horse_3 Posted August 16, 2022 ID:1528846 Share Posted August 16, 2022 Hello, few days a go I noticed that some programs, mainly Google Chrome, are oddly slow. This noticably manifests as videos buffering for way longer than usual and websites loading slower than usual. Also my disk usage often times seems to near 100%, when with the same amount of programs open previously it didn't. Malwarebyres scan found nothing. I have posted the relevant attachments. Malwarebytes_Logs.txt Addition.txt FRST.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 17, 2022 ID:1528942 Share Posted August 17, 2022 Hello @Horse_3 Do realize that a slow browser or slow system may be due to factors other than a 'infection'. You made mention of Chrome. Let us start with some steps to help Chrome and Edge browsers. for Chrome, while Chrome is running: Press & hold SHIFT+CTRL+Del keys on keyboard to get menu for clearing browsing data: Check mark the line "Browsing history" Check mark the line "Download history" Check mark the lined "Cached images and files" and press Clear Data button ( in blue ) [ 2 ] See this article on our Malwarebytes Bloghttps://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera. Scroll down to the tips section "How do I disable them". [ 3 ] Let me suggest that you get your browsers each, as applicable, to have the Malwarebytes Browser Guard. See Support article how-to https://support.malwarebytes.com/hc/en-us/articles/360038520374-Install-Malwarebytes-Browser-Guard For the EDGE browser https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Note: If your pc also has Opera or Brave or Vivaldi browser, you can install the Chrome version of the Malwarebytes Browser Guard ( on each as appropriate). Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 17, 2022 ID:1529001 Share Posted August 17, 2022 (edited) Notes and observations. I am listing here 2 things that were noted from the Windows logs. The first one is from 5 August indicated a application hang of Windows Explorer. Application errors: ================== Error: (08/05/2022 04:12:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Ohjelman explorer.exe versio 10.0.19041.1806 lakkasi olemasta yhteydessä Windowsiin, joten se suljettiin. Voit tarkistaa, onko ongelmasta saatavilla lisätietoja, tarkastelemalla ongelmahistoriaa ohjauspaneelin Suojaus ja ylläpito -kohdassa. This one is a notation from Windows logs from 12 August: Error: (08/12/2022 05:26:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT administration) Description: Installation failed: Windows failed to install the following update and returned error 0x800f080a: 2022-08 Cumulative Update for Windows 10 Version 21H2 x64-based Systems (KB5016616). Suggest that when you next have the time, opportunity, and when machine is idle, to do this. RESTART Windows, first. I would highly suggest to insure that this pc is all up-to-date with security updates & cumulative updates on Windows. select the Windows Start button, and then go to Settings > Update & Security > Windows Update . and click Check for Updates. Have much patience. Edited August 17, 2022 by Maurice Naggar Link to post Share on other sites More sharing options...
horse_3 Posted August 18, 2022 Author ID:1529061 Share Posted August 18, 2022 I have done the steps in the first reply. My windows update settings show that I am up-to-date with updates, I did also notice that there was a driver update that I hadn't installed, however the problem does still persist. If there was nothing wrong in the logs other than windows issues I guess it must be some other problem. Link to post Share on other sites More sharing options...
Solution Maurice Naggar Posted August 18, 2022 Solution ID:1529100 Share Posted August 18, 2022 (edited) [1] Please set File Explorer to SHOW ALL folders, all files, including Hidden ones. Use OPTION ONE or TWO of this article Please use thuis guide https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html [2] I need future reports of FRST64 to be in English, my native language; and since this machine's language is non-English, I need an adjustment for just FRST tool. Go to your Downloads folder. Do a RIGHT-click with your mouse on FRST64.exe & select RENAME & then change it to FRSTENGLISH.exe . This will be a great help to me. [3] Next, a custom script to do checks & selected cleanups. We will use FRSTENGLISH.exe on the Downloads to run a custom script. The system will be rebooted after the script has run. This custom script is for horse_3 only / for this machine only. This custom script has some specific things, plus some general aspect to help the system overall. Hoping it will not exceed 60 minutes in execute time. This next run will do some checks using Windows SFC & DISM. It will also do some scans with Microsoft Defender antivirus. It will clear temporary files. It will clear Chrome & Edge browser cache files. Please be sure to Close any open work files, documents, any apps you started yourself before starting this. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. Please save the (attached file named) FIXLIST.txt to the Downloads folder Fixlist.txt <<< - - - - - Then, Start the Windows Explorer and then, go to the Downloads folder. RIGHT click on FRSTENGLISH.exe and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run. to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later, at your next opportunity. NOTE: I would like to make clear that the Farbar FRST reports do not have indications of any infection. And I would, also, reiterate that the Malwarebytes scan reported no infection. In any event, the hope is that the custom run will be beneficial, for example, in getting some pep back overall to the system. Edited August 18, 2022 by Maurice Naggar added note Link to post Share on other sites More sharing options...
horse_3 Posted August 19, 2022 Author ID:1529214 Share Posted August 19, 2022 (edited) Hello, I have done the steps and included the fixlog as an attachment. Also I am sorry for the language mixup. It definitely seems that things are running as they should be. I would like to thank you for the help even though it wasn't malware related. It seems some of the text in the Fixlog is not in english even though I renamed FRST. If needed I can change the system language and run it again. Fixlog.txt Edited August 19, 2022 by horse_3 Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 19, 2022 ID:1529222 Share Posted August 19, 2022 Hello. The run of the script is good. No, you do not need to re-run. The run accomplished what was intended. I am glad to read from you Quote It definitely seems that things are running as they should be By the way, the Microsoft Defender antivirus is in good shape. I would recommend getting a readout report as to update status of some key apps. Download SecurityCheck by glax24 from here https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe and save the tool on the desktop. If Windows's SmartScreen block that with a message-window, then Click on the MORE INFO spot and over-ride that and allow it to proceed. This tool is safe. Smartscreen is overly sensitive. Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt Link to post Share on other sites More sharing options...
horse_3 Posted August 19, 2022 Author ID:1529259 Share Posted August 19, 2022 I have ran the scan and attached the SecurityType.txt on the post. SecurityCheck.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 20, 2022 ID:1529308 Share Posted August 20, 2022 Hello. There are 3 applications needing your follow-up to insure they have the latest updates. WinRAR 6.10 (64-bit) v.6.10.0 Warning! Download Update Discord v.1.0.9003 Warning! Download Update Spotify v.1.1.89.862.g94554d24 Warning! Download Update Link to post Share on other sites More sharing options...
horse_3 Posted August 20, 2022 Author ID:1529316 Share Posted August 20, 2022 Hello, I have updated the programs in question. Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 20, 2022 ID:1529319 Share Posted August 20, 2022 We can rule out infection, altogether. We are nearing end-of-case, though I want to have your system disc checked. When you get some quiet time where you do not need to be using the computer, I would like you to run a CHKDSK to check the integrity of the file system storage on the disc. Click on START and type in CMD.EXE and when it shows on the menu right-click and select "Run as administrator" and type in or copy and paste the following exactly onto the command-prompt-window. Then press the Enter key and restart the computer. Let the DISK CHECK run. Do not touch any keys while booting. ECHO Y|CHKDSK C: /F Let me know if there are any errors shown from the disk check One other thing, let me know how old this machine is. Is it, say, over 8 years old ? Link to post Share on other sites More sharing options...
horse_3 Posted August 20, 2022 Author ID:1529320 Share Posted August 20, 2022 I have completed the scan and there were no errors shown on screen. It is close to being a 10 year old machine, although some of the parts have been changed, so a pretty good guess. Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 20, 2022 ID:1529325 Share Posted August 20, 2022 Thank you. That result from CHKDSK is good to know. Now, one other check, thru Windows, about disc hardware status. We will first launch a CMD command-prompt in Elevated mode On the Taskbar Search box, type in cmd.exe click the CMD line for "run as administrator" type the following and tap Enter: wmic Then COPY & PASTE the following and tap Enter: diskdrive get status If the status of your hard disk is normal, you will see a message, OK . Look close on your result & let me know what it showed. When all done, you may Close the command-window. Link to post Share on other sites More sharing options...
horse_3 Posted August 20, 2022 Author ID:1529326 Share Posted August 20, 2022 Hello, I did as advised and the message I got was OK. 1 Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 21, 2022 ID:1529343 Share Posted August 21, 2022 That is good. This system is good-to-go. This here is for tools cleanup. Please download KpRm by kernel-panik and save it to your desktop. right-click kprm_(version).exe and select Run as Administrator. Read and accept the disclaimer. When the tool opens, ensure all boxes under Actions are checked. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. A log may open in Notepad titled kprm-(date).txt. I do not need it. Just close Notepad if it shows up. Consider using PatchMyPC, keep all your software up-to-date - https://patchmypc.com/home-updater#download Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware. I am marking this case for closure. I wish you all the best. Stay safe. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Sincerely. Maurice Link to post Share on other sites More sharing options...
Recommended Posts