My friend has a Toshiba NB-500 netbook:
CPU: x86_64 Intel(R) Atom(TM) CPU N455 @ 1.66GHz RAM: 1GB HDD: 5400rpm - 320 GB OS: Windows 10 (upgraded from pre-installed windows 7 starter)
The problem is the slowness: the system is really not usable.
So after cleaning auto run boot applications, and services from msconfig, I've tried to scan it with various adware scanners (RKill, TDSSkiller, adwcleaner, malware bytes am, and so on...) nothing found.
I've also performed a scan with the installed antivirus, Avast: nothing found. Then I removed it and activate the default MS Win Defender, launched a scan, but nothing found that time too.
Finally, I scanned it with ClamAV working form a USB booted Linux live system and obtained the following results:
/mnt/sda2/Program Files/Adobe/Reader 9.0/Reader/reader_sl.exe: Win.Trojan.Decay-453 FOUND /mnt/sda2/Program Files/Mobile Partner/AutoRun/AutoRunSetup.exe: Win.Trojan.Katusha-600 FOUND /mnt/sda2/Program Files/Mobile Partner/SkinMagicU.dll: Win.Trojan.Ramnit-7199 FOUND /mnt/sda2/ProgramData/DatacardService/DCService.exe: Win.Trojan.Katusha-600 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 4824952 Engine version: 0.99.2 Scanned directories: 26173 Scanned files: 147551 Infected files: 4 Total errors: 8 Data scanned: 22485.68 MB Data read: 27043.46 MB (ratio 0.83:1) Time: 14972.820 sec (249 m 32 s)
I doubt that they are false positives. How can I verify it?
May be by md5sum? could you suggest some procedure?
Thanks a lot in advance!