Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why is my machine so slow after a recovery from malware?

Question:

I had Microsoft Security Essentials installed for my anti-virus in my Windows Vista but it was still infected with malware that was added from the search site Conduit. I removed it, Conduit, and all its garbage but I kept getting malware detections when I did the security scan. My Microsoft Security Essentials kept getting turned off when I shut down my computer so when I turned my computer on again, I had to turn Microsoft Security Essentials back on. So I downloaded Bullguard because I tried the free version a while ago and it worked great.

Well, it also caught the malware, but I went through the process a few times before it deleted the malware. Also, my main computer profile will not open since View Password was part of the malware and the anti-virus deleted it and my profile is closed. So, I had to make a new profile but strangely, I can open the closed profile in Safe Mode. My scans are clean now for the last 3 days (or so it says) so that problem appears to be gone. I have no more malware or virus notices. I also deleted all temp files and all other non-essential files that were downloaded on that date as well. My problem is this: my computer is very slow now.

I have three bars of internet and plenty of disk space so it should be faster. I keep it cleaned and defragged but many times now I have to refresh to do anything online and sometimes offline. So I’m wondering if the malware has somehow embedded itself and is hiding in my anti-virus? Is that possible? Or am I just paranoid. I wonder if it’s really cleaned? What is the best and safest way to be sure – and the best cleaner that you would recommend?

The best and safest way? I’m afraid you’re not going to like my answer.

Become a Patron of Ask Leo! and go ad-free!

Nuke it

After everything that your machine has been through, and it’s quite a bit, I believe that yours is a scenario that calls for the ultimate cleaning.

What that means is back up your computer completely, reformat and reinstall Windows, reinstall all of your applications, and restore your data.

Yes, it’s painful. I’ll throw a few other ideas at you below, but in your shoes, the reformat/reinstall route is in fact the route that I myself would take.

Mushroom CloudRemoving malware completely is hard

One problem here is that malware is messy; or more precisely, removing malware is messy. There’s really no way to know everything that malware might do. So, there’s just no way to know what can and should be safely removed when you’re cleaning it up.

You might very well be safe from the malware that’s been removed, meaning you’re no longer at risk of infecting another machine, or acting as a bot in a botnet or whatever else that malware was originally designed for, but the memory lingers in the form of poor performance. I know of no tool that we can just drop in that would magically make things all better for you.

Other things to try

So I promised you a couple of things. I’ll call these “straws to grasp at”.

You mentioned that you installed an additional anti-malware package. It sounds like this has left you with two: Bullguard and Microsoft anti-malware. I would uninstall one of them, and make sure that the other is still working. Two anti-malware tools can create a conflict, and there’s a chance that part of the performance issue is exactly that.

You mentioned needing to refresh pages to get them to view. If browsing the web is getting painful, I would consider a couple of additional things: clearing your browser cache, uninstalling and reinstalling the browser completely, or installing and using a different browser. Malware has been known to impact browsers adversely.

If any of those ideas work, consider yourself very, very lucky. Also, please consider backing up regularly. That way when you get an infection again, you can remove it quickly by just restoring the previous day’s backup.

But right now my money’s on your need to reinstall from scratch. And for that, I’m sorry.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

7 comments on “Why is my machine so slow after a recovery from malware?”

  1. A couple of other straws I might also grasp:
    1. Run the System File Checker, sfc /scannow, to repair any program files which the virus might have damaged (in some ways sfc is like System Restore, great when it works but…)
    2. And performing a repair install of Windows, a non-destructive reinstallation of Windows, which leaves all of your other programs and files intact.

    These are long shots but before a complete reinstall, I like to leave no straw ungrasped.

    Reply
  2. Hi Leo, I did not have Microsoft Security Essentials running on my Windows 7 pro 64 bit machine. MSE was installed with Windows update.
    I was using Malware Bytes Anti Malware to check for malware and Avasti
    anti virus to check for viruses. I use C-cleaner, disk cleaner & disk defrag
    to keep it cleaned up. My question is: Should I remove one of the malware programs. MSE has about 6 files in it as shown in the MS
    windows update history. So far it has given no problems.

    Reply
      • Leo, Please don’t consider this spam.

        I saved my own bacon a week or two ago by having an image I could restore to get rid of a very potent PUP or maybe it might even have been malware. The image was made before so it was clean.

        Terabyteunlimited has very good and inexpensive programs for imaging and disk management. I have been using their programs for over 5 years.

        There are are other imaging programs available with one or two being free, even.

        Reply
    • You should not run two anti-malware programs with real-time protection at the same time. I believe Avast and MSE both meet this criteria.

      Reply
  3. The experience described reminds me of why I strongly prefer use of a two-way software-based firewall even though I’m behind a router. I’m specifically concerned about nefarious out-going attempts to access the Internet. Case in point is when I had obtained a legitimate program from a very popular source — probably the MOST popular source — of shareware/freeware programs. Somehow the version being hosted also installed a well-known adware program, which did all of the following to my system: (a) installed an add-on toolbar to all my browser programs, (b) changed the homepage for each browser, and (c) all new browser tabs defaulted to the adware’s own search engine site.

    After going through all the work necessary to eradicate the problem from my system, all was okay again … or so I thought. Two weeks after thinking my system was back to normal, my firewall program — NOT Microsoft’s Windows firewall — detected an unfamiliar Internet access attempt. By researching the destination IP and the program launching the attempt, I discovered a remnant of the adware infection remained in my registry apparently set to contact the adware software’s home site to get refreshed, updated, and/or get new instructions to further infect my system.

    So, long story, short … I’d never pretend to know more about proper system care than Leo … NEVER! But contrary to previous comments Leo has made about adequately protecting a system, I personally would never rely entirely on my router, nor entrust protection of my systems to a firewall that provides protection only against in-coming access attempts. Just my personal opinion.

    Reply
  4. Hi. Love your articles they are very informing. I have a program I want to share with you. You maybe heard of it
    before, it’s called Auslogics Boostspeed 7 My computer was so slow until I found this Program.
    check it out and let me know what you think. It does just about everything you can think of.

    Thanks: Mark

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.