Programs open very slow and soon don't respond.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by timhan23, Mar 3, 2013.

  1. timhan23

    timhan23 Private E-2

    Goodevening gentlemen, thank you for taking the time to look at my files. If you are able to guide me through fixing this system it would be a major time saver for me and very much appreciated. I've not experienced a major meltdown like this before.

    Briefly, finger scan is recognized, Win7 starts to load and it asks me to log on with my password, biometric is not working. So I do, and eventually the os loads. Dialog boxes take a vrey long time to respond and programs when they open usually stop responding fairly soon. A little IObit tool says I am using <4% CPU and ~60% ram. I have no restore pionts?! I don't remember turning system restore off either.

    Interestingly everything seems to work ok in safe mode. Fearing the worst I have backed up many files to an external USB3 hard drive. Hopefully I didn't transfer any malware with them. I ran all the scans in safe mode assuming they wouldn't run any better, then I thought I should try, but saw where you instruct not to run scans twice. I discovered there may have been some anti virus software services (adaware) running in the background when I ran all but the MGTools scan.

    I have to use the power button to shut down when I start in normal mode.
    I hope this is fixable, the anxiety is killing me, we all rely on our computers so much these days.

    HP workbook, Intel Core I5 M560 @ 2.67GHz, 4GB ram, Win7 Pro x64
     

    Attached Files:

    timhan23, Mar 3, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    To properly access your problems, we really need logs from normal bootmode not safe boot mode. After all, your problems do not occur in safe boot mode. However, your problems may not be due to malware since your logs do not show any. Only some nusiance junkware. So let's try a couple things to see if your protection software is the source of your problems especially since you have too many installed and also have multiple antivirus programs which the instructions clearly stated not to have.

    Please follow all steps below in the order written.

    Uninstall ALL of the below:
    Ad-Aware Antivirus
    Ad-Aware Browsing Protection
    Advanced SystemCare 6
    Ask Toolbar
    Spybot - Search & Destroy
    ZoneAlarm Antivirus
    ZoneAlarm DataLock
    ZoneAlarm Extreme Security
    ZoneAlarm Firewall
    ZoneAlarm Security

    Then reboot your PC and make sure that you are in normal boot mode!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Mar 3, 2013
    #2
  3. timhan23

    timhan23 Private E-2

    Good morning Chaslang! O.K., don't laugh, but I am such a newbee to forums, never having used one before, that I was actually under the impression that someone would get back to me via email, then I would respond, and somehow it would get posted here. I know, pretty bad, but I am a little more up to speed now!

    And I am very happy to report that you have already fixed my machine!! I am soooo happy about this! Thank you sooo much! I was thinking I would probably have to revert to the HP drive image on a separate partition, if it would even work, and I would have redo the last two years of programs and settings all over again. And I almost caught myself thinking "you have no idea of how much time you saved me" but immediately caught myself and realized, of course you do!

    I realize there is still some clean up and resetting of things to do but it is probably minimal.

    A few insights;
    1) I think I may have caused this when I right click context menu option to scan a file. I think it may have turned on an anti virus program that was off and that could have been one too many. Maybe.

    2) Just a few days or so prior to my problems I had somehow copied a huge music and pictures file on my hard drive (to a second place on my same drive) while I was trying to back it up. I then deleted it, and so much file movement had wiped out my restore points.

    Everything uninstalled fine except Ask toolbar. It doesn't show up in Windows uninstall or even Revo. I don't see it as an extension or in settings for Chrome so I will need a little more help finding it.

    Sorry you were waiting for me after you got back to me so fast.

    Again thank you again for doing so well what you do, my whole month would have been miserable.
     

    Attached Files:

    timhan23, Mar 5, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    The below will remove the rest of it.

    Please download OTM by Old Timer and save it to your Desktop.
    • Run it by double clicking on it (Note: if using Vista, Win7, or Win8, don't double click, use right click and select Run As Administrator).
    • Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
      (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
      the code box
    Code:
    :Processes
explorer.exe
:Files
C:\Program Files (x86)\Ask.com
C:\Users\Mark\AppData\Local\Temp\*.*

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}"=-
:Commands
[purity]
[EmptyTemp]
[start explorer]
[Reboot]
    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
      ) and choose Paste.
    • Now click the large [​IMG] button.
    • If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
    • Close OTM.
    Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
    saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
    this log file to your next message.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • the C:\_OTM\MovedFiles log
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Mar 6, 2013
    #4
  5. timhan23

    timhan23 Private E-2

    Thank you for the very clear instructions. I am very impressed by anyone who can come up with block of text like that that actually does something you want it too. It all went well and the files are attached.

    The machine is running fabulously at this point. My depression is gone!
     

    Attached Files:

    timhan23, Mar 6, 2013
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Your logs are clean.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    3. Go back to step 4 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    5. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 6 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    chaslang, Mar 6, 2013
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds