Hi,
I use a Pentium M Processor 1.6 Ghz with 512 SD RAM on my laptop
Since quite some time now my 40 GB HDD has been working on less than 2 GB of disk space
I have cable internet (64 Kbps)
Recently I freed up disk space and now I have 15.5 GB disk space (of 40 GB)
However, inspite of freeing disk space the laptop works slow
This I have particularly noticed has something to do with the internet connection since the laptop works faster when the internet connection is disabled (also makes a lot less noise)

I want to know:
1. Do I need additional RAM to boost speed? Which is the optimum RAM for the processor mentioned above?
2. What are the other ways in which I can boost speed?

Please help
Thanks in advance
- Jury

Hello Jury,

Welcome to PCHF.

It all depends, has the laptop always been slow? If your laptop becomes slow when connected to the internet, this sounds like a malware problem to me. Maybe a good idea to check, by following PCHF Prework on my signature, and post a Hijackthis and AVG log back here.

Laptops as your probably aware are not very upgradable. Increasing your memory *can* increase speed if you have a lot of programmes running in the background. When all your memory is used, Windows tends to save temporary data to your Hard drive instead, making it slower. Check how much memory you using by pressing [CTRL]+[ALT}+[DEL] and click on the Performance tab and see how much physical memory you have free when your PC starts to slow down.

complete agreeance with madmonkey. If the performance lags when you hit the internet, odds are very high indeed something is phoning home, as it were. I would also reco that you do as he suggests with the prework; bet you will be a bit surprised by the amount that ATF finds and cleans.

As for the ram issue, the answer to how much is 'good' is generally answered by your wallet. Very few problems can't be solved by throwing more ram at them (malware being one of them), but unless you are doing some processor intensive stuff on that lappy, 512 should be enough. That's all I use at work, but I've got a gig in the house rig due to a lot of video rendering (2 year old will cause that problem )

Hi,
Firstly thanks both of you for the prompt reply
I went through the prework and am attaching the logs
Valius the ATF cleaner definitely helped
The physical memory available is safely above 62000 and the system cache is above 120000
I use AVG anti-virus which works in the background
The AVG anti-spyware removed some spyware though I couldnt interpret the hijackthis! log
Please analyse the logs

-Jury

Attached Files

	Report-Scan-20070204-195733.txt (59.3 KB, 1 views)
	hijackthis.log (7.6 KB, 2 views)

Hey Guys,

@Jury, my welcome to PCHF as well. Before we get into the malware fixes, there are a couple of non-malware related things that may help in your slowdown.

First, try plugging your Sony cradle into another USB slot, it may be hogging resources, and this seems to help.

In your Mozilla Privacy settings, have it set to delete cookies when the browser closes, you have LOTS of tracking and adware cookies that are attaching themselves when you browse the internet, and every time you start your browser, you are dragging them around with you.

You may have some damaged or missing files in your Bluetooth installation, I would definitely reinstall those drivers.

Please download and run Shoot the Messenger from my signature, it will disable the Windows Messenger utility that is unnecesary and leaving you vulnerable to PopUp attacks.

It appears that you may have installed "Gimme Smilies", which has infected you with a trojan. Let's start by having some other scans fix what they can. Please download Housecall, CCleaner, and SpySweeper from my signature. Please update SpySweeper and CCleaner. Then run Housecall, let it fix everything that it finds, save the log to post back here. Then please boot into Safe Mode.

In Safe Mode, run CCleaner, make sure that all options are checked including Advanced, answer OK or Yes to all warnings. Click Analyze, then Run Cleaner, repeat until no files show up as needing to be cleaned. If any files cannot be cleaned, please note their location, and navigate to the files. Right-click on them, and uncheck Read Only, then attempt to manually delete the files. If you are unable to manually delete the files, please write down the location of the file to post back here.

Then click on Issues, making sure that all options are selected, click on Scan for Issues. Then Fix Selected Issues, you can name the backup todays date. Repeat until their are no further issues found.

Now run SpySweeper, please make sure that under the Sweep tab in Options, all items are checked under Custom Sweep, and then run a full system scan. Let SpySweeper quarantine whatever it finds, and save the log to post back here.

Now boot back into Regular Mode, and post back the two logs along with a new HJT log. Looking forward to your reply,

TTFN

LGW

Hi LGW,
Apologise for the delay in replying...havent had net access in the past few days

I am in the process of backing up all the data on my HDD...my freespace now stands at 21.8 GB

I have tried all the stuff you advised and am attaching logs wherever applicable

>>>First, try plugging your Sony cradle into another USB slot, it may be hogging resources, and this seems to help.
> I have unplugged the cradle for now so that shouldnt be a bother

>>>In your Mozilla Privacy settings, have it set to delete cookies when the browser closes, you have LOTS of tracking and adware cookies that are attaching themselves when you browse the internet, and every time you start your browser, you are dragging them around with you.
>I used to use Mozilla, I use IE 6 now and couldnt find a similar option as mentioned above

>>>You may have some damaged or missing files in your Bluetooth installation, I would definitely reinstall those drivers.
>Reinstalled

>>>Please download and run Shoot the Messenger from my signature, it will disable the Windows Messenger utility that is unnecesary and leaving you vulnerable to PopUp attacks.
>That one is not applicable here

>>>It appears that you may have installed "Gimme Smilies", which has infected you with a trojan. Let's start by having some other scans fix what they can. Please download Housecall, CCleaner, and SpySweeper from my signature.
>I couldnt download Housecall so I ran the online scan...it removed some adware and I downloaded a couple of updates to fix those windows vulnerabilities

>>>Please update SpySweeper and CCleaner. Then run Housecall,
>I couldnt update CCleaner and couldnt save a log either. I ran SpySweeper though and am attaching the log

>>>Now boot back into Regular Mode, and post back the two logs along with a new HJT log. Looking forward to your reply,
>HJT log attached

Looking forward to your reply

Thanks already
-Jury

Attached Files

	hijackthis - 8.2.2007.log (7.2 KB, 2 views)
	Spy Sweeper Session Log.txt (31.8 KB, 3 views)
	08022007.zip (12.9 KB, 1 views)

Hey Jury,

My apologies now for the delay in my response, we're just late I guess, lol.

OK all of the cookies I was talking about were attached to your mozilla browser. I would uninstall mozilla, and if you need it, you can always reinstall. It seems strange that there were so many if you don't use it any more.

I am curious why you answered this one this way
Everything is showing that you do have the Windows Messenger enabled. Including some issues that showed up in your Spy Sweeper log.

Did you complete the instructions as given for CCleaner? That one doesn't have a log, it has a registry backup. When you say that you ran the "online scan," are you refering to Housecall, which is an online virus scan. It should have allowed you to save a log file.

You are still showing signs of the Look2me infection, and a SDBOT worm. Please download Sysclean utility by Trend Micro, and downloading Look2Me-Destroyer.exe , save them both to your desktop.

Please follow the attached instructions for using Sysclean.

Then to make sure that this worm does not continue to restart itself we need to shut down it's service capability.

Click Start>Run and type in: services.msc
Click OK
In the Services window find: [/b]BusinessC [/b]
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Repeat for any additional services.
Click Apply, then OK

Open HJT and click config > misc tools > ?delete an NT service?
Copy and paste: BusinessContinuity.
Click OK.

• Close all windows before continuing.
• Double-click Look2Me-Destroyer.exe to run it.
• Put a check next to Run this program as a task.
• You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK
• When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
• Once it's done scanning, click the Remove L2M button.
• You will receive a Done Scanning message, click OK.
• When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
• Your computer will then shutdown.
• Turn your computer back on.
• Please post the contents of C:\Look2Me-Destroyer.txt when you post back here.

Then please run HijackThis again, and fix the following entries if they are still there:
Search for and delete the files in bold if they are still there. Rerun HJT and post back here with the new log, as well as the log for Look2me Destroyer, and the Housecall log.

Looking forward to your reply,

TTFN

LGW

Attached Files

Sysclean Instructions.txt (3.6 KB, 1 views)