Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop keeps crashing and restarting


  • Please log in to reply
12 replies to this topic

#1 JeffyDurden

JeffyDurden

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 18 October 2014 - 12:02 PM

I need some help with my laptop please. It is an Acer. About 2 years old and running Windows 7 64 bit.
 
It starting crashing a few days ago and usually displays a very distorted image of blueish horizontal lines. Sometimes the laptop will work fine for hours and then crash suddenly. Sometimes it goes to a blue screen with some errors listed. They have been different many times. Here are some of the errors that I have written down.
 
PAGE_FAULT_IN-NON_PAGED
 
SYSTEM_SERVICE_EXCEPTION
 
IRQL_NOT_LESS_OR_EQUAL
 
I've also seen a popup once when I rebooted that was called
 
pcee4.exe
 
In the popup box it said
 
CLR error: 800004005 the program will now terminate
 
I also get the "Aw Snap" error very frequently when using the Chrome browser. The browser also closes itself very often.
 
I've updated Windows and my video card drivers and they are current.
 
That's all I can think of right now as far as obvious things that stand out to me.
 
Thanks for any help you can offer.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 19 October 2014 - 12:42 AM

The "Aw Snap" error in Chrome Browser, is similar to the "404 could not connect" in Internet Explorer.

 

It simply means there was a connection error of some kind (infection or settings).

 

Start with Settings, and check yours now.

Open Control Panel > Find Internet Options > And check your Home page is still listed > Now click Connections across the top, click LAN settings, and be sure that the only Top Box is Ticked is Automatically detect settings > To close these just click OK and OK again.

 

Next to check for infections as a small problem can cause your problem.

 

Download Screen317 Security Check from Here or Here and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please Copy/Paste the contents of that document.
NOTE 1:: If any security program requests permission to access the Internet, allow it to
NOTE 2. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! (or similar) message, restart computer and Security Check should run

If you still have a problem, please ignore this program, andcontinue to the next one ...........

 

Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

Click Go and Copy and Paste the result. (result.txt)

 

 

 

Next -

Please download and run RKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

Do not reboot your computer until you complete the next step.

 NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

Next -

Note - If not installed, please follow these directions -
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe) to install, then follow These instructions for doing a THREAT SCAN in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A.4. Issues.

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily Disable such programs or permit them to allow the changes.

  • After the scan, make sure that everything is checked and then click the Remove Selected button to remove all the listed malware.
  • After rebooting the computer, copy and past the mbam.log in your next reply.

If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

 

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.

-- Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

 

 

Please post these logs with your next reply, plus a report on how well the computer is now running.

Also add any questions that you may have ...............

 

Thank You -



#3 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 19 October 2014 - 10:01 AM

Thanks for the help. The computer crashed twice while going through these steps but I went back and was able to get them all completed.
 
 
After crashes this popup shows up most of the time on restart.
 
Catalyst Control Center: Host application has stopped working
 
A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.
 
 
 
The last two crashes/BSOD's the error given was MEMORY_MANAGEMENT
 
 
Here are the logs
 
 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 8.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox 30.0 Firefox out of Date!  
 Google Chrome 37.0.2062.124  
 Google Chrome 38.0.2125.104  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log`````````````````````` 
 
 
 
 
 
MiniToolBox by Farbar  Version: 21-07-2014
Ran by Chris (administrator) on 19-10-2014 at 08:16:30
Running from "C:\Users\Chris\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================
 
 
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
 
There are 15473 more lines starting with "127.0.0.1"
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/19/2014 01:09:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (10/18/2014 06:02:08 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (4568) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 192610304 (0x000000000b7b0000) (database page wuaueng.dll0) for 32768 (0x00008000) bytes failed verification due to a page checksum mismatch.  The expected checksum was [dcbc2343d5687bee:4b7b4b7b20e716ad:a4005bffc27b1559:6d9692697fc216e0] and the actual checksum was [220b220bd34fb036:7f5c80a312e716ad:a4005bffc27b1559:6d9692697fc216e0].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Error: (10/18/2014 05:39:39 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe . Error code = 0x800706be
 
Error: (10/18/2014 05:39:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: mscorsvw.exe, version: 4.0.30319.18408, time stamp: 0x523104f3
Faulting module name: clr.dll, version: 4.0.30319.18444, time stamp: 0x52717f9a
Exception code: 0xc0000005
Fault offset: 0x000000000020e342
Faulting process id: 0x12fc
Faulting application start time: 0xmscorsvw.exe0
Faulting application path: mscorsvw.exe1
Faulting module path: mscorsvw.exe2
Report Id: mscorsvw.exe3
 
Error: (10/18/2014 05:39:30 PM) (Source: .NET Runtime) (User: )
Description: Application: mscorsvw.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 000007FEECC0E342 (000007FEECA00000) with exit code 80131506.
 
Error: (10/18/2014 04:34:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/18/2014 04:31:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: msxml3.dll, version: 8.110.7601.18431, time stamp: 0x5332e757
Exception code: 0xc0000005
Fault offset: 0x0000000000001c44
Faulting process id: 0x158
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3
 
Error: (10/18/2014 04:30:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: CCC.exe, version: 4.5.0.0, time stamp: 0x53ad0dcc
Faulting module name: amdmantle64.dll_unloaded, version: 0.0.0.0, time stamp: 0x5417637b
Exception code: 0xc0000005
Fault offset: 0x000007feded1dee0
Faulting process id: 0x3e8
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report Id: CCC.exe3
 
Error: (10/18/2014 04:30:42 PM) (Source: .NET Runtime) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEDED1DEE0
 
Error: (10/18/2014 04:26:57 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 9a0
 
Start Time: 01cfeb1a17b4ff06
 
Termination Time: 15
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 700ce1d5-570d-11e4-9529-dc0ea1197b5e
 
 
System errors:
=============
Error: (10/19/2014 08:10:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f080d: Security Update for Windows 7 for x64-based Systems (KB2984972).
 
Error: (10/18/2014 04:34:17 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: 
%%1056
 
Error: (10/18/2014 04:34:17 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: 
%%1056
 
Error: (10/18/2014 04:33:17 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: 
%%1056
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (10/18/2014 04:32:17 PM) (Source: Service Control Manager) (User: )
Description: The Secondary Logon service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (10/19/2014 01:09:22 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dragon_support_packager.exe
 
Error: (10/18/2014 06:02:08 PM) (Source: ESENT)(User: )
Description: wuaueng.dll4568SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\DataStore.edb192610304 (0x000000000b7b0000)32768 (0x00008000)-1018 (0xfffffc06)[dcbc2343d5687bee:4b7b4b7b20e716ad:a4005bffc27b1559:6d9692697fc216e0][220b220bd34fb036:7f5c80a312e716ad:a4005bffc27b1559:6d9692697fc216e0]5877 (0x16F5)
 
Error: (10/18/2014 05:39:39 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe . Error code = 0x800706be 
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
 
Error: (10/18/2014 05:39:32 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.18408523104f3clr.dll4.0.30319.1844452717f9ac0000005000000000020e34212fc01cfeb2461750addC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dlla03b04b7-5717-11e4-9529-dc0ea1197b5e
 
Error: (10/18/2014 05:39:30 PM) (Source: .NET Runtime)(User: )
Description: Application: mscorsvw.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 000007FEECC0E342 (000007FEECA00000) with exit code 80131506.
 
Error: (10/18/2014 04:34:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/18/2014 04:31:58 PM) (Source: Application Error)(User: )
Description: svchost.exe_wuauserv6.1.7600.163854a5bc3c1msxml3.dll8.110.7601.184315332e757c00000050000000000001c4415801cfeb1a1136a3cfC:\Windows\system32\svchost.exeC:\Windows\System32\msxml3.dll2fc38333-570e-11e4-9529-dc0ea1197b5e
 
Error: (10/18/2014 04:30:44 PM) (Source: Application Error)(User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll_unloaded0.0.0.05417637bc0000005000007feded1dee03e801cfeb1a621821ceC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeamdmantle64.dll03bce0fc-570e-11e4-9529-dc0ea1197b5e
 
Error: (10/18/2014 04:30:42 PM) (Source: .NET Runtime)(User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 000007FEDED1DEE0
 
Error: (10/18/2014 04:26:57 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.175679a001cfeb1a17b4ff0615C:\Windows\Explorer.EXE700ce1d5-570d-11e4-9529-dc0ea1197b5e
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-01-03 22:58:17.905
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-01-03 22:58:17.858
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40915 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.02.0000 - AMD) Hidden
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
ATC Brokers MT4 (HKLM-x32\...\ATC Brokers MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brackets (HKLM-x32\...\{CA6586CA-1C03-488B-B791-2A4533C1B1C6}) (Version: 0.35 - brackets.io)
CarbonPoker (HKCU\...\CarbonPoker) (Version: 6.0 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{61F565EB-B101-4EBE-89BB-EF0AA3F2FFB8}) (Version: 38.0.2125.9 - Google Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
ESET NOD32 Antivirus (HKLM\...\{F793B4B8-6FFF-45FD-A371-64B98B34534F}) (Version: 8.0.301.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Forex Calculator 2.5.5 (HKLM-x32\...\{188FFB05-7AA6-4704-A3C7-0F21A2C22162}_is1) (Version:  - Forex Smart Tools)
Forex Tester 2.9.6 (HKLM-x32\...\{F5EC7F6B-B68B-433C-AA20-54EDFE76191D}_is1) (Version:  - Forex Tester Software)
Forex Trade Log 2.3.12 (HKLM-x32\...\{DE19BECF-A0E5-4AAF-9CEB-472697CE976B}_is1) (Version:  - Forex Smart Tools)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.63.11.WIN.FullTilt.COM - )
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GoToMeeting 6.4.4.1831 (HKCU\...\GoToMeeting) (Version: 6.4.4.1831 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GSA Search Engine Ranker v8.95 (HKLM-x32\...\GSA Search Engine Ranker_is1) (Version: 8.95 - GSA Software)
GSA SEO Indexer v1.86 (HKLM-x32\...\GSA SEO Indexer_is1) (Version: 1.86 - GSA Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
i-beta.com extension (HKLM-x32\...\{37BE563C-6020-43A7-BB6C-3BEDE8BFA1BD}) (Version: 1.1.2 - i-beta.com)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KD Niche Finder (HKLM-x32\...\KD Niche Finder1.0.0.2) (Version: 1.0.0.2 - AppBreed Software of InnAnTech Industries Inc.)
Kindle Previewer (HKCU\...\KindlePreviewer) (Version: 2.85 - Amazon)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
liteCam HD Evaluation (HKLM-x32\...\{18F68A39-B013-447B-B28B-9F678A2241EF}) (Version: 4.13.0000 - RSUPPORT)
Micro Niche Finder 5.0 (HKLM-x32\...\Micro Niche Finder 5.0_is1) (Version: 5.7.46.0 - James J. Jones, LLC.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.7130.5000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Novel Writing Software 2.0 (HKLM-x32\...\{E8F75B7E-26CF-4477-A3E9-66A605950100}_is1) (Version:  - Marshall/Jewett)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version:  - )
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12722.79 - raidcall.com)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.00.0000 - RSUPPORT)
Scrivener (HKLM-x32\...\Scrivener 1710) (Version: 1710 - Literature and Latte)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stock Image Machine 1.0 (HKLM-x32\...\Stock_0) (Version: 1.0 - Webmaster Machines)
Traffic Travis 4.1.0 (HKLM-x32\...\Traffic Travis 4.1 Setup Wizard_is1) (Version:  - Affilorama Ltd.)
Traffic Travis 4.2.0 (HKLM-x32\...\Traffic Travis 4.2 Setup Wizard_is1) (Version:  - Affilorama Ltd.)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 40%
Total physical RAM: 7658.9 MB
Available physical RAM: 4532.18 MB
Total Pagefile: 15315.98 MB
Available Pagefile: 11653.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3984.95 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:288.24 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\CHRIS-PC
 
Administrator            Chris                    Guest                    
postgres                 
 
 
**** End of log ****
 
 
 
 
 
Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/19/2014 08:21:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.
 
 * HOSTS file entries found: 
 
  127.0.0.1 localhost
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
 
  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 10/19/2014 08:21:53 AM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)
 
 
 
 
 
# AdwCleaner v4.000 - Report created 19/10/2014 at 08:51:56
# DB v2014-10-17.9
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Chris - CHRIS-PC
# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\Users\Chris\AppData\LocalLow\adawaretb
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files (x86)\i-beta.com
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Users\Chris\AppData\Roaming\NCH Software
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\fydhhi25.default\Extensions\plugin@i-beta.com
Folder Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jd0slvab.default-1366061763803\Extensions\plugin@i-beta.com
File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jd0slvab.default-1366061763803\searchplugins\bingp.xml
File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\jd0slvab.default-1366061763803\searchplugins\trovi-search.xml
File Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.plyrics.com_0.localstorage
File Deleted : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.plyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Conduit_Search_Protect
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[fydhhi25.default] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ff");
 
-\\ Google Chrome v
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4022 octets] - [19/10/2014 08:22:39]
AdwCleaner[S0].txt - [3888 octets] - [19/10/2014 08:51:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3948 octets] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/19/2014
Scan Time: 9:24:02 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.10.19.05
Rootkit Database: v2014.10.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chris
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 375390
Time Elapsed: 23 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
Trojan.Agent.ED, C:\Users\Chris\Downloads\ComboFix.exe, Quarantined, [0091e1351f5dd264e2678d465ba625db], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 19 October 2014 - 01:49 PM

I updated Java and the newest Windows updates now on some sites such as this one, Chrome cannot even load the page for more than a couple seconds before giving me the Oh Snap error. Even after multiple refreshes the error keeps happening. I am having to use Firefox to post this.



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 19 October 2014 - 03:38 PM

Trojan.Agent.ED, C:\Users\Chris\Downloads\ComboFix.exe, Quarantined,

Has this problem got better or worse since you ran ComboFix, and what directions did you follow to run the program ??

 

Remove the problem browser, it is not required. Uninstall Google Chrome - Chrome Help
 

Run a Disk Check on your Main Hard Drive in Windows:
• Click Start and open Computer
• Right-click on C: (or your main Hard Drive letter) and select Properties
• Click on the Tools tab
• Under Error-checking click the Check Now... button
• Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
• Click on the Start button
• When the message box pops up, click the Schedule disk check button and RESTART your computer
• Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
NOTES : This can take from 1 to 2 hours to complete depending on your system, so let it continue
Do not Reboot during the scan, as you can (will) lose data from the system.
If this is a laptop, plug it into a reliable power source, as batteries do fail.
Once completed, the computer will reboot back to Normal Mode.

 

 

Run System File Check from an Elevated Command Prompt
 1. Open Elevated Command Prompt as per directions
 2. Type sfc /scannow and press Enter (note the space between c and / it must be there)
 3. (On average).This should not take longer than 20 minutes to finish
 4. NOTE : Do not touch the keyboard while this is running

Follow the general NOTES above.

 

 

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only Copy / Paste the link)

 

 

When completed - Please download Temp File Cleaner by Old Timer
Usage Instructions:1.Download TFC from the download link above and save the file on your desktop.
2.Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3.Double-click on the TFC icon.
4.When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5.When done, press OK > Exit, and reboot your computer and finish the cleanup

 

EDIT for minor change.


Edited by noknojon, 19 October 2014 - 03:43 PM.


#6 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 19 October 2014 - 03:43 PM

It's been quite awhile since I ran ComboFix. I listened to a recommendation to run it months ago but now I see that I should not have without someone knowledgable telling me to. The current issue started long after ComboFix was used and removed. It has been months I think.

 

I'm uninstalling Chrome now. Should I try to reinstall or wait?

 

I'm going to start the Disk Check as well. I'll report back once it is finished.



#7 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 19 October 2014 - 04:03 PM

http://speccy.piriform.com/results/VsO5E65zhbsVvayvVgk5HP4



#8 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 19 October 2014 - 07:57 PM

I have completed all of these scans. The disk check took a little over 2 hours but didn't give me a log or anything to show or tell you about.

 

The sfc /scannow stopped at 96% and gave me this message:

 

Windows resource protection found corrupt files but was unable to fix some of them. Details are included in the CBs.Log windir/Logs/CBS/CBS.log. For example C:\Windows\Logs\CBS\CBS.log

 

I was able to find the log and copy it. It is a very, very big wall of text.



#9 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 21 October 2014 - 08:27 PM

I noticed when I tried starting World of Warcraft that I get and error saying that Qt5Gui.dll is missing from my computer. I don't think this is a WoW only file so could it be part of the big problem?



#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 25 October 2014 - 01:03 AM

Thanks for posting in the 3 day listing, as we do lose topics at times when we are busy at home.

 

I have been away and only logged in briefly -

 

Re - Reading the logs and asking another person for ideas .........



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 25 October 2014 - 01:20 AM

A simple GUI may application require the following dependencies:

Qt5Core.dll
Qt5Gui.dll
Qt5Widgets.dll
libGLESv2.dll
icuuc49.dll
icuin49.dll
icudt49.dll
D3DCompiler_43.dll

There is still no guarantee that these will fix your problem
The simple app still needs "Visual C++ Runtime Library".
 

Looking for a safe link to download it from.

 

EDIT -

I will post back later, as we have people over this evening, and they just arrived ..........


Edited by noknojon, 25 October 2014 - 02:06 AM.


#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 25 October 2014 - 06:50 AM

Due to the ranges of listed BSOD reasons
PAGE_FAULT_IN-NON_PAGED
 SYSTEM_SERVICE_EXCEPTION
 IRQL_NOT_LESS_OR_EQUAL
Plus you now list not being able to operate WoW game due to missing .dll items.

Adding to that a ComboFix error that has never been fully removed (we do not work with ComboFix here)
Plus your CLR error: 800004005 the program will now terminate error, this has grown from a simple fix to "Multiple problems".
 

Every time I find one solution, it leads to a problem that is in an Expert Only area, and I can not use their tools.

 

 

Please follow the instructions in This Preparation Guide starting at Step 6.

Once the requested logs are created, then make a New Topic and post it to the =>> Malware Removal Experts Area <== Not back here.

Copy and Paste any logs created, (do not attach them unless requested) and include a brief description of your problem and what you have done to try to resolve them.
Please note that the area can get a bit busy, so you may need to wait a day or more for a reply.

NOTE - If you cannot produce any of the logs, then please create the new topic anyway. Do not run more tools unless the experts request them.



#13 JeffyDurden

JeffyDurden
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Elk City, OK
  • Local time:01:19 AM

Posted 26 October 2014 - 11:56 PM

Thank you for the replies Nok. I am out of town until late Sunday so once I get back I'll follow your instructions to get back on track. Thank you for all your help. It is very much appreciated.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users