Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware or Registry Issue


  • Please log in to reply

#16
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Sorry.  I had attached the logs as text files.  Here is the content.

I had forgotten about the Latency Monitor.  I'll run that next.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-11-2019
Ran by srone (13-11-2019 19:01:27) Run:1
Running from C:\Users\srone\Desktop
Loaded Profiles: srone (Available Profiles: srone)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
S2 Parclass; C:\Windows\SysWOW64\Drivers\Parclass.sys [19824 2000-04-04] (Microsoft Corporation) [File not signed]
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
2019-10-30 12:16 - 2019-10-30 12:16 - 000000000 ____D C:\Users\srone\AppData\Roaming\Accubid
2019-10-30 11:54 - 2005-06-14 12:01 - 000296448 _____ (Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\Drivers\hardlock.sys
2019-10-30 11:53 - 2019-11-02 22:24 - 000000000 ____D C:\Program Files (x86)\Accubid data
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer =========
 
A subdirectory or file C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer already exists.
 
========= End of CMD: =========
 
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database =========
 
A subdirectory or file C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database already exists.
 
========= End of CMD: =========
 
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job => moved successfully
HKLM\System\CurrentControlSet\Services\Parclass => removed successfully
Parclass => service removed successfully
HKLM\System\CurrentControlSet\Services\Hardlock => removed successfully
Hardlock => service removed successfully
C:\Users\srone\AppData\Roaming\Accubid => moved successfully
C:\WINDOWS\system32\Drivers\hardlock.sys => moved successfully
C:\Program Files (x86)\Accubid data => moved successfully
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 19:02:55 ====

  • 0

Advertisements


#17
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 13-11-2019
Ran by srone (13-11-2019 19:17:46) Run:2
Running from C:\Users\srone\Desktop
Loaded Profiles: srone (Available Profiles: srone)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
S2 Parclass; C:\Windows\SysWOW64\Drivers\Parclass.sys [19824 2000-04-04] (Microsoft Corporation) [File not signed]
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
2019-10-30 12:16 - 2019-10-30 12:16 - 000000000 ____D C:\Users\srone\AppData\Roaming\Accubid
2019-10-30 11:54 - 2005-06-14 12:01 - 000296448 _____ (Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\Drivers\hardlock.sys
2019-10-30 11:53 - 2019-11-02 22:24 - 000000000 ____D C:\Program Files (x86)\Accubid data
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer =========
 
A subdirectory or file C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer already exists.
 
========= End of CMD: =========
 
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database =========
 
A subdirectory or file C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database already exists.
 
========= End of CMD: =========
 
"C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job" => not found
"C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job" => not found
"C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job" => not found
Parclass => service not found.
Hardlock => service not found.
"C:\Users\srone\AppData\Roaming\Accubid" => not found
"C:\WINDOWS\system32\Drivers\hardlock.sys" => not found
"C:\Program Files (x86)\Accubid data" => not found
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 19:19:03 ====

  • 0

#18
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Attached latency monitor hard page faults.

Attached Files


  • 0






Similar Topics

9 user(s) are reading this topic

0 members, 9 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP