Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No access to SFC log in C:Windows\Logs\CBS\CBS.log and more


  • Please log in to reply
102 replies to this topic

#1 jackiemarie

jackiemarie

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 07 July 2015 - 08:12 PM

OK, it's becoming a long story at this point, but suffice to say, this laptop has been slowing considerably (taking 20-30 seconds to load a webpage in either Chrome or IE) and doing other flaky things for about a month now. 

 

Today, IE simply wouldn't load webpages, and I checked Event Viewer which showed nothing but red circle errors and gold triangle warnings.  One of the entries said VSS was denied access to the root of the Volume etc, and the Windows link gave instructions about VSS, but I'm not confident enough to attempt command prompt. Event Viewer is a sea of errors and warnings, but I can't remember how to upload that info.

 

I tried to Restore to an earlier restore point three times; the third time I tried to restore to a System automatic restore point on July 1st.  I got the same error all three times;  System Restore couldn't access a file and the restore wasn't successfully completed - error 0x80070005.  I then did SFC /scannow; it took about 10 minutes and said there were corrupt files it couldn't fix and I could see the log of the scan at C:\Windows\Logs\CBS\CBS.log.  At this location I clicked on the Notepad log dated 7/7/15, and it's blank with the proverbial "Access denied" notification.  I right-clicked, made sure that System, Local Service, Administrator, and Users (nowfaith-HP)\Users all had full access to this file and subs, but it still wouldn't display the log.  I checked the permissions and it says that all have full permission.  I gave full access and permission to the Logs folder, the CBS folder etc.

 

There's been no new programs downloaded, no new software, I don't do gaming, (did uninstall avast free and add EAM around June 9th).

 

May I have some direction as to what to do next?  

 

Thanks in advance.

Jackiemarie


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,404 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:46 PM

Posted 08 July 2015 - 06:35 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 06:59 AM

The MiniToolBar result is posted, but a question please.   Speccy64 report is in post following this one.
 
MiniToolBox by Farbar  Version: 01-07-2015
Ran by nowfaith (administrator) on 08-07-2015 at 08:22:53
Running from "C:\Users\nowfaith\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP Pavilion g7 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/08/2015 07:03:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:51:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:51:36 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (b4 NPAPI adj). Additional information: 0x80070005.
 
Error: (07/07/2015 03:45:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:44:58 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0x80070005.
 
Error: (07/07/2015 03:36:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:36:35 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0x80070005.
 
Error: (07/07/2015 01:42:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:51:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:18:01 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1810
Start Time: 01d0b8c7ea11b6cb
Termination Time: 33
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
 
System errors:
=============
Error: (07/08/2015 07:04:19 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/08/2015 07:02:52 AM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.
 
Error: (07/08/2015 07:02:52 AM) (Source: Service Control Manager) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
 
Error: (07/07/2015 05:41:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (07/07/2015 04:58:29 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/07/2015 04:58:29 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/07/2015 04:58:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/07/2015 04:58:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/07/2015 04:58:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (07/07/2015 04:58:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Microsoft Office Sessions:
=========================
Error: (07/08/2015 07:03:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:51:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:51:36 PM) (Source: System Restore)(User: )
Description: b4 NPAPI adj0x80070005
 
Error: (07/07/2015 03:45:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:44:58 PM) (Source: System Restore)(User: )
Description: Scheduled Checkpoint0x80070005
 
Error: (07/07/2015 03:36:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 03:36:35 PM) (Source: System Restore)(User: )
Description: Scheduled Checkpoint0x80070005
 
Error: (07/07/2015 01:42:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:51:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/07/2015 11:18:01 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17840181001d0b8c7ea11b6cb33C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-15 19:02:12.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-15 18:52:43.624
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe because the set of per-page image hashes could not be found on the system.
 
=========================== Installed Programs ============================
4500_G510nz_Help (HKLM-x32\...\{690879A5-18EF-447B-98D6-B699D51008AB}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (HKLM-x32\...\{5B05FF91-F20C-4832-A8DE-E1912639C17C}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (HKLM-x32\...\{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.139 - AuthenTec, Inc.) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-0fb78b17-33dd-4f01-921f-e7b582e57496) (Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WTA-de03069c-7636-4b58-acb6-a993eaaf1f81) (Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-1294232e-5d53-4dda-9c85-dc96e30f5f0b) (Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-cf50aa26-b1f0-42c0-9195-f024a7e11b29) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DocMgr (HKLM-x32\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-94ab8d8a-33b3-4f5c-9948-3dbda2b40fd0) (Version: 2.2.0.95 - WildTangent) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-43922a3d-4fc6-4b7e-bcb4-c0e91794aa2e) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-23929246-54a7-4aa2-8d95-c5e1943f4097) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-e707aeec-d578-4e4a-82bd-49a73f2e6c3f) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-aef240cc-6248-4a38-b6c2-24e6297240ba) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-3906e7a5-9705-49d0-a1dd-5addf4915de2) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-ff971db7-0a8b-449f-86b5-075eb5288d97) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-7f1420b0-c542-4fe2-91d9-2fecad0e1e93) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-48ca0b6a-88e4-4a82-bff9-1bbb4434ddda) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-af026e11-5bad-45a9-a519-774518dcc195) (Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (HKLM-x32\...\WTA-bd059a34-8d14-4e7e-9d83-4f278e077763) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-40d4eb6c-a47e-4faf-b345-decff69d0baa) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (HKLM-x32\...\WTA-f55141d6-84e4-4f71-8f8e-a1d36c425ff2) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-a17f5b3e-82a4-42c2-8972-46ba7d3d019a) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-b0e5cd09-8b67-4262-b34d-6b2af29328d2) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-96556fdd-b466-4caa-8054-981f9047f2c9) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-f0c6e8f5-dba3-445d-9d69-675a85b0c58e) (Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-70bdb47a-bfb3-4f7a-a7ad-3f2da8f52362) (Version: 2.2.0.98 - WildTangent) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM-x32\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-86414a45-e649-4e73-9b6c-1f7708f270e7) (Version: 2.2.0.98 - WildTangent) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (HKLM-x32\...\WTA-37dd1031-c97c-4c44-856e-2007cf8cdb53) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VIP Access SDK (1.1.0.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.1.0.4 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-91a83c29-1945-4e45-bb19-020d73d2cc53) (Version: 2.2.0.98 - WildTangent) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-2deee181-8954-4c86-ba12-318ead1cc2e7) (Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Memory info: ===================================
Percentage of memory in use: 34%
Total physical RAM: 6091.86 MB
Available physical RAM: 3984.29 MB
Total Virtual: 12181.93 MB
Available Virtual: 9429.16 MB
 
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:674.41 GB) (Free:586.27 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:20.06 GB) (Free:2.17 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.07 GB) FAT32
 
========================= Users: ========================================
User accounts for \\NOWFAITH-HP
 
Administrator            Guest                    nowfaith                 
 
**** End of log ****
 
Speccy64 report:  http://speccy.piriform.com/results/0xSL6swNn5r5cSNzBRtOBlq
 
Mod Edit:  Merged posts - Hamluis.

Edited by hamluis, 08 July 2015 - 08:18 AM.

EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 08:09 AM

Hi jackiemarie :)

For the CBS.log, you need to open Notepad with Admin Rights first (right-click on Notepad and select Run as Administrator), then click on the File menu, select Open and navigate to the CBS.log to open it.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,404 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:46 PM

Posted 08 July 2015 - 08:21 AM

The driver controller errors above...may account for anything noted via the CBS log...I would look at the SMART data for the hard drive before pursuing any log or other errors.

 

Louis



#6 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 08:41 AM

The driver controller errors above...may account for anything noted via the CBS log...I would look at the SMART data for the hard drive before pursuing any log or other errors.

 

Louis

 

I finally opened it, but for me, the CBS log is gibberish; I have no knowledge to understand any of it.

 

I googled SMART data but what tool would be used?

 

I guess it's in the MiniTool report, but please show me the "driver controller errors" so I can learn.

 

Is Speccy report OK?


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 08:57 AM

A Speccy report is good, but not that accurate. If I may Louis, I would like to propose jackiemarie to use GSmartControl to check the SMART status of the drive :)

JcJ91sx.pngGSmartControl
Follow the instructions below to test your hard drive health with GSmartControl:
  • Download GSmartControl and save it on your Desktop;
  • Extract the content of the GSmartControl .zip archive and execute gsmartcontrol.exe;
  • Identify your drive in the list, and double-click on it to bring up it's window (usually you'll find your drive by it's size or it's brand name);
  • Go in the Perform Tests tab, then select Extended Self-test in the Test type drop-down list and click on Execute (this test can take a few hours to complete);
  • Once the test is over, the results will be displayed at the bottom of the window. Please copy and paste these results in your next reply;
  • Also, go in the Attributes tab and if you have any entries highlighted in red or pink, copy and paste their name in your next reply (or take a screenshot of the GSmartControl window and attach it in your next reply);
    info_failing.png
And you can upload the CBS.log on Dropbox, OneDrive or GoogleDrive and post the download URL here so me and/or Louis can take a look at it.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 10:31 AM

That took some time as I had to read about OneDrive, set it up, and hopefully this is the link to the CBS log.

https://onedrive.live.com/redir?resid=1E35B0195073920A!192&authkey=!AFiJ1Sa3pzz4HMg&ithint=file%2clog

 

I will download the GSmart Control and perform the test as suggested.

 

Please send an instruction as to how to post a screenshot to this topic - or I guess OneDrive could be used?

 

Also, be aware that I do system image backups onto a Western Digital My Passport external hard drive about once a month.  Not sure how to use it but they are on the WD.

 

I'll wait a few minutes before starting the HD test to see if you have any remarks after looking at the CBS log.

 

Thank you for your assistance.


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 10:45 AM

The only errors I can see in the CBS.log are the ones related to the KB3022345. SFC falsely reports these files as corrupted. Microsoft says that they'll address this issue in a future update. If you decide to fix them (even if you don't fix them, it won't affect anything on your system), here's how to proceed:

http://thetechcookbook.com/windows-7-update-kb3022345-causing-corrupt-files/

And here's the instructions on how to post screenshots here.

mq1pzD6.pngHow to take a screenshot using the Snipping Tool
Follow the instructions below to take a screenshot using Windows' Snipping Tool:
  • Press on the Win Key + R to open the Run box;
  • Enter SnippingTool and press on Enter;
  • The Snipping Tool will open, asking you to choose the area to take in the screenshot;
  • Left click on the area where you want to start the screenshot, keep it, and drag the cursor across the screen;
  • Once done, release the left button to take the screenshot;
  • In the editing window, click on the File menu then Save As;
  • Save the screenshot in a folder that you can access easily;
  • Attaching the screenshot in your reply
    • Go in your thread and click on the Reply to this topic button in the top-right corner;
      85hPFGu.png
    • Below the text box you'll have the option to Attach files. Click on the Choose Files... button, navigate to your screenshot and select it;
      LKVBzF7.png
    • Once done, add a comment to your reply and post it;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 11:16 AM

A couple of things explained please -

 

1.  If you see no problems or glaring errors, why is the laptop progressively slowing (to a halt sometimes) and doing so many un-ordinary things?  Why doesn't System Restore work?  Are the "driver controller errors" that hamluis noted in post #6 what you refer to about KB3022345, or are there other errors/corruption?  

 

I apologize for being so unlearned technically.

 

2.  I will not "fix" the KB3022345 errors since you say SFC falsely reports corruption, and it makes no difference to the system.

 

3.  I did a regular screenshot last night on Word Starter 10 but BP said it didn't allow that kind of upload. I use the Snipping Tool all the time; that's great that it can be uploaded to a post.


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 11:19 AM

Maybe because you tried to upload a .doc (or .docx) file which isn't allowed on BleepingComputer as far as I know. And Louis already stated that the hard drive might be failing, hence why it could become progressively slow. Running GSmartControl and giving my the results will allow me to see if it's indeed failing or not.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 11:26 AM

Thanks, I will run the GSmartControl now.


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#13 jackiemarie

jackiemarie
  • Topic Starter

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:46 PM

Posted 08 July 2015 - 11:51 AM

Can I continue to use the laptop while the Extended Self Test is being performed?


EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 11:53 AM

You can continue to use it, yes. It might just slow you down a bit, but it should still be usable.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 YeahBleeping

YeahBleeping

  • Members
  • 1,258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 08 July 2015 - 12:45 PM

Looks to me like the Hard drive is failing.
 
BB
Attribute name: 
Reported Uncorrectable Errors
Real value: 
395,168,907,264
Current: 
100
Worst: 
100
Threshold: 
0
Raw Value: 
0001E70000
Status: 
Good
 
BC
Attribute name: 
Command Timeout
Real value: 
2,359,313
Current: 
100
Worst: 
99
Threshold: 
0
Raw Value: 
0000240011
Status: 
Good
 
BE
Attribute name: 
Temperature Difference from 100
Real value: 
32 °C
Current: 
68
Worst: 
51
Threshold: 
45
Raw Value: 
0015210020
Status: 
Good





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users