Slow Laptop after a day of running

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • herrick
    PCHF Member
    • Mar 2017
    • 55

    #16
    I rerun most of the programs again and found some malwares again. Deleted them, turned off my AVG. It is fast now, maybe AVG was the issue?

    Comment

    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7045

      #17
      Please run the AVG removal tool, then reboot your machine.

      Install only one of the antivirus below. Run a full scan with it.

      SecureAplus. – If you choose this one, decline the offline AV.
      360 Total security.
      Sophos Home

      Comment

      • Malnutrition
        PCHF Moderator
        • Jul 2016
        • 7045

        #18
        FRST Fix.

        Click Here to download fixlist.

        Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

        Step 2: Full Zemana Scan.

        Zemana Deep Scan
        [ul]
        [li]
        • [/li][li]Right click on Zemana and run as admin.[/li][/ul]
          [ul]
          [li]Click the Cog/Sproket Wheel, at the top right of Zemana[/li][/ul]
          [ul]
          [li]Select Advanced - I have read the warning and wish to proceed.[/li][/ul]
          [ul]
          [li]Place a tick next to Detect Suspicious (Root CA) Certificates.[/li][/ul]
          [ul]
          [li]Then click the house icon in Zemana.[/li][/ul]
          [ul]
          [li]Then hit your start button at the lower left hand corner of your desktop.[/li][/ul]
          [ul]
          [li]Then left click on Computer.[/li][/ul]
          [ul]
          [li]Drag Local Disk C: or whichever drive you decide to check first.[/li]
          [li]Into the area of Zemana that reads Drag and drop files here to scan them.[/li][/ul]
          [ul]
          [li]http://i.imgur.com/bOVO6lY.png[/li][/ul]
          [ul]
          [li]Once the scan has completed click graph icon on the top right of the programs User interface.[/li][/ul]
          [ul]
          [li]Double click to open the latest log-file.[/li][/ul]
          [ul]
          [li]Copy it to your clipboard.[/li][/ul]
          [ul]
          [li]Post the log here in your next reply.[/li][/ul]


        Step 3: Zhp Diag…

        If you can run the tool in safe mode for me, please do so and post the log. If it will not run even in safe mode, then we will use UVS…


        Download uVS English Version To your desktop
        Create a new folder on desktop.
        Unzip it there.
        Right click Start [MEDIA=imgur]L8goZMW[/MEDIA] and run as admin.
        Select start under current User.
        [MEDIA=imgur]4XlNKga[/MEDIA]
        Then Select File. [MEDIA=imgur]iDTfLbb[/MEDIA]
        The Select: Save Os Image with Checking digitial Signature (Slow)
        [MEDIA=imgur]CRn1knJ[/MEDIA]
        Allow completion this can take some time.
        Then go back to the folder where you Saved – Unzipped – UVS
        Upload your system image. Here in your next reply.
        It will look something similar to this.
        [MEDIA=imgur]tBCHqxH[/MEDIA]

        Step 4: Adware Removal Tool Scan.

        Adware Removal Tool Scan.

        Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.



        Hit Ok.



        Hit next make sure to leave all items checked, for removal.



        The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

        Security Check Scan.

        [ul]
        [li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]

        Comment

        • Malnutrition
          PCHF Moderator
          • Jul 2016
          • 7045

          #19
          Originally posted by herrick
          Hmm the last part which is autologger gave me this(pic attached).
          Is that normal? which one should I choose?
          Here is the english version of Autologger as well…

          Comment

          • herrick
            PCHF Member
            • Mar 2017
            • 55

            #20
            full scanning with zemana right now

            Comment

            • herrick
              PCHF Member
              • Mar 2017
              • 55

              #21
              Zemana AntiMalware 2.72.189.176 (Installed)


              Scan Result : Completed
              Scan Date : 2017/4/2
              Operating System : Windows 10 64-bit
              Processor : 4X Intel(R) Core™ i5-7200U CPU @ 2.50GHz
              BIOS Mode : Legacy
              CUID : 1289C2927D06753BB71BC6
              Scan Type : Custom Scan
              Duration : 52m 48s
              Scanned Objects : 216505
              Detected Objects : 0
              Excluded Objects : 4
              Read Level : Normal
              Auto Upload : Enabled
              Detect All Extensions : Disabled
              Scan Documents : Disabled
              Domain Info : WORKGROUP,0,2
              [HEADING=1]Detected Objects[/HEADING]
              No threats detected

              Comment

              • herrick
                PCHF Member
                • Mar 2017
                • 55

                #22
                zhp still doesnt work on safe mode so i used this. The other log is coming (scanning atm)

                Comment

                • herrick
                  PCHF Member
                  • Mar 2017
                  • 55

                  #23
                  SecurityCheck by glax24 & Severnyj v.1.4.0.47 [25.03.17]
                  WebSite: www.safezone.cc
                  DateLog: 02.04.2017 13:57:38
                  Path starting: C:\Users\ASUS\AppData\Local\Temp\SecurityCheck\Sec urityCheck.exe
                  Log directory: C:\SecurityCheck
                  IsAdmin: True
                  User: ASUS
                  VersionXML: 4.05is-25.03.2017


                  Windows 10(6.3.14393) (x64) Enterprise Lang: English(0809)
                  Installation date OS: 15.08.2016 07:17:37
                  LicenseStatus: Office 16, Office16ProjectProVL_KMS_Client edition Volume activation will expire : 191687 minutes
                  LicenseStatus: Office 16, Office16VisioProVL_KMS_Client edition Volume activation will expire : 191687 minutes
                  LicenseStatus: Windows(R), Enterprise edition Windows is in Notification mode
                  LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 191688 minutes
                  Boot Mode: Normal
                  Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                  SystemDrive: C: FS: [NTFS] Capacity: [124.1 Gb] Used: [47.7 Gb] Free: [76.4 Gb]
                  ------------------------------- [ Windows ] -------------------------------
                  Internet Explorer 11.953.14393.0
                  User Account Control enabled

                  Windows Update (wuauserv) - The service is running
                  Security Center (wscsvc) - The service is running
                  Remote Registry (RemoteRegistry) - The service has stopped
                  SSDP Discovery (SSDPSRV) - The service has stopped
                  Remote Desktop Services (TermService) - The service has stopped
                  Windows Remote Management (WS-Management) (WinRM) - The service has stopped
                  ---------------------------- [ Antivirus_WMI ] ----------------------------
                  Windows Defender (disabled and up to date)
                  360 Total Security (disabled)
                  --------------------------- [ FirewallWindows ] ---------------------------
                  Windows Firewall (MpsSvc) - The service is running
                  --------------------------- [ AntiSpyware_WMI ] ---------------------------
                  Windows Defender (disabled and up to date)
                  360 Total Security (disabled)
                  ---------------------- [ AntiVirusFirewallInstall ] -----------------------
                  360 Total Security v.9.0.0.1146
                  ESET Online Scanner v3
                  -------------------------- [ SecurityUtilities ] --------------------------
                  Zemana AntiMalware v.2.72.0.176
                  --------------------------- [ OtherUtilities ] ----------------------------
                  WinRAR 5.20 (64-bit) v.5.20.0 Warning! Download Update
                  --------------------------------- [ IM ] ----------------------------------
                  Skype™ 7.32 v.7.32.104 Warning! Download Update
                  ^Optional update.[1]
                  ---------------------------- [ ProxyAndVPNs ] -----------------------------
                  Hotspot Shield 6.5.2 v.6.5.2 Warning! This app can show ads.
                  Hotspot Shield Service (hshld) - The service has stopped
                  --------------------------- [ AdobeProduction ] ---------------------------
                  Adobe Flash Player 23 NPAPI v.23.0.0.185 Warning! Download Update
                  Adobe Reader XI v.11.0.00 Warning! Download Update
                  ^Please run Adobe Reader XI and go Help - Check for updates…[2]
                  ------------------------------- [ Browser ] -------------------------------
                  Google Chrome v.57.0.2987.133
                  Mozilla Firefox 49.0 (x86 en-US) v.49.0 Warning! Download Update
                  --------------------------- [ RunningProcess ] ----------------------------
                  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.57.0.2987.133
                  ------------------ [ AntivirusFirewallProcessServices ] -------------------
                  Windows Defender Service (WinDefend) - The service has stopped
                  Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
                  ZAM Controller Service (ZAMSvc) - The service has stopped
                  360 Total Security (QHActiveDefense) - The service is running
                  C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe v.9.0.0.1002
                  C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe v.8.2.0.1000
                  C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe v.9.0.0.1012
                  ----------------------------- [ End of Log ] ------------------------------

                  1. /b ↩︎
                  2. /b ↩︎

                  Comment

                  • herrick
                    PCHF Member
                    • Mar 2017
                    • 55

                    #24
                    weird autologger still gave me that weird language

                    Comment

                    • herrick
                      PCHF Member
                      • Mar 2017
                      • 55

                      #25
                      i guess thats all except for autologger

                      Comment

                      • herrick
                        PCHF Member
                        • Mar 2017
                        • 55

                        #26
                        updated most of the stuff except skype.
                        downloaded adobe reader and went to help check for update, downloaded the update but failed at the installing.
                        After that it says check for update later.

                        Computer is faster and not slowing down after a day anymore. Thank you!

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7045

                          #27
                          Universal Virus Sniffer Fix.

                          [ul]
                          [li]Create A Restore Point![/li][li]Close All Other Open Programs!![/li]
                          [li]Copy the content of the CodeBox below to your clipboard.[/li]
                          [li]Open the folder where you have UVS installed. [/li]
                          [li]Right Click On Start and Run as admin.[/li][li]Select Start Under The Current User.[/li][li]Then Select Script.[/li][li]Then Execute Script From ClipBoard.[/li][li]After your machine reboots.[/li][li]Open the folder where UVS is installed.[/li][li]You will find a file named similar to the one below. [/li]
                          [li]2017-02-06_21-00-34_log[/li][li]Open it and copy then entire content post it here.[/li][/ul]

                          [ICODE];uVS v3.87 [dsrt.dyndns.org] ;Target OS: NTv10.0 v385c delref {35EF4182-F900-4632-B072-8639E4478A61}\[CLSID] delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID] delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID] delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID] delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID] delref {88D969C0-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C1-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C2-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C3-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C4-F192-11D4-A65F-0040963251E5}\[CLSID] delref {88D969C5-F192-11D4-A65F-0040963251E5}\[CLSID] delref {8AD9C840-044E-11D1-B3E9-00805F499D93}\[CLSID] delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID] delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID] delref {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}\[CLSID] delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID] delref {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}\[CLSID] deltmp restart[/ICODE]

                          Malwarebytes Scan.


                          Download MalwareBytes Anti-Malware : https://www.malwarebytes.com/mwb-download/ take the free version ( on the left )
                          Perform the installation
                          Uncheck “Enable Free Trial of Malwarebytes Anti-Malware Premium” if it’s asked
                          Malwarebytes will update, let this update,
                          Click on the “Settings” tab and then on the “Detection and Protection” tab, Check the box “Search for Rootkits”
                          Click on the “Analysis” tab and then on “Start analysis”
                          Once the review is complete, check that all detections are checked and then click [Delete Selection]
                          If Malwarebytes asks you to restart your PC, click “Yes”,
                          When restarting your PC, restarts Malwarebytes
                          Opens the “History” tab and then “Application logs”
                          Double click on the last Scan Log in date (the one above)
                          At the bottom click [Export] → select “Text file (* .txt)”
                          In the explorer selects the desktop, name it mbam.txt, click [Save]

                          copy/paste the content of the report in your next reply

                          Comment

                          • herrick
                            PCHF Member
                            • Mar 2017
                            • 55

                            #28
                            where can i find my clipboard? windows 10 btw (sry if that sound silly)
                            I have created my restore point

                            Comment

                            • herrick
                              PCHF Member
                              • Mar 2017
                              • 55

                              #29
                              theres an option said execute script from a file, can i jst put it on my notepad and execute that?

                              Comment

                              • Malnutrition
                                PCHF Moderator
                                • Jul 2016
                                • 7045

                                #30
                                Copy the content of the CodeBox below to your clipboard.

                                That means just highlight the content of the code box, then copy it. That will place in on your clipboard. Then you can follow the instructions.

                                Comment

                                Working...