Computer gets IMMENESLY slow after 2-5 hours

Hi!

I’ve been experiencing problems with malware issues lately, snap.do is one of them. My browser was infected with inappropiate pop-ups and pictures, and after a while my computer would get extremly slow from nowhere, making it impossible to do almost anything(one solution - to reboot). I’ve used programs like Spybot - Search and destroy, Ccleaner, Malwarebytes Anti-Malware, Kaspersky, Hitman Pro, AdwCleaner, Norton Antivirus and Ad-aware(been following the great instructions from the thread on http://forum.avast.com/index.php?topic=53253.0)

This helped me getting rid of the browser problems and a lot of other malicious content.
My ONLY problem now is that my computer gets crazy slow after about 3-5 hours, and I do believe it’s something that’s been left out by the above mentioned programs, and I have no idea what.

I’ve ran a OTL scan, and a aswMBR scan. I will attach both documents, and I would very much appreciate all the help I could get on this matter!

Cheers!

aswMBR scan

Try this and let me know if it eases the problem

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-990628065-1522347148-1315509720-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-990628065-1522347148-1315509720-1001\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O16:64bit: - DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - Winlogon\Notify\fdewuqe: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\fdewuqe.dll) - File not found
[2013/08/29 21:01:35 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
@Alternate Data Stream - 1194 bytes -> C:\ProgramData\Microsoft:fandDvVCE2K0fzM4XoOdRtuMV
@Alternate Data Stream - 1148 bytes -> C:\Program Files\Common Files\System:jbQjUdrU3716VxJWiK7JqrM
@Alternate Data Stream - 1144 bytes -> C:\ProgramData\Microsoft:UtjFsw2UPuPEU5dt7rFFE
@Alternate Data Stream - 1045 bytes -> C:\Users\Fredrik\AppData\Local\Temp:sWoCOLwwgL3kiHh9Ko8DvB53c9r

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Thank you for getting back so quickly!

I’ve followed the instructions above, I’m attaching the Quick scan log.

I have yet to see if this solved it, and I will get back as soon as possible if the same problem occurs again.

OK the ADS have returned so I will need to dig deeper and harder

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Computer seems to work like a charm after the OTL process!
No slowing down at all.

Thanks a bunch!

In that case forget the Combofix run and do this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
@Alternate Data Stream - 1148 bytes -> C:\Program Files\Common Files\System:jbQjUdrU3716VxJWiK7JqrM
@Alternate Data Stream - 1144 bytes -> C:\ProgramData\Microsoft:UtjFsw2UPuPEU5dt7rFFE
@Alternate Data Stream - 1045 bytes -> C:\Users\Fredrik\AppData\Local\Temp:sWoCOLwwgL3kiHh9Ko8DvB53c9r

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Hi!

Seems like the slowing down got back after all, so I ran the Combofix scan. I´m attaching the scan log!

Hmm no sign of any remaining malware, is the computer running hot, with the fan increasing in noise ?

I do not believe it’s the fan. But, the sounds the computer makes are indicating very clearly when it’s about to slow down. Instead of making the “scrunchy” sounds continuously(as a normal computer does when it’s working), the “scrunchy” sounds comes in very distinctive intervals between four seconds of absolute silence . I’ve recorded a sound file which illustrates what I mean(OBS it’s an .aac file).

The sound the computer makes when it’s slow can be found here: http://www.sendspace.com/file/6xc47j

So during the time it sounds like this(like the file), the computer is slow and very uncooperative. I have no idea why this is. It comes very sudden too.

Should I run the OTL scan in the latest post?

Hi,

What are you usually doing when it slows down? Do you ever exceed your physical memory usage?

~!Donovan

That is very loud for a laptop hard drive, have you run a chkdisc on it ?