I just finished restoring an old computer, win xp home, Celeron CPU 2.60GHz, 2 gb RAM. Installed MSE and the system slowed to a crawl. MSE uses about 3 times the resources of Avast. Makes a big difference on this older computer. 5 minutes to the welcome screen. So I uninstalled MSE using add/remove, intending to install Avast.

XP crashed.

Black screen said something like "Windows can not start, \windows \system32 \config \system (or maybe Systemprofile) is missing. Press f2 at the next screen". f2 wanted to put me into a restore mode, back to square 1. If I recall, there was no safe mode available. Not sure about that.

To avoid reinstalling from scratch, I used an image to restore the system with MSE still in it, and then the fun began. I uninstalled MSE manually.

MSE is honestly harder to remove than realplayer or iTunes. Some of the locked files required the use of Unlocker, and much of the registry stuff required changing permissions. None of that was mentioned in the instructions, and there was a ton of stuff leftover that was not mentioned at all. I know that an antimalware app is supposed to be hard to neutralize, but good grief, it isn't supposed to set up like concrete. You would think that microsoft would at least make an uninstaller, like other antivirus developers do. I think I saw something about one out there, and there is a "Fix it for me" option on the ms website, but I didn't want to try it, after all the first ms app gummed things up pretty good. The ms instruction sites are : http://support.micro....com/kb/2435760 and http://support.micro....com/kb/2483120

Both of them end with "Step 3: Reinstall Microsoft Security Essentials". Yep, I'll get right on that.

Anyway, the old computer is running, jogging, strolling along nicely now. Starts quickly and runs ok after it that. Not a gamer PC, but ok.

I didn't post this just to whine, but to maybe alert others and to see if anyone else has run into this issue. So a suggestion and a question.

The suggestion is to always have a recent system image handy before installing anything. I almost just trusted microsoft, after all it is their OS and their antimalware app, but instead I put in an extra 30 or 40 minutes to make a backup image beforehand. Good thing.

And the question is, have others had this kind of trouble? Google found some information about it but nothing as drastic as my situation. And I could not tell for sure if there is an effective uninstaller or not.

login I have uninstalled (and installed and re-installed) MSE many. many times on folks machines and not had an problem. Perhaps a certain set of circumstances existed at the time on your machine which gave you such a horrible time when you tried to uninstall.

Sometimes when a nasty has made things 'difficult' for installed security apps and even broken them I have used a few different tactics to uninstall. (not saying you had one !!)

I sometimes turn off the relevant applications service in services first then try uninstall. Or boot into safe mode and try uninstalling from there. I've even used Hirens to uninstall.

By the way I have used the Microsoft fix-it tool to remove it a broken MSE, it worked

As you say login, just about everyone has a horror story about uninstalling a certain piece of software and your solution is the best one......... image backup.

...Sometimes when a nasty has made things 'difficult' for installed security apps and even broken them I have used a few different tactics to uninstall. (not saying you had one !!) ...

There was some sort of trojan on that old computer, windows defender offline found it and zapped it, but that was before the reinstall process began. It was not a destructive restore, just the non-destructive option that leaves your data intact. Soooo, now I guess I better run WDO again. Might be that stealthy one that hides in the kernel and modifies the MBR.

Hiren's...didn't think of that. Good idea. Also good to know that the uninstaller usually works.

I have learned a lot during this project, thats mostly the reason for trying it. I really came to appreciate CCleaner, used it a lot as the "final cleanup" app. It is a super product, a good balance of strength and restraint.

Using MSE with WinXP is in general a slow experience like taking forever to open some folders, etc., I dumped it awhile ago myself for Avast 6.

I agree with you Andavari, MSE is too slow. I wanted it for ease of use, but it was too slow.

... Sometimes when a nasty has made things 'difficult' ...

There had been a trojan, so just for safety I ran another scan w/ Windows Defender Offline. Thanks for the info about it, Hazel.

Found out by the way that if you have a 'net connection, an out of date live CD will update. Saves coasters, but it does leave some files on your computer. Those delete easily.

Found out something that might interest HP users. I could not get the address bar in windows explorer (not IE explorer) to stay visible. Several times I opened it and moved it to where all sane persons know it should be. After a restart it was gone. Didn't matter if the toolbars were locked or not. Didn't matter that I edited the registry >gasp< and deleted itbarlayout 3 or 4 times. Address bar disappeared and reg entries came back.

Turns out that HP has released a fix that removes a little beauty called autoTkit from the startup list. AutoTkit will not allow your toolbar view to persist. AutoTkit isn't even on old HAL here, but it was on that other computer. Maybe everybody here already knew about it, but it was not easy to find, so here is a LINK. And some information HERE .

Using MSE with WinXP is in general a slow experience like taking forever to open some folders, etc., I dumped it awhile ago myself for Avast 6.

Sorry for going briefly off-topic. Andavari, I seem to recall seeing a post from you a few months ago (?) stating you were trying out Panda AV Cloud Free. Did you decide you didn't like it? I've been pretty pleased with it thus far.

Sorry for going briefly off-topic. Andavari, I seem to recall seeing a post from you a few months ago (?) stating you were trying out Panda AV Cloud Free. Did you decide you didn't like it? I've been pretty pleased with it thus far.

What do yoou like about Panda?

I must be a minority, but MSE works well for me in my two old low power systems.

I do have it set to only monitor incoming files.

I do miss a web guard though.

What do yoou like about Panda?

I must be a minority, but MSE works well for me in my two old low power systems.

I do have it set to only monitor incoming files.

I do miss a web guard though.

I tried MSE on a friend's old laptop that I reformatted and it bogged it down. With Panda Cloud, the laptop was much snappier.

My MSE doesn't even open up unless I specifically ask it to, to run a scan or whatever. It just runs its little background services

NisSrv.exe - 1,500K RAM

MsMpEng - 46,788K RAM

Seems pretty low-cost to me, at least on windows seven. I've heard it doesn't work so well on XP though.

Just happened to pass by and overheard. Am trying out the old computer.

To be fair to MSE, this old computer had more problems than I knew, and it ain't over yet.

Anyway, Avast is faster than MSE was, but it isn't a fair comparison using this machine. If it had just a little bit more horsepower, the difference would probably be negligible.

Did you know that the Windows XP Ding sound "Windows XP Ding.wav", is actually "doomp" with an almost silent p, sounds like hitting a barrel with a pipe. Why they call it ding, who can know this? It should not be confused with its nearby neighbor "ding.wav" which actually does sound like a "ding". Doomp is a bad sound and should be investigated. That's what I'm doing now. Sooo, back to the lab.

login after reading the above post I am worried about you

Is it at pc turn off time that you hear the 'doomp' ?

MSE's biggest bottleneck is the real-time protection and how it works. Funny I complain about it and go back to it time and again, and it's the easiest AV for me when doing video encoding because it's so easy to completely turn off.

Sorry for going briefly off-topic. Andavari, I seem to recall seeing a post from you a few months ago (?) stating you were trying out Panda AV Cloud Free. Did you decide you didn't like it? I've been pretty pleased with it thus far.

I stopped using Panda Cloud AV Free after using it for a good amount of time because of a bug in it. Sometimes (not always) when manually starting a system scan it would look and act as if it were doing the system scan but it wasn't, and some other little bugs/issues. To me it's still very Beta, but I think that everytime I use it.

Although Panda Cloud AV Free is probably the lightest real-time protection AV, which is good for people using underpowered netbooks and laptops, and especially old computers.

Again, no problem here on my two old XP systems (P4 1G and AMD 2000+ 2G)

Coming from AVG, they are much faster seeming. Can't comment on protection, but nothing has popped up so far. I'm careful where I surf, but would feel more comfortable with some sort of web guard.

I think it's very important to get rid of ALL previous AVs before installing.

Just my $0.02 worth.

login after reading the above post I am worried about you

Is it at pc turn off time that you hear the 'doomp' ?

Well, if it is my sanity, have no fear, I gave up on that years ago.

If it is this old computer, I intend to fix it in spite of itself, and any help is much appreciated.

Now if you get busy and can't get to it, thats OK too ... It is an interesting project, but not critical to the survival of life as we know it. Since the reinstall, there is no data on here that could cost money, and there is no evidence of surreptitious data transmission. If the project fails, however, I might not be eligible for my ubertweaker merit badge.

The doomp occurs at startup, never at shutdown. To be more specific, it is the same sound that is made when you click on the volume control slider in windows xp bottom tray. Google says it usually means that something failed to start.

It would happen between 1 and 5 times at startup, just after the system tray icons were finished loading. Could not find a pattern, and the event viewer showed no alarms.

So far, I have done these steps:

- Wrestled with the doomps for about a week, uninstalling, regediting, etc, did not succeed, so:

- Did a destructive restore operation using the HP recovery disk. This put the OS and files back on C:\ drive in its original condition, but did not touch the other partitions, including the Acronis secure zone. Don't think it put the original BIOS back (I had upgraded it). This stopped the doomps.

- installed wxp sp3, only update allowed so far.

- installed Avast, and started windows firewall.

- Uninstalled "Microsoft Plus! Digital Media Edition", its a payware teaser.

- - One doomp came back, but disappeared after a couple of restarts.

- Event viewer shows

- - one issue in system: "The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout." This is apparently GoogleUpdate.Update3COMClassService.1.0, associated with the blackhawk browser. Not sure about that.

- - And one in security: IPSec Services failed to get the complete list of network interfaces ...

- Am using tcpview to watch the connections.

The culprit may be HP's digital imaging suite. More tangled than spaghetti, I remember you mentioning that a while back. Every time you stop something you don't want, 3 other things crash.

Edit: next step, later today, is an ESET online scan. Will report back.

A few thoughts. The only thing I usually leave running at start up is a realtime av. Anything else starts when I want it to.

How is it connected to the internet, wired or wireless, dongle or network card?

Is it blue tooth enabled?

Have a quick look in the device manager and see if there are any yellow exclamation marks showing.

internet connection is by router to DSL line. Checking it now for "visitors"

--edit: no strangers.

no bluetooth

compmgmt.msc > Device Manager shows no problems now, but before the reinstall there was an issue with one of the USB devices

Does the same thing happen if you boot without keyboard and mouse plugged in?

Also using either msconfig startup tab or ccleaner startups disable everything at startup apart from your av and reboot, does it still happen?

Did a destructive restore operation using the HP recovery disk. This put the OS and files back on C:\ drive in its original condition, but did not touch the other partitions, including the Acronis secure zone. Don't think it put the original BIOS back (I had upgraded it). This stopped the doomps.

I had a sad experience of the Acronis Secure Zone.

Acronis modify the MBR so that the ASZ can be used to restore an image if Windows should die.

Bad concept - ASZ is no good if the HDD fails - then you really need a Boot Recovery CD.

I moved up from Acronis to Macrium - no regrets.

One day Windows was unbootable, with strange error messages about a missing ASZ.

I realized Acronis had BROKEN the MBR by making the boot-up process dependant upon the presence of the ASZ, even if the ASZ was not needed.

Partitiion Wizard Boot Recovery CD showed ASZ was not present, but all the partitions were.

That CD included a MBR Repair Wizard and that fixed my situation.

I do not know what a "destructive restore operation using the HP recovery disk" may do to the MBR,

but perhaps Acronis is Doomping in protest.

N.B. If you depend upon the ASZ for recovery when Windows is dead, it may be worth checking whether it is accessible since the destructive restore.

Hi, Alan. Thanks for the information. Had a similar experience here. Resolution provided at acronis forums here:

http://forum.acronis.com/forum/22159

Not altogether satisfactory, but it worked. Solution for me was, at next reinstall, did not enable the "Acronis Startup Recovery Manager". Then the f11 option didn't show up at all. IMHO it should never be enabled.

But an interesting situation exists now on this older computer. There is no Acronis software installed, but I can use the Acronis rescue CD to revert to the backups, which still exist in the secure zone. Also can use the CD to modify the partitions, as it has the disk director suite on it. But that partition business is not for the faint of heart, it is not straightforward, as you know.

I am awash in rescue CDs and coasters. The one referred to in that earlier post is one created by HP using their built in app. It worked as advertised, but didn't touch the other partitions. I think it just looks for C:\ drive to repair, or maybe looks for the bootable partition.

- - - - - - -

Hazel, I shall try unplugging those things, and also changing the startup services, then restart.

But here is another clue. Still no doomp at shutdown, but 1 at start up every time. It happens just exactly when the icon for Digital Imaging Software appears in the system tray, isn't that what the little icons in the bottom right corner are called? I think that something called HP Director is trying to start. I shall find it and stop it and try a restart.

I strongly recommend AutoRuns from SysInternals.

That can identify any startup and the publisher, and can put a stop to its evil,

so finding and killing/disabling H.P junk should be no trouble at all.

I was enraged by the way the H.P. printer software insisted upon damaging Windows Explorer.

I NEVER wanted to "Print to Web" or some such garbage, but almost every time I launched Windows Explorer it was listed on the left as a device below the Drives.

At that time I did not know about AutoRuns, so my solution was to somehow track down the guilty *.exe process

and then search for the *.exe itself, and to change the extension to TXT. (I chose not to delete in case it was essential to any needed feature)

It never again troubled me.

Alternatively use a tool that is better than Windows Task Manager by not only showing running processes, but also identifying the publisher.

ServiWin from Nirsoft - size 36 kB - my favourite

Process Explorer from Sysinternals - size 3333 kB - only when I need to.