ok I've done the speccy thing but can't seem to get the log in here- it's massive.
Malware Infection- Pop ups, redirects, irregular fonts & more.
Started by
andrea22
, May 19 2016 03:15 AM
#17
Posted 28 May 2016 - 03:30 AM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 86.71 0 K 24 K 0
firefox.exe 9.09 380,256 K 425,300 K 5832 Firefox Mozilla Corporation (Verified) Mozilla Corporation
procexp.exe 1.34 20,188 K 38,004 K 4588 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
BrYNSvc.exe 1.00 3,484 K 5,500 K 1740 BrYNCSvc Fuji Xerox Co., Ltd. (No signature was present in the subject) Fuji Xerox Co., Ltd.
Interrupts 0.46 0 K 0 K n/a Hardware Interrupts and DPCs
System 0.43 64 K 4,776 K 4
dwm.exe 0.43 26,808 K 25,268 K 7188 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.23 36,052 K 50,136 K 6768 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 0.08 8,356 K 9,732 K 1516 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.07 1,692 K 5,544 K 1264
AvastSvc.exe 0.06 182,628 K 41,700 K 1356 avast! Service AVAST Software (Verified) AVAST Software a.s.
svchost.exe 0.02 81,108 K 81,404 K 988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
BrStMonW.exe 0.02 2,600 K 8,784 K 7856 Status Monitor Application Fuji Xerox Co., Ltd. (No signature was present in the subject) Fuji Xerox Co., Ltd.
svchost.exe 0.01 15,568 K 14,040 K 1216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.01 114,016 K 141,884 K 4348 Dropbox Dropbox, Inc. (Verified) Dropbox
iPodService.exe < 0.01 1,864 K 4,576 K 3584 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
NDSTray.exe < 0.01 7,716 K 2,860 K 3428 ConfigFree Task Tray Menu TOSHIBA CORPORATION (Verified) TOSHIBA CORPORATION
wmpnetwk.exe < 0.01 11,404 K 7,416 K 4796 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
sqlservr.exe < 0.01 42,996 K 8,408 K 2500 SQL Server Windows NT Microsoft Corporation (Verified) Microsoft Corporation
AppleMobileDeviceService.exe < 0.01 2,964 K 6,316 K 1760 MobileDeviceService Apple Inc. (Verified) Apple Inc.
taskhost.exe < 0.01 9,024 K 11,780 K 3460 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
AvastUI.exe < 0.01 17,032 K 20,248 K 7144
svchost.exe < 0.01 27,776 K 36,320 K 1040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,568 K 3,404 K 548
SearchIndexer.exe < 0.01 44,940 K 23,572 K 3608 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iCloudServices.exe < 0.01 6,484 K 19,832 K 7408 iCloud Apple Inc. (Verified) Apple Inc.
AvastVBoxSVC.exe < 0.01 2,920 K 6,776 K 3688 AvastVirtualBox Interface Avast Software (Verified) AVAST Software a.s.
iTunesHelper.exe < 0.01 3,320 K 10,556 K 6004 iTunesHelper Apple Inc. (Verified) Apple Inc.
WmiPrvSE.exe 8,688 K 13,988 K 3384
WmiPrvSE.exe 1,984 K 5,164 K 1512
winlogon.exe 2,180 K 5,816 K 6576
wininit.exe 1,252 K 2,880 K 628
unsecapp.exe 1,316 K 4,380 K 6228
TrustedInstaller.exe 8,148 K 9,420 K 7536 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
ThpSrv.exe 804 K 2,156 K 2840 TOSHIBA HDD Protection Service TOSHIBA Corporation (Verified) TOSHIBA CORPORATION
taskeng.exe 1,112 K 3,864 K 6528
taskeng.exe 1,360 K 4,524 K 5956 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 59,928 K 45,024 K 4892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 8,732 K 9,728 K 1592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,740 K 9,848 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,768 K 6,796 K 804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,096 K 6,844 K 892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16,832 K 14,716 K 956 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,252 K 5,256 K 2800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,624 K 5,496 K 7748 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,404 K 8,284 K 2304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
StikyNot.exe 5,172 K 10,836 K 2980 Sticky Notes Microsoft Corporation (Verified) Microsoft Windows
sqlwriter.exe 1,468 K 3,832 K 2716 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
sqlbrowser.exe 1,160 K 2,580 K 2676 SQL Browser Service EXE Microsoft Corporation (Verified) Microsoft Corporation
smss.exe 368 K 796 K 376
services.exe 5,228 K 7,364 K 676
notepad.exe 5,356 K 9,732 K 1776 Notepad Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 2,240 K 4,260 K 2244 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 1,644 K 3,192 K 704
lsass.exe 4,860 K 9,224 K 696 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 2,544 K 7,224 K 4212 Java Update Scheduler Oracle Corporation (Verified) Oracle America
jucheck.exe 5,112 K 12,460 K 5888 Java Update Checker Oracle Corporation (Verified) Oracle America
GWX.exe 3,012 K 1,316 K 5960 GWX Microsoft Corporation (Verified) Microsoft Windows
CFSwMgr.exe 3,628 K 816 K 3732 ConfigFree Switch Manager Process TOSHIBA CORPORATION (Verified) TOSHIBA CORPORATION
BcmSqlStartupSvc.exe 788 K 2,520 K 2164 BCM SQL Startup Service Microsoft Corporation (Verified) Microsoft Corporation
armsvc.exe 860 K 2,536 K 1732 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
APSDaemon.exe 2,472 K 8,880 K 4504 Apple Push Apple Inc. (Verified) Apple Inc.
ApplePhotoStreams.exe 9,528 K 24,616 K 5300 iCloud Photos Apple Inc. (Verified) Apple Inc.
#18
Posted 28 May 2016 - 08:07 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Speccy log needs to be attached. Click on More Reply Options then on Choose Files, point it at the speccy log, Open. Then Attach This File. Add. Reply.
#20
Posted 29 May 2016 - 12:53 AM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
UGH I can't see any attachment.
#21
Posted 29 May 2016 - 08:24 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
It is a rather stupid process. I sometimes get it wrong too. I usually forget the Attach This File step. If all else fails break the speccy log up into several posts.
#24
Posted 29 May 2016 - 05:22 PM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
got it with the advanced uploader, yay!
#25
Posted 29 May 2016 - 05:40 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
I got the speccy log but you left the Windows serial number so I have deleted them from your post. Speccy says the temps are good, the hard drive is fine and there are no strange connection. Your Java is a bit out of date. You need to update it or since you don't use it just uninstall it.
You can also uninstall Speccy.
How is it running now?
#26
Posted 29 May 2016 - 05:52 PM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
It's running no better and no worse. I'm still getting the 'not responding' on firefox but not as often. I had to control/alt/delete once yesterday. The temp issue is now sorted because I bought a tilted stand with inbuilt fans. Will uninstall java now and see if that fixes the font size issue.
#27
Posted 29 May 2016 - 05:58 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Have you run a boot-time scan with Avast yet? It takes like 6 hours so I usually let it run at night.
Open Avast, Scan, Scan for Viruses, Change the Quick Scan (in the box in the center of the page) to Boot-time Scan. Then at the bottom of the page click on Scan Settings.
Make sure both boxes are checked and click on the gray box to the right of the orange ones. It should turn orange. Change where it says "Fix Automatically" to "Move to
Chest." OK. Now click on Start and then close Avast. Mute your speakers so it doesn't wake you up when Windows boots.
When you reboot you will see the scan start. It will tell you where it saves its log. Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. This is a hidden location so you will need to tell Windows to let you see it:
Copy and paste the text from the log to a Reply when done.
#28
Posted 29 May 2016 - 06:15 PM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
Ok will do that overnight tonight- 10 am here now. Thanks so much for all your help!
#29
Posted 31 May 2016 - 05:11 PM
andrea22
- Topic Starter
-
- Member
-
- 139 posts
Member
05/31/2016 21:12
Scan of C:
Scan of *STARTUP
File C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_6.1.7601.18766_875fdb4529604f8428ed2441b2e79b17e3cfc26e_cab_15538c76\CbsPersist_20160319102059.cab|>CbsPersist_20160319102059.log Error 42127 {CAB archive is corrupted.}
Number of searched folders: 36589
Number of tested files: 1345767
Number of infected files: 0
#30
Posted 31 May 2016 - 05:25 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Go to http://www.speedtest.net/and click on Begin Test
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
Let's try Firefox in Safe Mode and see if it still acts up. If it doesn't then one of your extensions or add-ons is at fault.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
