Not signed in (Sign In)
This discussion has been inactive for longer than 5 days, and doesn't want to be resurrected.
  1.  (9423.1)
    My system's picked up some kind of nasty that's making it run ultra-slow, and my fully updated Trend Micro antivirus is telling me everything's fine. Does anyone have any suggestions about how to hunt down and eliminate stealth bugs?
    • CommentAuthorFlabyo
    • CommentTimeJan 15th 2011
     (9423.2)
    Could try running CCleaner over it, see if it's a problem due to borked registry settings etc...
  2.  (9423.3)
    And try spybot? always seems to find stuff that Trend doesn't...
    • CommentAuthorroadscum
    • CommentTimeJan 15th 2011
     (9423.4)
    I am not a computer genius. These people are though...
    •  
      CommentAuthorDigitalyn
    • CommentTimeJan 15th 2011
     (9423.5)
    Spybot is indeed pretty good on catching nasty adwares you might have. Also Adware http://www.lavasoft.com/ and CCleaner aswell.
  3.  (9423.6)
    It's not just malware that may be causing this. A lot of programs nowadays install various little piece of useless junk on your operating system - things like automated update checks, or pre-loaders for some basic components of their parent software - most of which are set to run on system boot.
    The good news is they're harmless. The bad news is they're still useless and consume system resources.

    Get HijackThis, run the program, save the log file.. There's a number of websites for automated log analysis, such as HijackThis.de, so use one of them.
    Then you might want to analyse what HijackThis found running on your machine - not just in the realm of malware, but simply redundant junk that's running in the background and eating up your CPU time.

    You could check the Task Manager to see which processes take up a lot of CPU time and memory. Looking up their filenames on the net might provide some clues as to what they do.

    And of course registry cleanup. Use CCleaner, then manually check the various /Run and /RunOnce lists in the registry and remove the unneccessary stuff from there (be careful, if you accidentally remove something important... well, just make sure you don't). Applying RegCompact.NET after that may be a good idea too, as is defragmenting your hard drive.
    •  
      CommentAuthorstsparky
    • CommentTimeJan 15th 2011
     (9423.7)
    Ian? If the above doesn't fix it — email me and I'll get someone I know at Trend to sort it out.
    •  
      CommentAuthorFinagle
    • CommentTimeJan 15th 2011 edited
     (9423.8)
    Here's the process we follow at my consulting company:

    1. Make sure you start up in Safe Mode to do your scanning, preferably with the network disconnected (update whatever antimalware program you are using first).
    2. Use the AntiMalware Toolkit to pre-download all the latest updates and installers for all the major removal tools and stage to USB stick or burn to CD on another system if possible.
    3. Disable your regular antivirus program before running any of the major removal tools listed below, or uninstall it completely. It doesn't help to have two a/v programs fighting each other.
    4. Go ahead and start wiht Spybot and SUPERAntispyware. If those haven't done it for you, your next step should be Malwarebytes, with fresh updates from the above toolkit, run in Safe Mode with no network connected.
    5. If that doesn't completely clean it, move on to try either ComboFix or TDSSKiller.
    - Also SMITFraudFix can cure a few similar nasties, but we don't personally use it.
    6. At this point if you are still infected, back up your data, wipe the drive and reinstall. You should consider this in any case, and also consider changing your major passwords for anything important online.
    7. Consider in addition to all of this, setting your DNS servers to use OpenDNS. OpenDNS filters out malware sites at their source if they use DNS lookups, and can be the only effective way to stop some malware from re-updating itself with a new downloader. You may also find another run of Malwarebytes, in Full Scan mode, can be effective again after having run one of the above trojan removal tools, as the downloaders are sometime cloaked by the trojan's low-level file system driver.
    8. Run a full Windows Update after you can reconnect to the network.

    Use those above tools with care, and read all of their individual instructions carefully. They can wreck your system. Again, consider taking a backup of your data and just flattening and reinstalling, or restoring completely from a known good backup or disk image. If in doubt, Roadkill's advice about posting at BleepingComputer.com is sound, they are the maintainers of ComboFix.
    •  
      CommentAuthoroddbill
    • CommentTimeJan 15th 2011
     (9423.9)
    I was going to post my elaborate malware removal routine, but it is basically the same as what Finagle just posted, so I will instead endorse that one. It is pretty much the best course of action you can take if wiping the hard drive and reinstalling is not an option.

    If, however, wiping the hard drive and reinstalling is an option, I would just do that. It will probably take less time, is less trouble, and will be more likely to clear out everything.
  4.  (9423.10)
    Thanks guys. I'll try doing all of the above and see how it goes.
    • CommentAuthorColby
    • CommentTimeJan 15th 2011
     (9423.11)
    Is your computer just running slow or is there more too it. Are there any error messages, does your internet work fine, anything out of the ordinary besides your computer running slow?
  5.  (9423.12)
    It just runs slow. Lags terribly when I'm playing Flash games and YouTube vids, plays installed games slowly, lags opening any website even though the other computer on my network runs fine on the high speed cable connection.
    •  
      CommentAuthorstsparky
    • CommentTimeJan 15th 2011
     (9423.13)
    Back up, reinstall the OS. One by one re-install key applications. Restore data.
    • CommentAuthorFan
    • CommentTimeJan 16th 2011
     (9423.14)
    Use Task Manager (run taskmgr.exe), go to the Processes tab, click on the CPU column header to sort the processes by their CPU utilitization, look at the top-most entry to see which process/culprit is taking a lot of / most of CPU.

    Also use the Performance tag to verify that the reason why the computer is running slowly is that something is using most of the CPU (CPU utilization is the most likely reason for slowness; it could also be disk or network utilization).
    • CommentAuthorColby
    • CommentTimeJan 16th 2011
     (9423.15)
    Doesn't sound like a virus then, sounds like you got a lot of shit on your computer. I would do what Fan recommends, then just Defragment, use disk clean up, maybe clean some of your old shit from your computer and see if it runs faster. Or it just might be time to reboot your machine.
    • CommentAuthorFlabyo
    • CommentTimeJan 16th 2011
     (9423.16)
    Yeah, windows boxes do eventually accrue a lot of crap. It's often best to just back up your data, then nuke the site from orbit with a fresh reinstall.
    •  
      CommentAuthorGreasemonkey
    • CommentTimeJan 16th 2011 edited
     (9423.17)
    Well, I cleaned a bunch of old processes off my hard drive, including SecuRom which was a bastard to get rid of, and it's helped some. I'm going to defragment today while I'm off doing other things.

    Thanks all.
  6.  (9423.18)
    Reformating and reinstalling everything from scratch is somewhat extreme - I recommend only using it as a last resort solution, after you tried everything else.
  7.  (9423.19)
    Hey Grease Monkey, would you mind letting me know what worked best for you? I just recently wiped everything and reinstalled it all, shut off a bunch of my processes, made sure everything is clean, and I seem to be having a similar thing with my computer. (Lagging on sites that it shouldn't, playing a video using way more memory than it should, etc)
  8.  (9423.20)
    Deleting a bunch of processes, then defragging, fixed it. Check for hidden DRM software like SecuRom which may have been installed along with any games you have on your system.

This discussion has been inactive for longer than 5 days, and doesn't want to be resurrected.