Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92362 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Struggling with laptop


  • This topic is locked This topic is locked
21 replies to this topic

#1 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 13 May 2019 - 08:10 PM

I'm having some really bad issues with my laptop. All kinds of programs are taking over five minutes to launch, and after they finally do, they're constantly freezing and not responding. Disk usage has been at 100% constantly, I assume that's related, but I'm pretty tech illiterate, I really have no idea what I can do to help it. Someone on another site recommended. I come here for help. Let me know whatever info I can give or questions I can answer to help. Thank you


    Advertisements

Register to Remove


#2 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 14 May 2019 - 03:33 PM

xlK5Hdb.pngFarbar Recovery Scan Tool (FRST) Scan
  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpgRun as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.


Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#3 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 23 May 2019 - 09:03 PM

I apologize for taking so long, left my laptop at my dad's and didn't have a chance to get it back until now. Here's what it says

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by dylan (administrator) on DESKTOP-A799SKB (Dell Inc. Inspiron 15 7000 Gaming) (23-05-2019 19:38:29)
Running from C:\Users\dylan\Downloads
Loaded Profiles: dylan (Available Profiles: dylan)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Compal electronic ,inc -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\dylan\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\dylan\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\dylan\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125170.inf_amd64_b4d72b8af850c069\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125170.inf_amd64_b4d72b8af850c069\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125170.inf_amd64_b4d72b8af850c069\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125170.inf_amd64_b4d72b8af850c069\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.7.382\mcdatrep.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.7.382\mcdatrep.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.11601.20204\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dylan\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dylan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235464 2017-05-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494024 2017-05-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [7824848 2016-07-20] (Compal electronic ,inc -> Dell Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893312 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-21] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-05] (Valve -> Valve Corporation)
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\Run: [Discord] => C:\Users\dylan\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dylan\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\dylan\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\RunOnce: [Uninstall 19.062.0331.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dylan\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64"
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\RunOnce: [Uninstall 19.062.0331.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dylan\AppData\Local\Microsoft\OneDrive\19.062.0331.0006"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-13] (Google LLC -> Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0144E947-B71E-4C21-8236-08F22853B8AB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0301A44F-FC92-4DA5-9B16-2F28BBB87E92} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0AEBAA4E-5B3F-49C3-87A6-698B9140A9D7} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4469000 2019-01-31] (McAfee, Inc. -> McAfee, Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {0EB13B7C-B249-4119-A3F8-D86FD3C85F2E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {149A54DE-1437-4196-980D-93278BFADAFC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E9448EE-8992-46AB-AF31-A7B2B69AF9FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112368 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {22D592D6-05F3-4BC4-9431-D1D545BBAF6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28930370-C6B1-4D16-BE02-195A8AEE7302} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {2F467217-7E70-490F-B4EA-140A873A7294} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906984 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FCAC74A-5126-4CB2-BDEA-519866CCAE3E} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [756672 2018-11-13] (McAfee, Inc. -> McAfee, Inc.)
Task: {514603AE-DCE9-4816-8F48-6718B7E7E765} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906984 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5275ECF4-982B-47C6-8F23-EA9D510915B9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112368 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {760250F4-40B7-4B50-B418-A6E24B9B9A80} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693632 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CE77DDA-F90E-45B6-9C5C-DDC2A105B63D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4406400 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {81E0DB97-D79F-403A-9110-DB6A2696DA95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-16] (Google Inc -> Google Inc.)
Task: {8C4D2CDC-3B65-4871-92BD-DC325ABE5C49} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [18392 2018-12-12] (Dell Inc. -> Dell Inc.)
Task: {8D8DDDF4-7073-499E-BE81-55204D94E710} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432184 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DCFF430-E91B-4F31-8433-A0084D9BDCA2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.222\DADUpdater.exe [4178840 2019-05-23] (McAfee, Inc. -> McAfee, Inc.)
Task: {8F238FA6-423A-4B49-8796-562E3B7BF598} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-16] (Google Inc -> Google Inc.)
Task: {B14447CB-CA57-43B8-B7B9-65D187A1613D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4406400 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC91AC61-D7B6-4C8C-A73D-8C0F68B9A389} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758824 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE4C57E8-71F0-4BDF-8348-AB98D3D90549} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E70ED292-120F-41A5-A5DD-CA688F88C64B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9C9BE8E-5304-4F15-A5A4-9BDFC5D2662C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED47FEC8-744D-40CC-83BD-C55757AADA88} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel® Trust Services -> Intel® Corporation)
Task: {FAE03CF6-5C45-4609-9E14-17D2D989FDFB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432184 2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{25091be1-bcd3-4d2c-bdd3-bd43b0bf8e33}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKU\S-1-5-21-2970060862-154288286-514413282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2970060862-154288286-514413282-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-09] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-09] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-05-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-11] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-11] (Google Inc -> Google LLC)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.tfw2005.com/"
CHR Profile: C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default [2019-05-23]
CHR Extension: (Easy Auto Refresh) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2018-10-16]
CHR Extension: (Slides) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-16]
CHR Extension: (Docs) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-16]
CHR Extension: (Google Drive) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-16]
CHR Extension: (Adobe Acrobat) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-23]
CHR Extension: (Sheets) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-05-13]
CHR Extension: (Tumblr Pro) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohniiodgjjhdldmfcoobbbhpppjlam [2018-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-16]
CHR Extension: (Tumblr Savior) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2018-10-16]
CHR Extension: (Gmail) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0268501558665535mcinstcleanup; C:\ProgramData\McInstTemp0268501558665535\McInst.exe [939432 2018-12-16] (McAfee, Inc. -> McAfee, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082312 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.)
S2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-01-12] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413752 2017-07-21] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-07-21] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel® Audio Service\IntelAudioService.exe [204128 2018-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-09] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [509728 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-14] (Intel Corporation -> )
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1360384 2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333320 2017-05-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-08] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-14] (Intel Corporation -> Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85064 2017-11-30] (Intel® Software -> Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70664 2017-07-21] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_a1989af69cfe5bee\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26696 2018-01-10] (NVIDIA Corporation -> Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PCDSRVC{B13A77D3-1EFB46EC-06020300}_0; c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.6992.1466\pcdsrvc_x64.pkms [56192 2019-01-12] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-25] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-23 19:46 - 2019-05-23 19:46 - 063400928 _____ (Electronic Arts) C:\Users\dylan\Downloads\OriginThinSetup.exe
2019-05-23 19:38 - 2019-05-23 19:47 - 000041689 _____ C:\Users\dylan\Downloads\FRST.txt
2019-05-23 19:38 - 2019-05-23 19:38 - 000000000 ____D C:\ProgramData\McInstTemp0268501558665535
2019-05-23 19:37 - 2019-05-23 19:38 - 000000000 ____D C:\FRST
2019-05-23 19:33 - 2019-05-23 19:33 - 000000000 ___HD C:\OneDriveTemp
2019-05-23 19:31 - 2019-05-23 19:31 - 002435072 _____ (Farbar) C:\Users\dylan\Downloads\FRST64.exe
2019-05-13 21:21 - 2019-05-13 21:21 - 000014374 _____ C:\Users\dylan\OneDrive\Documents\Campbell's Soup vs General Mills.xlsx
2019-05-13 20:48 - 2019-05-13 21:01 - 000044672 _____ C:\Users\dylan\OneDrive\Documents\301Pivot.xlsx
2019-05-13 20:33 - 2019-05-13 20:46 - 000035260 _____ C:\Users\dylan\OneDrive\Documents\301InsectLovers.xlsx
2019-05-13 20:21 - 2019-05-13 20:33 - 000035903 _____ C:\Users\dylan\OneDrive\Documents\whatisthisidonteven.xlsx
2019-05-13 19:33 - 2019-05-13 19:33 - 000036280 _____ C:\Users\dylan\OneDrive\Documents\301Regression.xlsx
2019-05-13 18:57 - 2019-05-13 18:57 - 000025930 _____ C:\Users\dylan\Downloads\F18 Fun With Excel Raw Data.xlsx
2019-05-09 18:42 - 2019-05-09 18:42 - 000000000 ____D C:\Users\dylan\AppData\Local\ElevatedDiagnostics
2019-05-09 17:54 - 2019-05-09 17:54 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-09 17:54 - 2019-05-09 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-05-09 17:53 - 2019-05-09 17:53 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-09 17:35 - 2019-05-13 18:12 - 000000000 ____D C:\ProgramData\McInstTemp0176101557448548
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-23 19:47 - 2018-11-15 18:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-23 19:42 - 2018-10-16 17:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-05-23 19:42 - 2018-10-16 17:10 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-05-23 19:38 - 2018-10-16 17:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-05-23 19:35 - 2018-10-16 17:21 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-23 19:33 - 2018-10-16 17:40 - 000000000 ___RD C:\Users\dylan\OneDrive
2019-05-23 19:32 - 2018-10-16 17:41 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2970060862-154288286-514413282-1001
2019-05-23 19:31 - 2018-10-16 17:36 - 000002365 _____ C:\Users\dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-23 19:31 - 2018-10-16 16:46 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-23 19:28 - 2018-10-16 17:37 - 000000000 __SHD C:\Users\dylan\IntelGraphicsProfiles
2019-05-23 19:28 - 2018-10-16 17:21 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-13 20:35 - 2018-10-16 17:21 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-13 20:30 - 2018-10-16 17:41 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-13 20:30 - 2018-10-16 17:41 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-13 20:22 - 2018-10-16 17:37 - 000000000 ____D C:\Users\dylan\AppData\Local\Packages
2019-05-13 19:14 - 2018-10-16 17:15 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-13 18:55 - 2018-10-16 16:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-13 18:18 - 2018-10-16 17:21 - 000000000 ____D C:\WINDOWS\Registration
2019-05-13 18:18 - 2018-10-16 17:20 - 000000000 ____D C:\WINDOWS\INF
2019-05-13 18:18 - 2018-10-16 17:05 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-13 18:11 - 2018-10-16 17:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-09 18:46 - 2018-10-16 17:10 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-09 18:16 - 2018-10-21 15:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-09 18:10 - 2018-10-21 15:47 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-09 17:50 - 2017-10-31 21:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-09 17:44 - 2018-10-16 17:57 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-05-09 17:43 - 2018-10-16 18:00 - 000003316 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2019-05-09 17:40 - 2018-10-16 17:21 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-09 17:26 - 2018-11-19 17:24 - 000000000 ____D C:\Program Files\rempl
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
and
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by dylan (23-05-2019 19:49:14)
Running from C:\Users\dylan\Downloads
Windows 10 Home Version 1803 17134.648 (X64) (2018-10-17 00:04:03)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2970060862-154288286-514413282-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2970060862-154288286-514413282-503 - Limited - Disabled)
dylan (S-1-5-21-2970060862-154288286-514413282-1001 - Administrator - Enabled) => C:\Users\dylan
Guest (S-1-5-21-2970060862-154288286-514413282-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2970060862-154288286-514413282-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Dell Digital Delivery (HKLM-x32\...\{824A41E2-5C69-421C-8991-5351D7C3E6BF}) (Version: 3.3.1001.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{E98E94E2-12D1-48E5-AC69-2C312F466136}) (Version: 3.1.0.142 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{ED23034C-BB55-432A-B216-C3DCC768A7D3}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{de2492a6-682a-49a4-87be-f8448e1af207}) (Version: 4.1.0.6828 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Discord (HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{39b9467e-7f77-4fa1-8cda-f7f203bfc7fe}) (Version: 20.30.1 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.36 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11425.20202 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11425.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.018 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SURVEY_PROGRAM (HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\SURVEY_PROGRAM) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
 
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1501.2.0_x86__kgqvnymyfvs32 [2019-05-13] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.137.700.0_x86__kgqvnymyfvs32 [2019-05-13] (king.com)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.13.0_x64__htrsf667h5kn2 [2018-10-16] (Dell Inc)
Dell Help & Support -> C:\Program Files\WindowsApps\DellInc.DellHelpSupport_3.2.1.0_x64__htrsf667h5kn2 [2018-10-16] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-10-16] (Dell Inc)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.4.0_x64__htrsf667h5kn2 [2019-05-13] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-15] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_16.4.9.0_x64__xbfy0k16fey96 [2019-05-13] (Dropbox Inc.)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.28.2803.0_x86__ytsefhwckbdv6 [2019-05-13] (G5 Entertainment AB)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-24] (Netflix, Inc.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_2.5.713.0_x64__rh07ty8m5nkag [2019-05-13] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-05-13] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2970060862-154288286-514413282-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125170.inf_amd64_b4d72b8af850c069\igfxDTCM.dll [2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-20 11:18 - 2016-07-20 11:18 - 000105984 _____ (Compal Inc.) [File not signed] C:\Program Files\Dell\QuickSet\QSWMIMngr.dll
2017-10-31 21:05 - 2017-10-31 21:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\AppVIsvSubsystems32.dll
2017-10-31 21:05 - 2017-10-31 21:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\c2r32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\BioWare:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\my games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Wallpapers:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 14:03 - 2017-03-18 14:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2970060862-154288286-514413282-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dylan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKU\S-1-5-21-2970060862-154288286-514413282-1001\...\StartupApproved\Run: => "Discord"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{24C36ACD-592D-46E2-8928-23C0F3F84D86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B86CF621-27AB-4047-A66D-7134949D9825}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{01C3DC51-A8EA-448C-A23B-F678CE83F9DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F98CF4A2-E6EE-4180-9BBD-6158040B45B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6939753B-A3D6-4057-83B9-F847F3EE06B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D47268C-D69F-44EA-B841-7B86922616E7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{B091D960-1160-4240-8717-B86EFBBA2AA5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{4534054B-7F81-4B29-BC1F-8C006186B149}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{44C526AE-06BC-4E56-B00B-5A52F2B6BC03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2C773451-DDE1-4DC1-B287-DD51B270C933}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E8EF0741-7546-46A8-B57B-369903076DDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EE78F93E-9B71-4141-B0DD-3C32ED21999C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1DCDC2B-450B-4C9F-919A-BB22FE867649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe () [File not signed]
FirewallRules: [{6B415F5D-7BDE-4452-86C2-E2382D1A7D79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe () [File not signed]
FirewallRules: [{28650529-D7FC-41AC-A482-C59C42EFC746}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{DE36F0C3-5C21-4EEA-80B7-6C605CB061E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 2\Fallout2Launcher.exe (ZeniMax Media) [File not signed]
FirewallRules: [{DEF65CB8-E255-4602-98F3-CE626DE28598}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F3F1EE1-25A1-4C40-A6BB-F822CACE8926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{2A8ABE9E-0849-40EF-BDFE-A148D2962C48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{E34E7744-2D09-4289-A6DE-54EA01565042}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
FirewallRules: [{46F7574F-5874-4B22-85BE-2A06B614B1DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
FirewallRules: [{1F013A36-2D81-4013-B08E-89B8360A8F83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{17FCE993-279E-4BCD-A303-44BF1AF777DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{90A87513-A719-4D38-90F4-6DB922D92277}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{3CD47243-EF37-486C-88AC-80578D230E4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe (BioWare -> BioWare)
FirewallRules: [{69861FE2-FC96-41D3-BBFD-E72C74C849A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1AB21AF-D53C-45D4-979B-9F6E297FED9A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B44FF14-6903-4D42-AE2A-5C9C408A3958}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{D0AB3D32-6004-4B5B-A90D-7468CAC3C341}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09E6CF32-D442-48BD-A20C-4A1B33FF0ED2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A93FB981-DD3C-4E11-B12A-774A78338F65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
 
==================== Restore Points =========================
 
16-03-2019 19:15:37 Windows Update
11-04-2019 20:52:25 Removed SmartByte Drivers and Services.
09-05-2019 18:08:49 Windows Update
13-05-2019 18:56:33 McAfee Vulnerability Scanner
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/23/2019 07:33:14 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/23/2019 07:31:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x8400000e
Fault offset: 0x0000000000000000
Faulting process id: 0x184c
Faulting application start time: 0x01d511d8c3f8b992
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: unknown
Report Id: d2736c92-1514-4089-8824-4a0e588de183
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/13/2019 08:11:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 16.0.11425.20202 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1f0c
 
Start Time: 01d50a02696de423
 
Termination Time: 60
 
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
 
Report Id: 5a747124-3a69-4bd0-aa05-49b47c6718a7
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/13/2019 08:08:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 16.0.11425.20202 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 17f4
 
Start Time: 01d50a018fb22c2d
 
Termination Time: 110
 
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
 
Report Id: 4cfec23c-032e-4908-a85b-ed998b2a2562
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/13/2019 06:22:49 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (05/09/2019 06:01:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program svchost.exe version 10.0.17134.556 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: b18
 
Start Time: 01d4f0dbf7f0062d
 
Termination Time: 4294967295
 
Application Path: C:\Windows\System32\svchost.exe
 
Report Id: d8a6dd94-aa50-4aa2-aa85-42a1f9056b8c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/09/2019 05:59:22 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (05/09/2019 05:49:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (05/23/2019 07:48:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A799SKB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-A799SKB\dylan SID (S-1-5-21-2970060862-154288286-514413282-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/23/2019 07:44:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A799SKB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-A799SKB\dylan SID (S-1-5-21-2970060862-154288286-514413282-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/23/2019 07:44:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (05/23/2019 07:44:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (05/23/2019 07:42:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A799SKB)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (05/23/2019 07:35:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A799SKB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-A799SKB\dylan SID (S-1-5-21-2970060862-154288286-514413282-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/23/2019 07:35:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A799SKB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-A799SKB\dylan SID (S-1-5-21-2970060862-154288286-514413282-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/23/2019 07:34:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-A799SKB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-A799SKB\dylan SID (S-1-5-21-2970060862-154288286-514413282-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.8.1 08/15/2018
Motherboard: Dell Inc. 0TXG2N
Processor: Intel® Core™ i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 69%
Total physical RAM: 8058.46 MB
Available physical RAM: 2474.66 MB
Total Virtual: 12666.46 MB
Available Virtual: 4803.68 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917 GB) (Free:846.3 GB) NTFS
 
\\?\Volume{ba34cc90-76c7-456f-83a7-0d7049d66525}\ (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.07 GB) NTFS
\\?\Volume{071f7bd0-919b-4f27-9d54-099ecbbf2bb2}\ (Image) (Fixed) (Total:12.39 GB) (Free:0.19 GB) NTFS
\\?\Volume{70cfb635-be0e-4b6b-868e-9e660fcf935d}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.44 GB) NTFS
\\?\Volume{4acf3335-3f12-412b-a26e-1dff9bbf49ea}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.39 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B5FE2E1F)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 25 May 2019 - 06:00 AM

I apologize for the delay, I did not receive a notice of your reply.

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.

 

Start::
CloseProcesses:
CreateRestorePoint:
C:\Windows\Temp\*.*
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\BioWare:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\my games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Wallpapers:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
irewallRules: [{E8EF0741-7546-46A8-B57B-369903076DDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EE78F93E-9B71-4141-B0DD-3C32ED21999C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2F3F1EE1-25A1-4C40-A6BB-F822CACE8926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{2A8ABE9E-0849-40EF-BDFE-A148D2962C48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{E34E7744-2D09-4289-A6DE-54EA01565042}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
FirewallRules: [{46F7574F-5874-4B22-85BE-2A06B614B1DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
~~~~~~~~~~~~~~~~~~~~~~~~`
RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply
Please post these logs when finished.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#5 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 25 May 2019 - 05:21 PM

No prob, I wanted to mention that before I did any of this upon starting my computer a box popped up saying

"There was a problem starting C:\Windows\System32\LogiLDA.dll

 

The specified module could not be found"

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by dylan (25-05-2019 15:50:11) Run:1
Running from C:\Users\dylan\Downloads
Loaded Profiles: dylan (Available Profiles: dylan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Windows\Temp\*.*
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\BioWare:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\my games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\dylan\OneDrive\Documents\Wallpapers:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
irewallRules: [{E8EF0741-7546-46A8-B57B-369903076DDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EE78F93E-9B71-4141-B0DD-3C32ED21999C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2F3F1EE1-25A1-4C40-A6BB-F822CACE8926}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{2A8ABE9E-0849-40EF-BDFE-A148D2962C48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe No File
FirewallRules: [{E34E7744-2D09-4289-A6DE-54EA01565042}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
FirewallRules: [{46F7574F-5874-4B22-85BE-2A06B614B1DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe No File
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\.ses => moved successfully
C:\Windows\Temp\.session => moved successfully
C:\Windows\Temp\.session64 => moved successfully
C:\Windows\Temp\APPX.3ziaxs0sb56oczhlay0xf6n5f.tmp => moved successfully
C:\Windows\Temp\APPX.4u873iuq8vx58fdzm57x0k7nf.tmp => moved successfully
C:\Windows\Temp\APPX.dl5up9eqg8o_fkg_ey2exqisg.tmp => moved successfully
C:\Windows\Temp\APPX.g2h4em6ym86pdahhq0f0blddh.tmp => moved successfully
C:\Windows\Temp\APPX.rc_4gyie544cvoj5j48jmkrnh.tmp => moved successfully
C:\Windows\Temp\APPX.rww5p5b0voy4qy_m5mn7mrjkh.tmp => moved successfully
C:\Windows\Temp\APPX.sv9r6u03_3pgo7s7rc1clsb9g.tmp => moved successfully
C:\Windows\Temp\APPX.xy6dflz0p06s88s0it9khc6q.tmp => moved successfully
C:\Windows\Temp\APPX.yrhgweaqqwohgmu2t1g1b5dae.tmp => moved successfully
C:\Windows\Temp\APPX.zjw8qrvqst8l8p3yf5i5urzth.tmp => moved successfully
C:\Windows\Temp\aria-debug-10188.log => moved successfully
C:\Windows\Temp\aria-debug-10192.log => moved successfully
C:\Windows\Temp\aria-debug-10248.log => moved successfully
C:\Windows\Temp\aria-debug-10292.log => moved successfully
C:\Windows\Temp\aria-debug-10584.log => moved successfully
C:\Windows\Temp\aria-debug-10616.log => moved successfully
C:\Windows\Temp\aria-debug-10940.log => moved successfully
C:\Windows\Temp\aria-debug-11040.log => moved successfully
C:\Windows\Temp\aria-debug-11872.log => moved successfully
C:\Windows\Temp\aria-debug-12096.log => moved successfully
C:\Windows\Temp\aria-debug-12752.log => moved successfully
C:\Windows\Temp\aria-debug-13008.log => moved successfully
C:\Windows\Temp\aria-debug-13492.log => moved successfully
C:\Windows\Temp\aria-debug-13744.log => moved successfully
C:\Windows\Temp\aria-debug-14068.log => moved successfully
C:\Windows\Temp\aria-debug-14084.log => moved successfully
C:\Windows\Temp\aria-debug-14116.log => moved successfully
Could not move "C:\Windows\Temp\aria-debug-14332.log" => Scheduled to move on reboot.
C:\Windows\Temp\aria-debug-14412.log => moved successfully
C:\Windows\Temp\aria-debug-14756.log => moved successfully
C:\Windows\Temp\aria-debug-14804.log => moved successfully
C:\Windows\Temp\aria-debug-14888.log => moved successfully
C:\Windows\Temp\aria-debug-15828.log => moved successfully
C:\Windows\Temp\aria-debug-16772.log => moved successfully
C:\Windows\Temp\aria-debug-16912.log => moved successfully
C:\Windows\Temp\aria-debug-17748.log => moved successfully
C:\Windows\Temp\aria-debug-18932.log => moved successfully
C:\Windows\Temp\aria-debug-19344.log => moved successfully
C:\Windows\Temp\aria-debug-19780.log => moved successfully
C:\Windows\Temp\aria-debug-19864.log => moved successfully
C:\Windows\Temp\aria-debug-19892.log => moved successfully
C:\Windows\Temp\aria-debug-20068.log => moved successfully
C:\Windows\Temp\aria-debug-20916.log => moved successfully
C:\Windows\Temp\aria-debug-21424.log => moved successfully
C:\Windows\Temp\aria-debug-2452.log => moved successfully
C:\Windows\Temp\aria-debug-3508.log => moved successfully
C:\Windows\Temp\aria-debug-3732.log => moved successfully
C:\Windows\Temp\aria-debug-3980.log => moved successfully
C:\Windows\Temp\aria-debug-3992.log => moved successfully
C:\Windows\Temp\aria-debug-4236.log => moved successfully
C:\Windows\Temp\aria-debug-4576.log => moved successfully
C:\Windows\Temp\aria-debug-4632.log => moved successfully
C:\Windows\Temp\aria-debug-4676.log => moved successfully
C:\Windows\Temp\aria-debug-4832.log => moved successfully
C:\Windows\Temp\aria-debug-4864.log => moved successfully
C:\Windows\Temp\aria-debug-4932.log => moved successfully
C:\Windows\Temp\aria-debug-5224.log => moved successfully
C:\Windows\Temp\aria-debug-536.log => moved successfully
Could not move "C:\Windows\Temp\aria-debug-6356.log" => Scheduled to move on reboot.
C:\Windows\Temp\aria-debug-6704.log => moved successfully
C:\Windows\Temp\aria-debug-6984.log => moved successfully
C:\Windows\Temp\aria-debug-7200.log => moved successfully
C:\Windows\Temp\aria-debug-7452.log => moved successfully
C:\Windows\Temp\aria-debug-7952.log => moved successfully
C:\Windows\Temp\aria-debug-804.log => moved successfully
C:\Windows\Temp\aria-debug-8132.log => moved successfully
C:\Windows\Temp\aria-debug-8188.log => moved successfully
C:\Windows\Temp\aria-debug-8356.log => moved successfully
Could not move "C:\Windows\Temp\aria-debug-912.log" => Scheduled to move on reboot.
C:\Windows\Temp\aria-debug-940.log => moved successfully
C:\Windows\Temp\aria-debug-984.log => moved successfully
C:\Windows\Temp\aria-debug-9900.log => moved successfully
C:\Windows\Temp\chrome_installer.log => moved successfully
Could not move "C:\Windows\Temp\CMcUploader.log" => Scheduled to move on reboot.
C:\Windows\Temp\CSPInstall.log => moved successfully
C:\Windows\Temp\CSPUninstall.log => moved successfully
C:\Windows\Temp\DBUtil_2_3.Sys => moved successfully
C:\Windows\Temp\dd_vcredist_amd64_20190524093024.log => moved successfully
C:\Windows\Temp\dd_vcredist_amd64_20190524093024_000_vcRuntimeMinimum_x64.log => moved successfully
C:\Windows\Temp\dd_vcredist_amd64_20190524093024_001_vcRuntimeAdditional_x64.log => moved successfully
C:\Windows\Temp\dd_vcredist_amd64_20190524093029.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190307-1522.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1855.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1856.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1858.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1858a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1900.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1920.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1930.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1951.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-1955.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-2014.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190310-2019.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1412.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1413.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1418.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1547.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1620.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190315-1640.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190316-1239.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190316-1239a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190316-1241.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190316-1907.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190316-1910.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1437.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1437a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1438.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1450.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1451.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1452.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190324-1526.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190411-2001.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190411-2009.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190411-2009a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190411-2013.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1728.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1728a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1730.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1750.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1751.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190509-1754.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190513-1812.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190513-1818.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190513-1818a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190513-1821.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-1931.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-1931a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-1934.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-2011.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-2011a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190523-2012.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190524-0918.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190524-0928.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190524-0929.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190524-0938.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1538.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1538a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1538b.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1539.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1545.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1545a.log => moved successfully
Could not move "C:\Windows\Temp\DESKTOP-A799SKB-20190525-1550.log" => Scheduled to move on reboot.
Could not move "C:\Windows\Temp\DESKTOP-A799SKB-20190525-1550a.log" => Scheduled to move on reboot.
C:\Windows\Temp\DMI9D20.tmp => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\HighPerformancePlan.log => moved successfully
C:\Windows\Temp\IIFC68C.tmp => moved successfully
C:\Windows\Temp\IIFD487.tmp => moved successfully
C:\Windows\Temp\IIFDECA.tmp => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092853.log => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092853_000_iclsClientInstaller_x86.log => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092853_001_iclsClientInstaller_x64.log => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092921.log => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092921_000_iclsClientInstaller_x64.log => moved successfully
C:\Windows\Temp\Intel®_Trusted_Connect_Services_Client_20190524092921_001_iclsClientInstaller_x86.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190310190610.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190310190610_001_Driver.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190310190610_002_WiFi.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190524093005.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190524093005_002_Driver.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190524093005_003_WiFi10.log => moved successfully
C:\Windows\Temp\Intel_PROSet_Wireless_Software_20190524093357.log => moved successfully
C:\Windows\Temp\Intel®_PROSet_Wireless_Software_20190310191404.log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190525153844994).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190525154508E94).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(201905251545211FFC).log => moved successfully
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2019052515501137FC).log" => Scheduled to move on reboot.
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2019052515501518D4).log" => Scheduled to move on reboot.
C:\Windows\Temp\PanDhcpDnsInstall.txt => moved successfully
C:\Windows\Temp\PowerPlan.log => moved successfully
C:\Windows\Temp\sedF267.tmp => moved successfully
C:\Windows\Temp\SE_Setup.log => moved successfully
C:\Windows\Temp\tpm-11b0-1c70-51196ddb.tmp => moved successfully
C:\Windows\Temp\TS_C9B5.tmp => moved successfully
C:\Windows\Temp\UsoStoreFile.xml => moved successfully
C:\Windows\Temp\{5559027E-66F9-4FFF-AE1C-E38988A42043} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{BEF636DD-E7CE-4E4F-B994-4C5E384D7183} - OProcSessId.dat => moved successfully
 
========= End -> "C:\Windows\Temp\*.*" ========
 
C:\Users\dylan\OneDrive\Documents\BioWare => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\dylan\OneDrive\Documents\Custom Office Templates => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\dylan\OneDrive\Documents\my games => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\dylan\OneDrive\Documents\Wallpapers => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
irewallRules: [{E8EF0741-7546-46A8-B57B-369903076DDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE78F93E-9B71-4141-B0DD-3C32ED21999C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F3F1EE1-25A1-4C40-A6BB-F822CACE8926}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A8ABE9E-0849-40EF-BDFE-A148D2962C48}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E34E7744-2D09-4289-A6DE-54EA01565042}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46F7574F-5874-4B22-85BE-2A06B614B1DC}" => removed successfully
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-05-2019 15:53:48)
 
C:\Windows\Temp\aria-debug-14332.log => Is moved successfully
C:\Windows\Temp\aria-debug-6356.log => Is moved successfully
C:\Windows\Temp\aria-debug-912.log => Is moved successfully
C:\Windows\Temp\CMcUploader.log => Could not move
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1550.log => Is moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1550a.log => Is moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2019052515501137FC).log => Is moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2019052515501518D4).log => Is moved successfully
 
==== End of Fixlog 15:53:48 ====
 
AdwCleaner's scan didn't find anything. Should I still follow its suggestion of running a basic repair?
 
Rogue Killer said I should download UCheck to deal with outdated software, should I do that?
It didn't find anything either. Here's the report though
 
RogueKiller Anti-Malware V13.2.1.0 (x64) [May 22 2019] (Free) by Adlice Software
Operating System : Windows 10 (10.0.17134) 64 bits
Started in : Normal mode
User : dylan [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190525_202551, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2019/05/25 16:07:58 (Duration : 00:12:04)
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
Thank you


#6 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 25 May 2019 - 07:22 PM

There was a problem starting C:\Windows\System32\LogiLDA.dll.
This error occurs due to the incompatible version Logitech software, more specifically Logitech Download Assistant.
This belongs to the Logitech mouse, one of the most commonly used mouse among the PC users

What is LogiLDA dll file?
The Logitech Download Assistant runs during start-up to detect and download newly released Logitech updates. LogiLDA.dll is a file that belongs to Download Assistant. It is not known to causes problem. ... LogiLDA.dll is a Windows DLL file.

 

Honestly, many people uninstall Logitech assistant.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

AdwCleaner's scan didn't find anything. Should I still follow its suggestion of running a basic repair?

Rogue Killer said I should download UCheck to deal with outdated software, should I do that?
It didn't find anything either. Here's the report though

 

If AdwCleaner didn't find anything no need to go further with that.

 

If you like you can download UCheck when we're finished, good little tool.

 

~~~~~~~~~~~~~~~~~~~`

 

Let's check for remnants

Please download the Malwarebytes Anti-Malware setup file to your Desktop.

OR from this location Here

  • Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
  • Windows Vista, Windows 7 , 8, 8.1 and 10 : Right click and select "Run as Administrator"
  • After the installation IS complete let it update if it asks.
  • Under SETTINGS.....APPLICATIONS leave everything at default
  • Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on.
  • Then go to the Dashboard and click on SCAN NOW
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
    Upon completion of the scan (or after the reboot), click the Reports tab.
    Double-click the Scan Log.
    At the bottom click Export and choose Text file.

    Save the file to your desktop and include its content in your next reply.

    You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
  • Then click on POST
  • Exit Malwarebytes

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

G0tu5D9.pngEmsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.

  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
  • Once the extraction is complete, the EEK folder will open. Right-click on G0tu5D9.pngstart emergency kit scanner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, open EEK again (in the C:\EEK folder);
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;

Please post these 2 logs when finished.

Also, tell me how the computer is now.

 

 


Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#7 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 25 May 2019 - 09:00 PM

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 5/25/19
Scan Time: 7:31 PM
Log File: 56286436-7f5e-11e9-bf6f-8cec4b08e5cd.json
 
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.10772
License: Trial
 
-System Information-
OS: Windows 10 (Build 17134.706)
CPU: x64
File System: NTFS
User: DESKTOP-A799SKB\dylan
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 285024
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 3 min, 46 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
and there was nothing to quarantine with the EEK. So far things are going pretty good. Chrome is going smooth, programs are opening fast. Disk usage went back up to 100% while the scans were running, but that might have been normal for that. Only problem is I can't find Logitech Download Assistant under installed programs to uninstall it. Thank you for the help. Would you be able to explain what is was the fix with FRST did, or would that be a bit difficult to explain in layman's terms? Either way, things seem to be working great now so thank you very much


#8 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 26 May 2019 - 05:27 AM

there was nothing to quarantine with the EEK. So far things are going pretty good. Chrome is going smooth, programs are opening fast. Disk usage went back up to 100% while the scans were running, but that might have been normal for that. Only problem is I can't find Logitech Download Assistant under installed programs to uninstall it. Thank you for the help. Would you be able to explain what is was the fix with FRST did, or would that be a bit difficult to explain in layman's terms? Either way, things seem to be working great now

It's good to see these scans coming up clean.
It's kinda normal for disk usage to be high while these scans are running so don't be alarmed over that.
I found the Logitech run entry in the registry,  it was written to open/run when the computer boots up.  I can create a FRST script to take that out.
 
What we've done with your computer is kind of tidy it up because there really wasn't any malware found.  I saw alot of C:\Windows\Temp files being removed but honestly, don't think that was the issue.



Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.

 

Start::
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

After this, I think we're ready to remove tools and quarantine folders.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#9 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 26 May 2019 - 09:20 PM

Ok, here's the new log

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-05.2019
Ran by dylan (26-05-2019 20:14:10) Run:2
Running from C:\Users\dylan\Downloads
Loaded Profiles: dylan &  (Available Profiles: dylan)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
C:\Windows\Temp\*.*
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Logitech Download Assistant" => removed successfully
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\.ses => moved successfully
C:\Windows\Temp\ApiClient.dll.bak => moved successfully
C:\Windows\Temp\aria-debug-10384.log => moved successfully
C:\Windows\Temp\aria-debug-10560.log => moved successfully
C:\Windows\Temp\aria-debug-11196.log => moved successfully
C:\Windows\Temp\aria-debug-11352.log => moved successfully
C:\Windows\Temp\aria-debug-13640.log => moved successfully
C:\Windows\Temp\aria-debug-14028.log => moved successfully
C:\Windows\Temp\aria-debug-14092.log => moved successfully
C:\Windows\Temp\aria-debug-14952.log => moved successfully
C:\Windows\Temp\aria-debug-15592.log => moved successfully
C:\Windows\Temp\aria-debug-1668.log => moved successfully
C:\Windows\Temp\aria-debug-17312.log => moved successfully
C:\Windows\Temp\aria-debug-2220.log => moved successfully
C:\Windows\Temp\aria-debug-3680.log => moved successfully
C:\Windows\Temp\aria-debug-5896.log => moved successfully
C:\Windows\Temp\aria-debug-6876.log => moved successfully
C:\Windows\Temp\aria-debug-7192.log => moved successfully
Could not move "C:\Windows\Temp\aria-debug-7244.log" => Scheduled to move on reboot.
C:\Windows\Temp\aria-debug-7600.log => moved successfully
C:\Windows\Temp\aria-debug-9440.log => moved successfully
Could not move "C:\Windows\Temp\CMcUploader.log" => Scheduled to move on reboot.
C:\Windows\Temp\DBUtil_2_3.Sys => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1553.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1558.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1637.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1748.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1802.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-1944.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-2050.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-2055.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-2118.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190525-2123.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-1933.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-1936.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-1936a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-1939.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-1939a.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-2001.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-2002.log => moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-2003.log => moved successfully
Could not move "C:\Windows\Temp\DESKTOP-A799SKB-20190526-2014.log" => Scheduled to move on reboot.
C:\Windows\Temp\DMIF280.tmp => moved successfully
Could not move "C:\Windows\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
Could not move "C:\Windows\Temp\FXSTIFFDebugLogFile.txt" => Scheduled to move on reboot.
C:\Windows\Temp\msvcp140.dll.bak => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(201905262001453CE8).log => moved successfully
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(201905262014131C4C).log" => Scheduled to move on reboot.
C:\Windows\Temp\StreamServer.dll.bak => moved successfully
C:\Windows\Temp\vcruntime140.dll.bak => moved successfully
C:\Windows\Temp\{87A47E23-28F7-44A0-88A4-FFE8583E545D} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{F3B131D3-39E2-4BF1-8535-DC96A25D7A20} - OProcSessId.dat => moved successfully
 
========= End -> "C:\Windows\Temp\*.*" ========
 
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-05-2019 20:19:14)
 
C:\Windows\Temp\aria-debug-7244.log => Is moved successfully
C:\Windows\Temp\CMcUploader.log => Is moved successfully
C:\Windows\Temp\DESKTOP-A799SKB-20190526-2014.log => Is moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => Is moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => Is moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(201905262014131C4C).log => Is moved successfully
 
==== End of Fixlog 20:19:14 ====


#10 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 27 May 2019 - 04:13 AM

If everything is ok
  • Please download DelFix or from Here and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
  • Activate UAC
  • Remove disinfection tools
  • Click the Run button.
  • -- This will remove the specialized tools we used to disinfect your system.
    Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
    ).
*****************
  • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
  • E8I37RF.pngCryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
  • 6YRrgUC.pngMalwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
  • jv4nhMJ.pngNoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
  • 3O8r9Uq.png Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
  • DgW1XL2.pngSecunia PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
  • j1OLIec.pngSpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
  • sHjS79L.pngUnchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

    Advertisements

Register to Remove


#11 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 28 May 2019 - 08:15 PM

Unfortunately, things seem to have suddenly gotten bad again. Turned my laptop on today and it's back to everything running slow and taking a while to launch while disk usage is at 100%. No idea what happened between turning it off last night and now.



#12 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 28 May 2019 - 08:26 PM

Actually, it seems to be working fine again now. Sorry I overreacted. I guess it just takes 10 minutes to calm down after being turned on? If it starts getting bad again later tonight I'll post again, otherwise assume everything's fine after 10 minutes or so.



#13 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 29 May 2019 - 04:46 AM

I guess it just takes 10 minutes to calm down after being turned on?

 
Some machines can take a few minutes.
When you see disk usage at 100%, open task manager and try to locate what process is taking the most CPU at that time so maybe what ever it is can be identified.
 
Could be your system antivirus, or other tools updating.
 
read over this link
https://support.hp.c...ument/c03671001
 
scroll to

Opening Task Manager to view more details (tabs)
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#14 Fredbob392

Fredbob392

    New Member

  • Authentic Member
  • Pip
  • 11 posts

Posted 31 May 2019 - 05:07 PM

Quite a few different things have been taking up CPU. System, Chrome, McAfee, EA Origin, Skype apparently, even though I'm pretty sure I don't have Skype installed. Chrome and System are the worst by far though.



#15 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,374 posts
  • Interests:Boo!....
  • MVP

Posted 31 May 2019 - 06:25 PM

System, Chrome, McAfee, EA Origin (Electronic Arts games), Skype

For Chrome read over the below link to see if it can offer any suggestions.
https://www.bleeping...-memory-or-cpu/

~~~~~~~~~~
McAfee is going to use high CPU every time it auto-updates, this can be as often as once an hour and then seem to take forever to do it's tasks..
If it's like other security suites,  its going to become a resources hog at that time.
You can check if it needs to update by opening the McAfee control panel and clicking on the update button.
 
~~~~~~~~~~
For Skype, I did find entries for this program in your previous FRST logs, might have been an auto update download through Microsoft updates but can't say for sure.  On occasion Microsoft has squeezed something in some people didn't see coming,  just saying.
I have seen updates for Skype on my machine when running the tool to see which ones I needed.
 
I created a script for FRST that can take out the entries for Skype so that wont be running in the back ground.

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Highlight the entire content of the quote box below and select Copy.

 

Start::
CloseProcesses:
CreateRestorePoint:
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-05-09] (Microsoft Corporation -> Microsoft Corporation)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users