Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop unresponsive


  • Please log in to reply
7 replies to this topic

#1 Howardtheduck316

Howardtheduck316

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 07 May 2018 - 08:08 AM

So we are having multiple computers become unresponsive where you can't click on anything on the desktop. We have to restart the computers or control+Alt+delete to get it come back. Any ideas? It has to be from an update of some kind. 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:42 PM

Posted 07 May 2018 - 09:32 AM

Let's...look at some data from one of these systems.  It's pointless to try to troubleshoot more than one system at a time, IMO.

 

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 Howardtheduck316

Howardtheduck316
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 07 May 2018 - 05:26 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Dan (administrator) on 07-05-2018 at 17:16:36
Running from "C:\Users\Dan\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: OptiPlex 9010 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/07/2018 03:35:52 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18978 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: b98
Start Time: 01d3e63cd7c1b682
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
 
Error: (05/07/2018 02:46:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 02:44:18 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18978 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 16d0
Start Time: 01d3e627778ac18c
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
 
Error: (05/07/2018 02:20:34 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18978 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 16a8
Start Time: 01d3e62760df71ad
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
 
Error: (05/07/2018 12:17:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 10:02:14 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18978 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f98
Start Time: 01d3e5fa7ed0b836
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
 
Error: (05/07/2018 06:54:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 06:37:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 06:23:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/04/2018 05:35:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/07/2018 02:45:57 PM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 10 service failed to start due to the following error: %%2 = The system cannot find the file specified.
 
Error: (05/07/2018 02:45:52 PM) (Source: Service Control Manager) (User: )
Description: The WvPCR service depends the following service: TBS. This service might not be installed.
 
Error: (05/07/2018 02:45:52 PM) (Source: Service Control Manager) (User: )
Description: The SI TSS v1.2.1.41 TCS service depends the following service: TBS. This service might not be installed.
 
Error: (05/07/2018 02:44:47 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
 
Error: (05/07/2018 01:58:03 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (05/07/2018 12:16:56 PM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 10 service failed to start due to the following error: %%2 = The system cannot find the file specified.
 
Error: (05/07/2018 12:16:51 PM) (Source: Service Control Manager) (User: )
Description: The WvPCR service depends the following service: TBS. This service might not be installed.
 
Error: (05/07/2018 12:16:50 PM) (Source: Service Control Manager) (User: )
Description: The SI TSS v1.2.1.41 TCS service depends the following service: TBS. This service might not be installed.
 
Error: (05/07/2018 06:53:50 AM) (Source: Service Control Manager) (User: )
Description: The TeamViewer 10 service failed to start due to the following error: %%2 = The system cannot find the file specified.
 
Error: (05/07/2018 06:53:41 AM) (Source: Service Control Manager) (User: )
Description: The WvPCR service depends the following service: TBS. This service might not be installed.
 
Microsoft Office Sessions:
=========================
Error: (05/07/2018 03:35:52 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.18978b9801d3e63cd7c1b6820C:\Program Files\Internet Explorer\iexplore.exe
 
Error: (05/07/2018 02:46:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 02:44:18 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1897816d001d3e627778ac18c0C:\Program Files\Internet Explorer\iexplore.exe
 
Error: (05/07/2018 02:20:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.1897816a801d3e62760df71ad0C:\Program Files\Internet Explorer\iexplore.exe
 
Error: (05/07/2018 12:17:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 10:02:14 AM) (Source: Application Hang)(User: )
Description: iexplore.exe11.0.9600.18978f9801d3e5fa7ed0b8360C:\Program Files\Internet Explorer\iexplore.exe
 
Error: (05/07/2018 06:54:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 06:37:03 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/07/2018 06:23:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/04/2018 05:35:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2018-05-04 16:29:34.751
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-05-04 16:29:34.649
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
AlignmentUtility (HKLM-x32\...\{4C5E314A-31CA-4223-9A90-CE0C4D5800A4}) (Version: 21.00.0000 - UPS) Hidden
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{7AA348CE-190E-416B-839E-68E33CFEB580}) (Version: 15.4.14.1 - Broadcom Corporation)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 1.3.13 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.3.13.10003 - CANON INC.)
Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.1.1.0 - CANON INC.)
Canon MF510 Series (HKLM\...\{DAB13D93-9822-4287-9104-1E323D65AFBA}) (Version: 5.0.0.1 - CANON INC.)
CCC (HKLM-x32\...\{95749C5B-BC37-41E3-8D39-EEF4C21A2825}) (Version: 21.00.0000 - United Parcel Service, Inc.) Hidden
CCMComInterface (HKLM-x32\...\{2D57AD48-76B0-4CFE-A4D2-3A23B465CC6E}) (Version: 8.00.0005 - Toshiba America Information System Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Custom (HKLM\...\{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}) (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dealertrack DMS Web Client (HKLM-x32\...\{2B46A433-E0A8-46FE-9283-D246A8239D40}) (Version: 10.5.4 - Dealertrack Technologies) Hidden
Dealertrack DMS Web Client (HKLM-x32\...\Dealertrack DMS Web Client) (Version: 10.5.4 - Dealertrack Technologies)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.1 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00001.021 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
DellAccess (HKLM\...\{20A4AA32-B3FF-4A0B-853C-ACDDCD6CB344}) (Version: 01.03.00.046 - Wave Systems Corp.) Hidden
EMBASSY Client Core (HKLM\...\{7EC46A4C-E659-418E-A65A-BD7FC82D4C48}) (Version: 01.03.00.092 - Wave Systems Corp.) Hidden
ERAS Connector (HKLM\...\{0A8700AE-1FD3-4986-B9A8-8FDC84786C66}) (Version: 02.09.05.0330 - Wave Systems Corp) Hidden
FormsComponent (HKLM-x32\...\{91032FF2-836F-4CCA-A1A3-55B966E82907}) (Version: 21.00.0000 - UPS) Hidden
FOSS (HKLM-x32\...\{267FC070-5271-4768-B33A-33E4EA0E3A74}) (Version: 21.00.0000 - UPS) Hidden
GDR 6248 for SQL Server 2012 (KB3194721) (HKLM-x32\...\KB3194721) (Version: 11.3.6248.0 - Microsoft Corporation)
GDR 6251 for SQL Server 2012 (KB4019092) (HKLM-x32\...\KB4019092) (Version: 11.3.6251.0 - Microsoft Corporation)
Gemalto (HKLM\...\{91CE5F03-3A2A-4268-935A-04944F058AE9}) (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.1 - Gemalto) Hidden
GM EPC Application (HKLM-x32\...\{9004B20C-2DCD-422E-9A7E-F4765EF3F99E}) (Version: 1.03.0700 -  )
GM EPC Configuration Data (HKLM-x32\...\{AA8ED32C-7BAA-4179-8965-3C8F7084462D}) (Version: 1.00.0510 -  )
GM EPC Database Manager (HKLM-x32\...\{0C54D0D3-CB79-4D22-A835-75CBA30D712E}) (Version: 1.00.0000 -  )
GM EPC Infrastructure (HKLM-x32\...\{4778534A-1C8A-40FA-8E8C-693428A28BD6}) (Version: 1.00.4310 - )
GM EPC Local Data (HKLM-x32\...\{638B844B-D167-41F8-940F-87AC7D8180E4}) (Version: 1.00.1170 -  )
GM EPC North America (HKLM-x32\...\{3AA82290-F80D-43E5-B870-83D7C626F133}) (Version: 1.00.0950 -  )
GM EPC North America Archive (HKLM-x32\...\{BA97FD07-009F-4FA6-A2AC-6254992B6B17}) (Version: 1.00.0520 -  )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.26.0.8679 (HKCU\...\GoToMeeting) (Version: 8.26.0.8679 - LogMeIn, Inc.)
ICCHelp (HKLM-x32\...\{A5763105-D1D5-4862-A3FE-EC058F9AA73E}) (Version: 21.00.0000 - UPS)
Image Plugin (HKLM-x32\...\{FDC8065B-80DE-4466-B90B-2581F6D77DFF}) (Version: 3.05.0001 - Snap-on Business Solutions)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® IPP Run-Time Installer 7.0 for Windows (HKLM-x32\...\{84C1ACA3-C1A7-4B31-A6C1-1018A481BDFE}) (Version: 7.00.0000 - Toshiba Corp.)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Jabra PC Suite 2.10.3050 (HKLM-x32\...\{4F75AE17-7642-4401-AA3B-C6A45EF55008}) (Version: 2.10.3050.0 - GN Netcom A/S)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
join.me (HKCU\...\JoinMe) (Version: 3.2.1.5059 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Licensing Control (HKLM-x32\...\{FAF41552-4561-4AE0-8971-789C59EE77C2}) (Version: 1.03.0000 - Snap-on Business Solutions, Inc.)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MetaWeb (HKLM-x32\...\{73DE96F9-C03B-4FF4-A027-FFBF6B087EBD}) (Version: 3.2.0.2 - CGM Technology Services)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Command Line Utilities 11 for SQL Server (HKLM-x32\...\{92216AED-67BB-4832-8A7B-BBE8FDE7C3B0}) (Version: 11.0.2270.0 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{4294D9EB-FECF-4E55-8615-1B9EF152EE95}) (Version: 12.2.5543.11 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.5007.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{7FFF0385-BD04-4047-AA1D-6146A391FD0A}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{9AE22681-C27C-402A-A136-15854DFF693D}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{7D8178CA-1AC1-4371-AD8B-5AD32C96274D}) (Version: 11.3.6251.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{076FF390-D283-4174-B602-B0B7B72BD024}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{8CE29F52-8FAF-4CFD-89E8-B2D61A6800B1}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 1.2 (HKLM-x32\...\{5169D2E2-0B94-3320-8C7A-718F92BE20CE}) (Version: 9.0.30729 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.3.6020.0 - Microsoft Corporation)
MSIChecker (HKLM-x32\...\{C9D43B38-34AD-4EC2-B696-46F42D49D174}) (Version: 21.00.0000 - UPS) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NA1Messenger (HKLM-x32\...\{D44E7219-947E-4F1B-830E-66EF11ACC543}) (Version: 21.00.0000 - Your Company Name) Hidden
NRF (HKLM-x32\...\{99A0F94F-9F09-4F09-B8D9-E8F1BBBEF212}) (Version: 21.00.0000 - UPS) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
PBA Driver (HKLM\...\{DF5B5BEC-BA44-4669-98C8-2A691C5EA428}) (Version: 1.0.1.7 - Dell Inc.) Hidden
PolicyManager (HKLM-x32\...\{2329553C-D499-4476-A20F-9C7E82ED122B}) (Version: 21.00.0000 - UPS) Hidden
Preboot Manager (HKLM\...\{59ACD2BB-FC62-4427-81D2-618CF81A2A32}) (Version: 03.05.00.026 - Wave Systems Corp.) Hidden
Private Information Manager (HKLM\...\{0149ECF0-D825-4892-A468-065F2009328A}) (Version: 07.03.00.016 - Wave Systems Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5985 - Realtek Semiconductor Corp.)
Reconciler (HKLM-x32\...\{98C4DE92-27C8-482C-8431-514828756E80}) (Version: 21.00.0000 - UPS) Hidden
ReportServer (HKLM-x32\...\{C81D8576-F1B1-4E3A-9DC3-DF1B664962F0}) (Version: 21.00.0000 - Your Company Name) Hidden
Service Pack 3 for SQL Server 2012 (KB3072779) (HKLM-x32\...\KB3072779) (Version: 11.3.6020.0 - Microsoft Corporation)
SI TSS (HKLM\...\{A2309A2F-4BEB-45C8-92E1-84D430AC15AD}) (Version: 2.1.41 - Security Innovation) Hidden
SIplugin (HKLM-x32\...\{D9D59C79-B080-4C94-B72A-1EB432ED192E}) (Version: 1.00.0000 - GM Service and Parts Operation) Hidden
SIplugin (HKLM-x32\...\InstallShield_{D9D59C79-B080-4C94-B72A-1EB432ED192E}) (Version: 1.00.0000 - GM Service and Parts Operation)
SPBA (WBF) 5.9 (HKLM\...\{DD317AA5-F0EF-480F-9501-507712B5E0B6}) (Version: 5.9.7.7232 - Authentec Inc.) Hidden
SQL Server 2012 Common Files (HKLM-x32\...\{124D51A1-F3C2-45AE-B812-D3CA71247093}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM-x32\...\{7D29ED63-84F9-4EC7-B49F-994A3A3195B2}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM-x32\...\{DCE79FAE-6AC4-4718-A5BB-DA41F1740784}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM-x32\...\{E0012154-D166-4FDF-96BF-ECFF4AA367B5}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM-x32\...\{54F84805-0116-467F-8713-899DFC472235}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM-x32\...\{D0F44C37-A22B-4733-BBA7-86C9F4988725}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.3.6020.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{30CA21F2-901A-44DB-A43F-FC31CD0F2493}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
SupportUtility (HKLM-x32\...\{31AF8802-BF43-4C43-984B-EC597CF51505}) (Version: 21.00.0000 - UPS) Hidden
System (HKLM-x32\...\{DB2C58E0-6284-4B48-97F2-22A980B6360B}) (Version: 21.00.0000 - UPS) Hidden
toolkit32for64bit (HKLM-x32\...\{6C2DD120-A13A-48DD-9A65-D5FD8BE63435}) (Version: 7.68.85.0013 - Wave Systems Corp) Hidden
TOSHIBA Call Manager (HKLM-x32\...\TOSHIBA Call Manager) (Version: 8.2.16.1 - Toshiba America Information Systems, Inc)
Toshiba TSP for Windows x64 (HKLM\...\{87C62091-B343-4F5F-A090-FDF42EF71DF2}) (Version: 8.2.4 - Toshiba America Information Systems, Inc.)
Trusted Drive Manager (HKLM\...\{236EBEF4-8DE5-4E0E-8FD0-27D94F772FF0}) (Version: 5.0.0.304 - Wave Systems Corp.) Hidden
UnifiedPrinting (HKLM-x32\...\{CF2962CB-E3E7-4AA5-B6CE-EE59A600ECBE}) (Version: 21.00.0000 - UPS) Hidden
UPS WorldShip (HKLM-x32\...\UPS WorldShip) (Version: 21.0 - UPS)
UPSDB (HKLM-x32\...\{837896B9-CACA-44EF-B2F8-F6DB3D743595}) (Version: 21.00.0000 - UPS) Hidden
UPSICC (HKLM-x32\...\{390160B4-D276-4A04-8002-8D3101A0D367}) (Version: 21.00.0000 - UPS) Hidden
UPSlinkHTTP (HKLM-x32\...\{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}) (Version: 21.00.0000 - UPS) Hidden
UPSVC2008MM (HKLM-x32\...\{95BFC573-7D09-46C9-B458-A75BA947FFCB}) (Version: 1.00.0000 - UPS) Hidden
UPSVC2013MM (HKLM-x32\...\{D99432A9-099D-4DF0-B3BA-41562C3F8B4C}) (Version: 19.00.0000 - Your Company Name) Hidden
UPSVCMM (HKLM-x32\...\{C23415D8-FE94-4F52-B5C4-0FFA2202C6D9}) (Version: 12.00.0000 - UPS) Hidden
Wave Crypto Runtime 2.0.9.0 x64 (HKLM\...\{5F160A36-29D0-4AE0-986C-671A564BC0D4}) (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (HKLM-x32\...\{29D07FB4-A026-4E1F-B9A2-8C9EC0E2FEBB}) (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (HKLM\...\{14CFC674-CD4F-4BE5-8B68-07BA3FE941FF}) (Version: 07.68.85.0014 - Wave Systems Corp) Hidden
Wave Support Software Installer (HKLM\...\{86A9BBDF-9B6D-4E3D-810E-23C9079C6217}) (Version: 05.15.00.021 - Wave Systems Corp) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.19.43 - Webroot)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WorldShip (HKLM-x32\...\{05221EA8-BC66-483B-8036-5CAF7B813C10}) (Version: 21.00.0000 - UPS) Hidden
WSShared (HKLM-x32\...\{4D8761F6-BB0D-48B9-81F3-58EC0CDA2090}) (Version: 21.00.0000 - UPS) Hidden
 
========================= Memory info: ===================================
Percentage of memory in use: 29%
Total physical RAM: 16270.22 MB
Available physical RAM: 11496.28 MB
Total Virtual: 32538.61 MB
Available Virtual: 27393.43 MB
 
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:447.15 GB) (Free:254.5 GB) NTFS
3 Drive e: () (Removable) (Total:14.45 GB) (Free:8.4 GB) FAT32
 
========================= Users: ========================================
User accounts for \\DAN-PC
 
Administrator            Dan                      Guest                    
 
 
**** End of log ****
 
 

http://speccy.piriform.com/results/8ZqSDAFKDDm12iAmGW7uUOK


Edited by hamluis, 07 May 2018 - 06:32 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:42 PM

Posted 07 May 2018 - 06:54 PM

I would run the chkdsk /r command, follow that with the sfc /scannow command.

 

There does not appear to be any situation that one can attribute to Windows Update.

 

Did you follow the suggested instructions for obtaining details on the IE situations noted in Event Viewer?

 

Louis



#5 Howardtheduck316

Howardtheduck316
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:02:42 PM

Posted 08 May 2018 - 08:02 AM

I will run those today. I checked the 3 boxes you asked in minibox. Does it look like I have done something wrong? 

 

 We have 5 computers out of 25 that are doing this. I also noticed 1 of the computers (the one that does it most often) the default sounds have been changed. I have ran webroot (our office virus scan) malwarebytes, cc cleaner. And only removed a few tracking cookies, nothing major. 

 

a restart or control+alt+del and stop the process iexplore will take car of it. The desktop will not work but I can click on stuff in the task bar.



#6 joseibarra

joseibarra

  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Downstairs
  • Local time:02:42 PM

Posted 08 May 2018 - 08:15 AM

If the issue seems to always involve Explorer (iexplore.exe) perhaps there is an afflicted addon/extension or ActiveX control that is afflicted as sometimes third party programs/additions/things can malfunction after application of some WIndows updates that patch security holes...  since the third party things still have the security hole.

 

It's sort of like running Explorer in Safe Mode" and if works okay with no addons, you can start a process of elimination to figure out which one is afflicted.

 

You can start Explorer with no add-ons several ways either from the start menu or if you are using a shortcut to start it modify the shortcut:

 

[attachment=204528:Untitled.jpg]

 

To modify a shortcut make it look like this:

 

[attachment=204529:1.jpg]

 

 

If things look fine then, now you have to work through the extras and figure out which is the troublemaker.

 

 


Edited by joseibarra, 08 May 2018 - 08:16 AM.

The mediocre teacher tells. The good teacher explains. The superior teacher demonstrates.


#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:42 PM

Posted 08 May 2018 - 10:41 AM

My previous reference to "instructions about IE" was intended to refer to the suggestions Windows provided in Event Viewer for viewing details, etc.

 

Louis



#8 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:42 PM

Posted 09 May 2018 - 01:04 PM


Error: (05/07/2018 10:02:14 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.18978 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f98
Start Time: 01d3e5fa7ed0b836
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:

 

To be clear, go to Control Panel, Action Center, under Maintenance--View problems to report, View technical details under Internet Explorer, Copy to clipboard at bottom of next window, then paste this info into your next reply.

 

After posting that, please tell us if all of the machines having this problem have run combofix and if so, can you remember a relationship between the problem's occurrence and the use of CF?  You probably have a buggy extension or other add-on as the people posting to your last two threads have tried to help you with, so deal with that first, but unsupervised running of CF could also be a problem that we can deal with if we feel there is a need.

 


We always did feel the same

We just started from a different point of view

Tangled up in blue--Bob Dylan





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users