Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sketchy Windows shutdown error, and lots of recent freezes


  • Please log in to reply
19 replies to this topic

#1 emilysschw

emilysschw

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 01 July 2015 - 06:28 PM

Hello, and thank you ahead of time for your help.  As always, feeling very fortunate to have a forum like this to post in.

 

A couple of days ago, while using my Lenovo laptop I received an error that seemed a little dubious.  I'm pretty sure the words were "Windows has encountered a critical problem and will restart automatically in one minute.  Please save your work now." -- though I could have one or two words wrong there.  It was a pop-up in the middle of the screen.  For some reason, the specificity of the time period for shutdown, and the look of the window, made me wonder if it was real or some sort of impostor infection.  I had nothing open that was in danger of being lost at the moment, so I just watched,and sure enough, the computer shut down and restarted after about a minute.

 

Since then, this hasn't happened again.

 

However, this episode follows about a week of sudden, sporadic slowness while browsing with Chrome.  Often I would be waiting for half a minute to see a mouse click or scroll actually "take place" on my screen.  Often the browser window would stop responding and freeze.  Another version of this has been, that while scrolling up/down on a web page, the scroll icon freezes, the page freezes, and I lose the browser (i.e., must force-shut it and re-open to get it working again).  Often, even if I go to the Task Manager and shut the browser in this situation, it's futile since re-opening it is enormously slow.  The Task Manager itself will seem slow too, when this is happening.  At such times, I often see warnings in the corner of my screen from Norton (these types of warnings are typical) saying Google Chrome is using a high amount of processing memory, even if I'm hardly doing anything on the web.

 

I'm a bit suspicious that I have some sort of infection.  I'd appreciate any advice on how to proceed.  MY SYSTEM: Lenovo laptop with Windows 7 Pro, SP 1, 64 bit OS, 4GB RAM, Intel core i3-3120 @ 2.5GHz.  WHAT I'VE DONE SO FAR: I ran a full system scan of Norton Internet Security, my installed and up-to-date virus protection software.  No infections found.  I downloaded MalwareBytes free version and did a "Threat Scan".  No infections found.  I also uninstalled Adobe Reader X and reinstalled the latest Reader.  I also made sure Chrome was up to date.

 

Thanks again for any help.



BC AdBot (Login to Remove)

 


m

#2 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 02 July 2015 - 06:39 AM

Sorry for the unintentional topic "bump", but I just experienced the slowdown/freeze issue again, and I noticed that the warning message in the bottom right from Norton was that "Host Process for Windows Services" was using a high amount of memory.  In my post above I mentioned that it was about Google Chrome, but now that I saw this, I'm remembering this may be the warning I've seen more often when this problem happens.

 

As usual, my browser and my entire system slowed to a near-standstill and I had to reboot the system to use anything.  Before that, I wasn't doing anything special, just checking Yahoo Mail and Facebook.



#3 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 03 July 2015 - 09:46 AM

Could be adware. Use the programs below to find and remove.

You can reset Chrome or do a complete uninstall...that would include your Chrome profile, too. Scan first and if those scans don't give relief then

I suggest you try resetting Chrome before doing a complete reinstall.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

Reset Chrome browser settings

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your Chrome browser settings
  1. In the top-right corner of the browser window, click the Chrome menu
  2. Select Settings.
  3. At the bottom, click Show advanced settings.
  4. Under the section "Reset settings,” click Reset settings.
  5. In the dialog that appears, click Reset.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#4 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 03 July 2015 - 09:52 AM

If doing the above doesn't solve the problem(s) then use Windows Repair (All In One) Download and be sure to run Option #3.

 

Windows Repair can perform the following tasks:

  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair WMI
  • Repair Windows Firewall
  • Repair Internet Explorer
  • Repair MDAC & MS Jet
  • Repair Hosts File
  • Remove Policies Set By Infections
  • Repair Icons
  • Repair Winsock & DNS Cache
  • Remove Temp Files
  • Repair Proxy Settings
  • Unhide Non System Files
  • Repair Windows Updates
  • Repair CD/DVD Missing/Not Working

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 04 July 2015 - 07:13 AM

Thank you for the reply.  I went through and did all the steps in the first message.  I used AdwCleaner, CCleaner, Malwarebytes, JRT, and reset of Chrome settings.  It sounded like the Windows Repair was a second-wave solution, so I didn't do it yet.  Please let me know if I should.  And likewise on the Chrome uninstall/reinstall -- this time through, I just did the reset of settings.

 

Here is the log for AdwCleaner.  It was not found in the path mentioned, but instead in c:\AdwCleaner\.  In that directory, there were two text files, AdwCleaner[R0].txt and AdwCleaner[S0].txt. I'm posting the [S0] one here, since it more closely resembles the file name you mentioned, and it seems to have been made about a minute after the other one.

 

 

# AdwCleaner v4.207 - Logfile created 03/07/2015 at 19:13:43
# Updated 21/06/2015 by Xplode
# Database : 2015-07-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Gavin - GAVINSMACHINE
# Running from : C:\Users\Gavin\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\S
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.130
 
[C:\Users\Gavin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Gavin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1185 bytes] - [03/07/2015 19:12:23]
AdwCleaner[S0].txt - [1118 bytes] - [03/07/2015 19:13:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1177  bytes] ##########
 

 

 

Here is the MalwareBytes log.

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/3/2015
Scan Time: 7:47 PM
Logfile: mb log.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.03.05
Rootkit Database: v2015.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gavin
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 390364
Time Elapsed: 37 min, 20 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

 

 

Here is the JRT log.

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.9 (07.04.2015:1)
OS: Windows 7 Professional x64
Ran by Gavin on Sat 07/04/2015 at 13:41:00.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Gavin\appdata\local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
 
[C:\Users\Gavin\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Gavin\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
mkfokfffehpeedafpekjeddnmnjhmcmk
 
[C:\Users\Gavin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Gavin\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  mkfokfffehpeedafpekjeddnmnjhmcmk
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 07/04/2015 at 13:44:21.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

Thank you again for your help.



#6 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 09:25 AM

From a bit of search it seems JRT removed Norton Toolbar from Chrome. Just to confirm, do you have Norton installed?

 

Is there any improvement in performance of the computer? If there is still a problem, then do use the ALL IN ONE Tool after one more scan for malicious software.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 04 July 2015 - 12:07 PM

Thanks for the fast reply.  Yes, I do have Norton Internet Security installed and running in the background.  I disabled it during the JRT tool.  I never noticed the Norton Toolbar -- I'm curious, what has been changed there?

 

The laptop seems to be running better now.  I haven't seen the re-emergence of that Windows shutdown error (granted, it had only happened once, a few days ago), and the computer hasn't slowed to that grinding speed or frozen again.  I'll keep an eye out for it.  Meanwhile I ran the ESET scan and there were no threats detected.  I didn't see a way to pull up or generate a log afterward -- maybe that's what was meant by the note in the instructions that there may be no log if there are no threats found.

 

Is there still any value in running the Windows Repair All-in-One?  Or is it better only to go to that step if there's a visible problem that persists?

 

Thank you again for your help.



#8 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 01:19 PM

I would suggest not allowing the install of the Norton toolbar or disabling it if it reappears. I consider all toolbars a problem and most exist to install or display adware.

Google does a good job of preventing you from going to dangerous sites...those they constantly scan for malware. Firefox uses Google for that, too.

 

You can forgo the All-in-One tool based on your report. I think your plan to observe for several days before running it is good. Happy surfin....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 04 July 2015 - 06:18 PM

Thank you!  I just opened Chrome for the first time since earlier today and the Norton Toolbar extension is attempting to install.  Options are there to enable or remove, so after reading your advice just now, I've chosen to remove.

 

A couple last questions, if you don't mind.  1) Based on those logs, was there any apparent infection?  2) Regarding the programs I downloaded in the process of doing these cleans/scans -- is there any uninstalling to do now?  For instance, I see that CCleaner has something now running in the background.



#10 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 06:41 PM

After running CCleaner...post the three lists mentioned below using CCleaner:

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 06:45 PM

What I saw was some adware except for one item that was removed that I couldn't find any reliable info on to say what it was for sure.

This item: Key Deleted : HKLM\SOFTWARE\Classes\S


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 04 July 2015 - 06:58 PM

Got it, thanks.  Those lists:

 

 

Windows Startups:

 

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run Facebook Update Facebook Inc. "C:\Users\Gavin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
No HKLM:Run 331BigDog Vimicro "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
No HKLM:Run AcWin7Hlpr Lenovo C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
No HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
No HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
No HKLM:Run BLEServicesCtrl Intel Corporation C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
No HKLM:Run BTMTrayAgent Microsoft Corporation rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
Yes HKLM:Run cAudioFilterAgent Conexant Systems, Inc. C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
Yes HKLM:Run Dolby Advanced Audio v2 Dolby Laboratories Inc. "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
Yes HKLM:Run Fastboot Lenovo "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe"
No HKLM:Run ForteConfig Fortemedia Inc C:\Program Files\Conexant\ForteConfig\fmapp.exe
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run IMSS Intel Corporation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run Lenovo Registration Lenovo, Inc. C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
No HKLM:Run LENOVO.TPKNRRES Lenovo Group Limited C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
Yes HKLM:Run PWMTRV rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
No HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Yes HKLM:Run SmartAudio Conexant Systems, Inc. C:\Program Files\CONEXANT\SAII\SACpl.exe /t
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes HKLM:Run TpShocks Lenovo. TpShocks.exe
Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
 

 

Schedule Tasks:

 

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DiskUpdate C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Yes Task FacebookUpdateTaskUserS-1-5-21-849166794-834792743-4151280551-1000Core Facebook Inc. C:\Users\Gavin\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes Task FacebookUpdateTaskUserS-1-5-21-849166794-834792743-4151280551-1000UA Facebook Inc. C:\Users\Gavin\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 Intel® Services Manager C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic
Yes Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon Intel® Services Manager "C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe" --automatic
Yes Task PMTask Lenovo Group Limited C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe
Yes Task StartPowerDVDService CyberLink Corp. "C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
 
 
Uninstall list:
 
Adobe Acrobat Reader DC Adobe Systems Incorporated 7/2/2015 169 MB 15.007.20033
Adobe AIR Adobe Systems Incorporated 6/27/2015 18.0.0.144
Apple Application Support (32-bit) Apple Inc. 4/18/2015 94.2 MB 3.1.3
Apple Application Support (64-bit) Apple Inc. 4/18/2015 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 4/18/2015 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 9/18/2013 2.38 MB 2.1.3.127
Bonjour Apple Inc. 9/18/2013 2.00 MB 3.0.0.10
CCleaner Piriform 7/3/2015 5.07
Conexant HD Audio Conexant 7/30/2013 8.54.48.0
Create Recovery Media Lenovo Group Limited 7/30/2013 8.08 MB 1.20.0.00
CyberLink PowerDVD 10 CyberLink Corp. 7/30/2013 186 MB 10.0.5119.52
Dropbox Dropbox, Inc. 7/22/2014 2.8.2
ESET Online Scanner v3 7/4/2015
Evernote v. 4.2.3 Evernote Corp. 7/30/2013 139 MB 4.2.3.15
Facebook Video Calling 3.1.0.521 Skype Limited 8/8/2014 12.4 MB 3.1.521
Final Draft Final Draft, Inc. 2/22/2015 43.3 MB 9.0.6.179
Final Draft 6 Final Draft, Inc. 8/5/2014 18.3 MB 6.0.35
Google Chrome Google Inc. 9/18/2013 43.0.2357.130
HP LaserJet Professional M1130-M1210 MFP Series 11/15/2014
HP Officejet 4500 G510n-z HP 9/28/2014 13.0
Integrated Camera Vimicro 7/28/2014 5.13.430.3
Intel AppUp® center Intel 7/30/2013 3.8.0.41900.72
Intel® Control Center Intel Corporation 7/30/2013 1.2.1.1008
Intel® Management Engine Components Intel Corporation 7/30/2013 8.1.0.1281
Intel® Processor Graphics Intel Corporation 7/30/2013 9.17.10.2843
Intel® PROSet/Wireless Software for Bluetooth® Technology Intel Corporation 7/30/2013 96.5 MB 2.2.0.0266
Intel® SDK for OpenCL - CPU Only Runtime Package Intel Corporation 7/30/2013 2.0.0.37149
Intel® Update Manager Intel Corporation 10/22/2014 22.6 MB 2.3.1338
Intel® USB 3.0 eXtensible Host Controller Driver Intel Corporation 7/30/2013 1.0.5.235
Intel® WiDi Intel Corporation 10/6/2014 69.7 MB 4.2.24.0
Intel® PROSet/Wireless Software Intel Corporation 7/28/2014 367 MB 16.1.5
iPhoneBrowser Cranium Consulting and Custom Software 12/13/2014 424 KB 1.9.3
iTunes Apple Inc. 4/18/2015 233 MB 12.1.2.27
Lenovo Auto Scroll Utility 10/6/2014 2.12
Lenovo Communications Utility Lenovo 10/6/2014 17.2 MB 3.1.15.0
Lenovo Power Management Driver 3/15/2014 1.67.04.05
Lenovo Registration Lenovo Inc. 7/30/2013 4.09 MB 1.0.3
Lenovo Solution Center Lenovo Group Limited 6/27/2015 38.3 MB 2.8.004.00
Lenovo Solutions for Small Business Intel® Corporation 7/30/2013 91.6 MB 2.0.32.7350
Lenovo Solutions for Small Business Customizations Lenovo Group Limited 7/30/2013 12.1 MB 2.0.0004.00
Lenovo System Update Lenovo 5/17/2015 16.7 MB 5.06.0034
Lenovo User Guide Lenovo Group Limited 7/30/2013 606 KB 1.0.0009.00
Lenovo Warranty Information Lenovo 7/30/2013 861 KB 1.0.0005.00
Lenovo Welcome Lenovo Group Limited 7/30/2013 9.24 MB 3.1.0022.00
Malwarebytes Anti-Malware version 2.1.8.1057 Malwarebytes Corporation 7/3/2015 64.5 MB 2.1.8.1057
Message Center Plus Lenovo Group Limited 7/30/2013 3.31 MB 3.1.0004.00
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 2/12/2013 38.8 MB 4.0.30319
Microsoft Office Home and Student 2013 - en-us Microsoft Corporation 6/26/2015 15.0.4727.1003
Microsoft Silverlight Microsoft Corporation 5/14/2015 199 MB 5.1.40416.0
Microsoft SkyDrive Microsoft Corporation 9/18/2013 25.1 MB 16.4.6013.0910
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 7/30/2013 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 7/30/2013 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 7/30/2013 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 13.8 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 11.1 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2/12/2015 10.0.50903
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 9/30/2014 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 10/1/2014 1.33 MB 4.20.9876.0
Norton Internet Security Symantec Corporation 9/18/2013 21.7.0.11
On Screen Display 11/17/2014 8.42.20
Power Manager Lenovo Group Limited 10/6/2014 6.66.2
PowerDVD Create CyberLink Corp. 7/30/2013 764 MB 10.0
QuickTime 7 Apple Inc. 11/20/2014 70.2 MB 7.76.80.95
RapidBoot HDD Accelerator Lenovo 7/30/2013 1.0.5.11
Realtek Ethernet Controller Driver Realtek 7/30/2013 7.61.612.2012
Realtek PCIE Card Reader Realtek Semiconductor Corp. 7/30/2013 6.2.9200.29052
Scan To HP 11/15/2014 18.0 MB 2.0.1
Skype™ 7.5 Skype Technologies S.A. 6/4/2015 90.5 MB 7.5.102
SugarSync Manager SugarSync, Inc. 7/30/2013 1.9.80.99066
ThinkPad UltraNav Driver Synaptics Incorporated 7/28/2014 46.4 MB 18.0.7.40
ThinkVantage Access Connections Lenovo 4/15/2014 105 MB 6.21
ThinkVantage Active Protection System Lenovo 7/30/2013 9.02 MB 1.77.0.11
Windows Driver Package - Intel (iaStor) hdc  (06/12/2012 11.1.5.1001) Intel 7/30/2013 06/12/2012 11.1.5.1001
Windows Driver Package - Lenovo 1.66.00.22 (11/30/2012 1.66.00.22) Lenovo 7/30/2013 11/30/2012 1.66.00.22
 


#13 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 07:15 PM

Disable these Windows Startups: (Use CCleaner by clicking on each item to highlight and choosing Disable, Remove or Uninstall)

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKLM:Run Lenovo Registration Lenovo, Inc. C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
 
Disable these Scheduled Tasks:
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task DiskUpdate C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
Yes Task FacebookUpdateTaskUserS-1-5-21-849166794-834792743-4151280551-1000Core Facebook Inc. C:\Users\Gavin\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes Task FacebookUpdateTaskUserS-1-5-21-849166794-834792743-4151280551-1000UA Facebook Inc. C:\Users\Gavin\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
 
Uninstall these programs:
Adobe Acrobat Reader DC Adobe Systems Incorporated 7/2/2015 169 MB 15.007.20033 (Adobe products are often exploited by malware....but keep if you actually use them and check for security updates once a month or more)
Adobe AIR Adobe Systems Incorporated 6/27/2015 18.0.0.144
ESET Online Scanner v3 7/4/2015
 
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#14 emilysschw

emilysschw
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 04 July 2015 - 08:20 PM

Thank you.  I'll do these shortly.  One question: it looks like I'll be disabling things related to CCleaner in both startup and tasks... would the same be accomplished by uninstalling the program itself?  Would it make sense to uninstall the programs that I used during the process of cleaning things up?  You recommend uninstalling ESET, but perhaps also Malwarebytes and CCleaner too?  I'm hoping not to need them anytime soon!  But I'm all ears if you think it's best to keep them.



#15 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 AM

Posted 04 July 2015 - 08:38 PM

You should use CCleaner often...like maybe once or twice a week.

 

Up to you to decide to uninstall AdwCleaner (just open it and click on uninstall) or MBAM. Personally, I would keep both and scan with them at

least once a month if I were using a Windows machine. Again, your decision.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users