Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Frozen screens, Shockwave crashes and random BSOD shutdowns

BSOD Shockwave Crashes

  • Please log in to reply

#1
ColtsFan18

ColtsFan18

    Member

  • Member
  • PipPipPip
  • 372 posts

Not sure if I'm infected with anything but what started off with just your standard "Shockwave is not responding" and "Aw Snap" Google pages has snowballed into sudden shut downs when the machine is not in use.  It can be sitting idle and suddenly I see the Blue Screen of Death and the laptop shuts down.  I am also getting the disk check requests when it restarts.  Now I am being logged off of several accounts (Gmail, Facebook, etc...) and have to re-enter passwords (not a big deal but it's definitely not normal)  I ran Malware Antibytes (premium) and it found nothing but the activity continues.  It can be spotty at times.  I can go for days with no issues then all the sudden I get 2 or 3 days of misery.  Any help would be appreciated.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
A separate Reply for each log works best.
 
 
Download BlueScreenView
 
Choose the middle download Download BlueScreenView with full install/uninstall support 
 
Right click and Run As Admin.  Once it installs run it and it should start a scan.
 
When scanning is done, go Edit, Select All.
 
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 

  • 0

#3
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Clicked the first link to the Nirosoft Blue Screen and got this message:

 

Not Found

The requested URL /utils/blue_screen_view.html  was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

 

I will continue with the other requests and post the logs


Edited by ColtsFan18, 07 June 2016 - 02:47 PM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Something added Â to the link.   Try:

http://www.nirsoft.net/utils/blue_screen_view.html

  • 0

#5
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

OK, I'm on it


  • 0

#6
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

The Nirosoft returned nothing.  I'm going to uninstall and reinstall since I got a message saying it may not have installed properly.  In the meantime, here are the other scan logs:

 

Vinos Event Viewer:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/06/2016 3:43:49 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/06/2016 6:55:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 06/06/2016 12:24:08 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 05/06/2016 5:06:25 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/06/2016 6:22:26 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 30/05/2016 12:01:32 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/05/2016 11:54:05 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/05/2016 3:59:25 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/05/2016 3:52:22 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 29/05/2016 3:35:44 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/05/2016 3:39:10 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/05/2016 3:31:10 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/05/2016 2:36:39 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 04/03/2016 9:42:27 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 24/02/2016 1:40:08 AM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device MTP USB Device (location Port_#0001.Hub_#0004) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.
 
Log: 'System' Date/Time: 24/02/2016 1:40:08 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.
 
Log: 'System' Date/Time: 15/01/2016 10:28:01 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/01/2016 5:44:54 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 16/12/2015 11:18:15 PM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device LGE Android MTP Device (location (unknown)) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.
 
Log: 'System' Date/Time: 16/12/2015 11:18:15 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.
 
Log: 'System' Date/Time: 11/10/2015 3:16:45 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/06/2016 7:00:20 PM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
 
Log: 'System' Date/Time: 07/06/2016 6:57:37 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Coupon Printer Service service failed to start due to the following error:  The system cannot find the file specified.
 
Log: 'System' Date/Time: 07/06/2016 6:56:16 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 07/06/2016 6:55:13 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 1:53:23 PM on ?6/?7/?2016 was unexpected.
 
Log: 'System' Date/Time: 06/06/2016 6:11:04 PM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.
 
Log: 'System' Date/Time: 06/06/2016 2:56:46 PM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
 
Log: 'System' Date/Time: 06/06/2016 2:56:36 PM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.
 
Log: 'System' Date/Time: 06/06/2016 2:46:19 PM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.
 
Log: 'System' Date/Time: 06/06/2016 2:46:09 PM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.
 
Log: 'System' Date/Time: 06/06/2016 12:26:45 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Coupon Printer Service service failed to start due to the following error:  The system cannot find the file specified.
 
Log: 'System' Date/Time: 06/06/2016 12:25:32 AM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.
 
Log: 'System' Date/Time: 06/06/2016 12:25:29 AM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.
 
Log: 'System' Date/Time: 06/06/2016 12:25:30 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 06/06/2016 12:24:29 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:23:10 PM on ?6/?5/?2016 was unexpected.
 
Log: 'System' Date/Time: 06/06/2016 12:23:54 AM
Type: Error Category: 2
Event: 55 Source: Ntfs
The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
 
Log: 'System' Date/Time: 05/06/2016 5:16:34 PM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 20.
 
Log: 'System' Date/Time: 05/06/2016 5:08:57 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Coupon Printer Service service failed to start due to the following error:  The system cannot find the file specified.
 
Log: 'System' Date/Time: 05/06/2016 5:07:37 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/06/2016 5:06:32 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 12:00:43 PM on ?6/?5/?2016 was unexpected.
 
Log: 'System' Date/Time: 04/06/2016 9:38:36 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer STEVE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B6751E9-19A8-49B0-B9CF-572485848058}. The master browser is stopping or an election is being forced.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/06/2016 7:00:12 PM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 07/06/2016 6:55:04 PM
Type: Warning Category: 0
Event: 4 Source: k57nd60a
Broadcom NetLink ™ Gigabit Ethernet: The network link is down.  Check to make sure the network cable is properly connected.
 
Log: 'System' Date/Time: 06/06/2016 7:14:30 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 06/06/2016 7:14:30 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.
 
Log: 'System' Date/Time: 06/06/2016 7:00:31 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name play.google.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 06/06/2016 7:00:25 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 06/06/2016 6:58:40 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 06/06/2016 6:11:00 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.PK5001Z timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 06/06/2016 12:25:26 AM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 06/06/2016 12:25:25 AM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 06/06/2016 12:25:24 AM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.
 
Log: 'System' Date/Time: 06/06/2016 12:24:13 AM
Type: Warning Category: 0
Event: 4 Source: k57nd60a
Broadcom NetLink ™ Gigabit Ethernet: The network link is down.  Check to make sure the network cable is properly connected.
 
Log: 'System' Date/Time: 06/06/2016 12:19:57 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name match.rtbidder.net timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/06/2016 5:39:35 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name match.rtbidder.net timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/06/2016 5:26:36 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ans-c1700.cloud.acer.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/06/2016 5:26:05 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/06/2016 5:06:29 PM
Type: Warning Category: 0
Event: 4 Source: k57nd60a
Broadcom NetLink ™ Gigabit Ethernet: The network link is down.  Check to make sure the network cable is properly connected.
 
Log: 'System' Date/Time: 05/06/2016 2:00:06 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.PK5001Z timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/06/2016 2:00:03 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name data-cdn.mbamupdates.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 04/06/2016 11:00:03 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www-c1700.cloud.acer.com timed out after none of the configured DNS servers responded.
 
 
Speccy System Idle Processes:
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
abDocsDllLoaderMonitor.exe 2,244 K 592 K 2036 (Verified) Acer Incorporated
AcerPortal.exe 22,360 K 3,088 K 2424 Acer Portal Acer (Verified) Acer Incorporated
armsvc.exe 1,160 K 200 K 1332 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 21,848 K 17,916 K 5712
BackupManagerTray.exe 4,108 K 5,896 K 3932 Acer Backup Manager NTI Corporation (Verified) NTI Corporation
ccd.exe 28,428 K 5,700 K 2072
CCDMonitorService.exe 2,016 K 1,224 K 1724 CCD Monitor Service Acer Incorporated (Verified) Acer Incorporated
chrome.exe 3,016 K 3,744 K 1260 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 66,112 K 65,892 K 5936 Google Chrome Google Inc. (Verified) Google Inc
conhost.exe 880 K 328 K 1144
conhost.exe 892 K 496 K 2084
CVHSVC.EXE 6,636 K 400 K 4260
dllhost.exe 2,288 K 6,328 K 3328 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
EgisUpdate.exe 3,536 K 992 K 1812 EgisUpdate Release Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
ePowerSvc.exe 2,616 K 2,336 K 1820 ePowerSvc Acer Incorporated (Verified) Acer Incorporated
ETDCtrl.exe 4,808 K 1,560 K 1956 ETD Control Center ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
GREGsvc.exe 928 K 180 K 2160 Global Registration Service Acer Incorporated (Verified) Acer Incorporated
GWX.exe 3,300 K 948 K 4152 GWX Microsoft Corporation (Verified) Microsoft Windows
HeciServer.exe 1,624 K 360 K 2192 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service
hkcmd.exe 2,432 K 1,064 K 1392 hkcmd Module Intel Corporation (Verified) Intel Corporation
igfxext.exe 2,000 K 1,000 K 3500 igfxext Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe 3,408 K 3,352 K 1408 persistence Module Intel Corporation (Verified) Intel Corporation
igfxsrvc.exe 2,608 K 3,432 K 3536 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
Jhi_service.exe 1,560 K 244 K 2248 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
LManager.exe 11,296 K 1,460 K 3948 Launch Manager Dritek System Inc. (Verified) Dritek System Inc.
LMutilps32.exe 1,672 K 528 K 2112
LMworker.exe 5,368 K 664 K 1876
lsm.exe 2,808 K 1,856 K 616
mbamscheduler.exe 4,884 K 4,784 K 2452 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
mbamservice.exe 276,120 K 157,248 K 2772 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
mDNSResponder.exe 2,532 K 2,576 K 1644 Bonjour Service Apple Inc. (Verified) Apple Inc.
MMDx64Fx.exe 2,588 K 1,148 K 3964 MMDx64Fx Application Dritek System Inc. (Verified) Dritek System Inc.
PmmUpdate.exe 3,388 K 896 K 5596 PMM Update Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
procexp.exe 2,188 K 7,240 K 5424 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
RAVCpl64.exe 14,356 K 4,456 K 1940 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
sftlist.exe 5,728 K 2,180 K 3592 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
sftvsa.exe 1,380 K 208 K 3280 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
smss.exe 444 K 196 K 308
svchost.exe 5,208 K 5,676 K 1748 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,456 K 396 K 4464 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,952 K 6,224 K 4080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,416 K 2,300 K 3356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 23,568 K 10,656 K 960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 15,108 K 8,664 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 9,712 K 6,340 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,524 K 2,768 K 5804 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 3,592 K 1,548 K 4500 User Notification Service Intel Corporation (Verified) Intel Corporation
unsecapp.exe 2,032 K 2,280 K 5040 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UpdaterService.exe 1,108 K 688 K 2272 Updater Service Acer Incorporated (Verified) Acer Incorporated
wininit.exe 1,504 K 380 K 532
winlogon.exe 3,020 K 1,660 K 744
wlanext.exe 2,272 K 1,496 K 1136
WmiPrvSE.exe 7,220 K 13,708 K 3616
wmpnetwk.exe 6,736 K 7,412 K 5088 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
HPNetworkCommunicator.exe < 0.01 3,076 K 4,596 K 4688 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
ScanToPCActivationApp.exe < 0.01 5,088 K 5,228 K 2096 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe < 0.01 62,208 K 35,884 K 6124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,228 K 1,772 K 480
svchost.exe < 0.01 122,532 K 118,536 K 3376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IScheduleSvc.exe < 0.01 5,112 K 1,640 K 2820 Backup Manager Module NTI Corporation (Verified) NTI Corporation
taskhost.exe < 0.01 8,664 K 17,588 K 4520
svchost.exe 0.01 11,992 K 10,236 K 280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 13,036 K 5,384 K 1900 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 23,464 K 12,280 K 4316 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.01 5,952 K 7,880 K 608 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 14,344 K 8,068 K 1064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 0.01 9,900 K 6,364 K 1220 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
dsiwmis.exe 0.02 2,064 K 464 K 1776 Dritek WMI Service Dritek System Inc. (Verified) Dritek System Inc.
BackgroundAgent.exe 0.02 21,356 K 2,624 K 3924 Background Agent Acer Incorporated (Verified) Acer Incorporated
ETDCtrlHelper.exe 0.02 3,192 K 968 K 4780
services.exe 0.03 6,604 K 8,056 K 584
svchost.exe 0.03 5,420 K 3,764 K 2136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ePowerTray.exe 0.04 3,640 K 2,888 K 1360 ePowerTray Acer Incorporated (Verified) Acer Incorporated
chrome.exe 0.04 66,340 K 91,828 K 4980 Google Chrome Google Inc. (Verified) Google Inc
WmiApSrv.exe 0.05 1,828 K 5,844 K 4788 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
abDocsDllLoader.exe 0.05 29,552 K 5,824 K 5132 (Verified) Acer Incorporated
IAStorDataMgrSvc.exe 0.05 17,352 K 2,776 K 1636 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
AppleMobileDeviceService.exe 0.05 3,464 K 2,268 K 1624 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 0.06 4,112 K 4,436 K 720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.06 44,976 K 49,976 K 1456 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 0.06 2,636 K 2,040 K 3488 Local Manageability Service Intel Corporation (Verified) Intel Corporation
chrome.exe 0.07 86,160 K 107,076 K 4344 Google Chrome Google Inc. (Verified) Google Inc
ePowerEvent.exe 0.10 1,672 K 604 K 4420
svchost.exe 0.12 5,512 K 4,312 K 844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.14 187,160 K 193,004 K 5184 Google Chrome Google Inc. (Verified) Google Inc
System 0.25 176 K 1,332 K 4
WmiPrvSE.exe 0.39 21,576 K 24,748 K 3744
csrss.exe 0.43 2,764 K 11,968 K 560
mbam.exe 0.47 40,776 K 36,380 K 3056
Speccy64.exe 0.66 13,432 K 28,616 K 5016
Interrupts 0.67 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.76 89,796 K 30,260 K 1428 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 1.96 4,740 K 8,620 K 2120
svchost.exe 1.97 30,472 K 27,876 K 456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 3.85 37,772 K 49,400 K 2640 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 87.55 0 K 24 K 0
 

  • 0

#7
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Reinstalled Nirosoft Blue Screen scanner and right clicked to Run as Administrator and it's not going into a scan.  It's giving me a blank result report with nothing to save and post.  Running second Vino Scan now.


Edited by ColtsFan18, 07 June 2016 - 03:08 PM.

  • 0

#8
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Vino Event Log using APPLICATION option:

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/06/2016 4:10:17 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/06/2016 6:55:40 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 07/06/2016 6:38:33 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 10647131
 
Log: 'Application' Date/Time: 07/06/2016 6:38:33 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 10647131
 
Log: 'Application' Date/Time: 07/06/2016 6:38:33 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 6:38:32 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 10646117
 
Log: 'Application' Date/Time: 07/06/2016 6:38:32 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 10646117
 
Log: 'Application' Date/Time: 07/06/2016 6:38:32 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 6:38:31 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 10645118
 
Log: 'Application' Date/Time: 07/06/2016 6:38:31 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 10645118
 
Log: 'Application' Date/Time: 07/06/2016 6:38:31 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 6:38:30 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 10644120
 
Log: 'Application' Date/Time: 07/06/2016 6:38:30 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 10644120
 
Log: 'Application' Date/Time: 07/06/2016 6:38:30 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 3:41:22 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 16723
 
Log: 'Application' Date/Time: 07/06/2016 3:41:22 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 16723
 
Log: 'Application' Date/Time: 07/06/2016 3:41:22 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 3:41:21 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 15725
 
Log: 'Application' Date/Time: 07/06/2016 3:41:21 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 15725
 
Log: 'Application' Date/Time: 07/06/2016 3:41:21 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second
 
Log: 'Application' Date/Time: 07/06/2016 3:41:20 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 14680
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/06/2016 7:05:37 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 07/06/2016 7:05:37 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 07/06/2016 6:55:36 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E24}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: TAMS-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 07/06/2016 6:55:31 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E24}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 06/06/2016 12:34:43 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 06/06/2016 12:34:43 AM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 06/06/2016 12:24:42 AM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E2C}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: TAMS-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 06/06/2016 12:24:36 AM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=E2C}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 05/06/2016 5:16:56 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 05/06/2016 5:16:56 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 05/06/2016 5:06:55 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=F18}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: TAMS-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 
 
Log: 'Application' Date/Time: 05/06/2016 5:06:52 PM
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=F18}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
 
Log: 'Application' Date/Time: 05/06/2016 3:39:25 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 05/06/2016 3:39:19 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 04/06/2016 5:51:38 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{aa886f50-fa79-11e4-ae2b-dc0ea1aba574}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 04/06/2016 4:15:36 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{aa886f50-fa79-11e4-ae2b-dc0ea1aba574}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 03/06/2016 9:54:04 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{aa886f50-fa79-11e4-ae2b-dc0ea1aba574}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 03/06/2016 6:33:07 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
 
Log: 'Application' Date/Time: 03/06/2016 6:33:07 PM
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
 
Log: 'Application' Date/Time: 03/06/2016 6:23:02 PM
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=E2C}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: TAMS-PC Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command: 

  • 0

#9
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

P.S.  I forgot to complete this step... sorry :)

 

Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) 


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

I don't see Speccy.

 

Since BlueScreenView isn't working.  See if you can get Who Crashed to work:

http://www.resplendence.com/downloads

Then click on Download free home edition 

 

where it says:

 

WhoCrashed 5.51

Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
 
 
Go to the Download Folder and
Right click on the downloaded files and Run As Admin.  Once you agree to the terms and Install it then Finish it should open Who Crashed.  Click on Analyze.  Once it finishes scroll down to the bottom and copy the report and paste it into a reply.

  • 0

Advertisements


#11
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

OK, I'm feeling EXTREMELY stupid here... there is no 'Analyze' button to click.  I'm not a complete moron and can typically figure this stuff out but this time it just aint happening.  I'm sorry to be wasting your time like this :(  I can't even figure out how to post a screenshot of what the window looks like!


Edited by ColtsFan18, 07 June 2016 - 04:05 PM.

  • 0

#12
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

[/URL]">http://th_WhoCrashedScreen.jpg


Edited by ColtsFan18, 07 June 2016 - 04:11 PM.

  • 0

#13
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Speccy:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
abDocsDllLoaderMonitor.exe 2,244 K 592 K 2036 (Verified) Acer Incorporated
AcerPortal.exe 22,360 K 3,088 K 2424 Acer Portal Acer (Verified) Acer Incorporated
armsvc.exe 1,160 K 200 K 1332 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
audiodg.exe 21,848 K 17,916 K 5712
BackupManagerTray.exe 4,108 K 5,896 K 3932 Acer Backup Manager NTI Corporation (Verified) NTI Corporation
ccd.exe 28,428 K 5,700 K 2072
CCDMonitorService.exe 2,016 K 1,224 K 1724 CCD Monitor Service Acer Incorporated (Verified) Acer Incorporated
chrome.exe 3,016 K 3,744 K 1260 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 66,112 K 65,892 K 5936 Google Chrome Google Inc. (Verified) Google Inc
conhost.exe 880 K 328 K 1144
conhost.exe 892 K 496 K 2084
CVHSVC.EXE 6,636 K 400 K 4260
dllhost.exe 2,288 K 6,328 K 3328 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
EgisUpdate.exe 3,536 K 992 K 1812 EgisUpdate Release Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
ePowerSvc.exe 2,616 K 2,336 K 1820 ePowerSvc Acer Incorporated (Verified) Acer Incorporated
ETDCtrl.exe 4,808 K 1,560 K 1956 ETD Control Center ELAN Microelectronics Corp. (Verified) ELAN Microelectronics Corporation
GREGsvc.exe 928 K 180 K 2160 Global Registration Service Acer Incorporated (Verified) Acer Incorporated
GWX.exe 3,300 K 948 K 4152 GWX Microsoft Corporation (Verified) Microsoft Windows
HeciServer.exe 1,624 K 360 K 2192 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service
hkcmd.exe 2,432 K 1,064 K 1392 hkcmd Module Intel Corporation (Verified) Intel Corporation
igfxext.exe 2,000 K 1,000 K 3500 igfxext Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe 3,408 K 3,352 K 1408 persistence Module Intel Corporation (Verified) Intel Corporation
igfxsrvc.exe 2,608 K 3,432 K 3536 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
Jhi_service.exe 1,560 K 244 K 2248 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
LManager.exe 11,296 K 1,460 K 3948 Launch Manager Dritek System Inc. (Verified) Dritek System Inc.
LMutilps32.exe 1,672 K 528 K 2112
LMworker.exe 5,368 K 664 K 1876
lsm.exe 2,808 K 1,856 K 616
mbamscheduler.exe 4,884 K 4,784 K 2452 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
mbamservice.exe 276,120 K 157,248 K 2772 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
mDNSResponder.exe 2,532 K 2,576 K 1644 Bonjour Service Apple Inc. (Verified) Apple Inc.
MMDx64Fx.exe 2,588 K 1,148 K 3964 MMDx64Fx Application Dritek System Inc. (Verified) Dritek System Inc.
PmmUpdate.exe 3,388 K 896 K 5596 PMM Update Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
procexp.exe 2,188 K 7,240 K 5424 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
RAVCpl64.exe 14,356 K 4,456 K 1940 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
sftlist.exe 5,728 K 2,180 K 3592 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
sftvsa.exe 1,380 K 208 K 3280 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
smss.exe 444 K 196 K 308
svchost.exe 5,208 K 5,676 K 1748 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,456 K 396 K 4464 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,952 K 6,224 K 4080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,416 K 2,300 K 3356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 23,568 K 10,656 K 960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 15,108 K 8,664 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 9,712 K 6,340 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,524 K 2,768 K 5804 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
UNS.exe 3,592 K 1,548 K 4500 User Notification Service Intel Corporation (Verified) Intel Corporation
unsecapp.exe 2,032 K 2,280 K 5040 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UpdaterService.exe 1,108 K 688 K 2272 Updater Service Acer Incorporated (Verified) Acer Incorporated
wininit.exe 1,504 K 380 K 532
winlogon.exe 3,020 K 1,660 K 744
wlanext.exe 2,272 K 1,496 K 1136
WmiPrvSE.exe 7,220 K 13,708 K 3616
wmpnetwk.exe 6,736 K 7,412 K 5088 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
HPNetworkCommunicator.exe < 0.01 3,076 K 4,596 K 4688 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
ScanToPCActivationApp.exe < 0.01 5,088 K 5,228 K 2096 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe < 0.01 62,208 K 35,884 K 6124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,228 K 1,772 K 480
svchost.exe < 0.01 122,532 K 118,536 K 3376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IScheduleSvc.exe < 0.01 5,112 K 1,640 K 2820 Backup Manager Module NTI Corporation (Verified) NTI Corporation
taskhost.exe < 0.01 8,664 K 17,588 K 4520
svchost.exe 0.01 11,992 K 10,236 K 280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 13,036 K 5,384 K 1900 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 23,464 K 12,280 K 4316 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.01 5,952 K 7,880 K 608 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 14,344 K 8,068 K 1064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 0.01 9,900 K 6,364 K 1220 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
dsiwmis.exe 0.02 2,064 K 464 K 1776 Dritek WMI Service Dritek System Inc. (Verified) Dritek System Inc.
BackgroundAgent.exe 0.02 21,356 K 2,624 K 3924 Background Agent Acer Incorporated (Verified) Acer Incorporated
ETDCtrlHelper.exe 0.02 3,192 K 968 K 4780
services.exe 0.03 6,604 K 8,056 K 584
svchost.exe 0.03 5,420 K 3,764 K 2136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
ePowerTray.exe 0.04 3,640 K 2,888 K 1360 ePowerTray Acer Incorporated (Verified) Acer Incorporated
chrome.exe 0.04 66,340 K 91,828 K 4980 Google Chrome Google Inc. (Verified) Google Inc
WmiApSrv.exe 0.05 1,828 K 5,844 K 4788 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
abDocsDllLoader.exe 0.05 29,552 K 5,824 K 5132 (Verified) Acer Incorporated
IAStorDataMgrSvc.exe 0.05 17,352 K 2,776 K 1636 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
AppleMobileDeviceService.exe 0.05 3,464 K 2,268 K 1624 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 0.06 4,112 K 4,436 K 720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.06 44,976 K 49,976 K 1456 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 0.06 2,636 K 2,040 K 3488 Local Manageability Service Intel Corporation (Verified) Intel Corporation
chrome.exe 0.07 86,160 K 107,076 K 4344 Google Chrome Google Inc. (Verified) Google Inc
ePowerEvent.exe 0.10 1,672 K 604 K 4420
svchost.exe 0.12 5,512 K 4,312 K 844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.14 187,160 K 193,004 K 5184 Google Chrome Google Inc. (Verified) Google Inc
System 0.25 176 K 1,332 K 4
WmiPrvSE.exe 0.39 21,576 K 24,748 K 3744
csrss.exe 0.43 2,764 K 11,968 K 560
mbam.exe 0.47 40,776 K 36,380 K 3056
Speccy64.exe 0.66 13,432 K 28,616 K 5016
Interrupts 0.67 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.76 89,796 K 30,260 K 1428 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 1.96 4,740 K 8,620 K 2120
svchost.exe 1.97 30,472 K 27,876 K 456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 3.85 37,772 K 49,400 K 2640 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 87.55 0 K 24 K 0

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

That's not WhoCrashed.  That's a Registry Manager of some sort.  I expect you got suckered by an ad.  I use AdBlock Plus = adblockplus.org so I never see the ads.

 

The download should be called:  whocrashedsetup.exe

 

The program looks like this when it runs:

 

who.jpg

 

If you can't get it to work don't worry about.  Just get the speccy log for me.  Your VEW logs imply either a failing harddrive, bad RAM or overheating.  Speccy will tell me which.

 

 


  • 0

#15
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

GAHHH!!!!  OK, that makes sense now.  I'm gonna get that crap off the machine and go download the right program.

 

Speccy log is just above your last post


  • 0






Similar Topics


Also tagged with one or more of these keywords: BSOD, Shockwave, Crashes

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP