Solved Worried about Malware tanking performance (Laptop, Windows 10)

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.
Anthony Vain

Anthony Vain

PCHF Member
May 16, 2022
30
1
21
We've had this laptop now for two years, and I've noticed during these last few months that the performance has somewhat tanked. Like earlier today I only had a browser opened, and when I went to file explorer it took a few seconds to open. To add to that, whenever i right click on file explorer it hangs (it actually hangs) for a good half a minute.

All of this led me to suspect that I may have inadvertently downloaded a malware. So I opened up Task Manager and looked at the memory used: 80 percent, which I reckon isn't normal for only having a browser on (even if it is Firefox). I then added up roughly how much megabytes all the running apps used up and came up with, and again this is very rough and I might've done this wrong, 1.3 gigabytes of memory used total out of the 4 gigabytes (I know) I had.

It's either that or the laptop's showing it's age (2 years).

Honestly, I am kind of getting scared. This laptop is precious to me and I don't want to lose it to some virus. Can you guys help?
 
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"
icon2.jpg
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.



frst disclaimer.jpg



  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
frst.jpg
Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



2016-08-12_152002.jpg




Please Attach the contents of these logs in your next post for review by our Security Team
 
Malnutrition said:
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"
icon2.jpg
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.



frst disclaimer.jpg



  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
frst.jpg
Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



2016-08-12_152002.jpg




Please Attach the contents of these logs in your next post for review by our Security Team
Click to expand...
Took a while but here they are:
 

Attachments

No need to quote the post, unless I there is a certain point that needs attention. :)

While I look over the logs, please run these two tools for me and attach the logs.

Step 1: Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Click Scan
Hit Ok.
Hit next make sure to leave all items checked, for removal.
Click Next
The Program will close all open programs to complete the removal, so save any work and hit OK.
Then hit OK after the removal process is complete, thenOK again to finish up.
Post log generated by tool.

Step2: Adware Cleaner Scan.
Adware Cleaner
  • Download AdwCleaner and save it to your Desktop
  • Right-click on AdwCleaner.exeand select
  • Spcusrh.png
    Run as Administrator
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete
  • Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
  • Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
  • Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
  • Close all other open windows and allow it to restart
  • After the restart, Notepad will open with the AdwCleaner cleaning log
  • Please Attach the contents of that log into your next reply to me
 
Uninstall these programs, with GeekUninstaller. Use force removal if needed. Items in red text are optional, if you are no longer using them I'd suggest that they go. IMO are useless and waste resources, but that is up to you.

Actually all these are optional, but one of the things you do when a machine is running the way yours is, is to remove bloatware and useless programs. The ones in regular color I highly suggest removing, they are either outdated or just plain useless.


µTorrent (HKU\S-1-5-21-3161467904-3249666141-1099399532-1001\...\uTorrent) (Version: 3.5.5.46074 - BitTorrent Inc.)
App Explorer (HKU\S-1-5-21-3161467904-3249666141-1099399532-1001\...\Host App Service) (Version: 0.273.4.186 - SweetLabs) <==== ATTENTION
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3019 - Acer Incorporated)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 17 (64-bit) (HKLM\...\{7111A3FA-CDA7-58DA-874C-94AAB58DCF67}) (Version: 17.0.0.0 - Oracle Corporation)
Web Companion (HKLM-x32\...\{4fe09d85-8190-4fdb-bb0d-fc7f39713eaf}) (Version: 7.0.2417.4248 - Lavasoft)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.179 - Symantec Corporation)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated)
ProtonVPN (HKLM-x32\...\{4C61AA40-5E08-4C1F-B353-3B0A3605E648}) (Version: 1.25.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.2) (Version: 1.25.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.16.0.4468 - Softdeluxe)
Iriun Webcam version 2.6.8 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.6.8 - Iriun)



FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

Last edited:
No problem, once you remove the programs and run the fix, we will continue from there. Your machine is being squeezed for resources by having so many items running. We have plenty of work to do on your computer...

Soon as you post the fixlog, we will check a bit deeper. :)
 
Hi. I can't seem to download the fixlist.txt file. It goes to an error page that says that it can't find it.
 
Have you removed the programs suggested, also is the machine running any better now?

ZHP cleaner Scan.


Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.

ZHP Diag Scan

Click here to download.
Save to your desktop.
Right Click Run as Admin.
Click the Options button.
Click on Check All
Then click close.
Click the Scanner button.
When complete please push the report button.
A notepad will open... attach the report in your next reply.
 
I removed the programs, yes, although there was one that the uninstaller program couldn't find, App Explorer. Also, since it was a free trial I couldn't uninstall the trace files through the app and had to do it manually through their respective directories.

It's still at 80-85 percent. A bit quicker, I noticed, but overall somewhat the same
 
Like I say we have some work to do, there is a fair amount of clutter on this machine. Continue with ZHP logs....
 
Malnutrition said:
Have you removed the programs suggested, also is the machine running any better now?

ZHP cleaner Scan.


Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.

ZHP Diag Scan

Click here to download.
Save to your desktop.
Right Click Run as Admin.
Click the Options button.
Click on Check All
Then click close.
Click the Scanner button.
When complete please push the report button.
A notepad will open... attach the report in your next reply.
Click to expand...
My PC can't run it. I get a pop up telling me that this may not be the right version for my computer.
 
After you post the ZHP diag log.

Download Malwarebytes v.4 . Install and run.
  • Once the MBAM dashboard opens, click on Settings (gear icon).
  • Click on Security tab and make sure that all four Scan options are enabled.
  • Close Settings and click on the Scan button on the dashboard.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
  • If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.
 
Ok, go ahead with the malwarebytes scan while I check over this latest log.
 
Status
Not open for further replies.
Top Bottom