Logs from Sloow Computer -- Thank You!

Discussion in 'Malware Help (A Specialist Will Reply)' started by rabbitz, Jan 8, 2015.

  1. rabbitz

    rabbitz Private E-2

    Hi There,

    I offered to help my neighbor with her computer. It runs slooowly when doing anything -- trying to click on text boxes, opening stuff, etc.

    I followed everything in the Read Me First instructions and have attached the resulting logs.

    Thank you so much for your help!
     

    Attached Files:

    rabbitz, Jan 8, 2015
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Rerun Hitman and have it fix everything it finds. Reboot and rescan with Hitman and attach a new log.
     
    TimW, Jan 8, 2015
    #2
  3. rabbitz

    rabbitz Private E-2

    So sorry if this gets posted twice. Thanks so much for the fast response! Here's the log from Hitman Pro -- looks like it's clean.
     

    Attached Files:

    rabbitz, Jan 8, 2015
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Download OTM by Old Timer and save it to your Desktop.


    Code:
    :Processes
explorer.exe

:files
C:\ProgramData\McAfee Security Scan
C:\AVGTemp

:reg
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{69192C57-82B7-4237-8C31-FF3754270F13}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CB23AC58-765F-49BD-8759-F615BD011D65}]

:Commands
[purity]
[ResetHosts]
[emptytemp]
[start explorer]
[Reboot]
    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
    • Push the large http://farm3.static.flickr.com/2782/4174320048_f01c448b32_o.png button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

    Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach this log file to your next message.

    NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and attach that document back here in your next post.

    Make sure you tell me how things are running now.
     
    TimW, Jan 8, 2015
    #4
  5. rabbitz

    rabbitz Private E-2

    The computer seems to alternate between fast and slow. Sometimes it sounds like the HDD is just running and running and everything gets hung up. (Like it took like a minute for the computer to let me finish this sentence.)

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== FILES ==========
    C:\ProgramData\McAfee Security Scan\Extensions folder moved successfully.
    C:\ProgramData\McAfee Security Scan folder moved successfully.
    C:\AVGTemp\delrepwv_en folder moved successfully.
    C:\AVGTemp folder moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{69192C57-82B7-4237-8C31-FF3754270F13}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69192C57-82B7-4237-8C31-FF3754270F13}\ not found.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CB23AC58-765F-49BD-8759-F615BD011D65}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB23AC58-765F-49BD-8759-F615BD011D65}\ not found.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: Administrator

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 2879 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: jabke
    ->Temp folder emptied: 549 bytes
    ->Temporary Internet Files folder emptied: 5260203 bytes
    ->Java cache emptied: 3354813 bytes
    ->FireFox cache emptied: 49872687 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 718 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 4732 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 44532 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42899632 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 97.00 mb


    OTM by OldTimer - Version 3.1.21.0 log created on 01082015_153526

    Files moved on Reboot...
    File move failed. C:\Users\jabke\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
    File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
     
    rabbitz, Jan 8, 2015
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your issues are not malware. I suggest you post in the software forum for further assistance with your slowness issues.

    When you post, include these questions/answers:

    * Is boot up slow?
    * Is shutdown slow?
    * Is browsing/surfing slow?
    * Is downloading slow?
    * Is running any application?
    * Is it also slow in safe boot mode?
    * Also are any process showing in Task Manager to be using a lot of CPU time?
    * Anything else slow?


    Since you are not having any malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
      • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore
      • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
      • Then we want you to Enable System Restore to create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    TimW, Jan 8, 2015
    #6
  7. rabbitz

    rabbitz Private E-2

    Thank you very much! I will go over to software and see what I can do.

    I have a suggestion for something that might be helpful to add to the "since you don't have malware" section -- it doesn't mention re-hiding the hidden files, folders and drives. I'm assuming that's important for new users.

    Thanks again!
     
    rabbitz, Jan 8, 2015
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    When you run the cleanup bat, the hidden files re-hide. ;)
     
    TimW, Jan 8, 2015
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds