Solved! Infected computer- slow and stop

[Astralv]

Hey there

This computer, Haswell 4770K with Asus Z87 Deluxe MB and AMD midgrade graphics, 16GB memory got issues. It is not terminal, it powers on. It is super slow in normal operation mode. I can't get to system configurations app, therefor I can't get to Startup items. My son is teen gamer, it is his computer. He is advanced user, he installs Steam games, Minecraft servers, etc. He would install free trials and free games, so he is high risk of malware. The computer can function in Safe mode, but in Normal mode it dragging or just not responding- it is not useble to even check e-mail.

We have active Norton Security installed as well as full Malware Bytes. We been running scans in Safe mode. Initially it found few threats and there was slightest improvement in functionality but now all scans come with no threats found. I also ran Webroot- dont have subscription but it still can scan. Cleared Cookies, temporary files, etc. Norton Eraser is another scan from their web site- it found and removed something but the problem persists. I checked Startup in Safe mode- there is nothing suspicious, almost everything is disabled. We went through Add/Remove programs and dont see anything that would obviously be threat.

I want to try other tools before I surrander to reinstall Windows. What else I can try that is reliable and does not give "This program may harm your computer" message like some tools from guide on this forum. Any suggestions would be appreciated. Thank you.

 

[Ralston18]

Use Task Manager and Resource Monitor to observe the computer's performance.

First while not gaming. Then leave the window open but drag to one side to watch. Then game as usual.

Watch for changes that correspond to the slowing and stopping. You should be able to identify a particular app, process, or service if such is the reason for the problem. Or some resource bottlenecking.

May be some app trying to update, backup, or "phone home" - and failing to do so.

Or some combination apps, etc. that are not playing well together.

Work through it methodically and carefully. Avoid over-reacting to something that immediately appears to be the culprit. Change only one thing at a time.

Another note: Event Viewer and Reliability History/Manager may also be capturing some information that may helpful. Look for error codes, warnings, or even information events that correspond to the slow downs and stops.

 

[Astralv]

Hey there

Thank you for your reply. I logged in in Normal mode now. One of the issues is Internet is soooooo slow. It connected to Wired, but it was taking several minutes to open any page. I am not able to load Tom's hardware forum in Safe mode or normal mode. I thought this web site was acting out on Saturday, but today I can load it from other computers but not from that one.

The Task manager actually did open soon as computer restarted from Safe to Normal mode (before it won't open in Normal mode). It was showing 100% CPU utilization, but I did not see anything specific that would take that must energy. I had

Malware Bytes 10-12%
Norton 5-6%
Webroot 4%, System 6%
Some Coppatability something
Desktop Windows manager
Windows Host Processes- 0.1 to 0.2%

Can't see anything that takes 100%.

Then I was waiting for Tom's hardware to load. It froze entire Edge. I noticed that CPU usage dropped back to 20%- not sure at what moment.

I got error message when trying to open Edge again:

Microsoft-edge:https//sitedirector.symantec.com........... (lots of numbers)
This file does not have a program associated with it performing this action- please, install a program or create association in default control panel.

The Start is not working- I can't get to the list of programs. If I rightclick, I can get to Restart/Shutdown options.

Event Viewer is not opening. System- not opening. Edge- the wheel is spinning but so far not opening.

I have seen this computer was trying to install some Windows updates and failed few times. But I can't check for updates because- how do I get to it?

Attempted to open Google Chrome. Computer went Black Screen with cursor on it.

I dont want to rush in to reinstalling Windows because I dont have serial number from Microsoft Office 2013 that I had installed on it. And my son's games... not to mention that it would be pain to install all the drivers. Do you think it obsolete at this point?

Thank you.

 

[cherry blossoms]

Many auto-starting entries WON'T show with windows built in tools.

You have tried system restore?

Autoruns from Microsoft's Sysinternal utilities may help you find a particular program, but it is not an automated tool. You have to research the entries it brings up if you don't know what they are.

Undetected malware still possible, since it seems you are being locked out of the usual items that might help you troubleshoot the problem. Your safest bet is restore from a backup.

 

[Ralston18]

"The Start is not working- I can't get to the list of programs. If I rightclick, I can get to Restart/Shutdown options."

You are referring to the Startup tab in Task Manager - correct?

If so, a right click should present a menu with four choices: Enable, Open file location, Search online, and Properties.

And do try running just Malwarebytes or Norton. One or the other - not both together. May not be playing well if both are running.

 

[Astralv]

Thank you for replies. I meant start button in low left corner that shows all programs. It now works, I can see the list, but I can't type so I can't get to control panel. I wanted to get to Windows updates, but I can't search.
How do I get to restore point area? I ask not sure if it was enabled and I can restore. It feels like virus. Maybe I should call Norton.

 

[Astralv]

Also I had Norton and Malware bytes running for years, no problem.

 

[Ralston18]

Unfortunately many things that once worked, or worked together, may stop doing so.

Key is to simplify as much as you can to achieve some workable status. Then address the various issues one by one.

Use Safe mode as a starting point.

 

[Astralv]

Hey there, thank you for your replies. I uninstalled Webroot, also I called Norton Support, the guy from remote session used Power Eraser (Norton aggressive scan) that I already used and it found 3 more items

undertale.exe
vsix auto update 14
createexplorershellunelevatedtask

It said it did not have information about it but it removed it and now computer relaxed. There is no 100% CPU utilization, I was able to get to Tom's hardware forum, and I can open Start and Control Panel. My child installed Process Hacker- it was supposed to be better version of Task Manager. Should I keep or uninstall it?

Thank you.

 

[Ralston18]

If you (emphasis on "you") do not use Process Hacker - remove/uninstall it.

Likely to be buggy at best - could even be a bogus copy doing who knows what in the background at worst.

And change your child's (teenager) access rights to prohibit downloading and installing software. Willingly or accidentally.

You were fortunate this time around. Who knows what might get installed next time....