Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PC running weirdly slow.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

PC running weirdly slow.

Unread postby RoboHobo » April 28th, 2016, 11:57 pm

Hey guys. The PC I use has been running pretty poorly, especially while playing games. I doubt it's a hardware problem, as it's less than a year old right now. While looking at speccy, the GPU is running at 50°c while idle. I can't see excessive amounts of dust in the case. After playing certain games, the PC runs very poorly even after closing the game, until I restart it. I hope this is enough information, I can provide more if necessary. The logs are too large to fit both into this post, I'll attach them below.
You do not have the required permissions to view the files attached to this post.
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm
Advertisement
Register to Remove

Re: PC running weirdly slow.

Unread postby MWR 3 day Mod » May 4th, 2016, 11:16 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: PC running weirdly slow.

Unread postby capnkrunch » May 5th, 2016, 6:20 pm

Sorry about the wait. I am currently reviewing your logs and will post back with instructions shortly. In the meantime please read and familiarize yourself with these instructions.
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby capnkrunch » May 5th, 2016, 6:23 pm

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.

Hello and welcome to the Malware Removal Forums :)

My name is capnkrunch and I will be helping you with your malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  • The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  • You must have Administrator rights, permissions for this computer.
  • DO NOT run any other fix or removal tools unless instructed to do so.
  • DO NOT install any other software (or hardware) during the cleaning process.
  • Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  • Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  • Only reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean".
    Remember, absence of symptoms does mean the infection is all gone.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Failure to respond for 3 days, will result in your topic being closed.

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care, not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


For your safety and protection, I would advise backing up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby capnkrunch » May 5th, 2016, 6:49 pm

P2P Advisory!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assitance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.

Otherwise, there are instructions for removing it in the next step.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step one...

Uninstall Programs
  • Press the Windows Key + R.
  • Enter appwiz.cpl into the text box and click OK.
  • Locate the following programs:
    µTorrent
  • Press the Uninstall or Uninstall/Change button and carefully follow any prompts to uninstall the program.
    • Take care to read through any prompts completely! Some uninstallers may attempt to trick you into keeping the program.
    • Do this for every program listed.
    • Don't worry if you can't find one of the programs. Just be sure to let me know in your reply.
  • Once finished reboot your computer.

Step two...

CKScanner
Please download CKScanner and save it to your Desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  • Right click on the CKScanner.exe icon and select Run as administrator.
  • Click the Search For Files button.
  • When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  • Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  • Please copy/paste the contents of ckfiles.txt in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • Your decision about P2P software
  • ckfiles.txt
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby RoboHobo » May 5th, 2016, 9:15 pm

Hi, although I appreciate the help, I'm leaving to visit family later tonight for a few days and I doubt I'll be back in time to continue this thread. I'm sorry if I've wasted any of your time.
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm

Re: PC running weirdly slow.

Unread postby capnkrunch » May 5th, 2016, 9:31 pm

Hello RoboHobo :)

Thanks for letting me know. Since told me ahead of time I can keep this thread open until you get back even if it's past the 72 hour limit.

Let me know what you would like to do.
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby RoboHobo » May 6th, 2016, 1:23 am

Wow, leaving the thread open would be great! I'll put the ckscanner logs below, and I'll try to post letting you know before I leave, then again when I'm back. I'm expecting to be gone for at least 5 days.

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\dsfixkeys.ini
c:\program files (x86)\steam\steamapps\common\garrysmod\garrysmod\addons\css_content_addon_dec2015\materials\concrete\prodwllecracked.vmt
c:\program files (x86)\steam\steamapps\common\garrysmod\garrysmod\addons\css_content_addon_dec2015\materials\concrete\prodwllecracked.vtf
c:\program files (x86)\steam\steamapps\common\garrysmod\garrysmod\materials\concrete\prodwllecracked.vmt
c:\program files (x86)\steam\steamapps\common\garrysmod\garrysmod\materials\concrete\prodwllecracked.vtf
c:\program files (x86)\steam\steamapps\common\rocketleague\tagame\cookedpcconsole\paintfinish_cracked_sf.upk
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\backpack\player\items\all_class\taunt_skullcracker.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\backpack\player\items\all_class\taunt_skullcracker.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\backpack\player\items\all_class\taunt_skullcracker_large.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\backpack\player\items\all_class\taunt_skullcracker_large.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\cp_manor\plaster_crackle01.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\cp_manor\plaster_crackle01.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\effects\mvm_pow_crack.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\tf\materials\effects\mvm_pow_crack.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\workshop\materials\models\lt_c\tablet\overlay_crack.vtf
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\workshop\materials\models\lt_c\tablet\screen_overlay_crack.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\workshop\materials\models\lt_c\tech\cellphone\screen_home_crack.vmt
c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\workshop\materials\models\lt_c\tech\cellphone\screen_overlay_crack.vmt
c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\download\materials\sprites\store\trails\crackedbeam.vmt
c:\program files (x86)\steam\steamapps\common\team fortress 2\tf\download\materials\sprites\store\trails\crackedbeam.vtf
c:\program files (x86)\steam\steamapps\sourcemods\tf2classic\materials\cp_manor\plaster_crackle01.vmt
c:\program files (x86)\steam\steamapps\sourcemods\tf2classic\materials\cp_manor\plaster_crackle01.vtf
c:\program files (x86)\steam\steamapps\sourcemods\tf2classic\materials\effects\mvm_pow_crack.vmt
c:\program files (x86)\steam\steamapps\sourcemods\tf2classic\materials\effects\mvm_pow_crack.vtf
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\markarth\crackrock4b_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\markarth\crackrock4var2_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\markarth\crackrock4var3_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\markarth\crackrock4_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\windhelm\wholdcrackedbrick2_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\project parallax remastered\textures\architecture\windhelm\wholdcrackedbrick_p.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4b.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4b_n.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4var2.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4var3.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\markarth\crackrock4_n.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\windhelm\wholdcrackedbrick.dds
c:\users\chunkymonkeyman\desktop\stuff\gamestuff\modorganizer\mods\skyrim hd - 2k textures\textures\architecture\windhelm\wholdcrackedbrick2.dds
scanner sequence 3.ZZ.11.BINAW0
----- EOF -----
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm

Re: PC running weirdly slow.

Unread postby capnkrunch » May 6th, 2016, 8:49 pm

Hello RoboHobo :)

RoboHobo wrote:I'll try to post letting you know before I leave, then again when I'm back.

Please let me know when you're leaving. I will keep this open for a week after that. If it's going to be longer just post here to let me know.

When you get back please run and post a new set of FRST logs. Make sure to check the box for Addition.txt under Optional Scan.
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby RoboHobo » May 7th, 2016, 12:26 am

Hi, I left last night, I'm sorry for not posting earlier, but I should be back within a week
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm

Re: PC running weirdly slow.

Unread postby RoboHobo » May 12th, 2016, 8:05 pm

Hooray! I'm Back! I'll attach both FRST and Addition to this post.
You do not have the required permissions to view the files attached to this post.
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm

Re: PC running weirdly slow.

Unread postby capnkrunch » May 12th, 2016, 9:09 pm

Hello RoboHobo :)

Posting Logs As Attachments Warning
Please copy and paste logs instead of attaching them. If they are too large you will have to split them up across multiple posts.

Step one...

Please answer the following question:

Do you recognize this Chrome extension: Privacy Palette? Was it installed voluntarily?

Step two...

Create a Backup With Tweaking.com Registry Backup (TCRB)
There is also a tutorial with pictures available HERE.
  • Download TCRB from HERE and save it to your Desktop.
  • Double-click on tweaking.com_registry_backup_setup.exe and follow the prompts to install TCRB.
  • Launch TCRB.
  • Click the Backup Registry tab and make sure all the boxes are checked.
  • Click on Backup Now.
  • Once the backup is finished you can now exit the program.

STOP! Do not proceed any further if you were not able to create a registry backup. Post back with what happened so we can determine why it was unsuccessful.

Step three...

Show Hidden Files and Folders
  • Click Start and then click File Explorer.
  • Click on the View tab and then click Options.
  • In the Folder Options window click on the View tab.
  • Check Show hidden files and folders and uncheck Hide extensions for known file types.
  • Click OK.

Step four...

Upload Files to VirusTotal
  • Please go to VirusTotal.
  • Click the Choose File button.
  • Navigate to one of the following files:
    C:\Users\ChunkyMonkeyMan\AppData\Local\Temp\~A8E6.tmp
    C:\Users\ChunkyMonkeyMan\AppData\Local\Temp\1517.tmp.node
  • Click the Scan it! button.
  • You might see a message saying File already analysed, if you do click Reanalyse.
  • Wait for all the scans to finish then copy and paste the web address from your broswer's address bar.
    Example of web address :
    Image
  • Include the link in your next reply.
    Note: if you cannot find one or both of the files let do not worry. Finish the rest of the steps and let me know in your reply which file(s) you could not find.

Step five...

AdwCleaner - Scan Only
  • Please download AdwCleaner by Xplode save it to your Desktop.
  • Close all open programs and windows so that you are at your Desktop.
  • Right click on adwcleaner.exe and click Run as administrator.
  • Click on the Scan button.
    When the scan finishes, you'll see a message in the AdwCleaner window: "Waiting for action. Please uncheck elements you want to keep."
  • Do not attempt to clean anything at this point.
  • Click on the Logfile button.
  • This will open a file, AdwCleaner[S1].txt. Copy and paste the contents of that logfile in your reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • An answer to my question
  • The VirusTotal links
  • AdwCleaner[S1].txt
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby RoboHobo » May 13th, 2016, 3:07 am

Hi, I couldn't find the file :C:\Users\ChunkyMonkeyMan\AppData\Local\Temp\~A8E6.tmp
But I scanned the other one fine : https://www.virustotal.com/en/file/b34e ... 463122611/

To answer your questions, I'm aware of Privacy Pallette and I willingly installed it, and my PC seems to be running pretty smoothly right now, although the problem was pretty common when I made this thread, I'm thinking that it might have simply been an overheating issue. The adw logs are below.

# AdwCleaner v5.116 - Logfile created 13/05/2016 at 17:00:03
# Updated 09/05/2016 by Xplode
# Database : 2016-05-13.1 [Server]
# Operating system : Windows 10 Home (X64)
# Username : ChunkyMonkeyMan - DESKTOP-H29K877
# Running from : C:\Users\ChunkyMonkeyMan\Downloads\adwcleaner_5.116.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.myplaycity.com_0.localstorage
File Found : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.myplaycity.com_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [1494 bytes] - [13/05/2016 17:00:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1567 bytes] ##########
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm

Re: PC running weirdly slow.

Unread postby capnkrunch » May 13th, 2016, 3:25 pm

Hello RoboHobo :)

RoboHobo wrote:To answer your questions, I'm aware of Privacy Pallette and I willingly installed it, and my PC seems to be running pretty smoothly right now, although the problem was pretty common when I made this thread, I'm thinking that it might have simply been an overheating issue. The adw logs are below.

That's good to hear. There hasn't been any signs of malware yet but there are some things to clean up and a few more scans to run to make sure we haven't missed anything. So please stick with me for a bit longer.

Driver Updater Warning
I see signs of a program called Driver Robot but it doesn't appear in your uninstall list. Driver updater programs are for the most part unneccessary. Despite claims, updating drivers is rarely neccessary and if it updates them to an incorrect version may break your system so that only a reinstall of Windows can fix it. I do not recommend such programs due to the risk involved. It's a pain but if you want to update drivers getting them directly from the manufacturer is the best way to do it; although, like I said there is rarely good reason to need to update them.

I would recommend uninstalling this program, but as it is not in your uninstall list I won't worry about it.

For more information please read: Driver Updaters: Digital Snake Oil, Part 2

Step one...

AdwCleaner - Scan and Clean
  • You should still have adwcleaner.exe in your Downloads folder. If not please download it HERE.
  • Close all open programs and windows.
  • Right click on adwcleaner.exe and click Run as administrator.
  • Click on the Scan button.
  • When the scan finishes, you'll see a message in the AdwCleaner window: "Waiting for action. Please uncheck elements you want to keep."
  • Click on Cleaning.
  • Once finished AdwCleaner will prompt you to reboot. Please allow it to do so.
  • On reboot a log will open AdwCleaner[C1].txt. Copy and paste the contents of that logfile in your reply.

Step two...

FRST Fix
  • You should still have FRST64.exe in your Downloads folder. If not please download it HERE.
  • Press the Windows Key + R.
  • Type notepad.exe into the text box and click OK.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: Select all.
    • (Click the Select all button next to Code: to select the entire script).
    Code: Select all
    CreateRestorePoint:
    
    Task: {318F2743-FEA1-44F6-ACCA-48DDDCDABB90} - \CCleanerSkipUAC -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    CMD: ipconfig /flushdns
  • Save it next to FRST64.exe as fixlist.txt.
    Important! fixlist.txt must be saved in the same directory as FRST64.exe to work.
  • Right click on FRST64.exe and select Run as administrator.
  • Press the Fix button one time only and wait.
  • When FRST finishes you will be prompted to reboot your computer. Click OK.
  • Your computer should now restart. On reboot navigate to your Downloads folder where you should find Fixlog.txt. Copy and paste the contents in your reply.

Step three...

Malwarebytes Anti-Malware (MBAM) Scan
Note: you need to be connected to the internet so that MBAM can download any updates it needs to.
  • Please close all open programs and windows so that you are at your Desktop.
  • Press the Windows Key + R.
  • Type mbam.exe into the text box and click OK.
  • Allow MBAM to update if it asks you to.
  • Click Scan Now. MBAM will update its databases and proceed to scan your computer.
  • If prompted to allow a reboot please do so.
    Failing to reboot when asked can prevent MBAM from removing all the malware it finds.
  • Once the scan is finished click Save Results >> in the bottom right corner and select Copy to Clipboard. Paste the results in your next reply.
  • If MBAM required a reboot please do the following to get the report:
    • On reboot reopen MBAM.
    • Click History and then click the most recent Scan Log.
    • Click Export and then click Copy to Clipboard. Paste the results in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • AdwCleaner[C1].txt
  • Fixlog.txt
  • The MBAM log
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: PC running weirdly slow.

Unread postby RoboHobo » May 13th, 2016, 9:34 pm

All the instructions seem to have worked fine, I'll paste all the logs below.

# AdwCleaner v5.116 - Logfile created 14/05/2016 at 10:34:41
# Updated 09/05/2016 by Xplode
# Database : 2016-05-13.1 [Server]
# Operating system : Windows 10 Home (X64)
# Username : ChunkyMonkeyMan - DESKTOP-H29K877
# Running from : C:\Users\ChunkyMonkeyMan\Downloads\adwcleaner_5.116.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.myplaycity.com_0.localstorage
[-] File Deleted : C:\Users\ChunkyMonkeyMan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.myplaycity.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1619 bytes] - [14/05/2016 10:34:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1646 bytes] - [13/05/2016 17:00:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [1719 bytes] - [14/05/2016 10:32:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1838 bytes] ##########



Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by ChunkyMonkeyMan (2016-05-14 10:45:59) Run:1
Running from C:\Users\ChunkyMonkeyMan\Downloads
Loaded Profiles: ChunkyMonkeyMan (Available Profiles: ChunkyMonkeyMan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:

Task: {318F2743-FEA1-44F6-ACCA-48DDDCDABB90} - \CCleanerSkipUAC -> No File <==== ATTENTION

Hosts:
EmptyTemp:
CMD: ipconfig /flushdns
*****************

Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{318F2743-FEA1-44F6-ACCA-48DDDCDABB90}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{318F2743-FEA1-44F6-ACCA-48DDDCDABB90}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 40.8 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:47:24 ====




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14/05/2016
Scan Time: 11:16 AM
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.14.01
Rootkit Database: v2016.05.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: ChunkyMonkeyMan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324906
Time Elapsed: 9 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
RoboHobo
Active Member
 
Posts: 10
Joined: April 28th, 2016, 11:49 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 116 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware