computor may be infected (very very slow)

Discussion in 'Malware Help (A Specialist Will Reply)' started by hogdigerdy, Aug 29, 2008.

  1. hogdigerdy

    hogdigerdy Private E-2

    hi all :)
    i am working on my dads PC which is very slow indeed it takes at least 15 mins to load on start up and all processes take 3/4 mins to load each, as and when i use them.
    the folks live abroad 8 months a year due to health isues and the pc is used by my sister and nieces who live next door theres also a lodger who has access to the pc. i generaly dont us it as i have my own but the pater was going nuts cos his computor is so slow and it wasn,t when he left it.:(
    i have run the read & run me scans and will attach the files to this and another message to follow
    please help as i have run out of ideas no viruses were found in any of the scans
    yours with thanks hogiderdy:confused
     

    Attached Files:

    hogdigerdy, Aug 29, 2008
    #1
  2. hogdigerdy

    hogdigerdy Private E-2

    and heres the sas log

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 08/28/2008 at 03:53 PM

    Application Version : 4.20.1046

    Core Rules Database Version : 3550
    Trace Rules Database Version: 1538

    Scan type : Complete Scan
    Total Scan Time : 00:33:26

    Memory items scanned : 353
    Memory threats detected : 0
    Registry items scanned : 4336
    Registry threats detected : 0
    File items scanned : 15517
    File threats detected : 0

    and malewarebytes log

    Malwarebytes' Anti-Malware 1.25
    Database version: 1092
    Windows 5.1.2600 Service Pack 3

    18:29:22 28/08/2008
    mbam-log-08-28-2008 (18-29-22).txt

    Scan type: Quick Scan
    Objects scanned: 40633
    Time elapsed: 7 minute(s), 38 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    hope someone can help cos as i said i,m stumped
    thanks hogdigerdy
     
    hogdigerdy, Aug 29, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The problem is not malware. The problem is that you have about 1/4 of the amount of RAM that I would recommend for running WIndows XP properly. You only have 256 MB of RAM and only about 33 MB free. Everything you do is going to run slow because of this.
     
    chaslang, Aug 29, 2008
    #3
  4. hogdigerdy

    hogdigerdy Private E-2

    hi chaslang

    :eek: i should have checked that (the pater's pc is newer than mine and i assumed it was of a higher spec, assumption being the mother of all cock-ups).
    here's a good lesson in looking at the whole picture and not being blinded by maleware,rolleyes
    i think a visit to crucial.com to see what's available in the memory upgrade department is in order

    thanks for your speedy answer
    hogdigerdy
     
    hogdigerdy, Aug 30, 2008
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.


    Now we need to cleanup some items from running ComboFix.

    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.



    Now it is time to do our final steps:
    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significan amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix.
    3. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. After doing the above, you should work thru the below link:
     
    chaslang, Aug 30, 2008
    #5
  6. hogdigerdy

    hogdigerdy Private E-2

    hi chaslang

    the fixme.reg merger worket fine, recived 'are you sure you want to message' clicked yes then a 'completed process message' afterwords

    then entered "%userprofile%\Desktop\combofix" /u into start & run and recived a 'warning windows cannot access the specified device,path or file no permission access denied'
    then AVG warning saying 'potentialy harmfull program HideExec.EV' file name C:\327882R2FWJFW\hidec.exe clicked allow and recived the program uninstalled message
    i think the combofix uninstall worked despite the warnings as i can no longer find any reference to it on the pc, and i did recive the program uninstalled message

    then followed the steps to remove HJT & the rest of MGtools

    have read and passed on the info in How to Protect yourself from malware!
    thanks once again for your time and help
    hogdigerdy
     
    hogdigerdy, Aug 31, 2008
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Aug 31, 2008
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds