Old/small Acer Netbook Glitchy

Greetings and welcome back to the Major Geeks Malware Forum.

I would like to get a couple more reports. Please do this

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------

• Download FRST64 and save the file on your Desktop
• If your computer language is other than English right click on the FRST64 icon and rename it to FRST64english
• Right click on the icon and select Run as administrator
• Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option
• Click Yes to the disclaimer
• Click Scan and allow the program to run
• When completed, FRST.txt and Addition.txt reports will be saved on the Desktop
• Please attach the reports to your reply

===================================================

Things I would like to see in your next reply.

• Attached reports

 

Oops, sorry.

Download the 32-Bit version.

 

Thank you for going through all of that.

Although the computer is clean there is some work we can do to try to help things. I am surprised the system can function at all given the lack of sufficient available memory. Keep in mind there is only so much that can be asked of the system even after our efforts to improve things.

I am ending for the evening but my plan would be to clean up some things and remove as much software as possible leaving only the things you need. Since a lot of the software is quite old it will require some research on my part to determine what is essential and what is not. I see you ran AdwCleaner already. If you did not delete the items identified as Pre-Installed Software I would recommend running AdwCleaner again and selecting to remove all of it. Those items are safe to delete.

I will be posting again in the morning, West Coast time. This is going to be fun. I will break out my Windows 7 test computer!

For now,

Gary

 

Do you have the original installation disk?

 

Let's start with this. I haven't pulled out my Windows 7 but I believe the Clean Boot instructions are accurate for that operating system.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

• Right click on the FRST64 icon and select Run as administrator
• Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
• There is no need to paste the information anywhere, FRST64 will do it for you

Code:

Start::
CreateRestorePoint:
CloseProcesses:
cmd: sfc /scannow
Emptytemp:
End::

• Click Fix
• When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Clean Boot

--------------------

• Press the Windows Key + R at the same time.
• Type msconfig and press Enter
• If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation
• Click on the Startup tab
• Note down each entry listed as Enabled then right click on the item and select Disable (you will need this list during subsequent steps)
• Close the Task Manager windows and you should be back at the System Configuration window
• Click the Services tab
• Click to select the Hide All Microsoft Services check box
• Click Disable All, and then click OK
• Click Apply, then OK
• When you are prompted, click Restart and boot into Normal Mode
• Check your computer performance
• Run a FRST scan in this environment and attach the reports to your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

• Fixlog
• Attached FRST reports
• How does the computer run in Clean Boot?

 

Thanks for being flexible.

Let's put Clean Boot on hold for now. Rather than that, boot into Safe Mode and run a FRST Scan. That will give us a picture of how much available RAM there is when the system is in bare bones operation. Attach the reports to your reply.

Currently the FRST reports are showing the worse case scenario when it comes to memory usage. Safe Mode will show us the best case scenario. If Safe Mode shows very little available memory we will be stuck. There will be no reason to carry on until more RAM is installed.

In anticipation of us doing more work I would also like you to complete the below.

===================================================

Autoruns

--------------------

• Please download Autoruns and save it to your Desktop
• Right click on the autoruns64 icon on your Desktop and select Run as administrator
• Wait until the lower left hand corner of the window shows Ready
• Hit the Ctrl + S key at the same time
• Save the file onto your Desktop using the default File name:
• Please zip and attach it to your reply

===================================================

Things I would like to see in your next reply.

• FRST scan reports (2)
• Attached zip file

 

Nice work on your part.

There is a disconnect between your numbers and the numbers being reported by FRST. I am wondering if it is because FRST is running when the data is captured thereby increasing overall memory usage.

There are different ways to approach this. I prefer a more measured approach but if you want to go right to removing programs and software let me know.

What I would like you to do now is capture the memory usage while not running FRST. Check Normal Boot and Safe Mode and report the numbers. In addition, identify the top 5 memory hogs as best you can in each boot environment. The numbers may shift while you are evaluating it so do the best you can.

I have my Windows 7 up and running so hopefully I can provide better instructions going forward.

 

Yes, all of those listed under Memory are necessary.

That is normal for Chrome.

Did you happen to run the Fixlist from Post #11?

 

Thank you, your file system looks good.

We are going to disable a few startup items and see if there is any difference.

===================================================

Disabling Autoruns Entries

--------------------

Autoruns Explained

Many programs, when installed, create registry or file entries which instruct the program to launch at system startup whether or not that program is essential or advantageous to run in the background. By disabling the autorun feature we do not delete or otherwise prohibit the program from running, rather the program is not started until it is needed. Think of it like a car. Sometime today you might to use the car to go to the store. The car can be in one of two conditions before you decide. You can leave the car running all day long even though you may or may not use it (enabling autorun) or you can start the car when you are ready (disabling autorun then launching a program). Either way the car will work for you it is just a matter of how ready it will be if/when it is time. Just as gas is wasted by leaving the car running, your computer resources are "wasted" because programs are running in the background that you may not be using.


===================================================

Disabling Autoruns Entries

--------------------

• If necessary, download Autoruns and save it to your Desktop
• Right click on the autoruns64 icon on your Desktop and select Run as administrator
• Click on the Logon tab
• Leave only the below items checked (uncheck the rest)

Apoint
IAStorlcon
IgfxTray
Persistence
RtHDVCpl
cmd.exe​

• Reboot your computer and check the memory usage and computer performance

===================================================

Things I would like to see in your next reply.

• Results?

 

Go ahead and run the computer like you will want to and see how you do.

 

It has been a pleasure working with you. Thank you for your ongoing kindness.

Gary