fortr
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by fortr
-
-
Thanks so much for your help, that at least makes me less panicky about the weird slowdown.
Attached are the new logs.
During the initial instructions you gave me there were several (4 or 5) built in processes that were moved to quarantine. Were they deleted as part of that or are they still there? I think some of them were part of my audio drivers and something called HP Coolsense. (I think that some of the new errors shown in these logs are related to those items.) Can/will I get them back somehow in this clean-up process?
(I'm including two sets, done a few minutes apart, because I forgot to turn the internet on the first time which meant it didn't update. The earlier ones were just a partial scan, as I cut it off as soon as I realized it. I'm not sure if that will matter, but I'm including that partial set just in case. The most recent ones (full scan) are the 17.06 versions.)
Thanks again!
Addition_14-04-2021 17.06.27.txt FRST_14-04-2021 17.06.27.txt Addition_14-04-2021 16.51.23.txt FRST_14-04-2021 16.51.23.txt
-
I'm also not sure if this is relevant, but for some reason ever since I "reset" the computer it seems to create duplicates of my files with the $ symbol ahead of them. And most of them are sort of greyed out... Is that normal? Some sort of OneDrive backup thing? Or malware? I have tried to disable OneDrive at every corner, but it keeps coming back!
I did also find this file, which I hope is the actual log file that seemed to be missing from above. (I compared the names, and this seems to have the right timestamps--the ones right around 16:45 today.)
Should I be concerned that the ADW scan quarantined and then seems to have deleted things like my HP CoolSense? (I think that's the fan for the computer, so I am worried I might need it.)
-
Please see attached.FRST.txt
I hope the Malwarebytes log is ok. The new one I ran in step 1 seems to have gotten deleted somehow in the process? (My CCleaner runs on startup, so maybe that's why after the restart before step 3?) No history whatsoever showing in the application's Detection History section itself, so I dug around in the file explorer and pulled what I think it might be based on the time stamp. But that was a BK file of some sort, so it wouldn't attach. So I've tried running the MWB scan again just now (after completing step 3), but I'm not sure if it as helpful if it is out of order. Hopefully the scan from my original post might be of value? I don't think anything substantial changed over the weekend. Or maybe there's another spot it might be hiding? (That sounds crazy, I guess--something akin to the dog ate my homework. My CCleaner ate my log file...)
Please let me know if there is anything else I can get you.
Thanks so much for your help!
PS--For some reason it shows all these extra anti-virus programs are all still enabled. (And in my security center settings it actually lists two Bit defender ones, one right after the other. I had to manually disable both separately, and the log seems to show at least one of them is still enabled. And then on top of that it seems to show another of the old ones I tried when I first suspected a problem as still enabled, too. But it doesn't exist anywhere I can find it, so there's no way I can come up with to disable it.)
I fear I may be going insane.
Addition.txt AdwCleaner[C02].txt AdwCleaner[S02].txt malwarebyteslog.txt
-
Yes, thank you! For some reason I never got a notice about your first reply! I will run the scans you requested and post them here as soon as I can get to my computer. Thank you!
-
Hi,
Please see attached MB log (at least I think this is the right one), Addition.txt and FRST.txt files.
My computer has been acting quite strangely since February. Lots of folders with strange strings of letters and numbers being generated almost non-stop, logs that almost look like keylogs, incredibly high CPU and disk usage. I tried every scan I could: Defender, MalwareBytes, etc. In desperation I ultimately reset the computer entirely. (I did the version that keeps personal files and just refreshes the Windows install.) It helped, but not for terribly long--maybe a week or two?
I have checked every anti-virus I could since then: Defender (again, several times), McAfee, Kaspersky, BitDefender (the current one, but I've run additional Defender scans since then, including an offline removal scan on multiple occasions). I have used CCleaner repeatedly and now have it set to run on startup. I have reinstalled and run MalwareBytes, several others from the same company (ADW cleaner I think it's called, and a few others from that list on bleepingcomputer.com). Everything comes up clean. I have also disabled everything I can find in the startup menu that isn't critical (though there are a few I am unsure about and have left alone).
I use several heavy memory programs for school--PowerBI, Tableau (including two add-ins: DAXStudio and Tabular Editor), an SQL program, and Excel files that frequently have thousands of lines--and have a large set of picture files with occasional Photoshop use (a very old version of Photoshop, so theoretically smaller program, not sure). I have Adobe Acrobat, which I recently needed to sign some electronic documents, and despite multiple attempts it now strangely won't let me uninstall (or modify). But I try to keep the rest of the computer fairly clean. All of these ran smoothly prior to the February issues, but all run much slower now, which is impacting my ability to do schoolwork. (No significant gaming programs, except for Age of Empires II, which I can't remember if I've even reinstalled since the reset. There is also an old hidden picture program (Escape Whisper Valley--very small) and a basic solitaire game from the Windows store.)
There frequently seems to be a lot of activity when the computer is in idle mode. There does also seem to be a significant decrease in speed if I've left it on for a day or two--even after restarting, which I find strange, and even if I give it a break between powering off and powering it back on. I've wondered if this meant it was being run remotely by some hacker, but I might just be paranoid, lol (at least I hope that's safe to laugh at).
Would you please offer any suggestions?
Thank you so much for your time. I'll be happy to provide other logs/files as needed.
FortR
Odd infection? Returns after computer reset?
in Resolved Malware Removal Logs
Posted
Just fyi, I have not forgotten you! I've had to travel unexpectedly, and I can't finish this up until early next week, but I definitely please want to do so when I get back. For some reason my computer will no longer update Windows, and I think it must have to do with the items moved to quarantine.
I'll reach out next Tuesday or Wednesday.