bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 4, 2019 15:52:03 GMT -5
I thought I answered Everett's question, I said the pop up comes on in my Thunderbird email program, it also pops up when I use excel and word.
Yes, I restarted the computer after changing the time.
I really don't understand how the time/date is so critical. I travel back and forth over the Pacific and to Europe many times a year and never change the time since I want to be on the time zone of those who I work for. They get confused when files I send are the wrong date/time.
I choose the option to automatically detect the time zone.
There is no change in the pop ups.
|
|
|
|
Post by jholland1964 on Jan 4, 2019 16:11:19 GMT -5
I thought I answered Everett's question, I said the pop up comes on in my Thunderbird email program, it also pops up when I use excel and word. Yes, I restarted the computer after changing the time. I really don't understand how the time/date is so critical. I travel back and forth over the Pacific and to Europe many times a year and never change the time since I want to be on the time zone of those who I work for. They get confused when files I send are the wrong date/time. I choose the option to automatically detect the time zone. There is no change in the pop ups. The time/date is VERY important and if you read that link I gave you then you will see that. You must set the time to where you are AT THE MOMENT and Not to where you might be sending documents to. It is up to the receiver to understand the difference in time and date not to the sender to correct it so THEY understand.
You say this setting has been used for 10 months, so it has had 10 months to mess up many things on your computer and now you are seeing the results.
You don't believe me so I have no other suggestions.
|
|
|
|
Post by Everton on Jan 4, 2019 16:11:37 GMT -5
By any chance do you have driver update software installed e.g Avast Driver Updater ?
It is a paid component and not part of Avast free version but can be added via the free version.
Also did you ensure that your Avast programme us fully up to date (not just the definitions, the actual programme) there was a further programme update for my Avast just yesterday
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 4, 2019 17:02:20 GMT -5
I have no idea if I have driver update software install on Avast.
I beleive I have the most up-to-date version. I also had an update yesterday.
|
|
|
|
Post by Everton on Jan 4, 2019 17:15:28 GMT -5
Driver updater appears in Avast settings .. it has to be separately installed so you would know if you have it. It can be installed but has to be activated (paid for) to instal new drivers.
I asked because it was reportedly causing a cmd window to open every 8-10 minutes as it checked drivers.
It was a possible cause but it you do t have it it can be ruled out.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 4, 2019 17:21:24 GMT -5
I have not paid for drivers. I just use the free version.
|
|
|
|
Post by Everton on Jan 4, 2019 17:33:56 GMT -5
Yes I understand that. Driver Updater can be part of the free version if you clicked to install it in Avast settings.
It is the added programme you pay for that checks your drivers . You do not pay for actual drivers
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 5, 2019 2:01:10 GMT -5
I just checked my avast under the Driver updater. I have not done that. Should I?
|
|
|
|
Post by Everton on Jan 5, 2019 4:45:23 GMT -5
I just checked my avast under the Driver updater. I have not done that. Should I? I am sorry I am not sure what you mean. Is this in settings you are meaning . ? There is a button to install it. Have you done that ? You do not need it. If you have installed it then there is a possibility it is causing the pop ups. if you have not then do not. Driver updaters are not a good idea. Drivers should be obtained directly from the source and only when needed. |
|
|
|
Post by Everton on Jan 5, 2019 8:10:55 GMT -5
There is something triggering this pop up but I have not really any more suggestions except you could try this..... Right click Start Menu and Select Run In the Run box type msconfig and click OK.This will bring up System Configuration Click Services on System Configuration. Check the box saying "Hide all Microsoft services" ( It is essential you do this before continuing) Click on the Status Tab which will show which items are running or stopped. Uncheck all the running ones except your Avast items. Restart your machine. If the pop up has not returned go back to Services and re-enable each item one by one to try and ascertain which one is causing the problem. If the pop up persists then just click the "Enable All" button.
cmd.exe is a legitimate Windows process but sometimes malware will disguise itself as cmd.exe if your machine is infected. I would re-run all preliminary scans now that you have corrected the time/date as some of them may not have been working properly before. May I ask if you have altered the screen resolution on your machine ? If it is not the correct recommended resolution it CAN cause cmd prompts to pop up. Not always but it is a possibility. |
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 5, 2019 13:13:08 GMT -5
 I don't have a status tab. I have General, boot, services, start up, tools I thought maybe you meant start up but that tells me to go open task manager. I see the hide all microsoft services and I clicked on it. I attached my screen so you can understand what I am talking about. I am afraid to proceed. So I will cancel and wait for your reply |
|
|
|
Post by jholland1964 on Jan 5, 2019 14:08:31 GMT -5
Ignore the instructions about status and follow everything else. Let us know what happens
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 5, 2019 14:28:11 GMT -5
I restarted the computer and the pop up came up after about 2 minutes. I went back to msconfig to click 'enable all' button, but that button was grayed out and the 'hide all microsoft services' was no longer checked.
|
|
|
|
Post by jholland1964 on Jan 5, 2019 15:15:34 GMT -5
I restarted the computer and the pop up came up after about 2 minutes. I went back to msconfig to click 'enable all' button, but that button was grayed out and the 'hide all microsoft services' was no longer checked. Please follow Everton's instructions again INCLUDING the Status instructions which say; Uncheck all the running ones except your Avast items. Once you have done that be sure to click the Apply button because if you don't do that then it will not work.
Look at the print screen of YOUR print screen and you will see that Status IS listed. Here it is again:
Attachments:
|
|
|
|
Post by Everton on Jan 5, 2019 15:58:44 GMT -5
Status was there in Services - the third column.
If the enable all button is now greyed out then you must already have each item enabled. Are there check marks beside each item ?
Try it again as Judy said.
Also Re-do the scans as advised. What about my screen resolution question ? Have you altered it at any time ?
Also, when you disabled add ons did you include Internet Explorer?
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 5, 2019 19:02:21 GMT -5
Thank you for the diagram. I have completed the msconfig but the pop up still showed up after restart. I enabled them again per your instructions. I will run the scans next.
About the screen resolution, I don't think I have ever altered it. It is set at 1366 x 768 (recommended).
I disabled add ons in Internet Explorer.
|
|
|
|
Post by jholland1964 on Jan 5, 2019 19:05:28 GMT -5
Thank you for the diagram. I have completed the msconfig but the pop up still showed up after restart. I enabled them again per your instructions. I will run the scans next. About the screen resolution, I don't think I have ever altered it. It is set at 1366 x 768 (recommended). I disabled add ons in Internet Explorer. I want you to run msconfig once more. This time of course click "Hide all Microsoft services" and once you have done that I want you to click the Disable All button and then the Apply Button.
Restart and see if the box pops up. If it does then go ahead and Enable all and restart.
If it does not then, leaving the Microsoft services hidden, re-enable each of the others one at a time and restart. If the box doesn't come up then add the next service and do the same. Continue until the box pops up and you will know what is causing it.
If it comes up immediately then you will know it is possibly something bad and DO run the scans again. Also on Malwarebtyes' be sure to enable the scan for rootkits. You had that turned off before and it is really necessary that scans include that.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 12:56:54 GMT -5
I ran msconfig again, disabled all, click apply, restart.
Pop up came on again.
ran msconfig again, enabled all, restart.
Ran crap cleaner, MWB-only way for me to get rootkits to stay on as option was to do a custom scan. It took over 8 hours.
I am going to restart and run adware cleaner next.
Here is the MWB report.
Log Details-
Scan Date: 1/5/19
Scan Time: 8:12 PM
Log File: 13455128-1150-11e9-a6e1-40b03406c609.json
-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.8645
License: Free
-System Information-
OS: Windows 10 (Build 17763.195)
CPU: x64
File System: NTFS
User: LAPTOP-684S1NCF\Linda
-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 494579
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 8 hr, 39 min, 9 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 13:06:07 GMT -5
adware cleaner results:
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-06-2019
# Duration: 00:00:36
# OS: Windows 10 Home
# Scanned: 32243
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1289 octets] - [14/11/2018 16:13:59]
AdwCleaner[C00].txt - [1437 octets] - [14/11/2018 16:14:22]
AdwCleaner[S01].txt - [1372 octets] - [23/12/2018 17:21:31]
AdwCleaner[C01].txt - [1558 octets] - [23/12/2018 17:22:17]
AdwCleaner[S02].txt - [1494 octets] - [24/12/2018 03:07:29]
AdwCleaner[S03].txt - [1555 octets] - [28/12/2018 15:45:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
|
|
|
|
Post by jholland1964 on Jan 6, 2019 13:12:30 GMT -5
I ran msconfig again, disabled all, click apply, restart. Pop up came on again. ran msconfig again, enabled all, restart. Ran crap cleaner, MWB-only way for me to get rootkits to stay on as option was to do a custom scan. It took over 8 hours. This is incorrect. You can very easily set the program to scan for rootkits. Open the Dashboard, go to Settings, Go to the Protection Tab, scroll down and Turn ON Scan for Rootkits. If you have this enabled then the program will ALWAYS scan for rootkits when you use Threat Scan. Please note on the attachment from my own machine that I use the FREE version and this option IS available *see attached*
Have you done a FULL scan with AVAST???
Have you ever run Disk Cleanup?
Attachments:
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 13:17:43 GMT -5
That is exactly what I did, but it would default back to not scanning the rootkits. The scans I tried before the custom kept coming up with rootkit disabled even though I had enabled it.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 14:14:33 GMT -5
Yes, I did a full scan with AVAST and I have run disk cleanup, last time was I ran disk cleanup was a few weeks ago.
|
|
|
|
Post by jholland1964 on Jan 6, 2019 14:15:35 GMT -5
That is exactly what I did, but it would default back to not scanning the rootkits. The scans I tried before the custom kept coming up with rootkit disabled even though I had enabled it. Then your Malwarebytes' program is broken because the FREE version most certainly will scan for rootkits using the Threat Scan if you set it to do so. Your broken program must be UNINSTALLED.
Go to Control Panel, Programs and Features, Add or remove programs, scroll down to the Malwarebytes' listing, click on it to highlight it and then click on Uninstall or Remove.
The program will be Uninstalled from your computer, restart the computer. Then download a brand copy, install it and be sure to do as I told you and enable Rootkit scan and then do a brand new scan.
Here is the correct download link:
|
|
|
|
Post by jholland1964 on Jan 6, 2019 14:19:18 GMT -5
Yes, I did a full scan with AVAST and I have run disk cleanup, last time was I ran disk cleanup was a few weeks ago. So you have not recently run Disk Cleanup if it has been several weeks ago and please give exact date & time when you did a full scan with AVAST? Please post the log from that scan, C:\Programfiles\Avast\Reports\
Please also use Last Activity View again and report back the latest incidence of the cmd.exe. box and what programs triggered it.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 15:22:55 GMT -5
I wasn't told to run Disk Cleanup. I can't find the Avast Report. I did a search for C:\Programfiles\Avast\Reports\
I can't find it anywhere. Last time I did an AVAST scan was a few hours ago.
Last Activity: Same files as before.
Action Time Description Filename Full Path More Information File Extension
1/6/2019 3:10:42 PM Run .EXE file mshta.exe C:\Windows\SysWOW64\mshta.exe Microsoft Corporation, Internet Explorer, Microsoft (R) HTML Application host, 11.00.17763.1 (WinBuild.160101.0800) exe
1/6/2019 3:10:42 PM Run .EXE file CONHOST.EXE C:\WINDOWS\SYSTEM32\CONHOST.EXE Microsoft Corporation, Microsoft® Windows® Operating System, Console Window Host, 10.0.17763.1 (WinBuild.160101.0800) EXE
1/6/2019 3:10:42 PM Run .EXE file cmd.exe C:\Windows\System32\cmd.exe Microsoft Corporation, Microsoft® Windows® Operating System, Windows Command Processor, 10.0.17763.1 (WinBuild.160101.0800) exe
|
|
|
|
Post by jholland1964 on Jan 6, 2019 15:31:28 GMT -5
I wasn't told to run Disk Cleanup. I can't find the Avast Report. I did a search for C:\Programfiles\Avast\Reports\ I can't find it anywhere. Last time I did an AVAST scan was a few hours ago. No, you were not asked earlier to run Disk Cleanup, I asked when was the last time you ran it, you answered and then I asked you to run it again since it had been several weeks since you ran it.
When you looked for the Avast log was there even a folder in C:\Programfiles for Avast? If so did you open it?
Everton asked you what version of the Avast program you had but you did not give her that information, you only gave her the database version which is not the same thing. What is the version of your Avast program?
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 15:42:11 GMT -5
 Avast: 191.2360 (build 191.4142.0) This is the screen when I click on Avast, I don't see reports. |
|
|
|
Post by jholland1964 on Jan 6, 2019 15:58:45 GMT -5
Avast: 191.2360 (build 191.4142.0) This is the screen when I click on Avast, I don't see reports. You only showed part of the screen. It stops at the "a's" Files are alphabetical order. Scroll down and see if Reports is there. If not then look in that x86 folder there.
Also, earlier you said you never use Internet Explorer but you must have used it sometime because you said you removed add-ons that were installed on it. You have to use it to install add-ons.
Please open Internet Explorer and go to Tools, Internet Options, Advanced Tab and Reset Internet Explorer. This will put it back to the original default state.
|
|
|
|
Post by jholland1964 on Jan 6, 2019 16:41:16 GMT -5
Everton and I both feel that you have some sort of infection on your computer. The incorrect time zone setting certainly has been a factor because that is known for sure to cause problems with security programs and proper updating. We know the Malwarebytes' program was broken, not sure about the others you have but certainly a possibility with Avast too.
VERY easy to use.
|
|
bf942
Junior Member
Posts: 71
|
Post by bf942 on Jan 6, 2019 17:37:34 GMT -5
I ran the scan.  |
|
