Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fast in safe mode, slow in normal mode(Windows 10)


  • Please log in to reply
8 replies to this topic

#1 drathjon

drathjon

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 02 July 2017 - 05:34 PM

Hello I was at the windows 10 forums, I did a clean boot and checked all start up programs and services, my start up got a bit faster but my computer in normal mode is still rather choppy. I did a malware scan using Malwarebyte and got 8 potential threats and now I am doing a full scan with it along with root kit on all drives, but I was told to come here for help. What do I do now? :o



BC AdBot (Login to Remove)

 


#2 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 02 July 2017 - 06:01 PM

Might be helpful to have the original thread link to see what has already been tried...

 

https://www.bleepingcomputer.com/forums/t/650446/windows-10-safe-mode-is-fast-but-normal-mode-is-insanely-slow/

 

After the full Malwarebytes scan completes, reboot and do the following...

 

Download and run Sysinternals' Process Explorer.

https://technet.microsoft.com/en-us/sysinternals/bb896653

Enable the VirusTotal check in Process Explorer by clicking on Options > VirusTotal.com > Check VirusTotal.com

Use the built-in Windows Snipping Tool to grab screen shots of all processes, noting any that were flagged by VirusTotal.

 

Post the images on a site such as Dropbox, Imgur, etc. and paste the links to the images in the thread.

 

Post your Malwarebytes full scan results.


Edited by jwoods301, 02 July 2017 - 06:06 PM.


#3 drathjon

drathjon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 03 July 2017 - 07:29 PM

Scan 1

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/2/17
Scan Time: 1:47 PM
Log File: Scan 1.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2279
License: Trial

-System Information-
OS: Windows 10 (Build 14393.1358)
CPU: x64
File System: NTFS
User: John-PC\John

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 436060
Threats Detected: 8
Threats Quarantined: 8
Time Elapsed: 6 min, 21 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 5
PUP.Optional.InstallCore, HKU\S-1-5-21-502153649-1276839941-3508558802-1000\SOFTWARE\csastats, Quarantined, [3], [260986],1.0.2279
PUP.Optional.InstallCore, HKU\S-1-5-21-502153649-1276839941-3508558802-1000\SOFTWARE\ICSW1.23, Quarantined, [3], [239562],1.0.2279
PUP.Optional.ProductSetup, HKU\S-1-5-21-502153649-1276839941-3508558802-1000\SOFTWARE\PRODUCTSETUP, Quarantined, [15060], [242047],1.0.2279
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA4A0476-0903-4731-B961-CF6520B09D10}, Quarantined, [1954], [412581],1.0.2279
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\CMPCUAC, Quarantined, [1954], [412582],1.0.2279

Registry Value: 2
PUP.Optional.ProductSetup, HKU\S-1-5-21-502153649-1276839941-3508558802-1000\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [15060], [242047],1.0.2279
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FA4A0476-0903-4731-B961-CF6520B09D10}|PATH, Quarantined, [1954], [412581],1.0.2279

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
PUP.Optional.CleanMyPC, C:\WINDOWS\SYSTEM32\TASKS\CMPCUAC, Quarantined, [1954], [412583],1.0.2279

Physical Sector: 0
(No malicious items detected)


(end)


Scan 2:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/3/17
Scan Time: 2:46 AM
Log File: Scan 2.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2282
License: Trial

-System Information-
OS: Windows 10 (Build 14393.1358)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 436102
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 6 min, 41 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)


Edited by drathjon, 03 July 2017 - 07:30 PM.


#4 drathjon

drathjon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 03 July 2017 - 07:57 PM

What do I do once I click on the Check VirusTotal.com option??



#5 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 03 July 2017 - 08:09 PM

Run Process Explorer.

 

It will show a column for VirusTotal checks and flag any processes that are suspicious.



#6 drathjon

drathjon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 04 July 2017 - 05:33 PM

Run Process Explorer.

 

It will show a column for VirusTotal checks and flag any processes that are suspicious.

Oh I found the virus total checks and I found on amsvc where 1/63 is found. So one file might be infected, do I do a scan? Everytime I do a scan, it seems to be clean.



#7 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 04 July 2017 - 06:05 PM

Since Autoruns uses approximately 65 different scanners, it's not unusual to see a few false positives.

 

However, when "major" scanners from vendors such as Emisoft, TrendMicro, Malwarebytes, F-Secure, Bitdefender, etc. flag something, it warrants further investigation.

 

I would like to see screenshots (mentioned above on how to do those) of the list of processes in Process Explorer.


Edited by jwoods301, 04 July 2017 - 06:06 PM.


#8 drathjon

drathjon
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 05 July 2017 - 05:11 PM

Since Autoruns uses approximately 65 different scanners, it's not unusual to see a few false positives.

 

However, when "major" scanners from vendors such as Emisoft, TrendMicro, Malwarebytes, F-Secure, Bitdefender, etc. flag something, it warrants further investigation.

 

I would like to see screenshots (mentioned above on how to do those) of the list of processes in Process Explorer.

You mean of all the processes? Regardless if they are indicated potential virus? Just the entire list?



#9 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 AM

Posted 05 July 2017 - 05:24 PM

Correct.

 

It may take several screenshots.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users