Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Surface Pro 3 acting strange and running loud


  • Please log in to reply
12 replies to this topic

#1 zadyd

zadyd

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 30 January 2016 - 08:53 AM

Hi all.

 

I have a surface pro 3 running Windows 10 and it's been acting strange lately. For a while the fans go on even during idle and light browsing. I thought nothing of it at first, but it kept on going, and now I can't seem to have the pc running without any fan noise.

 

Now recently, everytime I turn on the pc, a notification pops up saying Windows failed to connect to a group policy client then disappears. Also, windows has seemed to stop updating automatically. Mcafee's vulnerabilty scanner picks up that there is a critical update but when I click on the Update & Security folder, it just freezes and doesnt show anything. Ive tried going on Microsofts Safety Scanner website but it just loads a blank screen with a shield in the top corner saying thsat the site is trying to load unauthenticated scripts.

I've scanned the pc with Malwarebytes anti Malware, Adwcleaner and of course McAfee among others but it doesnt seem to show anything conclusive, only some pups for some adware which I've now removed. I don t know how to read logs so maybe I may have missed things after these scans because the symptoms seem to continue after scanning. Is it an issue with the surface pro 3 itself?

 

I'm confused and am not sure what to do now.


Edited by zadyd, 30 January 2016 - 04:00 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 30 January 2016 - 04:55 PM

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

 

  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 30 January 2016 - 06:50 PM

Thanks for the reply.

 

I've cleared all the files with ccleaner. There were no infections found on ESET. JRT found and deleted some things.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Pro x64 
Ran by Zadyd (Administrator) on Sun 31/01/2016 at  8:55:11.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 5 
 
Successfully deleted: C:\Users\Zadyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol (Folder) 
Successfully deleted: C:\Users\Zadyd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_adultcatfinder.com_0.localstorage (File) 
Successfully deleted: C:\Users\Zadyd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage (File) 
Successfully deleted: C:\WINDOWS\hgfs.sys (File) 
Successfully deleted: C:\WINDOWS\prleth.sys (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AF6B5ECECCC535D2650082DB0C8218E4 (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 31/01/2016 at  8:57:11.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by zadyd, 30 January 2016 - 06:51 PM.


#4 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 30 January 2016 - 07:11 PM

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 31 January 2016 - 12:35 PM

No HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run DAEMON Tools Lite Disc Soft Ltd "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
Yes HKCU:Run GoogleChromeAutoLaunch_AF6B5ECECCC535D2650082DB0C8218E4 Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Zadyd\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run Spotify Web Helper Spotify Ltd "C:\Users\Zadyd\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
No HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run Malwarebytes Anti-Exploit Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Yes Startup Common Install SafeKey IE RunOnce.lnk McAfee C:\Program Files (x86)\Common Files\lpuninstall.exe
 
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-zadyd@live.com Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse McAfee, Inc. C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe /script=mcnrdhck.lua /periodicRunCount=2
Yes Task Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse McAfee, Inc. C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe /timeout=60000 /script=mcnrdhck.lua /hcmode=postdatupdate /datver=2512.0 /datupdatestatus=0
Yes Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
Yes Task McAfeeLogon McAfee, Inc. C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
No Task Optimize Start Menu Cache Files-S-1-5-21-2448805387-2578514376-2477675163-1001
Yes Task {5118E8E6-13F5-4456-B633-8BA3CDA00203} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a D:\DTESETUP.EXE -d D:\
Yes Task {DA1900CF-D64E-46FD-BA80-A747E5A44046} Microsoft Corporation C:\windows\system32\pcalua.exe -a C:\Users\Zadyd\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=cmi
 
3D Builder Microsoft Corporation 15/12/2015 10.10.38.0
7-Zip 15.14 (x64) Igor Pavlov 25/01/2016 2.36 MB 15.14
Ableton Live 9 Lite Ableton 3/08/2015 1.72 GB 9.0.0.0
Ableton Live 9 Suite Ableton 3/01/2016 2.63 GB 9.0.0.0
Acon Digital Multiply (64 bit) 1.1.1 Acon AS 16/09/2015 1.20 MB 1.1.1
Adblock Plus for IE (32-bit and 64-bit) Eyeo GmbH 27/01/2016 14.1 MB 1.5
Adobe AIR Adobe Systems Incorporated 15/01/2016 23.6 MB 20.0.0.233
Adobe Help Manager Adobe Systems Incorporated 15/01/2016 11.4 MB 4.0.244
Adobe Illustrator CS6 Adobe Systems Incorporated 15/01/2016 11.4 MB 16.0
Adobe SVG Viewer 3.0 Adobe Systems, Inc. 5/01/2016 3.0
AHD ID3 Tag Editor AHD 17/09/2015 7.01 MB 2.2.15
AirDroid 3.1.3.0 Sand Studio 15/12/2015 3.1.3.0
Alarms & Clock Microsoft Corporation 29/12/2015 10.1512.58020.0
App connector Microsoft Corporation 15/12/2015 1.3.3.0
Apple Application Support (32-bit) Apple Inc. 11/01/2016 148 MB 4.1.1
Apple Application Support (64-bit) Apple Inc. 11/01/2016 166 MB 4.1.1
Apple Mobile Device Support Apple Inc. 11/01/2016 42.7 MB 9.1.0.6
Apple Software Update Apple Inc. 11/01/2016 4.63 MB 2.1.4.131
ASIO4ALL Michael Tippach 15/12/2015 2.12
Audacity 2.1.1 Audacity Team 25/07/2015 51.1 MB 2.1.1
Bass Station 2.1 Novation 15/09/2015 10.9 MB 2.1
Bonjour Apple Inc. 11/01/2016 3.28 MB 3.1.0.1
Calculator Microsoft Corporation 21/01/2016 10.1601.49020.0
Camera Microsoft Corporation 13/01/2016 2016.107.10.0
CCleaner Piriform 31/01/2016 17.5 MB 5.14
DAEMON Tools Lite Disc Soft Ltd 15/12/2015 5.0.1.0406
DTE 15/12/2015
eLearn CDROM 1.0 FIAT Auto S.p.A. 5/01/2016
ESPN FC ESPN (EUROPE, MIDDLE EAST, AFRICA) LTD 15/12/2015 1.5.0.0
Evernote Touch Evernote 17/01/2016 3.3.0.102
Facebook Facebook, Inc. 15/12/2015 1.4.0.9
Films & TV Microsoft Corporation 30/01/2016 3.6.16941.0
FL Studio 12.1.2 13/01/2016 1.20 GB
FL Studio ASIO Image-Line 29/06/2015
FL Studio ASIO Image-Line 15/12/2015
Flipboard Flipboard 15/12/2015 2.1.0.0
Focusrite Scarlett Family Audio Driver 3.1.10 Focusrite Audio Engineering Limited. 13/08/2015 3.36 MB 3.1.10
Fresh Paint Microsoft Corporation 13/01/2016 3.0.15356.0
Get Office Microsoft Corporation 8/01/2016 17.6605.23751.0
Get Skype Skype 15/12/2015 3.2.1.0
Get Started Microsoft Corporation 8/01/2016 2.6.12.0
Goal.com PERFORM MEDIA SERVICES LTD 15/12/2015 1.0.0.0
Google Chrome Google Inc. 29/06/2015 476 MB 48.0.2564.97
Google Earth Google 1/07/2015 228 MB 7.1.5.1557
Groove Music Microsoft Corporation 15/12/2015 3.6.15131.0
HP AiO Printer Remote HP Inc. 21/01/2016 59.1.124.0
Ignite AIR Music Technology 8/07/2015 702 MB 1.3.1
IL Download Manager Image-Line 15/12/2015
InstaPic APP LYF 15/12/2015 4.0.4.0
Intel® Processor Graphics Intel Corporation 23/01/2016 20.19.15.4331
iTunes Apple Inc. 11/01/2016 282 MB 12.3.2.35
Karaoke One Lisari s.r.l. 28/01/2016 2016.0.40.0
Last.fm Scrobbler 2.1.37 Last.fm 16/08/2015 64.0 MB
M-Audio Axiom AIR Mini 32 1.0.1 (x64) M-Audio 23/07/2015 916 KB 1.0.1
Mail and Calendar Microsoft Corporation 29/12/2015 17.6525.42271.0
Malwarebytes Anti-Exploit version 1.8.1.1045 Malwarebytes 10/01/2016 6.46 MB 1.8.1.1045
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 17/11/2015 55.9 MB 2.2.0.1024
Maps Microsoft Corporation 20/01/2016 4.1601.10150.0
Max 7 (64-bit) Cycling '74 10/01/2016 1.45 GB 7.1.0
McAfee LiveSafe - Internet Security McAfee, Inc. 31/01/2016 147 MB 14.0.6136
McAfee SafeKey(uninstall only) McAfee, Inc. 22/12/2015 53.4 MB 2.1.10
MediaHuman Audio Converter version 1.9.5.1 MediaHuman 20/08/2015 63.2 MB 1.9.5.1
Messaging + Skype Microsoft Corporation 22/01/2016 2.13.20000.0
Microsoft Office 365 - en-us Microsoft Corporation 31/01/2016 895 MB 16.0.6366.2062
Microsoft Solitaire Collection Microsoft Studios 13/01/2016 3.7.1041.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 1/08/2015 3.85 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 4/07/2015 9.69 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 23/07/2015 13.6 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 4/07/2015 1.62 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2/08/2015 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 4/07/2015 6.85 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2/08/2015 6.22 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 2/08/2015 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 Microsoft Corporation 25/10/2015 21.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 15/12/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 15/12/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 3/01/2016 20.5 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 22/12/2015 2.42 MB 10.0.50903
Microsoft WiFi Microsoft Corporation 15/12/2015 1.1511.2.0
Money Microsoft Corporation 28/01/2016 4.8.239.0
MSN Food & Drink Microsoft Corporation 15/12/2015 3.0.4.336
MSN Health & Fitness Microsoft Corporation 15/12/2015 3.0.4.336
MSN Travel Microsoft Corporation 15/12/2015 3.0.4.336
Native Instruments Massive 22/12/2015 48.1 MB
Native Instruments Massive Native Instruments 5/12/2015
Native Instruments Service Center 25/01/2016 24.9 MB
Native Instruments Service Center Native Instruments 5/12/2015
Netflix Netflix, Inc. 30/01/2016 6.5.32.0
News Microsoft Corporation 28/01/2016 4.8.239.0
NexusFont 2.5 (ver 2.5.8.1582) xiles 17/08/2015 3.30 MB
OneNote Microsoft Corporation 28/01/2016 17.6568.15581.0
Paint.WinRT Tegosoft Inc. 15/12/2015 1.1.0.0
People Microsoft Corporation 19/12/2015 10.0.3450.0
Phone Microsoft Corporation 8/01/2016 2.12.14001.0
Phone Companion Microsoft Corporation 15/12/2015 10.1511.18010.0
Photos Microsoft Corporation 28/01/2016 16.122.14020.0
Reader Microsoft Corporation 15/12/2015 6.4.9926.17994
Real Ruler The Robot 20/01/2016 2.0.0.1
REAPER (x64) 15/12/2015
Red 2 & Red 3 Plug-in Suite version 1.0 Focusrite Audio Engineering Limited 27/08/2015 785 KB 1.0
Redistr 8/07/2015
Scarlett Plug-in Suite 1.7 Focusrite 13/08/2015 18.7 MB 1.7
SecondLifeViewer Linden Research, Inc. 15/12/2015 117 MB 3.8.3.304115
SGA1566 64-bit Shattered Glass Audio 16/09/2015 6.87 MB 1.0.9
Skype WiFi Skype 15/12/2015 1.2.0.7
Skype™ 7.18 Skype Technologies S.A. 21/01/2016 159 MB 7.18.109
Speccy Piriform 25/01/2016 14.3 MB 1.29
Sport Microsoft Corporation 28/01/2016 4.8.239.0
Spotify Spotify AB 23/12/2015 1.0.20.94.g8f8543b3
Steam Valve Corporation 15/12/2015 2.10.91.91
Store Microsoft Corporation 28/01/2016 2015.25.24.0
Surface Microsoft Corporation 17/12/2015 10.0.342.0
Sway Microsoft Corporation 20/01/2016 17.6614.20251.0
Synful Orchestra Synful 12/10/2015 392 MB 2.5.2
TAL-Chorus-LX (32bit) TAL - Togu Audio Line 15/09/2015 5.68 MB 1.0.0
TAL-Chorus-LX (64bit) TAL - Togu Audio Line 15/09/2015 6.01 MB 1.0.0
TechPowerUp GPU-Z TechPowerUp 3/01/2016
Twitter Twitter Inc. 18/12/2015 4.3.3.0
VLC for Windows Store VideoLAN 15/12/2015 1.7.0.0
VLC media player VideoLAN 22/12/2015 112 MB 2.2.1
Voice Recorder Microsoft Corporation 22/12/2015 10.1512.21110.0
Voxengo SPAN Voxengo 15/09/2015 2.09 MB 2.9
Weather Microsoft Corporation 28/01/2016 4.8.239.0
Windows Live Essentials Microsoft Corporation 1/08/2015 16.4.3528.0331
Windows Reading List Microsoft Corporation 15/12/2015 6.3.9654.20947
Windows Scan Microsoft Corporation 15/12/2015 6.3.9654.17133
Xbox Microsoft Corporation 8/01/2016 11.13.6008.0
Xbox One SmartGlass Microsoft Corporation 15/12/2015 2.2.1510.30008
µTorrent BitTorrent Inc. 15/12/2015 3.4.5.41372
 


#6 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 31 January 2016 - 01:44 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes HKCU:Run GoogleChromeAutoLaunch_AF6B5ECECCC535D2650082DB0C8218E4 Google Inc. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
Yes HKCU:Run Spotify Web Helper Spotify Ltd "C:\Users\Zadyd\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes Startup Common Install SafeKey IE RunOnce.lnk McAfee C:\Program Files (x86)\Common Files\lpuninstall.exe (Unless you actually use it)
 
Disable these scheduled tasks:

Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-zadyd@live.com Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
Yes Task {5118E8E6-13F5-4456-B633-8BA3CDA00203} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a D:\DTESETUP.EXE -d D:\
Yes Task {DA1900CF-D64E-46FD-BA80-A747E5A44046} Microsoft Corporation C:\windows\system32\pcalua.exe -a C:\Users\Zadyd\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=cmi  (choose Delete...not just Disable)

 

Uninstall these programs:

DAEMON Tools Lite Disc Soft Ltd 15/12/2015 5.0.1.0406

FL Studio 12.1.2 13/01/2016 1.20 GB  (probably don't need 2 of these three)
FL Studio ASIO Image-Line 29/06/2015          "

FL Studio ASIO Image-Line 15/12/2015           "

 

McAfee LiveSafe - Internet Security McAfee, Inc. 31/01/2016 147 MB 14.0.6136 (Unless you actually use this)
McAfee SafeKey(uninstall only) McAfee, Inc. 22/12/2015 53.4 MB 2.1.10 (Unless you actually use this)
 
µTorrent BitTorrent Inc. 15/12/2015 3.4.5.41372  (VERY RISKY to use to download free stuff like movies, music and pirated software...some illegal)
 
After doing the above and rebooting...please let me know what problems still exist

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 31 January 2016 - 03:15 PM

Hi, I've disabled and deleted the startup and tasks, but in terms of the programs there are some that I need. With FL Studio, the ASIO drivers are crucial because theyre soundcard settings so I'll definitely need 2 out of 3. In terms of McAfee, do you think its a good antivirus? Am I better off with a different one? I currently use it as my primary AV. 

 

Also I'd like to mention that sometimes I see my locations icon being turned on when I haven't really authorised any apps to use my location. Should I be worried?



#8 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 31 January 2016 - 05:50 PM

EDIT: McAfee LifeSafe is not mentioned in your Windows Startups...that's why I questioned if it was still active.

 

Try updating McAfee...let me know if it is able to update.

I'm not all that familiar with how Geo location applications are triggered. If it occurs again, I suggest one remedy would be to Reset Google Chrome

which isn't a bad idea because you did have some adware in Chrome and often that is the best and only way to be sure more isn't present or to completely

remove the adware.

 

You can reset your browser settings in Chrome any time. You might need to do this if apps or extensions you installed changed your settings without your knowledge. Your saved bookmarks and passwords won't be cleared or changed.

  1. Open Chrome.
  2. In the top right, click the Chrome menu
  3. Click Settings.
  4. At the bottom, click Show advanced settings.
  5. Under the section "Reset settings,” click Reset settings.
  6. In the box that appears, click Reset.

 

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


Edited by buddy215, 31 January 2016 - 05:58 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 31 January 2016 - 06:03 PM

I'm already on the latest version of McAfee right now.
 
I did notice that mystartsearch adware and went to scan with MBAM just to make sure more wasn't in my system but it definitely found some other stuff in there.
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/02/2016
Scan Time: 7:15 AM
Logfile: 1.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.31.04
Rootkit Database: v2016.01.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Zadyd
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 390419
Time Elapsed: 6 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 19
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 6
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYD8571.tmp.1454270873\HTA\install.1454270873.zip, Quarantined, [aa8617297d1c0f27df141425768c1be5], 
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYD8571.tmp.1454270873\HTA\3rdparty\OCComSDK.dll, Quarantined, [9c9446fa8316290dd32029105da5cc34], 
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYD8571.tmp.1454270873\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [7fb13b05f7a221156dbc677dbf450000], 
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYDD3B0.tmp.1454270893\HTA\install.1454270893.zip, Quarantined, [5dd3c27ec2d7053109ea43f6c33f5ea2], 
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYDD3B0.tmp.1454270893\HTA\3rdparty\OCComSDK.dll, Quarantined, [8ea297a9aaef2313fdf6e85106fcd828], 
PUP.Optional.OpenCandy, C:\Users\Zadyd\AppData\Local\Temp\HYDD3B0.tmp.1454270893\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [83ade35d6e2bcb6b1f0ac81cf80c7c84], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender                     
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome (48.0.2564.82) 
 Google Chrome (48.0.2564.97) 
````````Process Check: objlist.exe by Laurent````````  
 McAfee VirusScan mcods.exe  
 Malwarebytes Anti-Exploit mbae-svc.exe   
 Malwarebytes Anti-Exploit mbae64.exe   
 Malwarebytes Anti-Exploit mbae.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#10 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 31 January 2016 - 06:23 PM

You mentioned noisy, too. Assume that is the fan racing. Is that still happening? That usually points to excessive processing. 

 

McAfee is a good product...really not much difference in any of the home user antivirus programs. It is much more important

to learn the methods malware and adware use to infect. Just about every free program and add-on are bundled with some unwanted

crapola. There is one website that removes the bundled junk from the software that it hosts downloads for. Ninite - Install or Update Multiple Apps at Once


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 31 January 2016 - 06:51 PM

Yes. Its still happenjng. It will have moments where its silent with light browsing and usage but after some time it will often spike again without any changes to usage. I often check my task manager when it happens but it doesnt show anything out of the ordinary. Cpu usually anywhere between 5-25%.

#12 buddy215

buddy215

  • BC Advisor
  • 12,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:16 PM

Posted 31 January 2016 - 07:19 PM

I suppose the warranty has lapsed. It might be worth asking about the problem at a forum related to the surface pro 3. You might

check to see if there is any updates for the mother board.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 zadyd

zadyd
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:16 PM

Posted 01 February 2016 - 01:30 AM

I think there's still a warranty for hardware defects but I'm not sure if this is enough of a defect for a warranty repair/replacement case. I'll check if there's a case for a hardware issue.

 

Thank you so much for helping on this end. Really appreciate it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users