Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    TrickBot Banking Trojan Starts Stealing Windows Problem History

Featured Deal: Get 97% off The Complete C# Programming Bundle: Lifetime Access Bundle

Photo

Help Please, computer running painfully slow...here are MTB content & Speccy

Started by funlover , Apr 14 2018 07:45 PM

  • Please log in to reply
2 replies to this topic

#1 funlover

funlover

  • Members
  • 180 posts
  • OFFLINE
    •  
  • Gender:Female
  • Local time:02:10 AM

Posted 14 April 2018 - 07:45 PM

I would sure appreciate any help and thanks in advance.
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Helen (administrator) on 14-04-2018 at 19:26:25
Running from "M:\Downloads"
Microsoft Windows 7 Home Premium   (X64)
Model: EP45-UD3P Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/14/2018 10:09:59 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.  This is often caused by incorrect security settings in either the writer or requestor process.
Operation:    Gathering Writer Data
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4c65f331-5b24-4b33-b03d-0280b1a9d0e5}
 
Error: (04/14/2018 10:09:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: ISUSPM.exe, version: 13.6.0.62600, time stamp: 0x51c870cd
Faulting module name: ISUSPM.exe, version: 13.6.0.62600, time stamp: 0x51c870cd
Exception code: 0xc0000005
Fault offset: 0x0000ad3b
Faulting process id: 0x1024
Faulting application start time: 0xISUSPM.exe0
Faulting application path: ISUSPM.exe1
Faulting module path: ISUSPM.exe2
Report Id: ISUSPM.exe3
 
Error: (04/14/2018 10:04:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/08/2018 12:08:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: dgnria_nmhost.exe, version: 14.0.0.180, time stamp: 0x55d8b593
Faulting module name: ole32.dll, version: 6.1.7601.24000, time stamp: 0x5a499637
Exception code: 0xc0000005
Fault offset: 0x0003bafc
Faulting process id: 0x165c
Faulting application start time: 0xdgnria_nmhost.exe0
Faulting application path: dgnria_nmhost.exe1
Faulting module path: dgnria_nmhost.exe2
Report Id: dgnria_nmhost.exe3
 
Error: (04/04/2018 04:27:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/03/2018 09:59:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: AAM Updates Notifier.exe, version: 9.0.0.281, time stamp: 0x5776ade0
Faulting module name: UpdaterCore.dll, version: 9.0.0.30, time stamp: 0x5773799f
Exception code: 0xc0000005
Fault offset: 0x0006287e
Faulting process id: 0x1a34
Faulting application start time: 0xAAM Updates Notifier.exe0
Faulting application path: AAM Updates Notifier.exe1
Faulting module path: AAM Updates Notifier.exe2
Report Id: AAM Updates Notifier.exe3
 
Error: (04/03/2018 09:49:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2496
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2496
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
System errors:
=============
Error: (04/14/2018 06:40:18 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (04/14/2018 02:54:49 PM) (Source: DCOM) (User: )
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 
Error: (04/14/2018 12:33:38 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: %%1275 = This driver has been blocked from loading
 
Error: (04/14/2018 12:33:38 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Helen\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (04/14/2018 12:33:37 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: %%1275 = This driver has been blocked from loading
 
Error: (04/14/2018 12:33:37 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Helen\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (04/14/2018 12:33:37 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: %%1275 = This driver has been blocked from loading
 
Error: (04/14/2018 12:33:37 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Helen\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (04/14/2018 12:33:37 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: %%1275 = This driver has been blocked from loading
 
Error: (04/14/2018 12:33:37 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\Helen\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Microsoft Office Sessions:
=========================
Error: (04/14/2018 10:09:59 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
Operation:    Gathering Writer Data
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4c65f331-5b24-4b33-b03d-0280b1a9d0e5}
 
Error: (04/14/2018 10:09:57 AM) (Source: Application Error)(User: )
Description: ISUSPM.exe13.6.0.6260051c870cdISUSPM.exe13.6.0.6260051c870cdc00000050000ad3b1024 01d3d 401f5d65a17C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exee47b49a7-3ff5-11e8-854d-001fd0811605
 
Error: (04/14/2018 10:04:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/08/2018 12:08:33 PM) (Source: Application Error)(User: )
Description: dgnria_nmhost.exe14.0.0.18055d8b593ole32.dll6.1.7601.240005a499637c00000050003bafc16 5c01d3cc5c525c5d43C:\Program Files (x86)\Nuance\NaturallySpeaking14\Program\dgnria_nmhost.exeC:\Windows\syswow64\ole32.dll775f26f4-3b4f-11e8-8878-001fd0811605
 
Error: (04/04/2018 04:27:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/03/2018 09:59:58 AM) (Source: Application Error)(User: )
Description: AAM Updates Notifier.exe9.0.0.2815776ade0UpdaterCore.dll9.0.0.305773799fc00000050006287e 1a3401 d3cb5c6b62ee53C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dllaccc029e-374f-11e8-8c1a-001fd0811605
 
Error: (04/03/2018 09:49:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2496
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2496
 
Error: (03/29/2018 09:36:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
CodeIntegrity Errors:
===================================
  Date: 2016-08-30 19:32:28.497
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CMIAINFO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-08-30 19:32:28.407
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CMIAINFO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-08-30 19:32:28.337
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CMIAINFO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-08-30 19:32:28.257
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CMIAINFO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-07 03:05:39.145
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-07 03:05:39.129
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-07 03:05:39.129
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-07 03:05:39.129
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-07 03:05:39.067
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-08-07 03:05:39.051
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume5\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
=========================== Installed Programs ============================
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (HKLM\...\{4016464A-0C3E-4070-8293-5D7F0D8EAE3A}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Affinity Photo Trial (HKLM\...\{B1F576EB-663E-4661-ABA5-2603A4E01AA1}) (Version: 1.5.2.69 - Serif (Europe) Ltd)
AOMEI Backupper Standard Edition 2.8 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borland Database Engine 5.1.1.1 (HKLM-x32\...\Borland Database Engine_is1) (Version:  - Home Plan Software)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Pro9000 II series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_Pro9000_II_series) (Version:  - Canon Inc.)
Canon Pro9000 Mark II series User Registration (HKLM-x32\...\Canon Pro9000 Mark II series User Registration) (Version:  - )
Canon Setup Utility 2.4 (HKLM-x32\...\Canon Setup Utility 2.4) (Version:  - )
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Corel AfterShot Pro 3 - HDR x64 (HKLM\...\{2B482BD8-191A-4D79-8E8B-10AB97176A34}) (Version: 3.0 - Corel Corporation) Hidden
Corel AfterShot Pro 3 - ICA x64 (HKLM\...\{B75B59C9-4E9F-4632-B70E-80A62BD91EA2}) (Version: 3.3 - Corel Corporation) Hidden
Corel AfterShot Pro 3 - IPM Content x64 (HKLM\...\{85082869-BCD7-40ED-A119-DBA8A78C460F}) (Version: 3.3 - Corel Corporation) Hidden
Corel AfterShot Pro 3 - IPM x64 (HKLM\...\{135781FB-026A-4164-838C-0C447783C32B}) (Version: 3.3.0.234 - Corel Corporation) Hidden
Corel AfterShot Pro 3 x64 (HKLM\...\{CBA696FE-D892-4B34-AFD8-6E31FA6076CE}) (Version: 3.3 - Corel Corporation) Hidden
Corel AfterShot Pro 3(64-bit) (HKLM\...\_{B75B59C9-4E9F-4632-B70E-80A62BD91EA2}) (Version: 3.3.0.234 - Corel Corporation)
Corel Update Manager (HKLM\...\{95841B8F-1C5A-45A7-BACF-0D5DA1D2090D}) (Version: 2.7.355 - Corel corporation) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dragon 14 (HKLM-x32\...\{FEAB6184-0560-4EBF-A26B-C3F2B11FE9E1}) (Version: 14.00.000 - Nuance Communications Inc.)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
DuckCapture Standard 2.7 (HKLM-x32\...\DuckCapture_is1) (Version: 2.7 - DuckLink)
DupeRAZOR 3.3 (HKLM-x32\...\DupeRAZOR - Duplicate Files Removal Kit_is1) (Version:  - Urban Twilight Studios)
EaseUS Todo Backup Free 8.3  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Mail Plus version 2.3.6.1 (HKLM-x32\...\EasyMailPlusID_is1) (Version:  - Home Plan Software)
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Elements 9 Organizer (HKLM-x32\...\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (HKLM-x32\...\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
FastStone Photo Resizer 3.5 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.5 - FastStone Soft.)
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 2.5 - Blue Labs, LLC)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 2.2.0 - Blue Labs, LLC)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
H&R Block Illinois 2014 (HKLM-x32\...\{1B7D02B3-464B-4870-83AF-9FC76A8C8554}) (Version: 1.14.2701 - HRB Technology, LLC.)
H&R Block Illinois 2015 (HKLM-x32\...\{D9D79A09-5B0D-45DB-852D-9DDA1BDB1F8F}) (Version: 1.15.3701 - HRB Technology, LLC.)
H&R Block Premium + Efile + State 2014 (HKLM-x32\...\{CDB1D329-A168-427D-837C-2075CDD3DC62}) (Version: 14.07.7401 - HRB Technology, LLC.)
H&R Block Premium + Efile + State 2015 (HKLM-x32\...\{388CC13F-FAC4-4D3E-83BF-C849E5D4552A}) (Version: 15.07.7401 - HRB Technology, LLC.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KLS Mail Backup 1.9.7.8 (HKLM-x32\...\KLS Mail Backup_is1) (Version:  - KirySoft)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Legacy 7.5 (HKLM-x32\...\Legacy 7.5) (Version: 7.5  - Millennia Corporation)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LogmeOnce (HKLM-x32\...\{290B0BCF-B778-487B-A31E-BEE82BD88D17}) (Version: 5.0.0 - LogmeOnce) Hidden
Macrium Reflect Free Edition (HKLM\...\{F2C3E5F6-35A4-4E9D-BD14-7A93E3EF85EF}) (Version: 6.1.1000 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
MailStore Home 8.1.0.9075 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.1.0.9075 - MailStore Software GmbH)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Works 7.0 (HKLM-x32\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0808 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: 15.0s - )
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version:  - )
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
PRE12 STI 64Installer (HKLM-x32\...\{06934A7E-D27F-4C5C-9D93-9715E274D736}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Punch! Super Home Suite (HKLM-x32\...\Punch! Super Home Suite) (Version:  - )
Q-Dir (HKLM\...\Q-Dir) (Version:  - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee version 4.2 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.2 - rawtherapee.com)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RootsMagic 4.1.2.1 (HKLM-x32\...\{049D96D7-E082-4FB5-BF64-CD3460E6877C}_is1) (Version:  - RootsMagic, Inc.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: 15.3.7.9 - Verizon)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VueScan (HKLM\...\VueScan) (Version:  - )
WhoCrashed 5.51 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
 
========================= Memory info: ===================================
Percentage of memory in use: 57%
Total physical RAM: 8190.3 MB
Available physical RAM: 3515.89 MB
Total Virtual: 16378.78 MB
Available Virtual: 11182.25 MB
 
========================= Partitions: =====================================
2 Drive c: () (Fixed) (Total:232.88 GB) (Free:67.86 GB) NTFS
4 Drive e: () (Fixed) (Total:902.86 GB) (Free:765.88 GB) NTFS
5 Drive f: () (Fixed) (Total:931.51 GB) (Free:237.19 GB) NTFS
7 Drive h: (NIKON D3300) (Removable) (Total:1.89 GB) (Free:1.85 GB) FAT
8 Drive l: (Local Disk (K:)) (Fixed) (Total:288.09 GB) (Free:83.72 GB) NTFS
9 Drive m: (Free Agent (M:)) (Fixed) (Total:465.76 GB) (Free:206.32 GB) NTFS
 
========================= Users: ========================================
User accounts for \\HELEN-PC
 
Administrator            Guest                    Helen                    
installer                
 
 
**** End of log ****
 

Edited by hamluis, 15 April 2018 - 05:35 AM.

BC AdBot (Login to Remove)

 

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,415 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:10 AM

Posted 15 April 2018 - 06:02 AM

First...let's do a malware check...moving topic from Win 7 to Am I Infected.  If nothing malicious/irritting is found...we can move this topic back to Win 7.

 

I noted that it appears that you have previously used some Wise products on this system.  Wise is one of the developers of registry cleaner sofrtware.  Using such tools may lead to various problems.

 

Louis


Malware Removal Logs Forum

Preparation Guide, Malware Removal Assistance

Windows Crashes, BSODs,Hangs Help & Support Forum

BSOD Forum Posting Guide

Backup, Imaging, Disk Management Forum

 

#3 funlover

funlover
  • Topic Starter

  • Members
  • 180 posts
  • OFFLINE
    •  
  • Gender:Female
  • Local time:02:10 AM

Posted 15 April 2018 - 09:36 AM

thanks Louis, i downloaded  and scanned.Malwarebytes. here is the report. btw before posting yesterday, i ran Esset online scan and it found no threats.

www.malwarebytes.com
 
-Log Details-
Scan Date: 4/15/18
Scan Time: 8:50 AM
Log File: fe52e41e-40b3-11e8-a437-001fd0811605.json
Administrator: Yes
 
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4742
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Helen-PC\Helen
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 378263
Threats Detected: 7
Threats Quarantined: 7
Time Elapsed: 8 min, 47 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 3
PUP.Optional.SlimCleanerPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{47548FBF-3F58-4A77-B124-391E8A45F586}, Quarantined, [1436], [398504],1.0.4742
PUP.Optional.SlimCleanerPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{47548FBF-3F58-4A77-B124-391E8A45F586}, Quarantined, [1436], [398504],1.0.4742
PUP.Optional.SlimCleanerPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SlimCleaner Run, Quarantined, [1436], [398504],1.0.4742
 
Registry Value: 1
PUP.Optional.SlimCleanerPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{47548FBF-3F58-4A77-B124-391E8A45F586}|PATH, Quarantined, [1436], [398507],1.0.4742
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 3
PUP.Optional.SlimCleanerPlus, C:\WINDOWS\SYSTEM32\TASKS\SLIMCLEANER RUN, Quarantined, [1436], [398504],1.0.4742
PUP.Optional.WinYahoo, C:\USERS\HELEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [244], [454804],1.0.4742
PUP.Optional.WinYahoo, C:\USERS\HELEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [244], [454804],1.0.4742
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·