Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HDD always spinning and Win Update failing


  • Please log in to reply
4 replies to this topic

#1 Scooter185

Scooter185

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 12:34 PM

Hey all, i'm having an issue where my HDD is always 100% active. Resource Monitor shows System taking up a lot of R/W time,  but also "FullImagingService.exe". There's almost no cpu usage and memory usage is normal, booting up is fine and it doesn't start it's 100% activity until after I'm at my desktop. The problem doesn't happen in safe mode, and i've turned off services like superfetch and indexing to try and narrow down the problem. I've ran Hitman Pro, Malware Bytes, Trend Micro, and CCleaner to check for virus issues. My PC was normal for about 24 hours and then the problem started right back up. 

 

I don't know if this problem is a cause, a symptom, or unrelated, but all my windows updates fail. I stopped and restarted the WU service to no avail. 

 

This has me really scratching my head,  on top of making my PC close to unusable. 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:31 PM

Posted 23 February 2016 - 01:06 PM

1.  Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
2.  Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download.  
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
Louis
 


#3 Scooter185

Scooter185
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 02:26 PM

here's the MTB report
 
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by HOME (administrator) on 23-02-2016 at 14:21:35
Running from "C:\Users\HOME\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: h8-1114 Manufacturer: Hewlett-Packard
Boot Mode: Network
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/23/2016 12:40:05 AM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/22/2016 03:57:17 PM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/21/2016 12:14:07 PM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/21/2016 02:48:24 AM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/16/2016 05:00:54 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location L:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (02/16/2016 03:03:13 PM) (Source: Microsoft-Windows-RestartManager) (User: HOME-HP)
Description: Application or service 'Apple Mobile Device' could not be restarted.
 
Error: (02/15/2016 09:30:12 PM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/15/2016 05:22:27 PM) (Source: MsiInstaller) (User: HOME-HP)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
 
Error: (02/15/2016 04:32:23 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000204,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000109EF50.72).  hr = 0x80070005, Access is denied.
.
 
Error: (02/15/2016 04:32:23 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f4,(null),0,REG_BINARY,0000000002C5E100.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9673342d-5180-4fa6-88f3-0aabdd60269a}
 
 
System errors:
=============
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:20:01 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:19:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:19:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:19:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/23/2016 02:19:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (02/23/2016 12:40:05 AM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/22/2016 03:57:17 PM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/21/2016 12:14:07 PM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/21/2016 02:48:24 AM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/16/2016 05:00:54 PM) (Source: Windows Backup)(User: )
Description: L:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (02/16/2016 03:03:13 PM) (Source: Microsoft-Windows-RestartManager)(User: HOME-HP)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217826080
 
Error: (02/15/2016 09:30:12 PM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/15/2016 05:22:27 PM) (Source: MsiInstaller)(User: HOME-HP)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 
Error: (02/15/2016 04:32:23 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000204,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000109EF50.72)0x80070005, Access is denied.
 
Error: (02/15/2016 04:32:23 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000002f4,(null),0,REG_BINARY,0000000002C5E100.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9673342d-5180-4fa6-88f3-0aabdd60269a}
 
 
=========================== Installed Programs ============================
 
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - )
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
ATI AVIVO64 Codecs (HKLM\...\{197985EE-73F2-B182-6AEB-21926621ED5D}) (Version: 11.6.0.10112 - ATI Technologies Inc.) Hidden
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8200 - Broadcom Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - )
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
calibre 64bit (HKLM\...\{2FEC02BA-05D2-459C-ADA9-10BC09C394CA}) (Version: 1.5.0 - Kovid Goyal)
Call of Duty - United Offensive (HKLM-x32\...\{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty - United Offensive (HKLM-x32\...\InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Activision)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC)
Clickfree Easy Image (HKLM-x32\...\Clickfree Easy Image) (Version:  - Storage Appliance Corp.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Coupons.com Toolbar (HKLM-x32\...\Coupons.com Toolbar) (Version: 6.6.0.19 - Coupons.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.03 - NCH Software)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Delver (HKLM-x32\...\Steam App 249630) (Version:  - Chad Alan Cuddigan)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Duke Nukem Forever (HKLM-x32\...\Steam App 57900) (Version:  - Gearbox Software)
Eufloria (HKLM-x32\...\Steam App 41210) (Version:  - )
Eufloria HD (HKLM-x32\...\Steam App 221180) (Version:  - Rudolf Kremers & Alex May)
Europa Universalis: Rome - Gold Edition (HKLM-x32\...\Steam App 23420) (Version:  - Paradox Interactive)
Europa Universalis: Rome - Vae Victis (HKLM-x32\...\Steam App 23440) (Version:  - Paradox Interactive )
EverQuest II (HKLM-x32\...\Steam App 201230) (Version:  - Sony Online Entertainment)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Bethesda Softworks)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Garmin Communicator Plugin (HKLM-x32\...\{17079027-EB8A-42C6-9BF8-825B78889F6A}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Godus (HKLM-x32\...\Steam App 232810) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - )
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - Eidos)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version:  - Eidos)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.256 - SurfRight B.V.)
HP ENVY 5530 series Basic Device Software (HKLM\...\{CE838BCA-A2CA-4E8E-88C3-C2D4ECA150D1}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{F6130A03-30EE-D4AD-63C8-E90F422C76C5}) (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Interlinear Scripture Analyzer 2 basic (HKLM\...\{C8F753CF-C578-4138-A870-33149B689FFD}) (Version: 2.1.5.0 - Scripture4all Foundation)
ISA 2 - CLV module 1.2.0 (HKLM\...\{0915922B-7D64-4063-A8F4-312B7B9FDC3D}) (Version: 1.2.0 - Scripture4All Foundation)
ISA 2.0 - YLT module 1.2.1 (HKLM-x32\...\ISA 2.0 - YLT module) (Version: 1.2.1 - Scripture4all.org)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Krater (HKLM-x32\...\Steam App 42170) (Version:  - )
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - )
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version:  - Vlambeer)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MotioninJoy ds3 driver version 0.6.0001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
Mozilla Firefox 21.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 en-US)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
My Game Long Name (HKLM\...\UDK-98c8042c-667a-470e-92a1-798085fdc2d4) (Version:  - Epic Games, Inc.)
Nexuiz (HKLM-x32\...\Steam App 96800) (Version:  - IllFonic)
Noir Syndrome (HKLM-x32\...\Steam App 299780) (Version:  - Dave Gedarovich)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.68 (HKLM-x32\...\Opera 35.0.2066.68) (Version: 35.0.2066.68 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
ORION: Dino Beatdown (HKLM-x32\...\Steam App 104900) (Version:  - )
Out of the Park Baseball 14 (HKLM-x32\...\Steam App 263840) (Version:  - Out of the Park Developments)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Parallax (HKLM-x32\...\Steam App 325060) (Version:  - Toasty Games)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - Overkill)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.25 - NCH Software)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Product Improvement Study for HP ENVY 5530 series (HKLM\...\{693E1B07-E7A7-4744-9B06-DBDFEED23704}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version:  - Airtight Games)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - )
realMyst: Masterpiece Edition (HKLM-x32\...\Steam App 244430) (Version:  - Cyan)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Reus (HKLM-x32\...\Steam App 222730) (Version:  - )
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
rFactor2 (HKLM-x32\...\rFactor2) (Version:  - )
Rhythm Destruction (HKLM-x32\...\Steam App 301540) (Version:  - Curious Panda Games)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - )
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Sideway (HKLM-x32\...\Steam App 200190) (Version:  - )
Sigil 0.7.3 (HKLM-x32\...\Sigil_is1) (Version:  - John Schember)
Simraceway 28.83 (HKLM-x32\...\Simraceway) (Version: 28.83 - Simraceway)
SmallBall (HKLM-x32\...\SmallBall) (Version:  - )
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spotify (HKCU\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
Swords and Soldiers HD (HKLM-x32\...\Steam App 63500) (Version:  - Ronimo Games)
Symphony (HKLM-x32\...\Steam App 207750) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding Of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Bridge (HKLM-x32\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Talos Principle Public Test (HKLM-x32\...\Steam App 330710) (Version:  - Croteam)
TinyTake by MangoApps (32 bit) (HKLM-x32\...\{603B12DE-D438-4E4E-AB3A-807D0AFAC3BF}) (Version: 2.4.2.0 - MangoApps) Hidden
TinyTake by MangoApps (HKLM-x32\...\{ab176da3-812c-4a0f-9be0-9ad8fe46a9be}) (Version: 2.4.2.0 - MangoApps)
Tobe's Vertical Adventure (HKLM-x32\...\Steam App 105700) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trend Micro DirectPass (HKLM\...\{F059D68A-2911-4ea7-BA2B-3FBF2DD9D1CB}) (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.) Hidden
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.1.0 - UltraDefrag Development Team)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - )
Unmechanical (HKLM-x32\...\Steam App 211180) (Version:  - )
VCRT for DirectPass x64 (HKLM\...\{92124FFB-5113-4D64-A6BA-7D6D362A6265}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x64 (HKLM\...\{E9EC941D-16E5-46FD-AB44-928ED7839CCC}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{44334193-827E-47B4-AB2A-E49F2A102E21}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{FD45B178-B1C1-4D2A-B8C8-CD7B4F687F1C}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
VUE 3.2.2 (HKLM-x32\...\VUE) (Version: 3.2.2 - Tufts University)
Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version:  - )
Wasteland Angel (HKLM-x32\...\Steam App 46520) (Version:  - )
Watchtower Library 2013 - English (HKLM-x32\...\{004E8ED2-315C-4473-A934-032D5D7B3A02}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Waves (HKLM-x32\...\Steam App 107600) (Version:  - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )
Xotic (HKLM-x32\...\Steam App 92600) (Version:  - )
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version:  - Spacejock Software)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic! Team)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 17%
Total physical RAM: 8174.53 MB
Available physical RAM: 6746.53 MB
Total Virtual: 16347.26 MB
Available Virtual: 14919.88 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:919.17 GB) (Free:481.63 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.25 GB) (Free:1.5 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\HOME-HP
 
Administrator            Guest                    HOME                     
 
 
**** End of log ****
 
and speccy:
 

Edited by Scooter185, 23 February 2016 - 02:33 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:31 PM

Posted 23 February 2016 - 07:36 PM

Moved from Win 7 to Am I Infected based on summary reflecting fullimagingservice as possible malware.

 

Louis



#5 Scooter185

Scooter185
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 10:09 PM

so, with the move in forums i will add this update:

 

i disabled the fullimagingservice exe in the services.msc, and my HDD is back to running normal.Or it was until I opened the Win Update window, attempting an update saw usage spike to 100% again until I ran 'net stop WUAUSERV 'is the terminal.

 

so now I guess what else do I do about this probable malware exe






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users