Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop gone slow


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f


You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You probably do not have the latest Java (Java™ 6 Update 27 or 7 update 0). Get the latest at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Note on Java and Firefox. For some reason Java does not remove old consoles from Firefox. Any time you update Java you should do Firefox, Add-ons, Extensions and disable any old Java Consoles

They will look like: Java Console 6.xx. The xx corresponds to the update number. When they switch to 7 update 0 then it will be Java Console 7.

Multiple Java Consoles will slow down the Firefox boot. After any change to Firefox or its extension you should run Speedyfox. (Mentioned later.)



Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

Advertisements


#17
Bhele

Bhele

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Dear Ron,
Before I do the System Restore and also cleanig uo all the other programs (together with logs) that I have installed during this process. I just thought of bringing of bringing one thing that I have observed since we started the clean-up process. Not too sure if it related.

When ever I try to switch Users, whilest the other one is still logged on - the computer just hangs. Nothing works I have to manually remove the battery with the computer unplugged from power.

The other one last night when I was shutting down, the computer sent a message ying that it is busy with updates and that I must leave it. I left it close to 6 hours and it looked like it was still hanging. I ended up unpugging off from mains, and also removed the battery.

Is this related ? OR should I go ahead with clean-up.

Regards
Bhele.
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
See if this helps with user switching:

Navigate to the Services console in Administrative tools.
Double-click on Fast User Switching and change Startup Type to Automatic.
Hit the START button if the service is not started, and then hit OK.
Then go to:
http://support.microsoft.com/kb/279765
and follow the instructions.

Don't know what happened to the install. Run Vino's event viewer and let's see if it left us a message.

Ron
  • 0

#19
Bhele

Bhele

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Dear Ron,
I did do the FAST USER SWITCHING it seems to work.

Cleaned up the logs, reboot the machine and Run VINO on Application and System. Here are the logs.


1. Running VINO on "Application"


Vino's Event Viewer v01c run on Windows XP in English
Report run at 03/10/2011 08:20:56 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 03/10/2011 08:14:33 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 03/10/2011 08:14:17 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 03/10/2011 08:14:05 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 03/10/2011 08:13:53 AM
Type: error Category: 0
Event: 11 Source: crypt32
Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: The data is invalid.

Log: 'Application' Date/Time: 03/10/2011 08:13:33 AM
Type: error Category: 0
Event: 0 Source: VMCService
conflictManagerTypeValue

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

no2. Running VINO on "System".

Vino's Event Viewer v01c run on Windows XP in English
Report run at 03/10/2011 08:25:07 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/10/2011 08:19:37 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 03/10/2011 08:15:02 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The Kaspersky Anti-Virus Service service hung on starting.

Log: 'System' Date/Time: 03/10/2011 08:14:37 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Log: 'System' Date/Time: 03/10/2011 08:14:35 AM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1058" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
OK. I'm back from my trip.

Log: 'System' Date/Time: 03/10/2011 08:15:02 AM
Type: error Category: 0
Event: 7022 Source: Service Control Manager
The Kaspersky Anti-Virus Service service hung on starting.


You may need to uninstall and reinstall Kaspersky. It should not hang at start. This can cause a big delay.

Is it still slow?

Start Run, msconfig, OK
Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains. Go to Startup tab and uncheck everything. OK and
reboot. If it doesn't run faster then go back into msconfig and recheck the
things you turned off. If it helps then go back and turn on a few items each
time until you find the culprit.


Ron
  • 0

#21
Bhele

Bhele

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Dear Ron,
Gee the uninstall and reinstall of Kaspersky I did not do.
The machine seems to be running, and it can switch between users. Maybe it was lust a hiccup.
After going to the Services tab, and hiding the Microsoft Services (including the suggestions you gave), after re-booting the machine came up with a pop-up System Confoguaration Utility message. Saying that the SCU is currently in Diagnostic or Selective Startup mode. It suggested that I choose the Normal Startup mode on the General tab.
After changing to the Normal Startup mode , rebooting the machine, I found that seems to to be running a lot more faster than before. I can switch between different users.
This is where I am now. Should I go ahead and do the clean-up steps as you suggested before ? ( this is the step that cleans Malwarebytes , HostExperts, etc…..).
Regards
Bhele.
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,797 posts
  • MVP
If you are happy with it then go ahead and do the cleanup.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP