Threat Detected, Then Video Switching Between Monitors

Two days ago on Wednesday 2/8, my wife was searching on the web, and got an Avast warning that a threat had been detected. She closed the sight, and then didn't notice anything else for a little while till later that day. She woke the computer up from sleep mode, and the secondary monitor did not wake up. Also, the programs that had been open on that monitor were all on the primary monitor. I checked it later, and the primary monitor did not wake up, but the secondary did and had switched to being the primary. When I tried detecting monitors, it said there were on other monitors. I restarted, and both came on, but then the secondary went blank within a couple seconds. Again, no other monitor was detected. As I sat here trouble shooting, the monitors switched on and off every few minutes sometimes both on, sometimes one, sometimes the other. Each switch I got the windows ding noise when new hardware is detected.

While all this was going on, I continuously got Zonealarm popups of suspicious behavior saying something about pwershell.exe. I kept denying it, not knowig what it was. I ran a smart scan with Avast, and 3 programs were identified for updates, so I let it update them. After that the powershell.exe popups stopped. At this point I still only had one monitor working. Then I ran a full scan, and 4 items were found, and resolved. Both monitors are back on now, and they seem to be staying this way.

Also of note is that the computer hasn't been going into sleep mode consistently since this started. Last night when clicking on the power button in the start menu, "Sleep" was no longer an option, only "Shut down" or "Restart". Today "Sleep" is back. I'm not sure what that is all about.

I ran all the scans in the "read and Run Me first" thread. Logs are attached.

I'd appreciate some help determining if there is an issue, and what could possibly have caused the strange behavior with the monitors. It's like something took over control of the video card...

Thanks for the help.

Chris

 

Thanks for the help, Tim.

I ran RogueKiller and deleted the three items. RK_Delete.txt log attached.

I reran Hitman. The ask.com item did not come up, but the Softonic item did. I removed it. HitmanPro_20170211_2053.log attached.

I reran ADWCleaner. It did not find anything. AdwCleaner[S1].txt log attached.

I rebooted, and reran RogueKiller. Found 0 items. RK_after_reboot.txt log attached.

Reran Hitman. Found the ask.com tool bar this time. Deleted it. HitmanPro_20170211_2125.log attached.

Rebooted and reran Hitman. Found nothing. HitmanPro_20170211_2133.log attached

I zipped the files since I think 6 is over the limit for one post.


I have a few more questions:

1. I now have two desktop.ini files on my desk top that were not there before running all this tonight. Is that expected? How do I get rid of or hide them?
2. any idea why my video card seemed to be going haywire with my monitors? Does there appear to have been anything on the computer that would have caused that?
3. Should I be concerned about the powershell.exe warnings I was getting from Zonealarm? Haven;t goten one in a few days now, so it looks like that stopped.

Thanks again for your help. I really appreciate it.

Chris

 

Thanks again for the help. I went through your last steps and everything seems good. I'll ask about the video thing on the hardware forum.