windows xp - System is slow, which files to delete?

06
2014-04
  • user1379280

    My system has Windows XP installed with 2 GB RAM, and it has been working OK, but since 3 days ago it hangs a lot. I tried deleting the temp (%temp%) files manually, and also used disk cleanup, and tried a system cleaning software as well. I have scanned the complete system for any possible virus or malware, but didn't find anything.

    I tried deleting from temp (%temp%). Are there other folders from which I should delete the files or is there anything else I should do?

    Please help with any other possible solutions.

    • Answers
  • user1980471

    Most of the time, PC starts running slow by lots of reasons. Corrupt registry, unnecessary applications, as well as too many start-up items would be the major reasons contributing to this problem. Many PC users simply utilize PC yet never consider how to maintain and optimize PC performance. I would suggest you to download any reliable program to fix registry, to manage unnecessary applications & start-up items like am using Reginout since 2011. Many programs are available in market which can perform these steps, but don't believe on free products. Now its up to you. :-)

    Good Luck.

  • James

    It might not be an issue with disk space. If you think it is look in the hidden %userprofile%\apps folder. There is also a temp folder under c:\windows

    In my experience if the pc start is hanging the first thing to check is the task manager.
    Go to the Processes tab, then click view from the menu and select Columns. tick the I/O Read and Write boxes, you might find that something is using the had drive, possibly a virus scanner.

  • Iam Zesh

    Just like @werner-henze noted, the best question to ask yourself might not be "why my computer hangs" but "when my computer hangs".

    Since you know more or less "when it started", you can try to see what changed since that moment to find the culprit (which might be the result of one of your direct action on your system).

    Have you been doing something different (using a new program that is memory-intensive, running something in the background) that you didn't before?

    Have installed you something new since it started?

    Have you significantly reduced the amount of available disk space ( = Have you added a few Gigas of data on your hard drives ) ?

  • Azmat karim

    Just use CCleaner it will asks which files have to be deleted which are not.And also fix and clean your registry.

    http://www.piriform.com/ccleaner

  • Fiasco Labs

    Windows XP SP3 with 2GB ram on a single core or early dual core processor is at End Of Life for both the Operating System and the hardware it is running on.

    The last Windows XP patches (November) had a glitch that resurrected Windows XP's Windows Update WUAUCLT.EXE svchost wrapper 99% processor usage demon.

    This has been an ongoing problem that Microsoft will not be bothered to fix, September Windows XP patches randomly brought the above issue back, October saw an update to Internet Explorer to fix it, a larger quantity began suffering this time around in November.

    Basically, when WUAUCLT.EXE (Windows Automatic Update) fires off to check for available updates, it can trigger the svchost.exe wrapper 99% processor usage. You can actually trigger it simply by trying to manually run Windows Update. You can see this in operation by pulling up Task Manager and sorting processes by cpu usage. Look for svchost.exe at 99% and if that's the case, none of the other recommendations here are worth diddly.

    Two things to consider, ban your antivirus from scanning Windows Automatic Update related files and folder as per KB822158 and try reapplying the October Internet Explorer MS13-080/KB 2879017 patch manually.

    Next Internet Explorer Rollup to fix it was KB2898785 dated for Dec 10, 2013. The SVCHOST 100% CPU issue marches on.


    • Related Question

    How do "Powerusers" manually find and remove malware from Windows
  • Jay

    Possible Duplicate:
    What to do if my computer is infected by a virus or a malware?

    I'd like to know what tools and methods are used by the pros to remove malware in Windows. Is HijackThis enough? How do you manually identify the stuff that's deeply rooted into the OS?

    My dad's XP system is clearly infected with something, but the usual advice (multiple scanning tools in safe mode, live CDs, etc) just ain't cutting it. He refuses to format because he has work that needs to be done, and for now the malware hasn't done anything too obstructive.

    I'm embarrassed to say that I recently completed a Computer Science degree at a top 10 CS school.


    • Related Answers
  • James Watt

    Here is the method I use. It is pretty successful and takes less than 90 minutes.

    Build a flash drive

    Download the following from an uninfected computer and load them onto a flash drive. Alternatively, you can burn these to a CD.

    (I suggest extracting the EXE fix from the ZIP file and putting the registry file on your flash drive.)

    Boot into "Safe Mode with Networking"

    On the infected computer, boot into safe mode with networking. This is done by pressing the F8 key on the keyboard BEFORE the "Loading Windows" screen appears.

    Insert the flash drive (or CD). If you are running on XP, launch the .exe file extension fix (even if you don't think you have a problem with .exe file extensions.)

    Next, install Malwarebytes Anti-Malware. On Vista and Windows 7, make sure to right click on the installer and press, "Run as Administrator".

    Updating Definitions

    Now that you have Malwarebytes installed, you'll want to check your malware definitions. If you fail to do this step, you will not be removing the entire infection from your computer.

    Go to the "updates" tab. Check the definition date. No matter what it says, you should do at least one update for good measure. After the first update, if the date is still older than just a couple days ago, you'll need to do a second update. Sometimes I have to do up to three updates to get Malwarebytes up to date.

    Scanning for Malware

    Go back to the main tab and choose "Full Scan". An average computer has about 100,000 objects and takes 20-30 minutes to scan. This takes longer if the computer has had multiple service packs on it over the years.

    When it finishes, click "Show Results". Double check everything in here and then Remove All. It will show you a text log file (you can close this, it's already saved) and then the program will ask you to reboot your computer. Go ahead and let it reboot.

    ComboFix

    When your computer reboots, don't go into safe mode.

    If you have an antivirus loaded onto your computer, you'll want to disable the active protection that it does for this next step. Many antiviruses, such as Symantec, can be disabled by simply right clicking on the icon in the system tray. Other programs, like AVG, require that you actually go into the program and disable them.

    Once you have done that, launch ComboFix from your flash drive (Vista and 7 users will want to right click on ComboFix and press "Run as Administrator.")

    Accept the warning notice. ComboFix will check for a new version automatically. If there is one, let it download it. It will tell you that it wants to install the Microsoft Recovery Console, permit it to do that as well. If it detects the presence of a RootKit (it is very good about finding these), it will reboot your computer into a safer environment automatically.

    Finally, it will start to scan for infections. After a good 10-15 minutes, it will automatically start removing the infections. The program takes forever to finish and clean up (another 10 minutes) and may reboot a few times during the procedure, so be patient. A text log file will be displayed after the program has finished. Do not close the blue window, it will close on its own. Sometimes it takes up to 10 minutes to close.

    Reset Internet Explorer

    The last thing to do is open Internet Explorer and reset it to factory settings. This will remove any infected add-ons or dlls that are still lodged into IE. To do this, go to "Tools", "Internet Options", Click the "Advanced" Tab, and press the button toward the bottom that says "Reset".

    I would suggest checking "Delete Personal Settings", but this usually works without doing that.

    Reaction to Criticism

    A lot of computer experts advise against cleaning up malware from a user's computer. They claims that you can never really get the infection off and that you can't trust that Malwarebytes and Combofix actually found all of the infection.

    My best advice is that the people who fall for these scams often fall for them repeatedly (twice a year or so). Spending the time to reload Windows on their computer is a waste, because you'll be back out there again. More importantly, an IT professional is going to charge you for 3-4 hours for a Windows reload, where the procedure listed above can be done in 60-90 minutes.

    Just be informative with the user about the dangerous of repairing vs. reloading and the cost difference of each. It also doesn't hurt to do occasional scans with an updated version of Malwarebytes or ComboFix over the next couple weeks to see if you missed anything the first time around.

    Additional information: I remove malware and viruses from 3-5 computers per week. My removal process is always evolving to combat the constant new tricks of malware, but this particular method has been my plan of attack for the last four months. If I find in the future that it stops working or that there are changes needed, I will return to this page and make those changes.

  • Joel Coehoorn

    Don't. Just don't. This used to be okay, but things have changed over the last two to four years:

    1. Modern malware travels in packs. You start out with just one breach, but once breached that first infection will download others.
    2. Modern malware is sneakier. Rootkits are becoming more sophisticated, common, and better at evading detection. Your efforts might remove one infection, but leave a buddy still hiding behind a rootkit.
    3. Modern malware is nastier. It used to just show you ads. Now it steals your credit card numbers, banking password, or identity.
    4. Modern malware goes deeper. Sometimes it simply can't be removed without breaking the infected system anyway.

    Put all this together and what it means is that it's just not worth it to fix an infected computer. Instead, back up your data, wipe the hard drive, re-install the operating system and apps, and restore your data.

    For me, it was item #3 that really tipped the scales to this conclusion. I used to be pretty good at removing bad stuff, but we put more valuable information on our computers than we did even a few years ago. I particularly want to address this point:

    for now the malware hasn't done anything too obstructive.

    How do you know? Are you certain his personal details haven't been hijacked and used to create a green card and credit history for some illegal immigrant in Arizona? That might not show up for a few years, but when it does it can pretty much ruin your life.

  • Tom Wijsman

    Take off and nuke the site from orbit, it's the only way to be sure.

    — Aliens

    Seriously, flatten the machine. When re-installing, store all your data on an external drive (or two) and don't ever allow executables to be stored on there.

    Windows has in effect become a 'disposable' installation and you shouldn't get used to it being around for long before it needs re-installing.

    And to directly address your question, that is pretty much what all the 'pros' do now. It's just not worth the effort to poke around with DLLs any more.

    As for the 'has work to do' argument, explain that it's like driving a car with a flat. In the long run it will always be quicker to stop and change it than to crawl slowly along because you 'dont have time to stop'.

  • Tom Wijsman

    My way of removing malware is effective and I have never seen it fail:

    1. Download Autoruns and if you still run 32-bit download a rootkit scanner.
    2. Boot into Safe Mode and start Autoruns if you are able to, then go to step 5.
    3. If you can't get into Safe Mode, connect the disk to another computer.
    4. Start Autoruns on that computer, go to File -> Analyze Offline System and fill it in.
    5. Wait for the scan to be done.
    6. In the Options menu, select everything.
    7. Let it scan again by pressing F5. This will go quick as things are cached.
    8. Go through the list and uncheck anything that is conspicious or does not have a verified company.
    9. Optional: Run the rootkit scanner.
    10. Let a top virus scanner remove any files that were left.
    11. Optional: Run anti-malware and anti-spyware scanners to get rid of junk.
    12. Optional: Run tools like HijackThis/OTL/ComboFix to get rid of junk.
    13. Reboot and enjoy your clean system.
    14. Optional: Run the rootkit scanner again.
    15. Make sure your computer is sufficiently protected!

    Some remarks:

    • Autoruns is written by Microsoft and thus shows any locations of things that automatically start...
    • Once software is unchecked from Autoruns, it will not start and can't prevent you from removing it...
    • There do not exist rootkits for 64-bit operating systems because they would need to be signed...

    It is effective because it will disable malware/spyware/viruses from starting,
    you are free to run optional tools to clean out any junk that was left on your system.