Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Default browser invokes on startup. Why?


  • Please log in to reply
40 replies to this topic

#1 scldunners

scldunners

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 29 April 2015 - 09:10 PM

Every third time I start my PC, my default brower starts itself once I've logged in and Slashdot.org website is displayed. I never set this up. I had this issue last year , took some advice, it went away. It resume the behaviour last week

 

I run AdAware Pro Security, and have done scans using System Mechanic, Spybot and Malwarebytes.My PC in running Windows 8.1 Pro. System and software is fully updated. I can see anything in the task scheduler that might be doing this (though I am no expert).

 

The behavior in itself is not an issue (tho annoying), but I am concerned something else might underlie it.

 

Help as to what this is and how to fix it would be much appreciated.

 

Regards

 

Steve



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 30 April 2015 - 01:23 AM

Hello there,

Please do this. If you do not understand anything, feel free to stop and ask.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#3 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 02 May 2015 - 08:14 PM

Alex,

 

Sorry I thought I'd replied to this days ago but must have done something wrong.

 

Result.txt

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Steve Lucas (administrator) on 30-04-2015 at 18:36:38
Running from "C:\Users\Steve Lucas\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Model: XPS 8700 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com

There are 15474 more lines starting with "127.0.0.1"


========================= Event log errors: ===============================

Application errors:
==================
Error: (04/30/2015 02:18:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1".
Dependent Assembly ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/30/2015 02:17:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./root/default namespace does not exist. The query will be ignored.

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./root/default namespace does not exist. The query will be ignored.

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./root/default namespace does not exist. The query will be ignored.

Error: (04/30/2015 01:17:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 00:48:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (04/30/2015 00:46:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process id: 0x13d8
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5

Error: (04/30/2015 00:44:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process id: 0x1974
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5

Error: (04/30/2015 00:42:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb
Faulting module name: mpengine.dll, version: 1.1.10600.0, time stamp: 0x53618404
Exception code: 0xc0000005
Fault offset: 0x000000000061133e
Faulting process id: 0x658
Faulting application start time: 0xMsMpEng.exe0
Faulting application path: MsMpEng.exe1
Faulting module path: MsMpEng.exe2
Report Id: MsMpEng.exe3
Faulting package full name: MsMpEng.exe4
Faulting package-relative application ID: MsMpEng.exe5


System errors:
=============
Error: (04/30/2015 02:44:52 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (04/30/2015 02:44:36 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (04/30/2015 02:44:36 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (04/30/2015 02:44:36 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (04/30/2015 02:18:33 PM) (Source: DCOM) (User: SCLDELL)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/30/2015 02:18:03 PM) (Source: DCOM) (User: SCLDELL)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/30/2015 02:17:35 PM) (Source: Microsoft-Windows-Ntfs) (User: NT AUTHORITY)
Description: K:\Device\HarddiskVolume72

Error: (04/30/2015 00:46:32 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service terminated unexpectedly.  It has done this 3 time(s).

Error: (04/30/2015 00:44:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/30/2015 00:42:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (04/30/2015 02:18:21 PM) (Source: SideBySide)(User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (04/30/2015 02:17:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\Belkin\@TV\Setup Wizard\SetupWizard.exe

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: IntelWLANEventProviderselect * from CIntelQosEventCIntelQosEvent//./root/default

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: IntelWLANEventProviderselect * from CIntelDot1xEventCIntelDot1xEvent//./root/default

Error: (04/30/2015 02:16:05 PM) (Source: Microsoft-Windows-WMI)(User: NT AUTHORITY)
Description: IntelWLANEventProviderselect * from CIntelWLANEventCIntelWLANEvent//./root/default

Error: (04/30/2015 01:17:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\Belkin\@TV\Setup Wizard\SetupWizard.exe

Error: (04/30/2015 00:48:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\Belkin\@TV\Setup Wizard\SetupWizard.exe

Error: (04/30/2015 00:46:32 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133e13d801d082def2c27284C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{312B0723-A58F-4E83-83B6-307F62EBC358}\mpengine.dll580bc665-eed2-11e4-836a-0c8bfd973e5b

Error: (04/30/2015 00:44:18 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133e197401d082de9f40dc44C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{312B0723-A58F-4E83-83B6-307F62EBC358}\mpengine.dll07da6a7a-eed2-11e4-836a-0c8bfd973e5b

Error: (04/30/2015 00:42:05 PM) (Source: Application Error)(User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10600.053618404c0000005000000000061133e65801d082de5bcf28cdC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{312B0723-A58F-4E83-83B6-307F62EBC358}\mpengine.dllb92527c6-eed1-11e4-836a-0c8bfd973e5b


CodeIntegrity Errors:
===================================
  Date: 2015-04-30 18:32:39.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-29 19:32:24.262
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-29 19:24:17.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-29 18:56:45.168
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 22:41:36.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 22:32:30.954
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 22:21:40.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 22:12:53.049
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 22:06:56.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-22 21:36:55.044
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Acrobat Reader Packages (HKCU\...\Acrobat Reader Packages) (Version:  - )
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aff Packages (HKCU\...\Aff Packages) (Version:  - )
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9204C155-00EA-6388-9362-01D16FFA114C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
Belkin @TV Software (HKLM-x32\...\InstallShield_{08B0C3BC-F591-4D3B-B3D6-8B33A9F4F296}) (Version: 1.8.3.206 - Belkin)
Belkin @TV Software (x32 Version: 1.8.3.206 - Belkin) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell KM632 Wireless Keyboard Caps Lock Indicator (HKLM-x32\...\{55586382-6704-4237-AAA7-85FF9C055022}) (Version: 2.1.10.0604 - Dell)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Detect - 1  (HKCU\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f6218a42-cca7-4b45-a5fe-4d0b9781de70}) (Version: 16.5.0 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.5.1 - iolo technologies, LLC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
mSecure (HKLM-x32\...\{84C0F28E-47F9-446E-B1F2-DFF746B80B54}) (Version: 3.157 - mSeven Software LLC)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG)
Nero 2014 (HKLM-x32\...\{B7D4C429-9CAB-4B97-A879-AFD1F922DD27}) (Version: 15.0.06800 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.5.11000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.2.21032 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Cliparts (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.2.0009 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.4.0017 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 16.0.1015 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.7000 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Image Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1006 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.28.4900 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
Nero Prerequisite Installer 3.0 (HKLM-x32\...\{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nero Recode (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.27001 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.11000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.16006 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.5.4000 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.27001 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Video Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero WaveEditor (HKLM-x32\...\{8F7F40B4-8C55-4B92-8C89-16501DAC697F}) (Version: 12.5.00800 - Nero AG)
Nero WaveEditor (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero WaveEditor Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0008 - Nero AG) Hidden
Prerequisite installer (x32 Version: 15.0.0010 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.13 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{7CD26A0C-9B59-4E84-B5EE-B386B2F7AA16}) (Version: 4.1.0.273 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 4.0.2 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Syncplicity (HKLM\...\{69D16DAD-5ABD-4662-926E-D7F51906E156}) (Version: 3.4.8.9 - Syncplicity, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFilteringEngine (Version: 2.2.1.0 - Lavasoft) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 16335.13 MB
Available physical RAM: 13184.98 MB
Total Pagefile: 18767.13 MB
Available Pagefile: 14248.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.79 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1854.26 GB) (Free:1356.01 GB) NTFS
7 Drive k: (VHD) (Fixed) (Total:232.89 GB) (Free:102.01 GB) NTFS
8 Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.19 GB) NTFS
9 Drive y: (PBR Image) (Fixed) (Total:7.62 GB) (Free:0.69 GB) NTFS

========================= Users: ========================================

User accounts for \\SCLDELL

Administrator            Guest                    SophosSAUSCLDELL0        
Steve Lucas              


**** End of log ****
 

 

and Security check

 

Results of screen317's Security Check version 1.00  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
Ad-Aware Antivirus   
Windows Defender     
Sophos Anti-Virus    
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy
 Adobe Flash Player     17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (37.0.2)
 Google Chrome (41.0.2272.118)
 Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.6.306.7947\AdAwareService.exe
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.6.306.7947\AdAwareTray.exe
 Sophos Sophos Anti-Virus Web Control swc_service.exe
 Sophos Sophos Anti-Virus SavService.exe  
 Sophos Sophos Anti-Virus SAVAdminService.exe  
 Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
 Sophos Sophos Anti-Virus Web Intelligence swi_filter.exe
 iolo System Mechanic iologovernor64.exe  
 iolo Common Lib ioloServiceManager.exe
 iolo System Mechanic LiveBoost.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 01:46 AM

Hello,

You have two antivirus programs running. Please remove either Ad-Aware or Sophos - you can do this from Programs and Features in Control Panel.

Please uninstall iolo System Mechanic - Bleeping Computer DOES NOT support the use of registry cleaners and PC optimizers.

Spybot S&D is no longer recommended due to its low performance, and TeaTimer interferes with disinfection of malware. You can remove Spybot from Programs and Features.

After you have done the above steps, please run this.

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
===

Autoruns by Sysinternals

Please follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns from here.
  • Extract the content of the Autoruns.zip folder on the Desktop.
  • Open the Autoruns folder, right click on Autoruns.exe and click Run as Administrator.
  • Accept the EULA on opening, then wait for all the entries to load.
  • Click on File, then Save and save the file to your Desktop.
  • Go on ge.tt and upload the Autoruns file you saved.
  • Please copy and post the download URL of your uploaded file in your next reply.
Regards,
Alex

#5 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 02:25 AM

Alex,

 

Yes I only added Sophos and Spybot to try a identify this problem. Gone now. Adaware still used for AV, Malware and Firewall.

 

Systems Mechanic I've used for years and have on multiple devices. It does seem to work OK???? Removed from the problematic machine.

 

Adwcleaner

 

# AdwCleaner v4.203 - Logfile created 03/05/2015 at 19:09:00
# Updated 30/04/2015 by Xplode
# Database : 2015-05-02.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Steve Lucas - SCLDELL
# Running from : C:\Users\Steve Lucas\Downloads\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


-\\ Google Chrome v42.0.2311.135


*************************

AdwCleaner[R0].txt - [4395 bytes] - [07/12/2014 13:19:31]
AdwCleaner[R1].txt - [1844 bytes] - [22/04/2015 21:27:16]
AdwCleaner[R2].txt - [2615 bytes] - [23/04/2015 18:17:48]
AdwCleaner[R3].txt - [1200 bytes] - [26/04/2015 12:55:42]
AdwCleaner[R4].txt - [946 bytes] - [03/05/2015 19:09:00]
AdwCleaner[S0].txt - [4438 bytes] - [07/12/2014 13:20:18]
AdwCleaner[S1].txt - [1924 bytes] - [22/04/2015 21:28:43]
AdwCleaner[S2].txt - [2694 bytes] - [23/04/2015 18:19:14]
AdwCleaner[S3].txt - [1267 bytes] - [26/04/2015 12:56:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1240 bytes] ##########
 

Still use Adaware.

 

The auto runs instruction I don't quite get. are you looking for

http://ge.tt/2Kh0geF2

Steve



#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 02:34 AM

Hello,

Please see the information below for why Bleeping Computer does not recommend the use of registry cleaners.

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.
Can you create another Autoruns log? The one you submitted crashed Autoruns on my machine when I open it.

Thank you.

Regards,
Alex

#7 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 02:45 AM

Alex,

 

Interesting about the Cleaners.

 

I've rerun the autoruns and uploaded a second file.

 

 

 

http://ge.tt/75OPjeF2

 

regards

 

Steve



#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 03:18 AM

Hello,

Which browser is this phenomenon happening at the moment?

I'm consulting with my instructor and will be back with more information.

Regards,
Alex

#9 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 03:26 AM

Alex,

 

Currently this is happeneing in Firefox, but it does happen in IE if I change my default browser. I should note that it happens on EVERY boot.

 

regards

 

Steve



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 03:36 AM

Hello,

Can you try resetting your browsers using these instructions?

I see that you have CCleaner installed - please use it to clear the cache files for all browsers.

Let me know how it went.

Regards,
Alex

#11 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 03:56 AM

Alex,

 

 

OK I did that (noting that my version of Firefox had a Refresh Button not a Reset Button??). I noted on restart that the behaviour is still there.

 

regards

 

 

Steve



#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 04:09 AM

Hello,

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    *Slashdot*
    
    :regfind
    *Slashdot*
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt
Regards,
Alex

#13 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 04:17 AM

Alex,

 

 

Here it is.

 

SystemLook 30.07.11 by jpshortstuff
Log created at 21:15 on 03/05/2015 by Steve
Administrator - Elevation successful

No Context: •    :filefind

No Context: •    *Slashdot*

No Context: •    

No Context: •    :regfind

No Context: •    *Slashdot*

-= EOF =-



#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:07 AM

Posted 03 May 2015 - 05:01 AM

Hello,

Can you repeat the steps but instead of copying the code, can you manually type the code into SystemLook instead?

Thank you.

Regards,
Alex

#15 scldunners

scldunners
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 03 May 2015 - 05:13 AM

Alex,

 

Oh sorry!

 

SystemLook 30.07.11 by jpshortstuff
Log created at 22:05 on 03/05/2015 by Steve Lucas
Administrator - Elevation successful

========== filefind ==========

Searching for "*Slashdot*"
No files found.

========== regfind ==========

Searching for "*Slashdot*"
No data found.

-= EOF =-

 

I need to go offline now. Back tomorrow. Thanks for your help this evening.

 

Steve






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users