Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Computer is very slow probably infected [Solved]

  • This topic is locked This topic is locked




  • Topic Starter
  • Member
  • PipPip
  • 31 posts

First of all I never reallu used Chrome and I went onto Control Panel to uninstall before re-installing a new version. There was nothing there to uninstall I could not find anything to update so my Chrome is now installed from a fresh download.


Secondly Thunderbird is set to automatic updates and I have seen updates installed in April and June this year so I dont know how or why it can be outdated if its set on auto updates. I also had no update messages. if you believe it is still not updated could you give me an idea on how to do this.


Thirdly the fixlog is below:


Restore point was successfully created.
C:\Users\Nazeer\Downloads\u.zip => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01627C7A-9867-4AE9-8EC6-00701B42E061}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01627C7A-9867-4AE9-8EC6-00701B42E061}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D830F84-05DE-4866-A55B-A3D8A75305D0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D830F84-05DE-4866-A55B-A3D8A75305D0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{414663A7-C542-4B4F-8355-314C93779E65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{414663A7-C542-4B4F-8355-314C93779E65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{755E1617-570A-429F-BCB1-C2074A661959}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{755E1617-570A-429F-BCB1-C2074A661959}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{803B1B12-BEE5-47ED-9683-E9CADFE66E26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{803B1B12-BEE5-47ED-9683-E9CADFE66E26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F860A47-D54E-4ABF-8619-B61712BC944D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F860A47-D54E-4ABF-8619-B61712BC944D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB8F693F-F0A1-4E1E-8084-DB04247B1F8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB8F693F-F0A1-4E1E-8084-DB04247B1F8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4F0005D-A827-4549-AC59-FB189802A4B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4F0005D-A827-4549-AC59-FB189802A4B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFE923C2-2786-4628-819A-793CD80C60E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFE923C2-2786-4628-819A-793CD80C60E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB02AD82-406E-4C47-AE9A-7C65E6378ADD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02AD82-406E-4C47-AE9A-7C65E6378ADD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB072F1E-6204-4878-9E3E-8F6BACA02A05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB072F1E-6204-4878-9E3E-8F6BACA02A05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
EmptyTemp: => 101.4 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 13:19:15 ====

  • 0




    Trusted Helper

  • Malware Removal
  • 1,765 posts
Well, the official Thunderbird site says that the latest version is 38.2.0 and yours is 31.7.0, so extremely outdated.

It looks like you can manually check for updates by going over to the Help menu and selecting About Thunderbird.

If that doesn't help then try downloading the newest version from the official site I've linked above :)
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Help -  about Thunderbird......Thats a very illogical place to put updates when there is - tools, options, advanced and then an update tab..............Anyhow it is updated now to 38.2 and thanks very much for pointing out where it could be found. 

  • 0



    Trusted Helper

  • Malware Removal
  • 1,765 posts
Well, I agree with you. Firefox has that option put in a similar place.

As your logs look good, could you tell me if you have any other problems with your system that you'd like to mention?
  • 0




  • Topic Starter
  • Member
  • PipPip
  • 31 posts

No everything is a lot faster now.....thanks. No other issues.

  • 0



    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Beshoff.

I'm glad to hear that everything is fine.

As system looks clean we can delete the tools that we've used. I've also prepared some tips for you to stay safe in the future.

Now that your system looks clean, we can clear system restore points and malware removal tools that we've used. To do that, download and run Delfix.
  • Note: Make sure that the following options are checked:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset System Settings
After the cleaning is done, DelFix.txt will be opened in Notepad. If it won't, you can find it in C:\ directory. Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.

Also, delete any other .exe .txt, .bat .reg or .zip files that we used and are remaining and empty the Recycle bin.

Uninstalling programs

Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove ESET Online Scanner v3

Preventing Re-Infection

As prevention is better than cure, I have listed some tips for you to stay safe on the internet in the future. Make a good use of them.

Adobe products have to always be updated, because they also are being used to infect your computer.
  • If you want to update Adobe Flash Player, visit this site.
  • If you want to update Adobe Reader, visit this site.
  • Warning!: Make sure to uncheck Optional offer box when downloading Adobe products or you will install an adware on your computer.
Turning on Automatic Updates is a crucial security measure. Keeping them out-of-date is like begging to get your system infected.
  • Click Start > Control Panel > System and Security > Windows Update
  • Under Windows Update click Turn automatic updating on or off
  • Make sure that your settings are set so that you will receive updates automatically and click OK.
Heimdal Free is one of programs that can check for out-of-date programs on your computer. You can get it here.

Recommendations for security programs
  • Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
  • WinPatrol as a robust security monitor will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes a snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • NoScript is a Firefox add-on that increases safety during surfing online by blocking malicious scripts.
  • Unchecky will help you to avoid adware and PUPs by automatically removing checkmarks for these when installing programs.
  • Web of Trust is an add-on for multiple browsers that warns you before entering websites with bad reputation.
Cryptolocker prevention
Cryptolocker is a new ransomware that heavily encrypts your important files. At the moment there are no programs that can decrypt these files. You can read how to protect against it here.

For some good tips about how to prevent infection in the future, visit this site.


Remember to post the Delfix log :)

  • 0




  • Topic Starter
  • Member
  • PipPip
  • 31 posts

# DelFix v1.010 - Logfile created 25/08/2015 at 23:33:52
# Updated 26/04/2015 by Xplode
# Username : Nazeer - BLUE
# Operating System : Windows 10 Home  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Nazeer\Desktop\FRST-OlderVersion
Deleted : C:\AdwCleaner[C1].txt
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\Users\Nazeer\Desktop\AdwCleaner.exe
Deleted : C:\Users\Nazeer\Desktop\Fixlog.txt
Deleted : C:\Users\Nazeer\Desktop\FRST.txt
Deleted : C:\Users\Nazeer\Desktop\FRST64.exe
Deleted : C:\Users\Nazeer\Desktop\JRT.exe
Deleted : C:\Users\Nazeer\Desktop\HiJackThis - Shortcut.lnk
Deleted : C:\Users\Nazeer\Downloads\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1 [Windows Update | 08/17/2015 19:00:20]
Deleted : RP #2 [Windows Update | 08/17/2015 19:01:42]
Deleted : RP #4 [Restore Point Created by FRST | 08/21/2015 12:17:18]
Deleted : RP #5 [Windows Modules Installer | 08/24/2015 16:35:54]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########


Eset Scanner also uninstalled.

  • 0



    Trusted Helper

  • Malware Removal
  • 1,765 posts
Alright, looks like we're done.

Stay safe :wave:
  • 0



    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP