Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HP Laptop really slow

Started by fonzy , May 04 2021 12:24 PM

  • Please log in to reply

#16
fonzy
Posted 11 May 2021 - 06:07 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-05-2021
Ran by cstar (11-05-2021 12:55:18) Run:3
Running from C:\Users\charl\OneDrive\Desktop
Loaded Profiles: cstar & charl
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: sc stop "Origin Web Helper Service"
CMD: sc config "Origin Web Helper Service" start= disabled
CMD: sc stop "Origin Client Service"
CMD: sc config "Origin Client Service" start= disabled
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= sc stop "Origin Web Helper Service" =========
 
 
SERVICE_NAME: Origin Web Helper Service 
        TYPE               : 10  WIN32_OWN_PROCESS  
        STATE              : 3  STOP_PENDING 
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x4
        WAIT_HINT          : 0x0
 
========= End of CMD: =========
 
 
========= sc config "Origin Web Helper Service" start= disabled =========
 
[SC] ChangeServiceConfig SUCCESS
 
========= End of CMD: =========
 
 
========= sc stop "Origin Client Service" =========
 
[SC] ControlService FAILED 1062:
 
The service has not been started.
 
 
========= End of CMD: =========
 
 
========= sc config "Origin Client Service" start= disabled =========
 
[SC] ChangeServiceConfig SUCCESS
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 12:56:14 ====

  • 0

Advertisements

#17
fonzy
Posted 11 May 2021 - 06:22 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2021
Ran by cstar (11-05-2021 13:13:58)
Running from C:\Users\charl\OneDrive\Desktop
Windows 10 Home Version 20H2 19042.928 (X64) (2021-02-10 19:25:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3915671219-3013150676-4290985535-500 - Administrator - Disabled)
charl (S-1-5-21-3915671219-3013150676-4290985535-1003 - Limited - Enabled) => C:\Users\charl
cstar (S-1-5-21-3915671219-3013150676-4290985535-1001 - Administrator - Enabled) => C:\Users\cstar
DefaultAccount (S-1-5-21-3915671219-3013150676-4290985535-503 - Limited - Disabled)
defaultuser1 (S-1-5-21-3915671219-3013150676-4290985535-1007 - Limited - Enabled) => C:\Users\defaultuser1.CHARLIE-LAPTOP
Guest (S-1-5-21-3915671219-3013150676-4290985535-501 - Limited - Disabled)
holly (S-1-5-21-3915671219-3013150676-4290985535-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3915671219-3013150676-4290985535-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-a77e5c69-8230-4eb6-aa02-65002b4b86cb) (Version: 3.0.2.59 - WildTangent) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-4932acc3-ccaa-461b-afa1-b952769bfca6) (Version: 2.2.0.110 - WildTangent) Hidden
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
ELAN Touchpad 18.2.13.1_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.13.1 - ELAN Microelectronic Corp.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Express Animate (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\ExpressAnimate) (Version: 4.06 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{04ec2b32-255d-418f-b6ca-dec62b872f5d}) (Version: 1.3.60.240 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.5.32.203 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{05f918ac-9392-4f5d-8399-68c4c70550b0}) (Version: 19.60.1 - Intel Corporation)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-cc693ae0-2c2f-4377-96d3-bdc78b0cc31e) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13929.20296 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.56 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MixPad Multitrack Recording Software (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\MixPad) (Version: 5.98 - NCH Software)
Movavi Video Editor 15 Plus (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Movavi Video Editor 15 Plus) (Version: 15.4.0 - Movavi)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20296 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.97.47554 - Electronic Arts, Inc.)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-27266199-ac8c-4915-ad18-0107864fc9e4) (Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-fa0826e4-b676-4470-82bf-533487b89040) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.150 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Roblox Player for charl (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for charl (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\roblox-studio) (Version:  - Roblox Corporation)
Runefall (HKLM-x32\...\WTA-fd856dda-843f-4844-b994-d3b60de3f367) (Version: 3.0.2.126 - WildTangent) Hidden
Smilebox (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Smilebox) (Version: 1.0.0.33152 - Smilebox, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.72.28.1030 - Electronic Arts Inc.)
Trinklit Supreme (HKLM-x32\...\WTA-b66ab1db-4610-4b63-8522-58c4254277ad) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VideoPad Video Editor (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\VideoPad) (Version: 7.24 - NCH Software)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Zoom (HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.33.4.0_x86__kgqvnymyfvs32 [2020-03-31] (king.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2019-07-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-10] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-05-04] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.2.5.0_x64__kx24dqmazqk8j [2021-05-04] (Random Salad Games LLC)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3915671219-3013150676-4290985535-1003_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\charl\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3915671219-3013150676-4290985535-1003_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\charl\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-05-06 16:02 - 2021-05-06 16:02 - 000157696 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\1caa2f2e615e351aca63317f29fd8ce3\BRIDGECommon.ni.dll
2021-05-06 16:21 - 2021-05-06 16:21 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\e300a89c35b22962ebf516eaba68f98b\BridgeExtension.ni.dll
2021-05-06 16:21 - 2021-05-06 16:21 - 000343552 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\503b5a2461120912f6473fd485fa868f\CleanStartController.ni.dll
2021-05-06 16:22 - 2021-05-06 16:22 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f7bd748a9acba01efc64a02cf57764ac\Interop.IWshRuntimeLibrary.ni.dll
2021-05-06 16:21 - 2021-05-06 16:21 - 000070656 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\3f07bf7ee7d59257bd66654b2e62e9fd\NativeInterop.ni.dll
2021-05-06 16:22 - 2021-05-06 16:22 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\75fa5cc812ec0f5b2a71b1a84ecede1e\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-05-06 16:21 - 2021-05-06 16:21 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\1ae9bfd47f983f53412e2ec6611b8971\CommonPortable.ni.dll
2021-05-06 16:22 - 2021-05-06 16:22 - 001585664 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\152aaa9139cbd7f3bda75a3181ead06d\NAudio.ni.dll
2021-05-06 16:02 - 2021-05-06 16:02 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\31e92db78499310665c1154ac69e4872\Newtonsoft.Json.ni.dll
2021-05-06 16:22 - 2021-05-06 16:22 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\1a337ece96259812fb823e64a5cfd5ea\log4net.ni.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.com
hxxp://hp13.msn.com
SearchScopes: HKLM -> {BD7622EA-8221-42CA-A62A-F55EDA40F894} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {BD7622EA-8221-42CA-A62A-F55EDA40F894} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\sharepoint.com -> hxxps://denefieldschool-files.sharepoint.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cstar\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\backgrounddefault.jpg
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\charl\OneDrive\Desktop\Taylor-Swift (1).jpg
HKU\S-1-5-21-3915671219-3013150676-4290985535-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\StartupApproved\Run: => "SmileboxTray"
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\StartupApproved\Run: => "EADM"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5C8C0DC5-F39B-429D-8B24-3BAA2A2BA41B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D84BE4B-8CD6-4E61-95A4-A302D46D9B6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{811E943C-5CC5-4B31-9C06-EE65A46A7B7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9916855E-EF73-4E9E-9627-343ABC884E64}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{C9931502-6755-4852-A4C8-84D07242FA67}C:\users\charl\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\charl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B55BB93A-C47E-419C-973A-0B9A2A43856C}C:\users\charl\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\charl\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{64D4649A-DE11-4719-9240-CC809A962B3E}C:\users\charl\appdata\roaming\zoom\bin\airhost.exe] => (Block) C:\users\charl\appdata\roaming\zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C94BC659-569A-4A0D-97FB-98B80B3C0A82}C:\users\charl\appdata\roaming\zoom\bin\airhost.exe] => (Block) C:\users\charl\appdata\roaming\zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A50E895A-F116-4848-A1F7-792E6A3C35EA}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{CC26F3C3-EC66-40BF-AEFF-0083D8C86594}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{F4947508-67DC-4E43-8F13-DA95D78E655E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5738489F-3F84-49B1-A97E-37DFF2AA2E19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38260D83-C0F2-49F7-A1AE-0E5AB6929FDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EBF9E09-B494-42F2-A424-5D61B23AD468}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3E6269A-9943-4AE0-B127-D1837838A72E}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc. -> HP Inc.)
FirewallRules: [{6E34DDF9-81E6-4487-8FE9-9F934E8C9A5B}] => (Allow) LPort=13148
FirewallRules: [{40E25B42-91C2-439C-8E8F-5AB78EFC4A1C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{4188A434-EE3B-4CEB-AF0A-A75B6A884AAB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{08A5DE64-BEBE-49FA-9415-4E35C9E5A553}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{1B24180D-3DCF-4E25-8D89-085465A41424}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{8A79D20E-27AB-4CAC-9A6F-2BB534B3A07E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF097BDE-7291-4F4E-A575-F55C1EBD4E23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{43278228-FDB3-4C2F-B135-FEC2DCD872F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8ACC0576-0FE1-46B4-B77E-270493804344}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3EFC83F-B40B-4F58-8714-FEEF6CC2C932}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBA5A2AA-C43F-48A4-B894-AF5036EDB92A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C8C89A0-AC63-4628-BA7C-682615C1170A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDEF47EB-B857-42CB-A836-702F6163DC03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC161E99-5115-4FBB-B64D-4BB61FA65ECA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDE52021-4762-42E3-8311-580AA3CFCE3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B315ED45-25D7-43F3-A13D-D148CA78EAEF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{04857658-D87F-4D15-AB58-879A72724D34}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{545452B7-C78C-486F-B478-D106B38F40E5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75470606-74A5-41FB-BFB8-99DABCAE5FB5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69215CC9-466D-4A26-9E2A-5E5D2E05C1D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9EA9C1DF-1AE0-4DAA-8A66-B3A5588C25B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D3E23101-066E-400D-ACB0-853894DAC628}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E1253B83-4514-4058-8CDD-C3CCAE4B2A82}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB981924-65E1-4363-84C9-192C3FB81037}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
26-04-2021 15:52:55 Windows Modules Installer
04-05-2021 21:22:33 Windows Modules Installer
05-05-2021 16:33:36 O&O ShutUp10
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (05/11/2021 01:09:29 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (05/11/2021 01:04:56 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} did not register with DCOM within the required timeout.
 
Error: (05/11/2021 12:56:28 PM) (Source: DCOM) (EventID: 10010) (User: CHARLIE-LAPTOP)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.10 07/28/2017
Motherboard: HP 8367
Processor: Intel® Core™ i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8077.22 MB
Available physical RAM: 3820.89 MB
Total Virtual: 9357.22 MB
Available Virtual: 4758.96 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:915.14 GB) (Free:790.06 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.14 GB) (Free:1.81 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{9937a385-788e-4fb4-9980-2788d1ebcf18}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.44 GB) NTFS
\\?\Volume{666d7029-a0a4-455e-8199-9a14441f31a8}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B38C9083)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#18
fonzy
Posted 11 May 2021 - 06:22 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2021
Ran by cstar (administrator) on CHARLIE-LAPTOP (HP HP Pavilion Laptop 15-cc5xx) (11-05-2021 13:08:58)
Running from C:\Users\charl\OneDrive\Desktop
Loaded Profiles: cstar & charl
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\charl\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\charl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\charl\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe\YourPhone.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3657408 2017-06-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Run: [SmileboxTray] => C:\Users\charl\AppData\Roaming\Smilebox\SmileboxTray.exe [378760 2019-03-12] (Smilebox,Inc. -> Smilebox, Inc.)
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144760 2021-04-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3915671219-3013150676-4290985535-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\charl\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-05-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3915671219-3013150676-4290985535-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05B86CAC-2314-457B-99EC-0E833D039DC5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0AD985B1-F1E9-4E44-B965-50FFBCE95AD1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1148448 2016-12-07] (HP Inc. -> HP Inc.)
Task: {178AAA41-6024-45B4-9E3A-2A64A5C8CAF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A6A18B7-CFC9-4463-B65A-3A6C403A79F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-13] (Google LLC -> Google LLC)
Task: {2016191B-2CA7-443D-8B86-BC24D0C8D78E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2040C6E8-2D26-455B-A212-8AEE31B561BF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3F1A6EBD-2800-426F-A597-EC97E2DC4776} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A0FD709-4370-4927-835C-9CBF9914A474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [621600 2016-12-06] (HP Inc. -> HP Inc.)
Task: {4E46D38D-CED5-4255-BF62-8B8D2DEBA87D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {56C4C716-A684-4337-9869-A07B2C38AB4D} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356648 2017-01-12] (HP Inc. -> HP Development Company, L.P.)
Task: {576C991C-0FD7-43D1-A9D3-15AED1C4C74B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {694185E9-B992-479C-832C-247A08E795F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1075744 2016-12-06] (HP Inc. -> HP Inc.)
Task: {6FC5439A-7EFB-40AC-8B07-CE88EC2A0CFE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1148448 2016-12-07] (HP Inc. -> HP Inc.)
Task: {6FD64561-B55B-4489-BA69-896572DA9E1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-12-06] (HP Inc. -> HP Inc.)
Task: {74B67022-ABA8-4E40-820F-4EFFB6A41A9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [196968 2016-12-06] (HP Inc. -> HP Inc.)
Task: {98365D60-770B-4518-A637-340FB6B62A9B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-12-06] (HP Inc. -> HP Inc.)
Task: {B39562A4-B3D9-423C-B250-0693CCA6341C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1120696 2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4982C01-F36E-4221-BD47-B79A0989D4E3} - System32\Tasks\DropboxUpdateTaskMachineCore1d489842837318d => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B79E59FF-8948-4D6B-A9FF-90632A1DA9A0} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {BF32C9A9-EAED-41FC-82BA-445F26E691C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CEEFC064-686E-4C3D-997E-73D6C60FF5C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9D1092E-C075-47B9-AC56-5C1FB63A7EDA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E188EA89-2509-4E6D-A53B-42D425C32727} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-28] (Dropbox, Inc -> DropboxOEM)
Task: {E3479766-BD70-4ACB-AF62-3D99ECC63565} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1075744 2016-12-06] (HP Inc. -> HP Inc.)
Task: {F24BD4FC-7511-48E4-81F2-1495D6DA6BD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F57A4491-280A-4EC6-9750-B9D8AB5E3A67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-13] (Google LLC -> Google LLC)
Task: {F952D223-6C14-4777-AEAF-AAC5395CEB64} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {FAD7AE50-AF1D-4B4A-9F9C-9FDEE072976D} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d489842837318d.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{075670c8-69b9-4fd9-90fd-de7e9764d89f}: [DhcpNameServer] 192.168.0.1
 
Edge: 
=======
Edge Notifications: HKU\S-1-5-21-3915671219-3013150676-4290985535-1003 -> hxxps://blox.land
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\cstar\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-04]
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-11-23] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-3915671219-3013150676-4290985535-1003: @zoom.us/ZoomVideoPlugin -> C:\Users\charl\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-12] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default [2021-05-05]
CHR Extension: (Slides) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-13]
CHR Extension: (Docs) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-13]
CHR Extension: (Google Drive) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-05]
CHR Extension: (YouTube) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-13]
CHR Extension: (Sheets) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-13]
CHR Extension: (Google Docs Offline) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-05]
CHR Extension: (Gmail) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\cstar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-05]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8469592 2020-03-31] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-03-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-11-23] (WildTangent Inc -> WildTangent)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3394072 2017-03-01] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2397816 2017-04-27] (Intel Corporation - pGFX -> Intel Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2545752 2021-04-25] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3485784 2021-04-25] (Electronic Arts, Inc. -> Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe [2599312 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe [128376 2021-05-10] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 MpKsla08532db; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E2E2A17-62F5-4FAB-85BD-D5144F11FFE7}\MpKslDrv.sys [107744 2021-05-11] (Microsoft Windows -> Microsoft Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
U3 aspnet_state; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-11 12:58 - 2021-05-11 12:58 - 000000000 ___HD C:\ProgramData\temp
2021-05-07 10:24 - 2021-05-07 10:24 - 000000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2021-05-07 10:24 - 2021-05-07 10:24 - 000000726 _____ C:\Users\cstar\Desktop\Windows 10 Update Assistant.lnk
2021-05-07 10:24 - 2021-05-07 10:24 - 000000000 ____D C:\Windows10Upgrade
2021-05-05 16:32 - 2021-05-05 16:32 - 000000000 ____D C:\Users\cstar\AppData\Local\OO Software
2021-05-05 16:31 - 2021-05-05 16:32 - 001403760 _____ (O&O Software GmbH) C:\Users\charl\Downloads\OOSU10.exe
2021-05-05 16:28 - 2021-05-05 16:28 - 000000000 ____D C:\Users\charl\AppData\Roaming\Intel Corporation
2021-05-05 16:22 - 2021-05-05 16:22 - 000002346 _____ C:\Users\Public\Desktop\Intel® Rapid Storage Technology.lnk
2021-05-05 16:22 - 2021-05-05 16:22 - 000002346 _____ C:\ProgramData\Desktop\Intel® Rapid Storage Technology.lnk
2021-05-05 16:22 - 2021-05-05 16:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-05-05 16:22 - 2021-05-05 16:22 - 000000000 ____D C:\Users\cstar\AppData\Roaming\Intel Corporation
2021-05-05 16:21 - 2021-05-05 16:21 - 000000000 ____D C:\Users\cstar\Intel
2021-05-05 16:18 - 2021-05-05 16:20 - 017936232 _____ (HP Inc.) C:\Users\charl\Downloads\sp81262.exe
2021-05-05 15:15 - 2021-05-05 15:15 - 000000414 _____ C:\Users\charl\Downloads\fixlist (1).txt
2021-05-05 13:37 - 2021-05-10 16:52 - 000000000 ____D C:\Users\charl\AppData\Local\CrashDumps
2021-05-05 13:13 - 2021-05-05 13:13 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\charl\Downloads\LatencyMon.exe
2021-05-05 13:13 - 2021-05-05 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-05-05 13:13 - 2021-05-05 13:13 - 000000000 ____D C:\Program Files\LatencyMon
2021-05-05 13:13 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-05-05 12:22 - 2021-05-05 12:21 - 000136843 _____ C:\Users\cstar\Documents\Speccy.txt
2021-05-05 12:21 - 2021-05-05 12:29 - 000136796 _____ C:\Users\cstar\Desktop\Speccy.txt
2021-05-05 12:18 - 2021-05-05 12:18 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-05-05 12:18 - 2021-05-05 12:18 - 000000844 _____ C:\ProgramData\Desktop\Speccy.lnk
2021-05-05 12:18 - 2021-05-05 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-05-05 12:18 - 2021-05-05 12:18 - 000000000 ____D C:\Program Files\Speccy
2021-05-05 12:16 - 2021-05-05 12:16 - 008234296 _____ (Piriform Software Ltd) C:\Users\charl\Downloads\spsetup132.exe
2021-05-05 11:34 - 2021-05-05 11:34 - 000016688 _____ C:\junk.txt
2021-05-05 11:30 - 2021-05-05 11:30 - 000023613 _____ C:\Users\cstar\Desktop\procexp.txt
2021-05-05 11:28 - 2021-05-05 11:28 - 000024645 _____ C:\Users\cstar\Desktop\Registry.txt
2021-05-05 11:25 - 2021-05-05 11:25 - 000036200 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-05-05 10:43 - 2021-05-05 10:43 - 000000414 _____ C:\Users\charl\Downloads\fixlist.txt
2021-05-04 22:05 - 2021-05-04 22:05 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-04 22:02 - 2021-05-04 22:02 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-04 22:01 - 2021-05-04 22:01 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-04 21:10 - 2021-05-04 21:10 - 000000000 ____D C:\Users\cstar\AppData\LocalLow\IGDump
2021-05-04 19:37 - 2021-05-04 19:37 - 000000000 ____D C:\Users\charl\AppData\Local\mbam
2021-05-04 19:24 - 2021-05-04 19:24 - 002078632 _____ (Malwarebytes) C:\Users\charl\Downloads\MBSetup.exe
2021-05-04 19:01 - 2021-05-04 19:18 - 000039566 _____ C:\Users\cstar\Desktop\Addition.txt
2021-05-04 18:47 - 2021-05-04 19:18 - 000028799 _____ C:\Users\cstar\Desktop\FRST.txt
2021-05-04 18:44 - 2021-05-11 13:10 - 000000000 ____D C:\FRST
2021-05-04 18:43 - 2021-05-04 18:42 - 002298368 _____ (Farbar) C:\Users\cstar\Desktop\FRST64.exe
2021-05-04 18:42 - 2021-05-04 18:42 - 002298368 _____ (Farbar) C:\Users\cstar\Downloads\FRST64.exe
2021-05-04 18:15 - 2021-05-04 18:15 - 000000020 ___SH C:\Users\cstar\ntuser.ini
2021-04-15 20:54 - 2021-04-15 21:14 - 087628984 _____ C:\Users\charl\Downloads\Taylor Swift-1989 World Tour (3).zip
2021-04-15 20:53 - 2021-04-15 21:11 - 087910734 _____ C:\Users\charl\Downloads\Taylor Swift-1989 World Tour (4).zip
2021-04-15 20:49 - 2021-04-15 21:15 - 083020536 _____ C:\Users\charl\Downloads\Taylor Swift-1989 World Tour (1).zip
2021-04-15 20:43 - 2021-04-15 21:14 - 082168861 _____ C:\Users\charl\Downloads\Taylor Swift-1989 World Tour.zip
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-05-11 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-11 13:05 - 2017-12-26 13:54 - 000000000 ___RD C:\Users\charl\OneDrive
2021-05-11 13:04 - 2017-12-26 13:43 - 000000000 __SHD C:\Users\charl\IntelGraphicsProfiles
2021-05-11 13:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-11 12:58 - 2021-02-10 20:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-11 12:58 - 2021-02-10 19:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-11 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-11 12:56 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-05-10 18:54 - 2021-02-10 19:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-10 15:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-10 15:43 - 2019-02-02 14:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-09 15:07 - 2020-06-26 09:06 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-09 15:07 - 2020-06-26 09:06 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-09 15:07 - 2020-06-26 09:06 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-06 18:19 - 2017-12-26 15:47 - 000000000 ____D C:\Users\charl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-05-06 16:20 - 2019-07-06 07:47 - 000000000 ____D C:\Users\charl\AppData\Local\D3DSCache
2021-05-06 16:03 - 2018-12-02 10:03 - 000000000 ____D C:\Users\charl\AppData\Local\Packages
2021-05-05 16:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-05 16:22 - 2018-12-01 15:03 - 000000000 ____D C:\Program Files\Intel
2021-05-05 16:21 - 2021-02-10 19:15 - 000000000 ____D C:\Users\cstar
2021-05-05 16:21 - 2017-06-13 16:07 - 000000000 ____D C:\SWSetup
2021-05-05 15:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-05 14:13 - 2021-02-10 19:14 - 000885796 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-05 13:36 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-05 11:23 - 2021-02-10 19:15 - 000000000 ____D C:\Users\defaultuser1.CHARLIE-LAPTOP
2021-05-05 10:55 - 2018-12-01 15:43 - 000000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d489842837318d.job
2021-05-05 10:55 - 2017-06-13 07:30 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-05 10:31 - 2021-02-10 20:23 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 10:31 - 2021-02-10 20:23 - 000003804 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore1d489842837318d
2021-05-05 08:22 - 2020-01-13 20:55 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-05 08:22 - 2020-01-13 20:55 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-05 08:22 - 2020-01-13 20:55 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-05 08:18 - 2021-02-10 19:06 - 000342056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-05 08:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-05 07:05 - 2021-02-10 19:15 - 000000000 ____D C:\Users\charl
2021-05-04 22:00 - 2021-02-10 19:10 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-05-04 21:09 - 2020-09-30 16:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-04 20:46 - 2019-07-06 12:29 - 000000000 ____D C:\Users\cstar\AppData\Local\packages
2021-05-04 20:44 - 2020-01-13 20:42 - 000000000 ____D C:\Users\cstar\AppData\Local\Publishers
2021-05-04 19:32 - 2020-03-31 19:20 - 000000000 ____D C:\Users\charl\AppData\Local\NVIDIA Corporation
2021-05-04 19:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-04 19:14 - 2020-03-31 19:08 - 000000000 ____D C:\Users\cstar\AppData\Local\NVIDIA Corporation
2021-05-04 19:04 - 2017-06-13 07:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-04 18:59 - 2020-05-05 18:44 - 000000000 ____D C:\ProgramData\Origin
2021-05-04 18:57 - 2020-05-05 18:44 - 000000000 ____D C:\Users\charl\AppData\Roaming\Origin
2021-05-04 18:53 - 2020-05-05 18:44 - 000000000 ____D C:\Users\charl\AppData\Local\Origin
2021-05-04 18:40 - 2021-02-10 20:23 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3915671219-3013150676-4290985535-1001
2021-05-04 18:40 - 2021-02-10 19:15 - 000002374 _____ C:\Users\cstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-04 18:40 - 2017-12-26 12:53 - 000000000 ___RD C:\Users\cstar\OneDrive
2021-05-04 18:33 - 2020-03-31 13:04 - 000000000 ____D C:\Users\cstar\AppData\Local\D3DSCache
2021-05-04 18:20 - 2020-01-13 20:41 - 000000000 ___RD C:\Users\cstar\3D Objects
2021-05-04 18:20 - 2017-03-18 04:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-05-04 18:16 - 2017-12-26 12:48 - 000000000 __SHD C:\Users\cstar\IntelGraphicsProfiles
2021-05-02 14:29 - 2021-02-10 19:15 - 000002374 _____ C:\Users\charl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-02 14:01 - 2021-03-04 09:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ffda8fc60eaf
2021-05-02 14:01 - 2021-02-10 20:23 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 21:12 - 2018-12-17 17:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-25 20:33 - 2020-05-05 18:45 - 000000000 ____D C:\Program Files (x86)\Origin
2021-04-25 20:31 - 2018-12-17 17:28 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-21 15:45 - 2021-02-10 20:23 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 15:45 - 2021-02-10 20:23 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-13 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#19
fonzy
Posted 11 May 2021 - 06:27 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:00:52  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        CHARLIE-LAPTOP
OS version:                                           Windows 10, 10.0, version 2009, build: 19042 (x64)
Hardware:                                             HP Pavilion Laptop 15-cc5xx, HP
CPU:                                                  GenuineIntel Intel® Core™ i3-7100U CPU @ 2.40GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  8077 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   240 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   258.50
Average measured interrupt to process latency (µs):   10.092892
 
Highest measured interrupt to DPC latency (µs):       245.0
Average measured interrupt to DPC latency (µs):       2.583194
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              249.590833
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.027011
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.030482
 
ISR count (execution time <250 µs):                   1149
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              905.651667
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.013166
Driver with highest DPC total execution time:         ACPI.sys - ACPI Driver for NT, Microsoft Corporation
 
Total time spent in DPCs (%)                          0.089456
 
DPC count (execution time <250 µs):                   15491
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              73
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 latmon.exe
 
Total number of hard pagefaults                       6
Hard pagefault count of hardest hit process:          2
Number of processes hit:                              5
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.457969
CPU 0 ISR highest execution time (µs):                249.590833
CPU 0 ISR total execution time (s):                   0.063972
CPU 0 ISR count:                                      1149
CPU 0 DPC highest execution time (µs):                905.651667
CPU 0 DPC total execution time (s):                   0.143671
CPU 0 DPC count:                                      13887
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.124480
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                721.6150
CPU 1 DPC total execution time (s):                   0.013935
CPU 1 DPC count:                                      459
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.171224
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                745.98750
CPU 2 DPC total execution time (s):                   0.029081
CPU 2 DPC count:                                      1144
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.099535
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                186.958333
CPU 3 DPC total execution time (s):                   0.001056
CPU 3 DPC count:                                      74
_________________________________________________________________________________________________________
 

Attached Thumbnails

  • processes.JPG
  • Drivers.JPG

  • 0

#20
RKinner
Posted 11 May 2021 - 08:44 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Much better.

 

It looks like you could use an update for your network driver:

 

https://support.hp.c...top-pc/15551393

 

Under Driver-Network:

 

Intel WLAN Driver

21.80.2.1 Rev.P 12.2 MB Apr 24, 2020

Realtek RTL8xxx Wireless LAN Drivers

2024.0.8.107/2024.0.4.108 Rev.S 14.4 MB Jun 5, 2019

 

Also under Driver-Storage

 

Intel Rapid Storage Technology Driver - Kaby Lake (Windows 10 v1709/v1803)

16.8.3.1003 Rev.J 24.0 MB Aug 23, 2019

 

Then see if you can rebuild the fontcache per:

https://troubleshoot...-in-windows-10/

 

If you are not using Skype you should uninstall it or at least keep it from starting at boot.  Problem is I do not see Skype installed nor how it starts.  If you can't find it to uninstall then startup FRST by right click and Run As Admin then put

skype

in the search box and hit Search Registry

You will get a file.  Please copy and paste the content into a reply.


  • 0

#21
fonzy
Posted 27 May 2021 - 05:31 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Sorry for the delayed reply. I have done the tasks above and uninstalled Skype:
 
 
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:00:47  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        CHARLIE-LAPTOP
OS version:                                           Windows 10, 10.0, version 2009, build: 19042 (x64)
Hardware:                                             HP Pavilion Laptop 15-cc5xx, HP
CPU:                                                  GenuineIntel Intel® Core™ i3-7100U CPU @ 2.40GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  8077 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   240 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   945.40
Average measured interrupt to process latency (µs):   9.935098
 
Highest measured interrupt to DPC latency (µs):       908.90
Average measured interrupt to DPC latency (µs):       3.184607
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              188.473333
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.011463
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.014909
 
ISR count (execution time <250 µs):                   520
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              855.260
Driver with highest DPC routine execution time:       iaStorAC.sys - Intel® Rapid Storage Technology driver - x64, Intel Corporation
 
Highest reported total DPC routine time (%):          0.088652
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Total time spent in DPCs (%)                          0.338867
 
DPC count (execution time <250 µs):                   41145
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              94
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 backgroundtaskhost.exe
 
Total number of hard pagefaults                       1785
Hard pagefault count of hardest hit process:          1317
Number of processes hit:                              12
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.931875
CPU 0 ISR highest execution time (µs):                188.473333
CPU 0 ISR total execution time (s):                   0.025335
CPU 0 ISR count:                                      466
CPU 0 DPC highest execution time (µs):                855.260
CPU 0 DPC total execution time (s):                   0.481309
CPU 0 DPC count:                                      31234
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.190536
CPU 1 ISR highest execution time (µs):                147.750
CPU 1 ISR total execution time (s):                   0.002927
CPU 1 ISR count:                                      54
CPU 1 DPC highest execution time (µs):                791.926667
CPU 1 DPC total execution time (s):                   0.044722
CPU 1 DPC count:                                      2345
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.315489
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                711.4550
CPU 2 DPC total execution time (s):                   0.091561
CPU 2 DPC count:                                      5644
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.172213
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                671.428333
CPU 3 DPC total execution time (s):                   0.024764
CPU 3 DPC count:                                      2016
_________________________________________________________________________________________________________
 

Attached Thumbnails

  • processesA.JPG
  • DriversA.JPG

  • 0

#22
RKinner
Posted 27 May 2021 - 08:18 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It looks like there is something going on in Microsoft land.  Perhaps you are in the middle of an update?  Go to Settings, Update and Security, and see if there are any updates that are awaiting installation.  Check for Updates.

If there are any updates make sure they are installed then give me another Latency Monitor log with the two screen shots.

 

If you don't see any updates then

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.

That will me what is going on in Microsoft land.


  • 0

#23
fonzy
Posted 28 May 2021 - 08:31 AM

fonzy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:02:36  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        CHARLIE-LAPTOP
OS version:                                           Windows 10, 10.0, version 2009, build: 19042 (x64)
Hardware:                                             HP Pavilion Laptop 15-cc5xx, HP
CPU:                                                  GenuineIntel Intel® Core™ i3-7100U CPU @ 2.40GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  8077 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   240 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   267.60
Average measured interrupt to process latency (µs):   8.317913
 
Highest measured interrupt to DPC latency (µs):       245.60
Average measured interrupt to DPC latency (µs):       2.034196
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              219.2550
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.004129
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.007123
 
ISR count (execution time <250 µs):                   815
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              953.191667
Driver with highest DPC routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.011650
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Total time spent in DPCs (%)                          0.067981
 
DPC count (execution time <250 µs):                   43385
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              197
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 explorer.exe
 
Total number of hard pagefaults                       228
Hard pagefault count of hardest hit process:          81
Number of processes hit:                              12
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       1.012719
CPU 0 ISR highest execution time (µs):                219.2550
CPU 0 ISR total execution time (s):                   0.044705
CPU 0 ISR count:                                      815
CPU 0 DPC highest execution time (µs):                953.191667
CPU 0 DPC total execution time (s):                   0.282092
CPU 0 DPC count:                                      38501
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.408755
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                721.729167
CPU 1 DPC total execution time (s):                   0.037129
CPU 1 DPC count:                                      1298
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.497299
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                745.76750
CPU 2 DPC total execution time (s):                   0.102708
CPU 2 DPC count:                                      3337
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.225015
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                81.0350
CPU 3 DPC total execution time (s):                   0.004734
CPU 3 DPC count:                                      446
_________________________________________________________________________________________________________
 

Attached Thumbnails

  • Drivers.JPG
  • processes.JPG

  • 0

#24
RKinner
Posted 28 May 2021 - 09:45 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It looks pretty decent except for ACPI.sys being a bit high.  Look on the Hp Support web site.  There should be a new BIOS version available.

 

You currently have

Version    F.10     28/07/2017

 

If I have the correct site for your PC there is a much newer version:

 

F.41 Rev.A    Dec 18, 2020

https://support.hp.c...top-pc/15551393

 

That might help the ACPI.sys a bit.

 

Otherwise how is it running now?


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP