Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer being slow


  • Please log in to reply
13 replies to this topic

#1 ciela

ciela

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 05 January 2016 - 11:10 PM

Hi, after a long time, my laptop turns to be slow. I think one of the cause is that it is infected.

 

Please help me to check my laptop.



BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 06 January 2016 - 09:41 AM

Ciela:

:welcome: to the Bleeping Computer Am I Infected? - What Do I Do? Forum. My name is Phil. If you would permit me, I would like to address you by your first name, since we will be working together to scan your computer.

There are reasons for a computer to slow down that are not related to malware, adware, viruses, Potentially Unwanted Programs (PUPs), etc., but let's run a few scans to see if we can eliminate the possibility that your computer is infected.


:step1:
ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

*Click this link to open ESET OnlineScan.
* Place a checkmark next to "Yes, I accept the Terms of Use", then click the greenstart.png button.
* When prompted allow the Add-On/Active X to install.
* In the new window that opens, tic the radio button next to Enable detection of potentially unwanted applications.
* Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):

  • Remove found threats
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

*Then click the shieldstart.png button and ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
*When the scan completes, click List Found Threats (only if anything is found).
*Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
*Click back.png, then click finish.png to exit ESET Online Scanner.

Don't forget to re-enable your antivirus when finished!



:step2:
Download and install Malwarebytes Anti-Malware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mbam-setup-2.2.*.****.exe and follow the prompts to install the program ( * = program version numbers may vary - always get the latest version).
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard
  • Paste the contents of the clipboard into your next reply.

 

 

 

:step3:
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait for it to complete the update.
  • Click on I Agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

I would like you to paste the logs from all three scans into your next reply. I will examine those and determine what our next step should be. If there is evidence of serious infection, you might have to open a new thread in the Virus, Trojan, Spyware and Malware Removal Logs Forum, but let's not get ahead of ourselves yet. Many less serious issues can be solved right here, in this Forum.

If I haven't responded to your reply in 24 hours, please send me a personal message.

Have a great day.

Regards,
-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#3 ciela

ciela
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 06 January 2016 - 01:14 PM

Thanks very much Phil, my name is Bao.

 

Coincidently, I've got some serious works that need the laptop for a while. I will accomplish the scan as soon as possible as your instructions  :guitar:


Edited by ciela, 06 January 2016 - 01:15 PM.


#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 06 January 2016 - 01:18 PM

Bao:

 

Thank you for your post, and for permission to address you by your first name.

 

Take the time you need to do your work.  I will be waiting for you when you get the time to do the scans and post the scan results.

 

Have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#5 ciela

ciela
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 08 January 2016 - 03:36 AM

So I've finished it. There're no threats for Malwarebyte and Adwcleaner, however ESET found some.

 

ESET Log:

C:\Users\Bao\AppData\Roaming\mgyun\VRoot\AppCool.apk a variant of Android/Spy.Agent.BN trojan deleted
C:\Users\Bao\AppData\Roaming\mgyun\VRoot\CleanMaster.apk a variant of Android/Spy.Agent.LD trojan deleted
C:\Users\Bao\AppData\Roaming\mgyun\VRoot\com.mgyun.superuser.apk a variant of Android/Spy.Agent.GR trojan deleted
C:\Users\Bao\Downloads\ProxHTTPSProxyMII.zip a variant of Win32/GoAgent.B potentially unsafe application deleted
C:\Windows\Installer\1024c3bd.msi Win32/PrcView potentially unsafe application deleted
C:\Windows\Installer\MSI5D57.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted
D:\Games\Age of Empires\WIDE\AoE2WideSetup.msi Win32/PrcView potentially unsafe application deleted
D:\Games\Age of Empires\WIDE\Process.exe Win32/PrcView potentially unsafe application deleted
D:\SkyDrive\vns2\others\SinhVienIT.Net--KEYGEN-Winrar.rar a variant of Win32/Keygen.AI potentially unsafe application deleted
E:\Download Vault\Compressed\IDM6.18build12-2014.1.19.zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
E:\Download Vault\Compressed\I_D_M 6.17 build 6.zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
E:\Download Vault\Compressed\I_D_M 6.18 build 7 - [24.11.2013 FIXED FULL].zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
E:\Download Vault\Compressed\I_D_M 6.18 build 7.zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
E:\Download Vault\Compressed\SinhVienIT.Net--KEYGEN-Winrar.rar a variant of Win32/Keygen.AI potentially unsafe application deleted
E:\Download Vault\Compressed\SopCast.zip a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted
E:\Download Vault\Compressed\SopCast_2.zip a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted
E:\Download Vault\Compressed\[thuthuat.chiplove.biz]-IDM6.19.zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
E:\Download Vault\EGDownload\Softwares\netcut.exe a variant of Win32/NetTool.Netcut.A potentially unsafe application deleted
E:\Download Vault\Programs\drivermax_7_37_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted
E:\Download Vault\Programs\drivermax_7_42_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted
E:\Download Vault\Programs\FoxitReader606.0722_enu_Setup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted
E:\Download Vault\Programs\SmartDriverUpdater.exe multiple threats cleaned by deleting
E:\Games\AOC 1.0c\AOE2-WideScreen.zip Win32/PrcView potentially unsafe application deleted
E:\Office iso\64-bit\Microsoft Toolkit.exe a variant of MSIL/HackKMS.G potentially unsafe application deleted
E:\VertrigoServ\www\ctd\img_upload\temp\error\error.log probably a variant of Perl/RemoteAdmin.Cgi-telnet.A potentially unsafe application deleted
 
 
MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/8/2016
Scan Time: 2:20 PM
Logfile: mb.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.08.02
Rootkit Database: v2016.01.05.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Bao
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 915643
Time Elapsed: 1 hr, 7 min, 32 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
AdwCleaner:
# AdwCleaner v5.028 - Logfile created 08/01/2016 at 00:30:22
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 8.1 Enterprise  (x64)
# Username : Bao - BAO-PC
# Running from : C:\Users\Bao\Desktop\Malware Actions\adwcleaner_5.028.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [584 bytes] ##########
 


#6 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 08 January 2016 - 11:50 AM

Bao:

Thank you for the logs. How is your computer running now?

Have a great day.

Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators


#7 ciela

ciela
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 08 January 2016 - 01:27 PM

I can see it is stabler, CPU consumption is lesser.

 

But before we come to end, could you please recommend me some of junk files removal tools / softwares so I can clear the laptop better? CCleaner isn't an option.

 

Nice day, Phil.

 

Regards,

Bao



#8 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 08 January 2016 - 04:08 PM

Bao:

 

Thank you for your post.  I am really happy that your computer is running better.   :)

 

You don't explain why CCleaner is not an option.  That is what I personally use on my computers and install on all computers that come to me for "tune-ups."  Be very wary of "disk optimizers", "registry cleaners", and the like.  Bleeping Computer (and I) do NOT recommend them.  Even with CCleaner, use only their "cleaner" part.  I would not recommend using the "Registry Cleaner."

 

I see that you are running Windows 8.1, from one of your scan logs, so that eliminates TFC (Temporary File Cleaner) as an option, since it is designed to work on Windows 7 and older versions of Windows.  It is dangerous to run it on later versions of Windows.

 

Windows 8.1 has its own disk clean up utility.  Open up File Explorer, select your C:\ drive, right click, and select Properties, at the bottom of the pop-up list.  Then click the "Disk Cleanup" button.  That will take you to another box where you have the option to click the button "Clean Up System Files".  I just used that utility a couple of weeks ago to delete 33 GB of stuff out of my wife's computer.  Her computer is running much faster now.

 

Defragmenting your hard disk, using the Windows Defragementer (right click the drive, "Properties", and then "Tools", will also help improve the speed of your PC.  Do NOT run a defragmenter utility on an SSD.

 

If you have any other specific questions about software programs you are considering, please let me know and I will provide you with advice.  Most importantly, don't believe the promises of a fast PC that you read on so many websites.  They are just trying to sell you their product and you could seriously damage your computer if you purchase and use them, depending upon the product, and you could also spend a lot of money for nothing but to damage your computer.

 

Have a great day, Bao.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#9 ciela

ciela
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 09 January 2016 - 03:31 AM

Thank you, very nice information. I don't trust any advertisements.

 

The last question is, what pair of antivirus - antimalware should be used ?

I bought Kaspersky a year ago, it ran fine. But I don't really like its user interface, very laggy. Then I changed to Bitdefender, but it is also lack of custom functions and even harder to use. I've used several softwares but they are nowhere near my expectation.

Windows defender of Microsoft is worst out of those.

 

Regardless of user's consciousness, I think they still have a good software our there.

 

Regards,

Bao


Edited by ciela, 09 January 2016 - 03:36 AM.


#10 alatta01

alatta01

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:33 AM

Posted 09 January 2016 - 09:40 AM

Hello - 1st post, but 30+ years in this industry. With all due respect to all of the great responders here - the first question to ask after someone says "My computer is running slow" is - What is the CPU model, RAM and OS version + 32/64?

 

All of the Big Box stores currently sell computers with a Passmark benchmark around and below 600. Brand new, out of box, a system like that will never be fast. Add a bloated AV program and you have a really slow computer, day one. (performance of any system can be enhanced w/SSD)

 

IT would be a good idea for Bleeping Computer to add those fields to their question submission forms. Hope that helps some.



#11 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 09 January 2016 - 10:53 AM

Bao:

 

Thank you for your email.  Regarding which anti-virus and anti-malware should you use, that is a personal preference.  I myself use Bitdefender Total Security coupled with Malwarebytes Anti-Malware Premium and Malwarebytes Anti-Exploit Premium, but that is just what I personally use.  BC does not endorse a specific combination because it is dependent on the user's preferences and computer/operating system.

 

Quietman7, the acknowledged expert on security software here at Bleeping Computer, has an excellent post here that provides extensive information on anti-virus and anti-malware products.

 

Have a great day, Bao.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#12 ciela

ciela
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:33 PM

Posted 10 January 2016 - 05:29 AM

Thanks for the link Phil, I think we could end it here.

I'm very pleased with your help. Have a great day.

 

Regards.

 

@alatta01: No, my problem doesn't go to those categories. I'm aware of the reasons my computer being slow.


Edited by ciela, 10 January 2016 - 05:29 AM.


#13 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:12:33 PM

Posted 10 January 2016 - 12:20 PM

Bao:

 

Thank you for writing to express your appreciation.  It was my pleasure to be able to assist you.  Thank you for choosing the Bleeping Computer community to assist you in solving your computer issues.  Have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#14 alatta01

alatta01

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:33 AM

Posted 10 January 2016 - 12:32 PM

Thanks for the link Phil, I think we could end it here.

I'm very pleased with your help. Have a great day.

 

Regards.

 

@alatta01: No, my problem doesn't go to those categories. I'm aware of the reasons my computer being slow.

 

If you were aware of the reasons your system were slow, or the importance of the specs I mentioned, you wouldn't have the need to post here...






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users