Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slimware Driver Updater

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slimware Driver Updater

Unread postby 456fishlily » July 9th, 2019, 8:58 pm

Hello,
The slimware update keeps popping up. I would really appreciate your kind help in helping remove it.Any suggestion would be good.
Thanks so much.






Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by User (administrator) on LAPTOP-VBJ4OFN0 (HP HP Laptop 15-db0xxx) (09-07-2019 20:44:38)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Home Version 1809 17763.195 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atiesrxx.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.) C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\DriverUpdate\DriverUpdate.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimService.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimServiceFactory.exe
(sound research corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [855528 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {37FD73A2-CA7F-4726-AB54-561A909C17AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4941E8BE-A78C-40D0-9EED-574C421BAFC4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [333400 2019-06-11] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc)
Task: {4DF23D4D-2542-45F8-BCBF-CC7869CFB48C} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [411136 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {55DA8762-E651-43D1-BF89-6189A854A22D} - System32\Tasks\DriverUpdate Scan => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
Task: {5C854E9C-0154-44E8-A2FD-B948592A169A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C6A9F84-4C08-4B63-918D-32BCCAA51B75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4EC146D-60D4-4D30-AA09-FDF983E26284} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-07-08] (HP Inc. -> HP Inc.)
Task: {A9FD898C-1962-406B-A189-FA2ECB74875F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E141AC46-6173-4A3F-8BF6-9BB9807D179E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-07-08] (HP Inc. -> HP Inc.)
Task: {F9F74FEC-42CD-4881-82C3-B9CBE48222B2} - System32\Tasks\McAfee\mfewin10switch => C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe [4178840 2019-07-06] (McAfee, Inc. -> McAfee, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.197.42.70
Tcpip\..\Interfaces\{ba69cfed-42f0-4f6c-adb3-3ad5f5584628}: [DhcpNameServer] 10.197.42.70

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {0F8D12A4-F41A-4A07-A31E-94FC5E6166BB} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0F8D12A4-F41A-4A07-A31E-94FC5E6166BB} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}

FireFox:
========
FF DefaultProfile: 3yb3bbn8.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3yb3bbn8.default [2019-07-08]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vwtmh6aq.default-release [2019-07-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atiesrxx.exe [507936 2019-01-09] (Advanced Micro Devices, Inc. -> AMD)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\AppHelperCap.exe [401376 2018-12-14] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\NetworkCap.exe [401376 2018-12-14] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe [403936 2018-12-14] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\TouchpointAnalyticsClientService.exe [420304 2018-12-07] (HP Inc. -> HP Inc.)
R2 RtkAudioUniversalService; C:\windows\System32\RtkAudUService64.exe [855528 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [749536 2018-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [166392 2019-01-07] (sound research corporation -> Sound Research, Corp.)
R3 SlimWareServices; C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe [181848 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.)
R2 SynTPEnhService; C:\windows\System32\SynTPEnhService.exe [398376 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdacpbus; C:\windows\System32\drivers\amdacpbus.sys [945224 2019-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AmdAS4; C:\windows\System32\drivers\AmdAS4.sys [26888 2019-01-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
S3 amdgpio2; C:\windows\System32\drivers\amdgpio2.sys [34568 2019-01-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atikmdag.sys [47551008 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atikmpag.sys [589312 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [137688 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AmUStor; C:\windows\system32\drivers\AmUStor.SYS [108480 2018-11-23] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [107400 2019-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [16432 2018-10-26] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1139640 2018-12-22] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\windows\System32\drivers\RtkBtfilter.sys [767472 2018-11-20] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [9632008 2018-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\windows\System32\drivers\Smb_driver_Intel.sys [48168 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [63016 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SynTPFilterHID; C:\windows\System32\drivers\SynTP.sys [767016 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\OpenHardwareMonitorLib.sys [14544 2019-07-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35360 2018-09-13] (HP Inc. -> HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 20:44 - 2019-07-09 20:46 - 000017942 _____ C:\Users\User\Desktop\FRST.txt
2019-07-09 20:44 - 2019-07-09 20:44 - 000000000 ____D C:\FRST
2019-07-09 17:55 - 2019-07-09 17:55 - 002420224 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-07-09 16:31 - 2019-07-09 16:31 - 000003884 _____ C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan)
2019-07-09 00:30 - 2019-07-09 00:30 - 000000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2019-07-09 00:30 - 2019-07-09 00:30 - 000000000 ____D C:\Users\User\AppData\Roaming\Hewlett-Packard
2019-07-09 00:18 - 2019-07-09 00:18 - 000000000 ____D C:\Users\User\AppData\Local\Publishers
2019-07-08 22:07 - 2019-07-08 22:07 - 000000000 ____D C:\Users\User\AppData\Local\Comms
2019-07-08 20:38 - 2019-07-08 20:38 - 000000000 ____D C:\Users\User\AppData\Local\DBG
2019-07-08 20:18 - 2019-07-08 21:39 - 000003376 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-1002
2019-07-08 20:18 - 2019-07-08 21:39 - 000000000 ___RD C:\Users\User\OneDrive
2019-07-08 20:18 - 2019-07-08 20:18 - 000002527 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Users\User\AppData\Local\Downloaded Installers
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimServices
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimCleaner Plus
2019-07-08 20:17 - 2019-07-08 20:17 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2019-07-08 20:16 - 2019-07-09 16:29 - 000000000 ____D C:\Users\User\AppData\Local\SlimWare Utilities Inc
2019-07-08 20:16 - 2019-07-08 20:16 - 000003772 _____ C:\windows\System32\Tasks\DriverUpdate Scan
2019-07-08 20:16 - 2019-07-08 20:16 - 000002489 _____ C:\Users\Public\Desktop\DriverUpdate.lnk
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\SlimWare Utilities
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\DriverUpdate
2019-07-08 20:15 - 2019-07-08 20:15 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-07-08 16:17 - 2019-07-09 17:44 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2019-07-08 16:17 - 2019-07-08 16:17 - 000001446 _____ C:\Users\User\Desktop\Microsoft Edge.lnk
2019-07-08 16:17 - 2019-07-08 16:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2019-07-08 16:17 - 2019-07-08 16:17 - 000000000 ____D C:\Users\User\AppData\Local\Mozilla
2019-07-08 16:15 - 2019-07-08 16:15 - 000000000 ___HD C:\Users\User\MicrosoftEdgeBackups
2019-07-08 16:15 - 2019-07-08 16:15 - 000000000 ____D C:\Users\User\AppData\Local\MicrosoftEdge
2019-07-08 16:08 - 2019-07-09 17:01 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-07-08 16:08 - 2019-07-08 23:57 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-07-08 16:08 - 2019-07-08 21:39 - 000002367 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-08 16:08 - 2019-07-08 16:09 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2019-07-08 16:08 - 2019-07-08 16:08 - 000000020 ___SH C:\Users\User\ntuser.ini
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ___RD C:\Users\User\3D Objects
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Synaptics
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Local\AMD
2019-07-08 15:59 - 2019-07-08 15:59 - 000000000 ____D C:\Users\gside\AppData\Roaming\GetMyDrivers
2019-07-08 15:59 - 2019-07-08 15:59 - 000000000 ____D C:\Users\gside\AppData\Local\PlaceholderTileLogoFolder
2019-07-07 16:14 - 2019-07-07 16:26 - 000000000 ____D C:\windows\system32\MRT
2019-07-07 16:14 - 2019-07-07 16:14 - 135349160 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-07-07 16:14 - 2019-07-07 16:14 - 001993528 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2019-07-07 16:13 - 2019-07-07 16:13 - 000000000 ____D C:\Program Files\UNP
2019-07-06 23:38 - 2019-07-06 23:38 - 000000000 _SHDL C:\Documents and Settings
2019-07-06 19:22 - 2019-07-06 19:00 - 000592616 _____ (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2019-07-06 17:33 - 2019-07-06 17:33 - 000000000 ____D C:\Users\gside\AppData\Local\DBG
2019-07-06 17:32 - 2019-07-06 17:32 - 000000000 ____D C:\Users\gside\AppData\Local\Comms
2019-07-06 17:23 - 2019-07-06 17:23 - 000000000 ____D C:\ProgramData\McAfee_dad
2019-07-06 17:23 - 2019-07-06 17:23 - 000000000 ____D C:\Program Files\Common Files\McAfee.COM
2019-07-06 17:22 - 2019-07-06 17:23 - 000000000 ____D C:\ProgramData\McAfee
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\Users\gside\AppData\Roaming\HP
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader
2019-07-06 17:10 - 2019-07-06 17:10 - 000000000 ____D C:\Users\gside\AppData\Local\Publishers
2019-07-06 17:08 - 2019-07-08 15:30 - 000000000 ____D C:\Users\gside\AppData\LocalLow\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-06 17:08 - 2019-07-06 17:08 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Users\gside\AppData\Roaming\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Users\gside\AppData\Local\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\ProgramData\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-06 17:07 - 2019-07-06 17:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-06 16:57 - 2019-07-08 23:14 - 000000000 ___RD C:\Users\gside\OneDrive
2019-07-06 16:57 - 2019-07-06 17:00 - 000003378 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-1001
2019-07-06 16:54 - 2019-07-06 16:54 - 000001446 _____ C:\Users\gside\Desktop\Microsoft Edge.lnk
2019-07-06 16:53 - 2019-07-08 16:02 - 000000000 ____D C:\Users\gside\AppData\Local\D3DSCache
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ___HD C:\Users\gside\MicrosoftEdgeBackups
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ____D C:\Users\gside\AppData\Local\MicrosoftEdge
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ____D C:\Users\gside\AppData\Local\AMD
2019-07-06 16:52 - 2019-07-08 20:11 - 000000000 ____D C:\Users\gside\AppData\Local\Packages
2019-07-06 16:52 - 2019-07-06 17:24 - 000000000 ____D C:\Users\gside\AppData\Local\ConnectedDevicesPlatform
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ___RD C:\Users\gside\3D Objects
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Roaming\Synaptics
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Roaming\Adobe
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Local\VirtualStore
2019-07-06 16:47 - 2019-07-06 17:00 - 000002370 _____ C:\Users\gside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-06 16:47 - 2019-07-06 16:57 - 000000000 ____D C:\Users\gside
2019-07-06 16:47 - 2019-07-06 16:47 - 000000020 ___SH C:\Users\gside\ntuser.ini

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 20:34 - 2019-01-18 14:17 - 000000000 ____D C:\ProgramData\HP
2019-07-09 20:34 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-09 20:33 - 2018-11-07 02:45 - 000000000 ____D C:\windows\system32\SleepStudy
2019-07-09 17:01 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-09 17:01 - 2018-09-15 03:33 - 000000000 ____D C:\windows\AppReadiness
2019-07-09 16:53 - 2018-11-07 02:47 - 000000000 ____D C:\ProgramData\Packages
2019-07-09 16:43 - 2018-09-15 03:31 - 000000000 ____D C:\windows\INF
2019-07-09 14:49 - 2018-11-07 02:51 - 000846530 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-09 00:14 - 2018-11-07 02:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-07-09 00:13 - 2019-03-15 15:49 - 000065536 _____ C:\windows\psp_storage.bin
2019-07-09 00:13 - 2018-09-15 02:09 - 000786432 _____ C:\windows\system32\config\BBI
2019-07-09 00:10 - 2018-11-07 02:45 - 000000000 ____D C:\windows\system32\Drivers\wd
2019-07-08 23:14 - 2018-09-15 03:23 - 000000000 ____D C:\windows\CbsTemp
2019-07-08 23:13 - 2018-09-15 02:09 - 000000000 ____D C:\windows\servicing
2019-07-08 20:15 - 2019-01-18 14:18 - 000000000 ____D C:\Program Files (x86)\HP
2019-07-08 16:08 - 2018-11-07 02:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-07 16:23 - 2019-03-15 15:46 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-06 23:40 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\WinBioDatabase
2019-07-06 23:39 - 2019-03-15 16:25 - 000002852 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-500
2019-07-06 23:39 - 2018-11-07 02:44 - 000000000 ____D C:\windows\Panther
2019-07-06 19:27 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by User (09-07-2019 20:46:53)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1809 17763.195 (X64) (2019-07-07 03:39:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2161562956-2876439724-661099721-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2161562956-2876439724-661099721-503 - Limited - Disabled)
Guest (S-1-5-21-2161562956-2876439724-661099721-501 - Limited - Disabled)
User (S-1-5-21-2161562956-2876439724-661099721-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2161562956-2876439724-661099721-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

DriverUpdate (HKLM\...\{17D0BC60-A6E6-41AB-AAD8-BCED34B127DA}) (Version: 5.8.5 - Slimware Utilities Holdings, Inc.) Hidden
DriverUpdate (HKLM\...\DriverUpdate) (Version: 5.8.5 - Slimware Utilities Holdings, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0.4 (x64 en-US)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
SlimCleaner Plus (HKLM\...\{6592C4FC-45A7-42C8-9A68-7E020BDAC8AB}) (Version: 4.2.1.62 - Slimware Utilities, Holding, Inc.) Hidden
SlimCleaner Plus (HKLM\...\SlimCleaner Plus) (Version: 4.2.1.62 - Slimware Utilities, Holding, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2019-03-15] (Amazon.com)
Booking.com USA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comUSABigsavingson_1.0.4.0_x64__mgae2k3ys4ra0 [2019-07-08] (Priceline Partner Network)
Dropbox for S mode -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_21.4.5.0_x64__xbfy0k16fey96 [2019-07-08] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-03-15] (HP Inc.)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.2.161.0_x64__dt26b99r8h8gj [2019-03-15] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.0.96.0_x64__v10z8vjag6ke6 [2019-03-15] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.34.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.192.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6 [2019-07-09] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-08] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
McAfee Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_1.4.3.0_x64__wafk5atnkzcwy [2019-07-09] (McAfee Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-08] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-07-08] (Random Salad Games LLC) [MS Ad]
sMedio True DVD for HP -> C:\Program Files\WindowsApps\0E3921EB.sMedioTrueDVDforHP_1.1.104.0_x64__agwrg61xdd7p4 [2019-07-08] (sMedio Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-07-08] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-07-09 00:04 - 2019-07-09 00:05 - 001221120 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
2019-07-09 00:04 - 2019-07-09 00:11 - 000015360 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-07-08 20:16 - 2019-07-08 20:16 - 000944640 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) [File not signed] C:\Users\User\AppData\Local\SlimWare Utilities Inc\DriverUpdate\htmlayout.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 10.197.42.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{145C1202-94AA-4DE6-A1E1-F1F01E47E7FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D414D89D-335A-4DA8-BE96-DC9E27FCB5D6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E56CA0A5-2878-4757-BE18-A9109AEDDF13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23A3FF08-9E68-4D61-9F8D-7FBC1020CF34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-07-2019 23:39:57 Windows Modules Installer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2019 08:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SolutionFinder.exe, version: 1.1.0.1, time stamp: 0x5c876eba
Faulting module name: KERNELBASE.dll, version: 10.0.17763.134, time stamp: 0xc30ded87
Exception code: 0xe0434352
Fault offset: 0x0011ab32
Faulting process id: 0x1d7c
Faulting application start time: 0x01d536b74f351c52
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.192.0_x64__v10z8vjag6ke6\www\HPSF\Modules\SolutionFinder.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: b915d7b4-8c20-4873-9752-43a00f411e74
Faulting package full name:
Faulting package-relative application ID:

Error: (07/09/2019 08:35:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SolutionFinder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InsertRange(Int32, System.Collections.Generic.IEnumerable`1<System.__Canon>)
at SolutionFinder.Program.GetMessages(System.String, System.String, System.String, System.String)
at SolutionFinder.Program.Main(System.String[])

Error: (07/09/2019 05:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysInfoCap.exe, version: 1.7.934.0, time stamp: 0x5c12a5ca
Faulting module name: combase.dll, version: 10.0.17763.134, time stamp: 0x5f712695
Exception code: 0xc0000005
Fault offset: 0x00000000000912d5
Faulting process id: 0x754
Faulting application start time: 0x01d5360cbcf92f2b
Faulting application path: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe
Faulting module path: C:\windows\System32\combase.dll
Report Id: 45e7d2cb-747c-4a8b-be59-394b740ac020
Faulting package full name:
Faulting package-relative application ID:

Error: (07/09/2019 12:12:19 AM) (Source: EventSystem) (EventID: 4622) (User: )
Description: The COM+ Event System could not marshal the subscriber for subscription {46D5EC70-A1F6-489F-81ED-006C2477C49F}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005.

Error: (07/08/2019 11:28:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.5.35.12, time stamp: 0x5b923623
Faulting module name: ntdll.dll, version: 10.0.17763.194, time stamp: 0xe8b54827
Exception code: 0xc0000005
Fault offset: 0x00000000000239e1
Faulting process id: 0x29e8
Faulting application start time: 0x01d535c8eb3c412e
Faulting application path: C:\windows\System32\SynTPEnh.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: d7a81500-5378-4005-a32f-b2c33648de51
Faulting package full name:
Faulting package-relative application ID:

Error: (07/08/2019 09:37:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3a58

Start Time: 01d535eb99c7fd1a

Termination Time: 29

Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe

Report Id: 3b28b5ef-80cf-48c8-8311-790a49039bfd

Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

Faulting package-relative application ID: MicrosoftEdge

Hang type: Cross-thread

Error: (07/08/2019 09:36:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3f30

Start Time: 01d535ebab6ce3fa

Termination Time: 26

Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe

Report Id: 4a07fc98-fc36-419e-a254-4f487b4f6862

Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

Faulting package-relative application ID: MicrosoftEdge

Hang type: Unknown

Error: (07/06/2019 05:33:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2a4c

Start Time: 01d534425da8cf7d

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 952266b8-4b9c-4032-93d7-717378f23de9

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Cross-process


System errors:
=============
Error: (07/09/2019 08:34:27 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (07/09/2019 06:14:10 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 06:14:10 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 06:02:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 06:02:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 05:59:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 05:59:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2019 05:53:14 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2019-07-06 16:54:53.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\SYSTEM.SAV\util\HpseuHostLauncher.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.

Date: 2019-07-06 16:54:53.495
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\SYSTEM.SAV\util\HpseuHostLauncher.exe that did not meet the Enterprise signing level requirements.

Date: 2019-07-06 16:54:53.242
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.

Date: 2019-07-06 16:54:53.222
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe that did not meet the Enterprise signing level requirements.

Date: 2019-07-06 16:52:54.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\runonce.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wscript.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.

Date: 2019-07-06 16:52:54.791
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\runonce.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wscript.exe that did not meet the Enterprise signing level requirements.

Date: 2019-07-06 23:38:59.729
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\OpenHardwareMonitorLib.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.17 01/16/2019
Motherboard: HP 863C
Processor: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 70%
Total physical RAM: 3981.68 MB
Available physical RAM: 1156.14 MB
Total Virtual: 5993.45 MB
Available Virtual: 2003.67 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:901.01 GB) NTFS

\\?\Volume{6fbc505c-c42f-44ae-a4b7-3ee16e0447cf}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{d5481b04-9611-4a64-aa57-3c65702cb71f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCA9B95F)

Partition: GPT.

==================== End of Addition.txt ============================
456fishlily
Active Member
 
Posts: 3
Joined: July 9th, 2019, 5:52 pm
Advertisement
Register to Remove

Re: Slimware Driver Updater

Unread postby Gary R » July 10th, 2019, 12:28 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Slimware Driver Updater

Unread postby Gary R » July 10th, 2019, 12:54 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.

    It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


    Please uninstall the following programs ...

    DriverUpdate
    SlimCleaner Plus


    Important ... reboot your computer once you've finished.

    Next ...

    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press Ctrl+y (Ctrl and y keys at the same time)
    • A blank randomly named .txt Notepad file will open.
    • Copy and paste the following into it (don't include Code: Select all) ....
    Code: Select all
    SystemRestore: On
    CreateRestorePoint:
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.) C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\DriverUpdate\DriverUpdate.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimService.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimServiceFactory.exe
    C:\Program Files\SlimWare Utilities
    C:\Program Files\SlimCleaner Plus
    C:\Program Files\DriverUpdate
    C:\Program Files\SlimServices
    HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
    Task: {4941E8BE-A78C-40D0-9EED-574C421BAFC4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [333400 2019-06-11] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc)
    Task: {55DA8762-E651-43D1-BF89-6189A854A22D} - System32\Tasks\DriverUpdate Scan => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
    R3 SlimWareServices; C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe [181848 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.)
    C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
    2019-07-09 16:31 - 2019-07-09 16:31 - 000003884 _____ C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan)
    2019-07-08 20:18 - 2019-07-08 20:18 - 000002527 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimServices
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimCleaner Plus
    2019-07-08 20:16 - 2019-07-09 16:29 - 000000000 ____D C:\Users\User\AppData\Local\SlimWare Utilities Inc
    2019-07-08 20:16 - 2019-07-08 20:16 - 000003772 _____ C:\windows\System32\Tasks\DriverUpdate Scan
    2019-07-08 20:16 - 2019-07-08 20:16 - 000002489 _____ C:\Users\Public\Desktop\DriverUpdate.lnk
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\SlimWare Utilities
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\DriverUpdate
    Reboot:
    EmptyTemp:
    

    • Press Ctrl+s to save fixlist.txt
    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Now press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

    Next ....

    • Double click Frst64.exe to launch it.
    • FRST will start to run.
      • When the tool opens click Yes to the disclaimer.
      • Copy/Paste or Type the following line into the Search: box.
      slimware;slim;driverupdate

      • Press the Search Registry button.
      • When finished searching a log will open on your Desktop ... Search.txt
      • Please post it in your next reply.
    User avatar
    Gary R
    Administrator
    Administrator
     
    Posts: 25888
    Joined: June 28th, 2005, 11:36 am
    Location: Yorkshire

    Re: Slimware Driver Updater

    Unread postby 456fishlily » July 10th, 2019, 9:51 pm

    Thanks so much for helping out. I appreciate your kind help and support.

    Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2019
    Ran by User (10-07-2019 21:37:19) Run:1
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available Profiles: User)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    SystemRestore: On
    CreateRestorePoint:
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.) C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\DriverUpdate\DriverUpdate.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimService.exe
    (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimServiceFactory.exe
    C:\Program Files\SlimWare Utilities
    C:\Program Files\SlimCleaner Plus
    C:\Program Files\DriverUpdate
    C:\Program Files\SlimServices
    HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
    Task: {4941E8BE-A78C-40D0-9EED-574C421BAFC4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [333400 2019-06-11] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc)
    Task: {55DA8762-E651-43D1-BF89-6189A854A22D} - System32\Tasks\DriverUpdate Scan => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
    R3 SlimWareServices; C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe [181848 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.)
    C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
    2019-07-09 16:31 - 2019-07-09 16:31 - 000003884 _____ C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan)
    2019-07-08 20:18 - 2019-07-08 20:18 - 000002527 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimServices
    2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimCleaner Plus
    2019-07-08 20:16 - 2019-07-09 16:29 - 000000000 ____D C:\Users\User\AppData\Local\SlimWare Utilities Inc
    2019-07-08 20:16 - 2019-07-08 20:16 - 000003772 _____ C:\windows\System32\Tasks\DriverUpdate Scan
    2019-07-08 20:16 - 2019-07-08 20:16 - 000002489 _____ C:\Users\Public\Desktop\DriverUpdate.lnk
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\SlimWare Utilities
    2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\DriverUpdate
    Reboot:
    EmptyTemp:
    *****************

    SystemRestore: On => completed
    Restore point was successfully created.
    C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe => No running process found
    C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe => No running process found
    C:\Program Files\DriverUpdate\DriverUpdate.exe => No running process found
    C:\Program Files\SlimServices\SlimService.exe => No running process found
    C:\Program Files\SlimServices\SlimServiceFactory.exe => No running process found
    "C:\Program Files\SlimWare Utilities" => not found
    "C:\Program Files\SlimCleaner Plus" => not found
    "C:\Program Files\DriverUpdate" => not found
    "C:\Program Files\SlimServices" => not found
    "HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DriverUpdate" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4941E8BE-A78C-40D0-9EED-574C421BAFC4}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4941E8BE-A78C-40D0-9EED-574C421BAFC4}" => removed successfully
    C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan) => moved successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SlimCleaner Plus (Scheduled Scan)" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55DA8762-E651-43D1-BF89-6189A854A22D}" => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55DA8762-E651-43D1-BF89-6189A854A22D}" => removed successfully
    C:\windows\System32\Tasks\DriverUpdate Scan => moved successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverUpdate Scan" => removed successfully
    SlimWareServices => service not found.
    "C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe" => not found
    "C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan)" => not found
    "C:\Users\Public\Desktop\SlimCleaner Plus.lnk" => not found
    C:\ProgramData\SlimWare Utilities Inc => moved successfully
    "C:\Program Files\SlimServices" => not found
    "C:\Program Files\SlimCleaner Plus" => not found
    C:\Users\User\AppData\Local\SlimWare Utilities Inc => moved successfully
    "C:\windows\System32\Tasks\DriverUpdate Scan" => not found
    "C:\Users\Public\Desktop\DriverUpdate.lnk" => not found
    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate" => not found
    "C:\Program Files\SlimWare Utilities" => not found
    "C:\Program Files\DriverUpdate" => not found

    =========== EmptyTemp: ==========

    BITS transfer queue => 6053888 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13734471 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 1296407070 B
    Edge => 13867825 B
    Chrome => 0 B
    Firefox => 656332246 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 0 B
    LocalService => 0 B
    NetworkService => 33250 B
    NetworkService => 0 B
    gside => 62618637 B
    User => 51554475 B

    RecycleBin => 1053980 B
    EmptyTemp: => 2 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 21:40:07 ====

    Farbar Recovery Scan Tool (x64) Version: 10-07-2019
    Ran by User (10-07-2019 21:47:37)
    Running from C:\Users\User\Desktop
    Boot Mode: Normal

    ================== Search Registry: "slimware;slim;driverupdate" ===========


    ===================== Search result for "slimware" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}]
    ""="SlimWare Registration Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc]

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc]

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc\SlimCleaner Plus]

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc]


    ===================== Search result for "slim" ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}]
    ""="SlimServiceFactory Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}]
    "LocalizedString"="@C:\Program Files\SlimServices\SlimServiceFactory.exe,-100"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}\LocalServer32]
    ""=""C:\Program Files\SlimServices\SlimServiceFactory.exe""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}\LocalServer32]
    "ServerExecutable"="C:\Program Files\SlimServices\SlimServiceFactory.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}]
    ""="SlimServiceConnection Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}]
    "LocalizedString"="@C:\Program Files\SlimServices\SlimService.exe,-100"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}\LocalServer32]
    ""=""C:\Program Files\SlimServices\SlimService.exe""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}\LocalServer32]
    "ServerExecutable"="C:\Program Files\SlimServices\SlimService.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}]
    ""="SlimWare Registration Class"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}]
    "LocalizedString"="@C:\Program Files\SlimServices\SlimServiceFactory.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}\LocalServer32]
    ""=""C:\Program Files\SlimServices\SlimServiceFactory.exe""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}\LocalServer32]
    "ServerExecutable"="C:\Program Files\SlimServices\SlimServiceFactory.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}]
    ""="ISlimServiceFactory"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}]
    ""="ISlimServiceConnection"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA}\1.0]
    ""="SlimServiceLib"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA}\1.0\0\win64]
    ""="C:\Program Files\SlimServices\SlimService.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA}\1.0\HELPDIR]
    ""="C:\Program Files\SlimServices"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}\1.0]
    ""="SlimServiceFactoryLib"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}\1.0\0\win32]
    ""="C:\Program Files\SlimServices\SlimServiceFactory.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}\1.0\HELPDIR]
    ""="C:\Program Files\SlimServices"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}]
    ""="ISlimServiceFactory"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}]
    ""="ISlimServiceConnection"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fax]
    "RecipientsLimit"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASAPI32]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASMANCS]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print]
    "3DPrintApps"="89006A2E.AutodeskTinkercad_tf1gferkr813w!App
    SiemensPLMSoftware.JT2Go_qtbmxjdagz8xc!App
    10281CorgisoftIndustries.PrintersBlockBeta_032b3fvfvhzrc!App
    FuturePlatformsLimited.DKPrintYourOwnT.Rex_n7rr7swxes1n6!App"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gathering Manager]
    "BackOffUserEventsLimit"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search\Gathering Manager]
    "BackOffDelayedNotificationsLimit"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc]

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Print]
    "3DPrintApps"="89006A2E.AutodeskTinkercad_tf1gferkr813w!App
    SiemensPLMSoftware.JT2Go_qtbmxjdagz8xc!App
    10281CorgisoftIndustries.PrintersBlockBeta_032b3fvfvhzrc!App
    FuturePlatformsLimited.DKPrintYourOwnT.Rex_n7rr7swxes1n6!App"

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Search\Gathering Manager]
    "BackOffUserEventsLimit"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Search\Gathering Manager]
    "BackOffDelayedNotificationsLimit"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc]

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc\SlimCleaner Plus]

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
    "4"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus\SlimCleaner Plus.lnk
    C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    "

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
    "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe"="0x5341435001000000000000000700000028000000581605007B70050001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000008EED1401000000000100000001000000"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
    "C:\Program Files\SlimCleaner Plus\UninstallStub.exe"="0x53414350010000000000000007000000280000005804020042F0020001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000DA150000000000000100000001000000"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc]


    ===================== Search result for "driverupdate" ==========

    [HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\u0337817.inf_amd64_4e2c1a5ea7d040a8\Configurations\ati2mtag_Stoney\Driver]
    "driverupdate_ui_component_na"="true"

    [HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\u0337817.inf_amd64_4e2c1a5ea7d040a8\Configurations\ati2mtag_Stoney\Driver]
    "Notify_DriverUpdate_hide"="true"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{004C6A2B-0C19-4c69-9F5C-A269B2560DB9}]
    ""="IWindowsDriverUpdate4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0D521700-A372-4bef-828B-3D00C10ADEBD}]
    ""="IWindowsDriverUpdateEntryCollection"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{49EBD502-4A96-41BD-9E3E-4C5057F4250C}]
    ""="IWindowsDriverUpdate3"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{615C4269-7A48-43BD-96B7-BF6CA27D6C3E}]
    ""="IWindowsDriverUpdate2"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70CF5C82-8642-42bb-9DBC-0CFD263C6C4F}]
    ""="IWindowsDriverUpdate5"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B383CD1A-5CE9-4504-9F63-764B1236F191}]
    ""="IWindowsDriverUpdate"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED8BFE40-A60B-42ea-9652-817DFCFA23EC}]
    ""="IWindowsDriverUpdateEntry"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{004C6A2B-0C19-4c69-9F5C-A269B2560DB9}]
    ""="IWindowsDriverUpdate4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0D521700-A372-4bef-828B-3D00C10ADEBD}]
    ""="IWindowsDriverUpdateEntryCollection"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{49EBD502-4A96-41BD-9E3E-4C5057F4250C}]
    ""="IWindowsDriverUpdate3"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{615C4269-7A48-43BD-96B7-BF6CA27D6C3E}]
    ""="IWindowsDriverUpdate2"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{70CF5C82-8642-42bb-9DBC-0CFD263C6C4F}]
    ""="IWindowsDriverUpdate5"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B383CD1A-5CE9-4504-9F63-764B1236F191}]
    ""="IWindowsDriverUpdate"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ED8BFE40-A60B-42ea-9652-817DFCFA23EC}]
    ""="IWindowsDriverUpdateEntry"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
    "DriverUpdate.exe"="11001"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemSettings\SettingId\SystemSettings_MusUpdate_IsDriverUpdateEnabled]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DriverSearching]
    "DriverUpdateWizardWuSearchEnabled"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
    "DriverUpdate.exe"="11001"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
    "2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate\DriverUpdate Help.lnk
    C:\Program Files\DriverUpdate\DriverUpdate.exe
    -help"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
    "3"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate\DriverUpdate.lnk
    C:\Program Files\DriverUpdate\DriverUpdate.exe
    /byUser"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
    "C:\Users\User\Downloads\DriverUpdate-setup-b7873f45-0da9-4967-8022-f4a346895889.exe"="0x5341435001000000000000000700000028000000581410005A26100001000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000040000000000000000000000000000000003DA7D900000000000100000001000000"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
    "C:\Program Files\DriverUpdate\DriverUpdate.exe"="0x534143500100000000000000070000002800000058F43E02501D3F0201000000000000000000000A0021000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000250C0000000000000200000002000000"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
    "C:\Program Files\DriverUpdate\UninstallStub.exe"="0x53414350010000000000000007000000280000005806020069D7020001000000000000000000000A7122000067077CBAC54CD40100000000000000000200000028000000000000000000004000000000000000000000000000000000FD240000000000000100000001000000"

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driverupdate.net]

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.driverupdate.net]

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driverupdate.net]

    [HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.driverupdate.net]

    ====== End of Search ======
    456fishlily
    Active Member
     
    Posts: 3
    Joined: July 9th, 2019, 5:52 pm

    Re: Slimware Driver Updater

    Unread postby Gary R » July 11th, 2019, 2:42 am

    OK, looks like we've still got a few Registry orphans to deal with ....

    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press Ctrl+y (Ctrl and y keys at the same time)
    • A blank randomly named .txt Notepad file will open.
    • Copy and paste the following into it (don't include Code: Select all) ....
    Code: Select all
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc\SlimCleaner Plus
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASAPI32
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASMANCS
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|4
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\SlimCleaner Plus\UninstallStub.exe
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverUpdate.exe
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverUpdate.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|2
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|3
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Users\User\Downloads\DriverUpdate-setup-b7873f45-0da9-4967-8022-f4a346895889.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\DriverUpdate\DriverUpdate.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\DriverUpdate\UninstallStub.exe
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.driverupdate.net
    C:\Program Files\SlimCleaner Plus
    C:\Program Files\DriverUpdate

    • Press Ctrl+s to save fixlist.txt
    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Now press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log, and let me know how your computer is behaving now.
    User avatar
    Gary R
    Administrator
    Administrator
     
    Posts: 25888
    Joined: June 28th, 2005, 11:36 am
    Location: Yorkshire

    Re: Slimware Driver Updater

    Unread postby 456fishlily » July 12th, 2019, 5:29 pm

    Thanks so much for helping out. My laptop works great. I have not seen any of those messages.


    Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2019
    Ran by User (12-07-2019 17:25:38) Run:2
    Running from C:\Users\User\Desktop
    Loaded Profiles: User (Available Profiles: User)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc\SlimCleaner Plus
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17}
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASAPI32
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASMANCS
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|4
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\SlimCleaner Plus\UninstallStub.exe
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverUpdate.exe
    DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverUpdate.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|2
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC|3
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Users\User\Downloads\DriverUpdate-setup-b7873f45-0da9-4967-8022-f4a346895889.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\DriverUpdate\DriverUpdate.exe
    DeleteValue: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\DriverUpdate\UninstallStub.exe
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driverupdate.net
    DeleteKey: HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.driverupdate.net
    C:\Program Files\SlimCleaner Plus
    C:\Program Files\DriverUpdate
    *****************

    HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc => removed successfully
    "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc\SlimCleaner Plus" => not found
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DC6EE87-F3BB-40EB-BCEE-12F7D6E3EEDF} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{959D527D-6C27-4879-A644-065526D6969C} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{95F57E4A-1FFA-4814-9AEC-34D22DF3D8FA} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8B43FD92-7BC2-467C-A8B5-67B04B1AFAEA} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BFEAC894-C89D-411A-89C6-193F109ADA17} => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASAPI32 => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SlimCleanerPlus_RASMANCS => removed successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\SlimWare Utilities Inc => not found
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SlimWare Utilities Inc => not found
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC\\4" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files\SlimCleaner Plus\UninstallStub.exe" => removed successfully
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\SlimWare Utilities Inc => not found
    "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\\DriverUpdate.exe" => removed successfully
    "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\\DriverUpdate.exe" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC\\2" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC\\3" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Users\User\Downloads\DriverUpdate-setup-b7873f45-0da9-4967-8022-f4a346895889.exe" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files\DriverUpdate\DriverUpdate.exe" => removed successfully
    "HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files\DriverUpdate\UninstallStub.exe" => removed successfully
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driverupdate.net => removed successfully
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.driverupdate.net => removed successfully
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driverupdate.net => removed successfully
    HKEY_USERS\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.driverupdate.net => removed successfully
    "C:\Program Files\SlimCleaner Plus" => not found
    "C:\Program Files\DriverUpdate" => not found

    ==== End of Fixlog 17:25:39 ====
    456fishlily
    Active Member
     
    Posts: 3
    Joined: July 9th, 2019, 5:52 pm

    Re: Slimware Driver Updater

    Unread postby Gary R » July 12th, 2019, 5:50 pm

    As far as I can see, your computer looks clear of Slimware now.

    • If you have any remaining problems please let me know about them.
    • If not, then please follow the instructions below for uninstalling FRST ...

    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press Ctrl+y (Ctrl and y keys at the same time)
    • A blank randomly named .txt Notepad file will open.
    • Copy and paste the following into it (don't include Code: Select all) ....
    Code: Select all
    Move: C:\Users\User\Desktop\Frst64.exe C:\Users\User\Desktop\Uninstall.exe
    Cmd: start Uninstall.exe

    • Press Ctrl+s to save fixlist.txt
    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Now press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will fully remove FRST from your computer.

    Please let me know if it does not.
    User avatar
    Gary R
    Administrator
    Administrator
     
    Posts: 25888
    Joined: June 28th, 2005, 11:36 am
    Location: Yorkshire
    Advertisement
    Register to Remove


    • Similar Topics
      Replies
      Views
      Last post

    Return to Infected? Virus, malware, adware, ransomware, oh my!



    Who is online

    Users browsing this forum: No registered users and 294 guests

    Contact us:

    Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

    Member site: UNITE Against Malware