bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 23, 2018 18:03:26 GMT -5
My computer has been running super slow lately.
I ran all the scans as suggested.
Win 10 HP laptop AVAST
Here are my logs.
Malwarebytes www.malwarebytes.com-Log Details- Scan Date: 12/24/18 Scan Time: 4:44 AM Log File: cea3f1b8-06e2-11e9-bae8-40b03406c609.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8457 License: Free -System Information- OS: Windows 10 (Build 17134.472) CPU: x64 File System: NTFS User: LAPTOP-684S1NCF\Linda -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 314551 Threats Detected: 3 Threats Quarantined: 3 Time Elapsed: 8 min, 26 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.PolarityTech.Generic, C:\USERS\LINDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5J4G9BJC.DEFAULT\BROWSER-EXTENSION-DATA\WEB@PACKAGES, Quarantined, [1710], [508613],1.0.8457 File: 2 PUP.Optional.PolarityTech.Generic, C:\USERS\LINDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5J4G9BJC.DEFAULT\EXTENSIONS\WEB@PACKAGES.XPI, Quarantined, [1710], [508623],1.0.8457 PUP.Optional.PolarityTech.Generic, C:\USERS\LINDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5J4G9BJC.DEFAULT\BROWSER-EXTENSION-DATA\WEB@PACKAGES\STORAGE.JS, Quarantined, [1710], [508613],1.0.8457 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2018-12-21.2 (Cloud) # Support: www.malwarebytes.com/support# # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-24-2018 # Duration: 00:00:01 # OS: Windows 10 Home # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] *****
|
|
|
|
Post by jholland1964 on Dec 23, 2018 19:02:00 GMT -5
Your AdwCleaner log and shows that it failed. If you note it says that the scan only lasted one second and it also is missing the bottom 7 scan sections.
Please close out everything, browsers, mail programs and anything else that you normally have running and then run the scan again, post the log.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 24, 2018 3:09:09 GMT -5
# ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2018-12-21.2 (Cloud) # Support: www.malwarebytes.com/support# # ------------------------------- # Mode: Scan # ------------------------------- # Start: 12-24-2018 # Duration: 00:00:35 # OS: Windows 10 Home # Scanned: 32227 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. AdwCleaner[S00].txt - [1289 octets] - [15/11/2018 07:13:59] AdwCleaner[C00].txt - [1437 octets] - [15/11/2018 07:14:22] AdwCleaner[S01].txt - [1372 octets] - [24/12/2018 08:21:31] AdwCleaner[C01].txt - [1558 octets] - [24/12/2018 08:22:17] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## |
|
|
|
Post by jholland1964 on Dec 24, 2018 8:52:22 GMT -5
Is the computer still running slow?
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 24, 2018 14:58:08 GMT -5
It seems a little faster now. Did I solve the problem? Thanks for your help. Merry Christmas.
|
|
|
|
Post by jholland1964 on Dec 24, 2018 15:34:04 GMT -5
It seems a little faster now. Did I solve the problem? Thanks for your help. Merry Christmas. I can't promise the problem is solved but you did remove infections with your Malwarebytes' scan. We can check to see what else might be causing the slow down if you wish.
Do you have CCleaner on the computer?
Follow the instructions given for it in the Prelimianary Cleanup steps and report back and I will give you a couple other steps to do with it.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 25, 2018 3:21:30 GMT -5
Yes, I used CC in my initial cleanup. I did everything in order of the Preliminary Cleanup. Should I run it again?
|
|
|
|
Post by jholland1964 on Dec 25, 2018 10:36:19 GMT -5
Yes, I used CC in my initial cleanup. I did everything in order of the Preliminary Cleanup. Should I run it again? No need to run it again. But open CCleaner and go to Tools. When that opens go to the Startup button and then on the bottom right you will see a "Save to text file", click that and the Startup list will be saved to a text file. Copy/paste that list back here. |
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 25, 2018 22:18:15 GMT -5
Yes HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run GoogleDriveSync Google Inc "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
Yes HKLM:Run Acrobat Assistant 8.0 Adobe Systems Inc. "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
Yes HKLM:Run Adobe Acrobat Speed Launcher Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
No HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
Yes HKLM:Run Classic Start Menu IvoSoft "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
No HKLM:Run FTR Search Folders FTR Pty. Ltd. C:\Program Files (x86)\FTR\ForTheRecord\FTRSearchFolders.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run HPMessageService HP Inc. C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
Yes HKLM:Run StartCN Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
Yes Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Yes Startup Common HP JumpStart Launch.lnk c:\windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico
No Startup Common TheRecord Communicator Server.lnk FTR Pty. Ltd. C:\Program Files (x86)\FTR\ForTheRecord\TheRecordCommunicatorServer.exe
|
|
|
|
Post by jholland1964 on Dec 25, 2018 22:30:55 GMT -5
Yes HKCU:Run CCleaner Smart Cleaning Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORNo HKCU:Run GoogleDriveSync Google Inc "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart Yes HKLM:Run Acrobat Assistant 8.0 Adobe Systems Inc. "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
Yes HKLM:Run Adobe Acrobat Speed Launcher Adobe Systems Incorporated "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui No HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon Yes HKLM:Run Classic Start Menu IvoSoft "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun No HKLM:Run FTR Search Folders FTR Pty. Ltd. C:\Program Files (x86)\FTR\ForTheRecord\FTRSearchFolders.exe Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run HPMessageService HP Inc. C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exeYes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s Yes HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe Yes HKLM:Run StartCN Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon Yes Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Yes Startup Common HP JumpStart Launch.lnk c:\windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.icoNo Startup Common TheRecord Communicator Server.lnk FTR Pty. Ltd. C:\Program Files (x86)\FTR\ForTheRecord\TheRecordCommunicatorServer.exe The items I have marked in bold and red can be disabled so they do not run at start up and therefore run all the time. All can easily be run when needed. Just go back to that Startup area in CCleaner Tools and highlight each one and click on the Disable button. Once you have disabled all of those then close CCleaner and reboot the computer. Let me know if things are moving faster. |
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 4:17:19 GMT -5
I disabled the above and rebooted the computer. Now I have a new problem, every 5-10 minutes a black screen flashes for about 2 seconds then disappears. I did manage to write down what was written on the black screen. It disappears so fast but I this is what I saw: system32/cmd/exe something like that.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 4:33:08 GMT -5
Got a better look at message on black screen. C:windows/system32/cmd.exe
|
|
|
|
Post by jholland1964 on Dec 27, 2018 8:53:10 GMT -5
That is the command prompt box. Very often this is caused by an unknown scheduled task. Try checking Task Scheduler and see what is listed there. It may be that one of the programs I had you stop from running automatically also had some sort of scheduled task set. If so, turn it off. My suspicion lies with Adobe Reader or the HP Software updater but I could be wrong.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 13:42:55 GMT -5
I turned off the suggested tasks, restarted the computer. But the black screen is still flashing every few minutes.
No Task Adobe Flash Player NPAPI Notifier Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe -check plugin
No Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
No Task HPCeeScheduleForLinda HP Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLinda (null)
Yes Task OneDrive Standalone Update Task-S-1-5-21-648516854-3976095663-519075174-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
|
|
|
|
Post by jholland1964 on Dec 27, 2018 13:45:06 GMT -5
What is this list from? I didn't ask for anything else. If this is Task Scheduler then none of those are needed at all.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 14:18:03 GMT -5
I know you didn't ask for the list but I figured you could see what else needs to be turned off. This is from Crap Cleaner. Do I just disable them all?
Thanks for your help.
|
|
|
|
Post by jholland1964 on Dec 27, 2018 14:27:35 GMT -5
These are scheduled tasks, correct? If so do you use these programs;
DropBox, OneDrive?
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 14:35:12 GMT -5
Yes scheduled tasks. No, I don't use those programs.
|
|
|
|
Post by jholland1964 on Dec 27, 2018 14:44:38 GMT -5
Yes scheduled tasks. No, I don't use those programs. OK, then turn ON these tasks: Adobe Flash Player NPAPI Notifier Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe -check plugin
Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Adobe Flash Player MUST be kept fully up to date for safety sake and therefore these should be turned ON.
And turn OFF these as they are definitely not needed:
Yes Task CCleanerSkipUAC Piriform Software Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task OneDrive Standalone Update Task-S-1-5-21-648516854-3976095663-519075174-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Leave all others "as is". Restart the computer, NOT shutdown and reboot but hit Restart. This will shut the computer down completely and then restart it so it may take a bit longer to get back to where everything is running.
Is your CCleaner Free or Paid?
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 27, 2018 15:28:39 GMT -5
My CC is the free version.
I did the above but the black screen flashed again as I was typing this.
|
|
|
|
Post by jholland1964 on Dec 27, 2018 19:18:41 GMT -5
Go to the Options in CCleaner and make sure that there is nothing chosen in any section because only the Pro version offers any options.
Restart again. If the command prompt still opens then run all the security scans again.
|
|
|
|
Post by jholland1964 on Dec 28, 2018 11:09:07 GMT -5
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 28, 2018 17:02:40 GMT -5
I ran all the scans again. The black screen is still flashing.
I read the above links but my task manager didn't have anything listed for Microsoft office so I am unsure what to do.
|
|
|
|
Post by jholland1964 on Dec 28, 2018 17:07:24 GMT -5
I ran all the scans again. The black screen is still flashing. I read the above links but my task manager didn't have anything listed for Microsoft office so I am unsure what to do. Not Task Manager, Task Scheduler
Read this link again, very clear and easy to follow instructions:
Attachments:
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 28, 2018 18:30:09 GMT -5
I meant to say task scheduler. I read both links but I can't find what they are asking me to look for. I don't have the Office Software Protection Platform.
Mine shows:
Task Scheduler (local)
AVAST Software
>Hewlett-Packard
>Microsoft
Office
>Windows
XblGameSave
|
|
|
|
Post by jholland1964 on Dec 28, 2018 18:32:39 GMT -5
I meant to say task scheduler. I read both links but I can't find what they are asking me to look for. I don't have the Office Software Protection Platform. Mine shows: Task Scheduler (local) AVAST Software >Hewlett-Packard >Microsoft Office >Windows XblGameSave Office is shown there, open it up. |
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 28, 2018 18:35:22 GMT -5
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 28, 2018 18:37:02 GMT -5
There is nothing to open in Office. I am only able to open Windows.
|
|
|
|
Post by jholland1964 on Dec 28, 2018 18:40:16 GMT -5
There is nothing to open in Office. I am only able to open Windows. Ok. Have you run NEW malware scans? Have you run a full scan with Avast?
If not do both.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Dec 28, 2018 18:45:35 GMT -5
Yes, I ran all the scans.
|
|
