Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer running slowly


  • Please log in to reply
5 replies to this topic

#1 bourgja2

bourgja2

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 11 July 2018 - 08:16 AM

Hello, I have noticed recently that my computer is running slowly (taking a long time to load images or shortcut icons, taking 15-20 seconds to load simple pages like Google, etc.)  I have run some antivirus programs (AVG, Malwarebytes, Adaware, and ESET) that have not detected any viruses.  However, I am wondering if there might be a virus.  Would someone be willing to help me double-check this?  P.S.-- the last time this happened, it turned out to be a failing hard drive, however I have run Speccy and Gsmart and do not detect any problems there either.  Thanks in advance for any help!



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:29 PM

Posted 12 July 2018 - 08:12 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.

Wait for further instructions.

#3 bourgja2

bourgja2
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 12 July 2018 - 08:58 AM

Thanks I am attaching the files as requested.  

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:29 PM

Posted 12 July 2018 - 01:18 PM

Hi,

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

FF Homepage: Mozilla\Firefox\Profiles\k56ag4yp.default -> hxxps://www.google.com/webhp?complete=0&ion=0&hl=en&safe=off&num=100&filter=0&pws=0

Task: {0BF061AC-8FD0-49A4-A938-A1D63F676AAC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {0BF061AC-8FD0-49A4-A938-A1D63F676AAC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
Task: {15E3FE87-C420-42D0-A6FC-657DE7175A1A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {15E3FE87-C420-42D0-A6FC-657DE7175A1A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
Task: {2773E525-0393-4A61-8E25-2784ED13A2AC} - System32\Tasks\{C224A78D-E185-4DCC-BD04-AB210E6AAA57} => C:\Users\Jason user\Documents\Dayton stuff\LCEASY\LCEASY.EXE [1996-09-03] ()
Task: {307FFC68-5984-4A2B-9485-24F639B57178} - System32\Tasks\{B9189E92-5698-44B1-8002-A430192892E9} => F:\program files\UTETGDU\GDU 2.0\gdu.exe
Task: {520D7835-46BD-4249-894E-5EE28DC0C5B1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {520D7835-46BD-4249-894E-5EE28DC0C5B1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
Task: {66E831A8-A8BE-4F75-8DB6-C6FFD9BD9603} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {77303446-5A3F-4530-BA4B-2585BBCD9F69} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {7B8FB60C-3706-4C8A-99C3-2808CE04AF67} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
Task: {7E1C240E-68F2-401A-ACAB-3908D12C8F98} - System32\Tasks\{6A563F54-68A6-4239-94F5-5F14BEFDEEC4} => C:\Users\Jason user\Documents\Dayton stuff\LCEASY\LCEASY.EXE [1996-09-03] ()
Task: {CD83A751-ED1F-4DB6-9661-997C7F39C108} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {CD83A751-ED1F-4DB6-9661-997C7F39C108} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
Task: {F997729D-DB5B-4B19-BF5F-97267FCB7230} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe
C:\Windows\system32\GWX
C:\Users\Jason user\Documents\Dayton stuff\LCEASY
F:\program files\UTETGDU

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

#5 bourgja2

bourgja2
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 12 July 2018 - 01:47 PM

Hello, I don't wish to be difficult but I need to know what these processes will do before I run them on my computer.  Thanks!



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:29 PM

Posted 13 July 2018 - 07:10 AM

Hi,

It will delete the files and the Registry entries that are not required.

To find out what the .exe files do use Search the .exe files with Google.

I can way the all the files in the \gwx\ folder are remnant of Microsoft Upgrade to Windows 10.
Since you did not upgrade these entries are no longer needed.
Microsoft will not upgrade the Operating system anymore.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users