Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

websearches.com as startpage, slow bootup, slow pc [Solved]


  • This topic is locked This topic is locked

#106
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Is it possible that this only exist in your country? In Belgium nothing is said about it (news).

 

 

No. This malware has hit many countries so being proactive is a good idea.

 

But I think it's safer to buy the CryptoPrevent? (update... ) Does the malware change everytime of installation folder? or why is this update important?

 

This is up to you. If you think you are disciplined enough to manually run the update then no need to purchase the paid version. If you would rather it autoupdate then you can purchase the paid version. Malware morphs/changes constantly. The updates ensure that you have the most recent detection logic. So yes sometimes it changes the paths or infection points.

 

I'm not sure there is a fix described in it?

 

No. The link you provided was related to the GameOver Zues botnet which was taken down. The CryptoLocker malware heavily relied on this botnet. A new variant named CryptoWall is active however and the CryptoPrevent is one of the best ways to protect yourself. That coupled with safe internet practices obviously.

 

 


  • 0

Advertisements


#107
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

Thank for the clearification.

 

I let bitdefender run a full system scan, it found some things, I hoped it would not find anything after the steps i followed.

 

I now have to select what I want to do with the found result, but I don't just want to hit delete without knowing what I'm deleting. I made images from it , as I couldn't find an export button or something like that.

 

CORRECTED:

 

some of these results are from the folder I made on desktop where I kept the step I had to execute. So that's my mistake, I have no problem to delete the folder, will this be enough?

o5pdtu.jpg

 

 

The cookies are from:

 

2drvskx.jpg

 

 

2m6laf6.jpg

 

33palvk.jpg

 

2w59hsh.jpg


Edited by HaraMo, 30 November 2014 - 01:15 PM.

  • 0

#108
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

The Cookie entries are benign by themselves but you can go ahead and delete them. Many websites use cookies (a small text file) to store on your computer to do things as keep track of where you left off on the website, or remember your logon information so next time you come to a site you don't have to log in again. More information is here.

 

As far as the others, does it show you the file(s) that were identified? Does the following link help you to identify the files that were detected?

http://www.bitdefend...ected-1012.html

 

Lastly, no single Antivirus software detects everything. That's why we use multiple AVs when cleaning a machine. Let's see if we can see which files were detected from the log.


  • 0

#109
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

The log is an xml file, If I double click on it, internet explorer opens, but no context, only white background.

 

Also to add :

 

After I installed bitdefender, I rebooted several times to test if the delay is back.  only 1 second and the login screen appears.

 

Yesterday I closed the laptop(windows closed) after I deleted the results that bitdefender found

 

Today I start the laptop, and the delay is now 1min 40 sec( counted myself).

 

I thought maybe because bitdefender is doing some cleaning, but then I rebooted again: same delay.

 

 

Strange no?

 

I didn't yet install the cyptoprevent.

 

ADDED

 

The startpage in internet explorer is gone . it says 'about blank'.

 

Very strange, Can bitdefender be the cause of this , without asking me?


Edited by HaraMo, 01 December 2014 - 11:29 AM.

  • 0

#110
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

ok, xml only opens correct if I right click and then choose to open with internet explorer. double click shows only white background with no context.

 

Here is the log:

http://we.tl/FUTvaUnkEU


  • 0

#111
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

So when you followed the instructions in this link you couldn't view the log? http://www.bitdefend...ected-1012.html

 

To set your startpage in Internet Explorer you can follow the steps below. I don't believe Bitdefender would have done this. Likely from cleaning the malware.

 

1. Open Internet Explorer.

2. Navigate to the page that you want to be your home page.

3. Click the Settings gear in the upper right corner of the IE window. Tools.JPG and choose Internet Options.

4. Click the Use current button on the screen that shows.

5. Click the OK button to exit this window.

 

As far as the delay being back, that's unfortunate. Antivirus products can definitely cause these types of delays. Let's take one at a time.


  • 0

#112
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I reviewed the Bitdefender log and you are OK. The items found (besides the cookies) were already caught by AdwCleaner when we ran it. It looks like you have a folder on your desktop named Gisele stappen gedaan. You should delete the AdwCleaner folder that is within the 06 - folder. Once that is done then right-click on your Recycle Bin on your desktop and choose Empty Recycle Bin.

 

Let me know when you have reset your Internet Explorer Home page from the instructions from my previous post as well. Thanks.


  • 0

#113
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

About the log: I followed the steps in the link (bitdefender) you provide me, but step 3 (In the Events Overview window, select Antivirus.) is the last one I could follow. The other steps are not the same as what I see.

 

Then I selected the line  that names the full systemcan, then clicked a button ' view summary' left bottom of the window,  Then I can see the log on the same small window of bitdefender, but to see the full path of the folders where the malware is been found, I have to save the log. Log is saved in an xml file.


  • 0

#114
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

startpage is ok now. 

 

and yes I did kept the steps I did in that folder, but one of the files was an exe file ,  strange, but I deleted the  complete folder anyway.


  • 0

#115
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Let's take a look at the delay. I know we've done this before but again things have changed. Can we try a clean boot to see if the delay goes away or decreases?

 

Step#1 - Clean Boot

  1. Click Start, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.
     

    2440068.png
  2. On the General tab, click the Selective startup option, and then click to clear the Load startup items check box. (The Use Original Boot.ini check box is unavailable.)
     
    2440069.png
  3. On the Services tab, click to select the Hide all Microsoft services check box, and then click Disable all.
    Collapse this imageExpand this image
     
    2440071.png

     
  4. Click OK, and then click Restart.
  5. Does the symptom show itself now?

  • 0

Advertisements


#116
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

it was already on selected startup.

the bitdefender services could not be disabled.

in startup I had no problem to disable the bitdefender startup items.

reboot: delay was 30 sec  ( before was 1min 40 sec).

I went to save mode: 1 sec delay, I disabled the bitdefender services

rebooted in normal mode: 3 sec delay.

rebooted again: 15 sec delay.

rebooted again: 15 sec delay.

So it's now 15 sec.

went back to save mode: 15 sec delay

I selected in general tab the first option (normal startup)
rebooted.

delay: 44,91 sec.

lets do it again:

 

selected startup selected, disable all services, but bitdefender cannot be disabled in normal mode.

reboot:
delay 24,41 sec.

reboot to save mode:

delay: 4,38 sec.

disabled bitdefender services

reboot normal
delay: 1,63 sec.

reboot again in normal mode:
delay: 3,78 sec.

again: 15,40sec and the welcome screen stays very longer..

again: 15,11 sec, welcome screen: 23,20sec.

 

I think 15 sec is best time now.

 

and the welcom screen stays longer, very longer then before... .

 

Maybe it was not good to reboot several times? hmm

 

 

 


  • 0

#117
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

OK, let's see what else we can do. Please do the following.
 
Step#1 - Retrieve Boot Time Event Logs
1. Click your Start Orb in the lower left of your computer and type cmd in the search box.
2. Once the cmd program is found, right-click on it with your mouse and select Run as administrator as shown below.
ElevateCommandPrompt.JPG
3. Answer Yes when asked to allow.
4. You should now have a black window open that you can type in to.
5. Copy and paste the following command into the black window and hit enter.

wevtutil epl microsoft-windows-diagnostics-performance/operational %userprofile%\desktop\BootEventLog.evtx

 

6. Right-click on the file named BootEventLog.evtx (which should be on your desktop) and select Send to....compressed (zipped) folder.

7. A compressed file named BootEventLog.zip will be created. Please upload this zipped file to wetransfer and send me the link.

 

Thank you.

 


  • 0

#118
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

Strange, I just started the laptop to do the steps , and no 15 sec delay anymore, it went directly to the login .

 

bitdefender is still disabled. This was also the case when there was a 15 sec delay.

 

It's very unreliable this delay, with or without services disabled... hmm

 

I will do now the steps.


  • 0

#119
HaraMo

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 329 posts

log:

 

 

http://we.tl/JwiAEURidD


  • 0

#120
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the information HaraMo. I've thoroughly reviewed the logs and analyzed all of the boots since 11/1 (around 160 of them). Raw data of each boot is here for reference. Even back in the beginning of November the boot times varied. So at this point I'm going to suggest that if you are still interesting in looking at this that you post a topic over in our Windows 7 forum and reference this topic. We in this forum specialize in malware and give best-effort for other issues that may have been caused by malware. We're not experts in hardware/software so you may have better luck in the other forum. I sincerely apologize that we could not do more but we gave it a go.

 

Is there anything else I can do for you regarding malware?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP