocked it. If you want to run it sometime, you should physically disconnect your computer from the internet, disable all your protection software and then run it again. There's no pressing to run it. It was just a result that was missing that is normally there.

Here are the final instructions that will remove all the tools and logs we put on your computer and we'll ask you to set a clean restore point:

abri

 

Abri,

Thank you.
I did all this and I must say the computer seems much faster.

Outlook to me still seems very slow in terms of opening email and when clicking on links to itunes or firefox.

Other than that - everything else is moving much faster.
I read the final recommendation list and glad to say that I have followed all items there too.

Again, your guidance here has been priceless. Thank you.
Chris

 

Hi cheffernan2,

Compress all your folders. After you do that, try turning off the email scanning function that McAfee uses. You don't need this function if you do regular scans. McAfee checks all files anyway, whether you have them listed specifically as email or not.

abri