TechguyUK
Member
- Reaction score
- 1
- Location
- Lincoln, UK
Had an unusual couple of issues with the same PC today so I thought I'd post some detail that may just help someone else out.
The customer reported that she thought she had a virus as...
1. The PC (XP) was running very slow
2. She couldn't open Firefox despite reinstalling it.
On arrival I went into my usual malware attack mode but nothing significant showed up in the usual places. The machine really was running like a dog and a MalwareBytes quick scan looked like it was going to take several hours - time to adjust my strategy. So I start to look at the 180GB hard disk and find it's totally full up, only 100MB free. I nose around looking at what we can clean up or move to the second drive but there is nothing obvious (like loads of music/videos/pictures etc) so I run ATF Cleaner which to my amazement frees up nearly 140GB - WTF!!
I figure thats it and move on to Firefox which was comming up with "Windows cannot find 'C:\Program files\Mozilla Firefox\Firefox.exe' " ...even if you directly click the Firefox.exe icon in program files. So I google the issue and find a couple of similar issues....the fix is to edit HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe and remove the entry that resembles 'zasrakomondohui' [Debugger]
A couple of reboots later and Firefox is now sorted but its clear the machine is still running like a dog and applications are taking anything up to 30 seconds to start up. By chance I then notice that the drive is filling up again so I run Treesize which shows me that the windows\temp directory is filling up very fast. Process Monitor then leads me to something called 'Kontiki - KService.exe' which is continually writing large chunks of data to an sqlite file in the temp directory. KService/Kontiki is used by BBC iPlayer so I uninstalled it and hey presto problem solved!!
Ran MB and SAS and no problems appart from the usual cookies and the machine is now running fine.
Those two sure were a couple of wierd ones.
The customer reported that she thought she had a virus as...
1. The PC (XP) was running very slow
2. She couldn't open Firefox despite reinstalling it.
On arrival I went into my usual malware attack mode but nothing significant showed up in the usual places. The machine really was running like a dog and a MalwareBytes quick scan looked like it was going to take several hours - time to adjust my strategy. So I start to look at the 180GB hard disk and find it's totally full up, only 100MB free. I nose around looking at what we can clean up or move to the second drive but there is nothing obvious (like loads of music/videos/pictures etc) so I run ATF Cleaner which to my amazement frees up nearly 140GB - WTF!!
I figure thats it and move on to Firefox which was comming up with "Windows cannot find 'C:\Program files\Mozilla Firefox\Firefox.exe' " ...even if you directly click the Firefox.exe icon in program files. So I google the issue and find a couple of similar issues....the fix is to edit HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe and remove the entry that resembles 'zasrakomondohui' [Debugger]
A couple of reboots later and Firefox is now sorted but its clear the machine is still running like a dog and applications are taking anything up to 30 seconds to start up. By chance I then notice that the drive is filling up again so I run Treesize which shows me that the windows\temp directory is filling up very fast. Process Monitor then leads me to something called 'Kontiki - KService.exe' which is continually writing large chunks of data to an sqlite file in the temp directory. KService/Kontiki is used by BBC iPlayer so I uninstalled it and hey presto problem solved!!
Ran MB and SAS and no problems appart from the usual cookies and the machine is now running fine.
Those two sure were a couple of wierd ones.
