Hi.
These are my first comments/instructions regarding your logs:
1. Windows Insider?
Are you a Windows Insider? This is what is shown in your logs:
Windows 10 Home Single Language Version Dev 21370.1
2. RAM
It seems that the RAM in use is 86%. This means that the computer can't function properly. We will see how it's going and discuss this at the end of the procedure.
3. Hard disk limited space
It seems that C, the drive with the operating system installed, has only 11 GB free. The computer can't run properly with such a limited space and you will have a problem with installing updates very soon.
4. Pirated programs
Please, uninstall any pirated/cracked/not legally activated programs. Having such programs is the best and easiest way to install malware in your computer.
5. Uninstall an app
Press Start button, find the following app, right click on it and select Uninstall:
McAfee® Personal Security
6. Uninstall an Edge extension
Open Edge, press the 3 horizontal dots at the upper right corner and select Extensions. Find the following one, and remove it:
McAfee® WebAdvisor
7. FRST fix
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
- Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\91709\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\91709\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ContextMenuHandlers1_S-1-5-21-2768028787-2044878470-836221256-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2768028787-2044878470-836221256-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll -> No File
SearchScopes: HKU\S-1-5-21-2768028787-2044878470-836221256-1001 -> DefaultScope {90037DE7-7B1B-44CD-964C-1B7D550DD7E0} URL =
SearchScopes: HKU\S-1-5-21-2768028787-2044878470-836221256-1001 -> {90037DE7-7B1B-44CD-964C-1B7D550DD7E0} URL =
FirewallRules: [UDP Query User{4C02F474-76C9-455B-883B-CC7C6823D754}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe => No File
FirewallRules: [TCP Query User{B3F3443F-F068-460E-939D-3BD90C14A859}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe => No File
FirewallRules: [{1704D8E8-A361-4216-A923-288D3D05CAD0}] => (Allow) D:\GTA\GTA V\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [{A11E34F2-52BB-4CE9-B5C7-273D227436B7}] => (Allow) D:\GTA\GTA V\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [{5BD48D88-4CE2-4E99-B83E-0BB4A82362E2}] => (Allow) D:\GTA\GTA V\Run_GTAV.exe => No File
FirewallRules: [{83CB345C-1423-423C-BE8F-586AC35C8F58}] => (Allow) D:\GTA\GTA V\Run_GTAV.exe => No File
FirewallRules: [{586BD10B-6EC7-447E-873F-1F57CF83D230}] => (Allow) D:\GTA\GTA V\GTA5.exe => No File
FirewallRules: [{0780DF22-F952-4278-A10E-43F94F61C21C}] => (Allow) D:\GTA\GTA V\GTA5.exe => No File
FirewallRules: [TCP Query User{8BA95E40-CCAC-4BD5-B160-BD6BA2CEA2A6}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe => No File
FirewallRules: [UDP Query User{BCC16BE9-F6CE-4B89-B822-DC30036A0E86}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-05-08]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {B3C9C90C-EE12-4B8C-9A3F-4429C344FBC1} - System32\Tasks\Microsoft\Office\Osktpapi => rundll32 C:\ProgramData\MenuGoogle\ZWka0t_Wjeamip.dll,Sfstem_Workflow_Runessp
C:\ProgramData\MenuGoogle
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-04-30] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [531896 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385464 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107448 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2021-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [91576 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1019832 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82360 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
S3 MpKsldeb9ed07; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{404DBFAF-60E2-471F-8CA2-6D9BABB33351}\MpKslDrv.sys [X]
C:\ProgramData\Xnqfxq
C:\Program Files\McAfee\
C:\Program Files\Common Files\McAfee
C:\WINDOWS\System32\drivers\mfeaack.sys
C:\WINDOWS\System32\drivers\mfeavfk.sys
C:\WINDOWS\System32\DRIVERS\mfedisk.sys
C:\WINDOWS\System32\drivers\mfeelamk.sys
C:\WINDOWS\System32\drivers\mfefirek.sys
C:\WINDOWS\System32\drivers\mfehck.sys
C:\WINDOWS\System32\drivers\mfehidk.sys
C:\WINDOWS\system32\DRIVERS\mfenlfk.sys
C:\WINDOWS\System32\drivers\mfeplk.sys
C:\WINDOWS\System32\drivers\mfewfpk.sys
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\nlansp_c.dll [83456 2021-04-25] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [126976 2021-04-25] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
cmd: netsh winsock reset
RemoveProxy:
EmptyTemp:
End::
- Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
- Press the Fix button once and wait.
- FRST will process fixlist.txt
- When finished, it will produce a log fixlog.txt on your Desktop.
- Please post the log in your next reply.
In your next reply please post:
- Your reply to point 1
- Which programs did you uninstall
- If you had any problems uninstalling the app and the extension
- The fixlog.txt