Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

connection interrupts, duplicate processes on tskmgr


  • Please log in to reply
12 replies to this topic

#1 sweepsy

sweepsy

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 13 May 2016 - 06:04 AM

There's something that I cannot understand in my pc, there are duplicate processes in the task manager, for example, the connection fails too often and reconnecting works for a while and then again fails. Sometimes, but maybe it's not happening more, IE starts in background with spamming audio and I cannot see windows opened.

I have Windows 10 64 bit on a lenovo laptop, Avira Free Antivirus and normally I use Ccleaner and MBAM to check all the stuff. Since I had this problem ( I suppose it's related to streaming from unsafe sources, you know) I tried many programs and solutions searching online. I tried for instance RKill and the rootkit scan on Avira

At least I tried to use Hijackthis and I have a log file but I am not able to interpretate it. 

Have you got suggestions on what's happening?



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 13 May 2016 - 06:19 AM

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 13 May 2016 - 08:39 AM

This is the AdwCleaner log:

 

 

# AdwCleaner v5.116 - File di log creato 13/05/2016 a 13:27:57

# Aggiornato 09/05/2016 by Xplode
# Database : 2016-05-13.1 [Server]
# Sistema Operativo : Windows 10 Home  (X64)
# Nome utente : sweepsy - MARCOEVERO
# In esecuzione da : C:\Users\Veronica\Downloads\AdwCleaner.exe
# Opzione : Pulizia
 
***** [ Servizi ] *****
 
 
***** [ Cartelle ] *****
 
[-] Cartella Eliminato : C:\ProgramData\simplitec
 
***** [ File ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Collegamenti ] *****
 
 
***** [ Attività  pianificate ] *****
 
[-] Attività  pianificata Eliminato : Browser Updater Task(Core)
 
***** [ Registro ] *****
 
[-] Chiave Eliminato : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Chiave Eliminato : HKLM\SOFTWARE\simplitec
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{19EFA1ED-A117-4D50-ACA0-25673EDB22E2}]
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CC2C49B8-C51D-4E9A-89D3-EDD9A5FEBAF3}]
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6B14C2B2-C2D6-4BCF-A395-7B6CB569A6F9}]
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E6E77641-A5B2-40D7-9FC0-82FBE012331B}]
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{127303D8-0E8B-4840-8CBA-4E2796F07A6B}]
[-] Valore Eliminato : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0E302ED0-2AAB-4AFB-AD8C-7CABD7AAF4B4}]
 
***** [ Browser Web ] *****
 
[-] [C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Eliminato : microsoft-office.it.softonic.com
[-] [C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Eliminato : microsoft-office.it.softonic.com
 
*************************
 
:: Chiavi "Tracing" eliminate
:: Impostazioni Winsock resettate
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [5853 bytes] - [02/05/2016 15:38:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [2308 bytes] - [13/05/2016 13:27:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [5855 bytes] - [02/05/2016 15:28:07]
C:\AdwCleaner\AdwCleaner[S2].txt - [2453 bytes] - [13/05/2016 13:23:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2527 bytes] ##########

 

This is the JRT log

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by sweepsy (Limited) on 13/05/2016 at 13.34.18,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 4 
 
Failed to delete: C:\ProgramData\484800 (Folder) 
Successfully deleted: C:\ProgramData\484700 (Folder) 
Successfully deleted: C:\WINDOWS\prefetch\FREEMAKEERRORREPORTER.EXE-F861E6FC.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEMAKEVC.EXE-F6D8AEDC.pf (File) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BD3B2EB6-A076-4807-A276-FB423A55448A} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/05/2016 at 13.36.47,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

This is the Eset List Threats:

 

 

C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QQBrowser\Update\Download\00E36E97659652591494AFE6DA66279B\Update\chrome_elf.dll.vir a variant of Win32/Obfuscated.NFU trojan cleaned by deleting

 


#4 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 13 May 2016 - 09:12 AM

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 13 May 2016 - 09:24 AM

Windows Startups:

 

 

Si HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

No HKCU:Run DAEMON Tools Lite Automount Disc Soft Ltd "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
Si HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
Si HKLM:Run Avira SystrayStartTrigger Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
Si HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
No HKLM:Run Dropbox Dropbox, Inc. "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Si HKLM:Run Energy Management Lenovo (Beijing) Limited C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
Si HKLM:Run EnergyUtility Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
Si HKLM:Run Intel AppUp(SM) center Intel Corporation "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
Si HKLM:Run Lenovo EasyCamera_Monitor Sunplus Innovation Technology Inc. C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
Si HKLM:Run MuteSync Lenovo C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
Si HKLM:Run OnekeyStudio Lenovo C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe -start
No HKLM:Run ProductUpdater C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Si HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
Si HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
Si HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Si HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Si HKLM:Run UpdateP2GShortCut CyberLink Corp. "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
Si HKLM:Run YouCam Mirage CyberLink "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
Si HKLM:Run YouCam Tray CyberLink Corp. "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
Si Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

 

Scheduled Tasks:

 

Si Task AutoPico Daily Restart @ByELDI "C:\Program Files\KMSpico\AutoPico.exe" /silent
Si Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Si Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Si Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Si Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Si Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Si Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
No Task Optimize Start Menu Cache Files-S-1-5-21-492507503-50743368-3386583925-1002
Si Task WinTOOL C:\Program Files (x86)\Google\Update\Download\{547E7482-8018-4F97-BB55-7E67427FE96D}\UpdateModule.exe -updatee
Si Task {3BFA96F8-BE50-469A-99AC-FD4B590C3335} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\Veronica\Downloads\VirtualDubMod_1_5_10_2_All_inclusive\AuxSetup.exe -d C:\Users\Veronica\Downloads\VirtualDubMod_1_5_10_2_All_inclusive

 

 

 

 

Programs:

 

3D Builder Microsoft Corporation 16/01/2016 10.10.38.0
AccuWeather - Weather for Life AccuWeather 31/03/2016 10.0.200.0
Adblock Plus for IE (32-bit and 64-bit) Eyeo GmbH 22/04/2016 11,6MB 1.5
Adobe Acrobat Reader DC - Italiano Adobe Systems Incorporated 10/05/2016 401MB 15.016.20039
Adobe Flash Player 21 NPAPI Adobe Systems Incorporated 12/05/2016 5,71MB 21.0.0.242
Adobe Shockwave Player 12.2 Adobe Systems, Inc. 09/05/2016 12.2.4.194
Aggiornamenti NVIDIA 1.14.17 NVIDIA Corporation 12/11/2015 2,10MB 1.14.17
Avira Antivirus Avira Operations GmbH & Co. KG 08/05/2016 596MB 15.0.16.282
Avira Launcher Avira Operations GmbH & Co. KG 11/05/2016 14,1MB 1.1.61.18979
Broadcom 802.11 Network Adapter Broadcom Corporation 16/01/2016 6.30.59.26
Calcolatrice Microsoft Corporation 21/01/2016 10.1601.49020.0
Canon IJ Scan Utility Canon Inc. 23/01/2016 6,70MB
Canon Inkjet Print Utility Canon Inc. 14/04/2016 2.5.0.6
Canon MX920 series MP Drivers Canon Inc. 16/01/2016 1.00
Canon Quick Menu Canon Inc. 23/01/2016 20,1MB 2.6.1
CCleaner Piriform 01/05/2016 17,8MB 5.17
Connessione guidata telefono Microsoft Corporation 05/02/2016 10.1602.3010.0
Connettore app Microsoft Corporation 16/01/2016 1.3.3.0
Contatti Microsoft Corporation 05/04/2016 10.0.10811.0
DAEMON Tools Lite Disc Soft Ltd 24/03/2016 10.3.0.0152
Dolby Home Theater v4 Dolby Laboratories Inc 27/02/2013 55,8MB 7.2.8000.16
Dropbox Dropbox, Inc. 12/05/2016 169MB 3.20.1
eBay eBay, Inc 16/01/2016 1.6.0.34
Elenco di lettura Windows Microsoft Corporation 16/01/2016 6.3.9654.20947
Energy Management Lenovo 27/02/2013 57,9MB 8.0.2.4
ESET Online Scanner v3 13/05/2016
Evernote Touch Evernote 17/01/2016 3.3.0.102
Facebook Facebook Inc 28/04/2016 4.440.9927.0
Film e TV Microsoft Corporation 08/04/2016 3.6.19761.0
Foto Microsoft Corporation 29/03/2016 16.325.12390.0
Fotocamera Microsoft Corporation 08/04/2016 2016.325.60.0
Free PDF Compressor freepdfcompressor.com 14/04/2016 13,7MB
Freemake Video Converter versione 4.1.9 Ellora Assets Corporation 16/04/2016 74,3MB 4.1.9
Google Chrome Google Inc. 30/04/2016 396MB 50.0.2661.102
Groove Musica Microsoft Corporation 16/01/2016 3.6.15131.0
Informazioni di base Microsoft Corporation 29/03/2016 3.5.11.0
Intel AppUp(SM) center Intel 23/01/2016 52,4MB 3.6.1.33057.10
Intel® Management Engine Components Intel Corporation 11/11/2015 8.1.0.1252
Intel® Processor Graphics Intel Corporation 19/11/2015 10.18.10.4276
Intel® Rapid Storage Technology Intel Corporation 03/05/2016 11.6.0.1030
Intel® SDK for OpenCL - CPU Only Runtime Package Intel Corporation 11/11/2015 2.0.0.37149
Lenovo Bluetooth with Enhanced Data Rate Software Broadcom Corporation 27/02/2013 233MB 12.0.0.2200
Lenovo Companion LENOVO INC. 19/04/2016 3.44.0.0
Lenovo MuteSync Lenovo 27/02/2013 814KB 1.0.10
Lenovo OneKey Recovery CyberLink Corp. 23/01/2016 19,1MB 8.0.0.0828
Lenovo PowerDVD10 CyberLink Corp. 27/02/2013 100MB 10.0.4310.52
Lenovo Support Lenovo, INC. 16/01/2016 2.0.5.0
Lenovo YouCam CyberLink Corp. 27/02/2013 100MB 4.1.3127
Lettore Microsoft Corporation 09/03/2016 6.4.9926.18228
LibreOffice 5.1.2.2 The Document Foundation 15/04/2016 1,07GB 5.1.2.2
Malwarebytes Anti-Malware versione 2.2.1.1043 Malwarebytes 11/05/2016 66,9MB 2.2.1.1043
Mappe Microsoft Corporation 20/01/2016 4.1601.10150.0
Messaggi e Skype Microsoft Corporation 19/04/2016 2.15.20002.0
Meteo Microsoft Corporation 26/04/2016 4.9.51.0
Microsoft Office Professional Plus 2016 Microsoft Corporation 27/03/2016 64,1MB 16.0.4266.1001
Microsoft Silverlight Microsoft Corporation 23/03/2016 45,3MB 5.1.30514.0
Microsoft Solitaire Collection Microsoft Studios 11/05/2016 3.9.5100.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 27/02/2013 9,79MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16/12/2015 18,1MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 27/02/2013 20,3MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 27/02/2013 27,7MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 27/02/2013 22,2MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 12/05/2016 17,1MB 12.0.21005.1
Microsoft Wi-Fi Microsoft Corporation 29/04/2016 1.1604.4.0
Money Microsoft Corporation 26/04/2016 4.9.51.0
Mozilla Firefox 43.0.1 (x86 it) Mozilla 27/03/2016 44,6MB 43.0.1
Mozilla Maintenance Service Mozilla 11/03/2016 250KB 43.0.1.5828
MSN Food & Drink Microsoft Corporation 16/01/2016 3.0.4.336
MSN Salute & Benessere Microsoft Corporation 16/01/2016 3.0.4.336
MSN Viaggi Microsoft Corporation 16/01/2016 3.0.4.336
Notizie Microsoft Corporation 26/04/2016 4.9.51.0
NVIDIA Driver grafico 327.62 NVIDIA Corporation 12/11/2015 364MB 327.62
NVIDIA PhysX System Software 9.12.0604 NVIDIA Corporation 27/02/2013 69,4MB 9.12.0604
OneKey Recovery CyberLink Corp. 11/11/2015 19,1MB 8.0.0.0828
Onekey Theater Lenovo 27/02/2013 6,49MB 3.0.1.0
OneNote Microsoft Corporation 06/05/2016 17.6868.57841.0
OpenOffice 4.1.2 Apache Software Foundation 16/12/2015 449MB 4.12.9782
PDF Merge Tool-1.0.0 Darren Wurf 14/04/2016 1.0.0
Posta e Calendario Microsoft Corporation 04/05/2016 17.6868.40731.0
Power2Go CyberLink Corp. 23/01/2016 139MB 5.6.0.9109
PowerDVD for Lenovo Idea CYBERLINK COM CORPORATION 16/01/2016 1.1.2618.24808
Realtek Ethernet Controller Driver Realtek 27/02/2013 2,69MB 8.2.612.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 23/01/2016 17,9MB 6.0.1.6695
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 27/02/2013 27,9MB 6.1.8400.39030
Registratore vocale Microsoft Corporation 16/01/2016 10.1512.21110.0
Samsung Kies Samsung Electronics Co., Ltd. 13/03/2016 108MB 2.6.3.16011.2
Samsung USB Driver for Mobile Phones Samsung Electronics Co., Ltd. 13/03/2016 37,5MB 1.5.59.0
Scanner Windows Microsoft Corporation 16/01/2016 6.3.9654.17133
Scarica Skype Skype 16/01/2016 3.2.1.0
Skype Click to Call Microsoft Corporation 05/05/2016 26,0MB 8.1.0.9134
Skype™ 7.22 Skype Technologies S.A. 06/05/2016 126MB 7.22.109
Sport Microsoft Corporation 26/04/2016 4.9.51.0
Store Microsoft Corporation 30/04/2016 11602.1.26.0
SugarSync Manager SugarSync, Inc. 16/01/2016 1.9.61.90905
Sveglie e orologio Microsoft Corporation 25/03/2016 10.1603.12020.0
Sway Microsoft Corporation 05/05/2016 17.6965.45161.0
Synaptics Pointing Device Driver Synaptics Incorporated 16/01/2016 46,4MB 19.0.9.5
Telefono Microsoft Corporation 19/04/2016 2.15.28004.0
Twitter Twitter Inc. 27/04/2016 5.0.2.0
UserGuide Lenovo 27/02/2013 25,5MB 1.0.0.9
VLC media player VideoLAN 23/01/2016 112MB 2.2.1
WinRAR 5.31 (64-bit) win.rar GmbH 27/03/2016 5,35MB 5.31.0
Xbox Microsoft Corporation 07/05/2016 15.17.3003.0
µTorrent BitTorrent Inc. 13/04/2016 3.4.6.42094

 

 

 

 



#6 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 13 May 2016 - 11:46 AM

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Si HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Si HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Si Task AutoPico Daily Restart @ByELDI "C:\Program Files\KMSpico\AutoPico.exe" /silent
Si Task DropboxUpdateTaskMachineCore Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Si Task DropboxUpdateTaskMachineUA Dropbox, Inc. C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Si Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Si Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Si Task McAfee Remediation (Prepare) McAfee, Inc. C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
Si Task WinTOOL C:\Program Files (x86)\Google\Update\Download\{547E7482-8018-4F97-BB55-7E67427FE96D}\UpdateModule.exe -updatee
Si Task {3BFA96F8-BE50-469A-99AC-FD4B590C3335} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a C:\Users\Veronica\Downloads\VirtualDubMod_1_5_10_2_All_inclusive\AuxSetup.exe -d C:\Users\Veronica\Downloads\VirtualDubMod_1_5_10_2_All_inclusive
 
Uninstall these programs:
ESET Online Scanner v3 13/05/2016
Skype Click to Call Microsoft Corporation 05/05/2016 26,0MB 8.1.0.9134

µTorrent BitTorrent Inc. 13/04/2016 3.4.6.42094 (Very risky to use for downloading cracked, pirated and free movies and music...may be illegal, too)

 

Update Mozilla Firefox to 46

 

After doing the above and rebooting, please tell me what problems remain.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 13 May 2016 - 01:08 PM

I've done what you said, except for Autospico and UTorrent because I'm aware of the risks but I need to use them. 

 

I don't know if and when the connection fails, sometimes it works apparently fine. In case, I'll write.

In the task manager I see many Google Chrome background processes even if I have only this window opened.

At the same time I don't understand why Avira has so many processes. 

Run time client server is duplicated, and I don't know many processes. In the old desktop I knew every process and I understood immediately if something were wrong, but I don't know well this laptop nor the last OS, so I am always suspicious about something.

 

And, I almost forgot, thank you for all. 



#8 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 13 May 2016 - 03:08 PM

Okay...you're welcome.

 

See if you can find this folder....C:\ProgramData\484800

If you find it, you may need to boot into Safe Mode to delete it.

A similar folder was deleted....C:\ProgramData\484700


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 14 May 2016 - 08:31 AM

Here is a link to a website that should help you. I'll quote a bit from it. Google Chrome Creates Multiple Windows Processes

 

Understanding Chrome & Processes

Google Chrome is designed to run functionality for every tab, plugin, and extension within different processes. So, for every tab you open, every plug-in, or extension you use, Google Chrome will create another process for it. There is also a process just for the main browser functionality.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#10 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 14 May 2016 - 10:07 AM

Thanks... I checked but that folder doesn't exist... I think it's better so :)

 

Thanks also for chrome's info... I didn't knew that processes open also for plugins and extension... maybe it's all fine now... 



#11 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 15 May 2016 - 12:26 PM

Connection still fails sometimes repeatedly, which can be the cause?



#12 buddy215

buddy215

  • BC Advisor
  • 12,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 AM

Posted 15 May 2016 - 02:13 PM

Try resetting your router. Hold in the reset button for a few seconds. Afterwards be sure to re-secure the router.

Replace default password, block remote access and enable router's firewall.

How To Reset Your Router

 

If you are using wifi and resetting the router didn't solve the problem, then try connecting by cable to the router instead

of a wireless connection.

 

If that doesn't solve the problem then you need to start a new topic following the instructions below.

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:09:26 AM

Posted 16 May 2016 - 07:08 AM

Even if the page presented an error the post is online here: http://www.bleepingcomputer.com/forums/t/614177/connection-drops-repeatedly/ 

 

Thank you






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users