Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

wifes laptop from Thailand is lagging and slow


  • Please log in to reply

#1
elkski

elkski

    Member

  • Member
  • PipPipPip
  • 193 posts

I bought My fiancé a laptop in Bangkok about 2 years ago. She has now moved to USA and is my wife.  The main thing I see is the cursor gets stuck with blue swirly.  I did just yank the Bosston bluetooth mouse and out on a Dell corded one but I still see this issue but the mouse action seems better.

Here are the FRST logs .  This site has been so helpful in the past with my systems when they got clogged up.

Wife uses line and FB and IG quite a bit.  not much else.  I'm hopeful to get this system running fast enough we don't need a new laptop. Maybe we need more ram? this  is a dual language keyboard. 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by USER (09-08-2021 22:16:23)
Running from C:\Users\USER\Desktop
Windows 10 Home Single Language Version 20H2 19042.1110 (X64) (2021-08-06 14:16:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3318631204-1972825221-1620860807-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318631204-1972825221-1620860807-503 - Limited - Disabled)
elksk (S-1-5-21-3318631204-1972825221-1620860807-1002 - Administrator - Enabled) => C:\Users\elksk
Guest (S-1-5-21-3318631204-1972825221-1620860807-501 - Limited - Disabled)
USER (S-1-5-21-3318631204-1972825221-1620860807-1001 - Administrator - Enabled) => C:\Users\USER
WDAGUtilityAccount (S-1-5-21-3318631204-1972825221-1620860807-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Dell Digital Delivery Services (HKLM-x32\...\{3722784A-D530-4C82-BB78-4DF3E1A4CAD9}) (Version: 4.0.90.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.200 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.11000.6436 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6292 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.10.4.0 - Logitech Europe S.A.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10487 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8560 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
 
Packages:
=========
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.3.57.0_x64__2dgmkzkw4h30c [2021-08-05] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.90.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-08-05] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86__htrsf667h5kn2 [2021-03-27] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-16] (Dropbox Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-05] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-08-05] (INTEL CORP)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_7.0.3.0_x86__8ptj331gd3tyt [2021-08-03] (LINE Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-01-02] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-05] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-24] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-08-05] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-05] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2020-01-02] (Waves Audio)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-08-14 08:59 - 2020-08-14 08:59 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-11-21 20:02 - 2019-11-21 20:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 00:31 - 2018-09-15 00:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{54794CE1-5F6E-4C06-9A15-8D0289FD02FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{200CF588-37CA-4330-ACCD-3029EEE1FA7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9169FDB9-DC12-4B87-8867-1E60A3DFD2C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{084A7794-09DC-4CCB-ADF8-A3F0D094254F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88D47F9E-39DF-4C5C-82A1-F34AE62FB9FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6145E633-835C-4B98-B2CC-6EAC5C2D3E38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{07BD91C7-19D1-4694-8E8C-0449DF608C41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{80CEAAB8-59F8-4679-B619-F0ED06B2162B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26060D02-36B1-4272-88E4-5F85CCDBA2F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B819342-255F-47AD-84CE-F3A36E45564D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC8D0D1D-CB81-4B43-A9E7-D5A57912DB54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{441789B5-A558-4BC8-81F1-FC5F24675BB2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4526D03D-BCFE-4BF0-B3FB-77A68106D696}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42BD0292-6702-4861-B3AF-23F173EEA28B}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{D6B2A81F-873D-4B52-8A3A-3EAB81A3AD9F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{4DA3DEFF-FC9C-4B4A-B123-499B80399E7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D92CE210-7187-47CC-A40F-D6B31A89032C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
08-08-2021 19:15:16 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/09/2021 10:20:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000fa0
Faulting process id: 0x2458
Faulting application start time: 0x01d78da682c622bf
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: unknown
Report Id: dafe47f9-e59d-40bf-a031-21a10b0c58ce
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/09/2021 10:20:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceLayer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at CropAssist.UnsafeNativeMethods.crop_assist_exit()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.Deinitialize()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.HandleWatchdogFailure()
   at ServiceLayer.CoreService.OnCustomCommand(Int32)
   at System.ServiceProcess.ServiceBase.DeferredCustomCommand(Int32)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr, System.Object[], System.Object, System.Object[] ByRef)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessageSink)
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.DoAsyncCall()
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.ThreadPoolCallBack(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (08/09/2021 10:13:43 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Logitech VC ServiceLayer because of this error.
 
Program: Logitech VC ServiceLayer
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (08/09/2021 10:13:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: mscorlib.ni.dll, version: 4.8.4390.0, time stamp: 0x609c41da
Exception code: 0xc0000096
Fault offset: 0x005c2729
Faulting process id: 0x20
Faulting application start time: 0x01d78da598924deb
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c74164a61bdb8a6e084e3913485dcb67\mscorlib.ni.dll
Report Id: 5b4b7dc9-8893-4511-b392-c8c275763301
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/09/2021 10:13:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceLayer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at CropAssist.UnsafeNativeMethods.crop_assist_exit()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.Deinitialize()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.HandleWatchdogFailure()
   at ServiceLayer.CoreService.OnCustomCommand(Int32)
   at System.ServiceProcess.ServiceBase.DeferredCustomCommand(Int32)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr, System.Object[], System.Object, System.Object[] ByRef)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessageSink)
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.DoAsyncCall()
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.ThreadPoolCallBack(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (08/09/2021 10:07:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2bdc
 
Start Time: 01d78da527643295
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
 
Report Id: ef5efb9f-baf9-4d28-bc7b-aa69a52dd703
 
Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy
 
Faulting package-relative application ID: WindowsDefaultLockScreen
 
Hang type: Cross-thread
 
Error: (08/09/2021 10:06:46 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Logitech VC ServiceLayer because of this error.
 
Program: Logitech VC ServiceLayer
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (08/09/2021 10:06:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: mscorlib.ni.dll, version: 4.8.4390.0, time stamp: 0x609c41da
Exception code: 0xc0000096
Fault offset: 0x005c2729
Faulting process id: 0x16bc
Faulting application start time: 0x01d78d8f479d010f
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c74164a61bdb8a6e084e3913485dcb67\mscorlib.ni.dll
Report Id: f7a28593-2afb-4afe-94f0-819ccd4e4116
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (08/09/2021 10:20:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 10:13:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 10:10:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UM503BC)
Description: The server Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (08/09/2021 10:07:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 07:27:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 07:21:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 07:14:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/09/2021 07:07:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
 
Windows Defender:
================
Date: 2021-08-07 18:56:36
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-08-07 16:25:22
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.7.0 02/14/2020
Motherboard: Dell Inc. 0GRMXT
Processor: Intel® Core™ i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 88%
Total physical RAM: 3997.05 MB
Available physical RAM: 475.23 MB
Total Virtual: 8093.05 MB
Available Virtual: 2392.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.58 GB) (Free:836.56 GB) NTFS
 
\\?\Volume{d6adc38a-dc29-438a-bba2-1e050b3794b0}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.28 GB) NTFS
\\?\Volume{0f085613-3772-44ac-96a5-5ec319959e95}\ (Image) (Fixed) (Total:11.07 GB) (Free:0.2 GB) NTFS
\\?\Volume{daff9608-4e77-4997-8677-b5b639b0ee7d}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.48 GB) NTFS
\\?\Volume{00aa0561-0b3d-439c-a73f-3bcae356f391}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 559EA8AF)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by USER (administrator) on DESKTOP-UM503BC (Dell Inc. Inspiron 3481) (09-08-2021 19:08:55)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER
Platform: Windows 10 Home Single Language Version 20H2 19042.1110 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\crashpad_handler.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightChecker.exe
(Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\RightSightAPI\RightSightService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_9384fc4d30af89c3\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_9384fc4d30af89c3\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1081136 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_9384fc4d30af89c3\WavesSvc64.exe [1645664 2020-04-14] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {305DA005-5C08-44B3-8177-4E7C6ADC1BEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A749691-DC91-439C-B04F-90D55DC9453F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {773ED0D3-7286-4127-88EE-8C9B5457315A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133422552 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7C99644E-78D3-4AB6-93FB-8B5551F4B3D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
Task: {A07912E9-B55C-4B23-A890-8078C61CE4BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA955A4B-B5D2-45EF-9E00-22E3C7400735} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {C591A672-CB66-44F1-8506-6CE3B161FF49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D982DC0F-38DF-40CE-853A-E31D0295CEB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a7b40a35-fced-4f9e-85bc-8c4127ec827d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-09]
 
Chrome: 
=======
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-08-09]
CHR DefaultSearchURL: Default -> hxxps://th.search.yahoo.com/search?fr=mcafee&type=E211TH826G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://th.search.yahoo.com/sugg/gossip/gossip-th-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-02]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-02]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-02]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-02]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-03]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2018-08-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50376 2021-03-31] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2020-01-06] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{883F8A0E-0B08-4883-90FE-208704736ABD} [21312 2021-08-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-18] (Dell Inc -> )
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-22] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-09 19:08 - 2021-08-09 19:16 - 000015398 _____ C:\Users\USER\Desktop\FRST.txt
2021-08-09 19:08 - 2021-08-09 19:08 - 000000000 ____D C:\Users\USER\Desktop\FRST-OlderVersion
2021-08-09 19:06 - 2021-08-09 19:12 - 000000000 ____D C:\FRST
2021-08-09 19:02 - 2021-08-09 19:08 - 002300416 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2021-08-09 17:43 - 2021-08-09 17:46 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-09 17:43 - 2021-08-09 17:45 - 009244332 _____ C:\WINDOWS\Minidump\080921-80171-01.dmp
2021-08-09 17:43 - 2021-08-09 17:43 - 1070517026 _____ C:\WINDOWS\MEMORY.DMP
2021-08-06 13:00 - 2021-08-06 13:00 - 000000000 ____D C:\Program Files (x86)\DummyDir
2021-08-06 11:23 - 2021-08-06 07:16 - 000000000 ____D C:\Windows.old
2021-08-06 11:18 - 2021-08-06 11:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-08-06 11:12 - 2021-08-06 11:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-08-06 11:12 - 2021-08-06 11:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-08-06 10:40 - 2021-08-06 10:40 - 000000000 ____D C:\ProgramData\ssh
2021-08-06 10:24 - 2021-08-06 10:24 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-06 10:22 - 2021-08-06 10:22 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-08-06 10:21 - 2021-08-06 10:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-06 10:21 - 2021-08-06 10:21 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-08-06 10:21 - 2021-08-06 10:21 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-08-06 10:21 - 2021-08-06 10:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-08-06 10:20 - 2021-08-06 10:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-08-06 10:20 - 2021-08-06 10:20 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-06 10:19 - 2021-08-06 10:19 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-08-06 10:19 - 2021-08-06 10:19 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-08-06 10:19 - 2021-08-06 10:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-06 10:18 - 2021-08-06 10:18 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-08-06 10:17 - 2021-08-06 10:17 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-08-06 10:15 - 2021-08-06 10:15 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-08-06 10:15 - 2021-08-06 10:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-08-06 10:15 - 2021-08-06 10:15 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-08-06 10:14 - 2021-08-06 10:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-08-06 10:13 - 2021-08-06 10:13 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-08-06 10:12 - 2021-08-06 10:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-08-06 10:12 - 2021-08-06 10:12 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-08-06 10:09 - 2021-08-06 10:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-08-06 10:09 - 2021-08-06 10:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-08-06 10:07 - 2021-08-06 10:07 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-08-06 10:06 - 2021-08-06 10:06 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-08-06 10:06 - 2021-08-06 10:06 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-08-06 09:15 - 2021-08-06 09:15 - 000000697 _____ C:\WINDOWS\system32\NOISE.THA
2021-08-06 09:12 - 2021-08-06 09:12 - 000000000 ____D C:\WINDOWS\system32\th
2021-08-06 07:31 - 2021-08-06 07:31 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-08-06 07:20 - 2021-08-06 07:20 - 000000020 ___SH C:\Users\USER\ntuser.ini
2021-08-06 06:31 - 2021-08-06 06:31 - 000000000 ____D C:\Program Files\Rivet Networks
2021-08-05 21:34 - 2021-08-09 17:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-05 21:34 - 2021-08-07 11:30 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1001
2021-08-05 21:34 - 2021-08-06 00:41 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-06 00:41 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1002
2021-08-05 21:34 - 2021-08-05 21:34 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-05 21:34 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2021-08-05 21:34 - 2021-08-05 21:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-08-05 20:54 - 2021-08-09 17:49 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-05 20:37 - 2021-08-07 11:30 - 000002382 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:37 - 2021-08-05 20:52 - 000000000 ____D C:\Users\elksk
2021-08-05 20:37 - 2019-12-07 02:10 - 000001105 _____ C:\Users\elksk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:26 - 2021-08-09 18:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-05 20:26 - 2021-08-05 20:27 - 000315680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-05 20:24 - 2021-08-09 17:43 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-05 13:06 - 2021-08-06 07:20 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-04 12:59 - 2021-08-04 12:59 - 000000000 ___HD C:\$WinREAgent
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-09 22:05 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-09 19:15 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-09 18:50 - 2020-01-02 05:01 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2021-08-09 18:49 - 2019-03-06 11:08 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-08-09 17:48 - 2019-03-06 11:23 - 000000000 ____D C:\ProgramData\Dell
2021-08-09 17:47 - 2020-01-02 10:55 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-09 17:43 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-09 10:08 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-09 10:03 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-09 09:57 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-09 09:21 - 2020-12-03 00:53 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-09 09:20 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-07 11:30 - 2020-01-02 05:08 - 000000000 ___RD C:\Users\USER\OneDrive
2021-08-06 13:33 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-08-06 11:23 - 2020-01-16 03:04 - 000000000 ____D C:\Program Files\UNP
2021-08-06 11:23 - 2020-01-02 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Camera Settings
2021-08-06 11:23 - 2019-12-07 02:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-06 11:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-08-06 11:23 - 2019-03-06 11:03 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2021-08-06 11:23 - 2019-03-06 10:59 - 000000000 ____D C:\Program Files\Intel
2021-08-06 11:23 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-08-06 11:22 - 2019-12-07 02:18 - 000000000 ____D C:\WINDOWS\Setup
2021-08-06 11:21 - 2019-12-07 02:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-08-06 11:19 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-08-06 11:18 - 2020-02-21 04:04 - 000000000 ____D C:\WINDOWS\Firmware
2021-08-06 10:41 - 2019-12-07 02:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\IME
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-08-06 10:40 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-06 10:37 - 2019-12-07 02:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-08-06 10:37 - 2019-12-07 02:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-08-06 07:48 - 2020-01-02 05:02 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
2021-08-06 07:47 - 2020-12-05 16:51 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-06 07:47 - 2020-12-05 16:51 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-06 07:44 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-08-06 07:27 - 2020-01-02 05:05 - 000000000 ____D C:\ProgramData\Packages
2021-08-06 07:27 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-06 07:24 - 2020-01-02 05:02 - 000000000 ___RD C:\Users\USER\3D Objects
2021-08-06 07:24 - 2019-03-06 12:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-06 07:20 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-06 07:18 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-08-06 07:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-06 06:31 - 2019-03-06 11:27 - 000000000 ____D C:\ProgramData\RivetNetworks
2021-08-05 21:34 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-05 21:34 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-05 21:31 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Registration
2021-08-05 20:58 - 2020-04-11 12:03 - 000026988 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-08-05 20:53 - 2020-01-02 11:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 20:53 - 2020-01-02 11:09 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 20:42 - 2020-01-02 19:49 - 000000000 ____D C:\Users\elksk\AppData\Local\Packages
2021-08-05 20:30 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-08-05 20:29 - 2019-03-06 11:02 - 000000000 ____D C:\Intel
2021-08-05 14:06 - 2020-01-06 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-05 14:02 - 2020-01-06 18:00 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-04 13:05 - 2019-03-06 10:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-16 09:45 - 2020-12-03 00:53 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-16 09:45 - 2020-02-20 04:22 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
 
==================== FLock ==============================
 
2021-08-05 20:28 C:\Recovery
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,949 posts
  • MVP

Uninstall:

Logitech Camera Settings

SmartByte Drivers and Services

 

There is a Logitech program causing a lot of errors.  Hopefully that will uninstall it.

SmartByte is supposed to allocate more bandwidth when you are streaming video but reports on the Internet say it just slows things down.

 

I see a dump file so you have had a system crash.  Let's see what caused it:

 

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Right click on BlueScreenView.exe file and Run As Administrator to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

 

Let's see if anything else is slowing your PC down:

 

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 7.0 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.

 

Also post a new pair of FRST logs so I can see if the uninstalls worked.


  • 0

#3
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
==================================================
Dump File         : 080921-80171-01.dmp
Crash Time        : 9/8/2564 17:41:55
Bug Check String  : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x000000d1
Parameter 1       : 00000007`fffffff8
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000001
Parameter 4       : fffff804`5c2ca937
Caused By Driver  : Qcamain10x64.sys
Caused By Address : Qcamain10x64.sys+13a937
File Description  : Qualcomm Atheros Extensible Wireless LAN device driver
Product Name      : Driver for Qualcomm Atheros QCA61x4/QCA9377 Network Adapter
Company           : Qualcomm Atheros, Inc.
File Version      : 12.0.0.953
Processor         : x64
Crash Address     : ntoskrnl.exe+3f6f20
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\WINDOWS\Minidump\080921-80171-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 9,244,332
Dump File Time    : 9/8/2564 17:45:48
==================================================

  • 0

#4
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
IT was really jumping quite a bit, but I waited at least 2 minutes
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 90.38 60 K 8 K 0
audiodg.exe 5.51 48,716 K 25,328 K 11376
procexp64.exe 2.57 33,236 K 65,724 K 9224 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
WmiApSrv.exe 0.37 2,200 K 9,680 K 9524 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
SmartByteTelemetry.exe 0.37 37,188 K 14,392 K 7016
MsMpEng.exe 0.37 407,376 K 236,860 K 3888 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Windows Publisher
dwm.exe 0.37 71,400 K 66,452 K 1356
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
LineMediaPlayer.exe < 0.01 27,496 K 24,980 K 5496 LineMediaPlayer LINE Corporation (Verified) LINE Corporation
System < 0.01 208 K 4,844 K 4
csrss.exe < 0.01 2,492 K 3,012 K 840
FRST64.exe < 0.01 1,444,024 K 15,572 K 10012
explorer.exe < 0.01 79,600 K 122,284 K 7716 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 94,204 K 145,752 K 8032 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 51,012 K 86,980 K 1884 Google Chrome Google LLC (Verified) Google LLC
LINEAPP.exe < 0.01 125,288 K 32,936 K 9924 LINE LINE Corporation (Verified) LINE Corporation
pcdrwi.exe < 0.01 85,916 K 17,792 K 4996
WavesSysSvc64.exe < 0.01 7,664 K 4,504 K 4028 WavesSysSvc Service Application Waves Audio Ltd. (Verified) Waves Inc
chrome.exe < 0.01 155,764 K 101,468 K 2992 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 19,680 K 35,380 K 4508 Google Chrome Google LLC (Verified) Google LLC
Dell.D3.WinSvc.exe < 0.01 157,576 K 100,116 K 1160 Dell.D3.WinSvc (Verified) Dell Inc
chrome.exe < 0.01 17,864 K 27,480 K 7332 Google Chrome Google LLC (Verified) Google LLC
ServiceShell.exe < 0.01 63,452 K 18,100 K 5304 ServiceShell (Verified) Dell Inc
DSAPI.exe < 0.01 47,232 K 24,364 K 3088 PC-Doctor Dell SupportAssist API PC-Doctor, Inc. (Verified) PC-Doctor, Inc.
explorer.exe < 0.01 16,912 K 41,472 K 8284 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,888 K 16,384 K 5448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SupportAssistAgent.exe < 0.01 594,464 K 64,564 K 188 Service Dell Inc. (Verified) Dell Inc.
svchost.exe < 0.01 16,196 K 23,336 K 1036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 11,008 K 14,460 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 1,784 K 2,280 K 7688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe < 0.01 33,144 K 45,848 K 3064
AdminService.exe < 0.01 2,320 K 6,648 K 3960 Windows Setup API Windows ® Win 7 DDK provider (Verified) Microsoft Windows Hardware Compatibility Publisher
WinStore.App.exe < 0.01 153,976 K 181,048 K 5992 Store Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe < 0.01 7,732 K 17,376 K 3164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 67,332 K 60,032 K 2416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 1,580 K 2,532 K 1480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,140 K 2,196 K 732
TextInputHost.exe < 0.01 11,848 K 11,228 K 10180 Microsoft Corporation (Verified) Microsoft Windows
StartMenuExperienceHost.exe < 0.01 40,716 K 89,480 K 7644 (Verified) Microsoft Windows
svchost.exe < 0.01 6,092 K 20,796 K 5528 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 11,832 K 15,320 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,660 K 7,324 K 5532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,824 K 6,680 K 5176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchIndexer.exe < 0.01 40,860 K 41,404 K 6204 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 17,692 K 16,928 K 2080 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SystemIdleCheck.exe < 0.01 1,896 K 7,652 K 8948
YourPhone.exe Suspended 28,040 K 16,640 K 11052 YourPhone Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
WUDFHost.exe 3,540 K 2,272 K 1116
WUDFHost.exe 4,568 K 4,472 K 1168
WmiPrvSE.exe 5,752 K 13,224 K 5452
WmiPrvSE.exe 6,148 K 15,180 K 4108
WmiPrvSE.exe 1,940 K 8,964 K 11252
winlogon.exe 2,952 K 3,152 K 924
wininit.exe 1,372 K 312 K 820
Video.UI.exe Suspended 18,756 K 4,228 K 11008 (No signature was present in the subject)
UserOOBEBroker.exe 2,064 K 2,604 K 3108 User OOBE Broker Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 8,464 K 15,092 K 7436 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 6,764 K 7,832 K 9088
SystemSettings.exe Suspended 20,108 K 940 K 10548 Settings Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,472 K 8,656 K 2016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,852 K 25,720 K 3904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,736 K 19,624 K 7252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,680 K 5,684 K 3024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,168 K 6,700 K 5300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,752 K 15,008 K 3952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,700 K 3,188 K 3008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,608 K 5,940 K 1564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 29,304 K 31,184 K 3660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,064 K 6,024 K 2744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,924 K 5,460 K 7024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 16,064 K 25,168 K 3732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,780 K 13,236 K 1516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,252 K 11,040 K 3232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,936 K 8,552 K 2612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,692 K 5,184 K 3204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,584 K 12,076 K 2000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,568 K 4,172 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,396 K 5,692 K 4816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,504 K 19,428 K 2244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,952 K 4,836 K 3076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,312 K 4,504 K 2408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,076 K 9,796 K 3316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,896 K 6,124 K 2296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 18,332 K 21,936 K 3648 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,540 K 6,164 K 3016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,028 K 16,444 K 3640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,060 K 14,376 K 2692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,940 K 10,552 K 6972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,300 K 11,008 K 1992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,284 K 5,836 K 4284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,280 K 3,904 K 4008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,168 K 8,060 K 1540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,908 K 6,012 K 2576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,376 K 13,284 K 1876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,888 K 10,288 K 2056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,620 K 6,588 K 2424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,328 K 13,608 K 3416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,040 K 6,496 K 3480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,692 K 18,372 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,136 K 10,400 K 2940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,240 K 3,996 K 5028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,736 K 8,948 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,676 K 7,532 K 11948
svchost.exe 6,292 K 4,236 K 10344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,908 K 8,588 K 4312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,768 K 10,732 K 5480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,676 K 28,592 K 2032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,688 K 2,856 K 5760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,624 K 10,660 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,964 K 6,752 K 2392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,012 K 24,884 K 4884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,680 K 5,340 K 1524 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,664 K 4,328 K 1780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,196 K 7,220 K 1856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,640 K 3,468 K 1864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,408 K 5,252 K 1920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,536 K 4,864 K 2256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,968 K 2,816 K 2700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,884 K 3,684 K 2708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,552 K 5,520 K 3816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,564 K 4,780 K 4016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,568 K 3,080 K 3184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,508 K 3,244 K 5288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,804 K 6,916 K 5384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,996 K 9,088 K 1492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,092 K 8,092 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,812 K 18,436 K 4048 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,064 K 8,204 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,644 K 3,788 K 10672 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 5,752 K 12,464 K 3308 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 1,060 K 520 K 628
smartscreen.exe 10,560 K 28,184 K 7584 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe 7,860 K 25,264 K 6916 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 17,228 K 39,516 K 10392 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe 4,896 K 6,980 K 7068 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SettingSyncHost.exe 16,556 K 4,608 K 9096 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,116 K 6,920 K 964
SecurityHealthSystray.exe 1,960 K 5,608 K 3992 Windows Security notification icon Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 3,888 K 9,444 K 8436 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchApp.exe Suspended 84,524 K 53,436 K 8024 Search application Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,656 K 23,228 K 10556 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 1,844 K 9,360 K 10552 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 19,276 K 26,696 K 7000 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 11,356 K 34,252 K 10476 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 5,488 K 19,392 K 8896 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 1,772 K 8,852 K 10444 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 1,716 K 3,044 K 10716 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 12,652 K 34,540 K 7152 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,640 K 15,672 K 8432 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkAudUService64.exe 2,696 K 7,932 K 3936 Realtek HD Audio Universal Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudUService64.exe 1,776 K 1,508 K 3832
RtkAudUService64.exe 2,432 K 6,012 K 3520 Realtek HD Audio Universal Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RstMwService.exe 1,612 K 4,556 K 3968 Intel® Rapid Storage Technology Management Service Intel Corporation (Verified) Intel® Rapid Storage Technology
Registry 10,480 K 48,768 K 100
QcomWlanSrvx64.exe 1,252 K 4,144 K 3928 Qualcomm Atheros Universal WLAN Driver Service Qualcomm Technologies Inc. (Verified) Qualcomm Atheros
procexp.exe 4,228 K 12,444 K 12860 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
notepad.exe 9,944 K 36,256 K 7548 Notepad Microsoft Corporation (Verified) Microsoft Windows
notepad.exe 3,112 K 17,176 K 3596
notepad.exe 3,180 K 15,504 K 8868
NisSrv.exe 4,116 K 8,904 K 2604 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Windows Publisher
MusNotifyIcon.exe 3,180 K 884 K 2484 MusNotifyIcon.exe Microsoft Corporation (Verified) Microsoft Windows
Microsoft.Photos.exe Suspended 70,436 K 9,144 K 9072 (No signature was present in the subject)
Memory Compression 2,548 K 53,720 K 2520
lsass.exe 9,304 K 13,412 K 1012 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
LMS.exe 3,288 K 9,884 K 4688 Intel® Local Management Service Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
jhi_service.exe 1,276 K 2,760 K 4604 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
IntelCpHeciSvc.exe 1,424 K 4,856 K 4172 IntelCpHeciSvc Executable Intel Corporation (Verified) Intel® pGFX
IntelCpHDCPSvc.exe 1,516 K 5,400 K 3620 Intel HD Graphics Drivers for Windows® Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 6,548 K 18,412 K 6104 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 1,836 K 3,492 K 2636 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
fontdrvhost.exe 4,832 K 6,900 K 756
fontdrvhost.exe 1,676 K 388 K 716
esif_uf.exe 1,556 K 3,768 K 3628 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel Corporation
dllhost.exe 1,712 K 8,392 K 10352
dllhost.exe 2,228 K 12,900 K 1820 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 3,772 K 8,324 K 9692 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DellSupportAssistRemedationService.exe 43,884 K 23,656 K 4992 Dell SupportAssist Remediation Dell Inc. (Verified) Dell Inc
DDVRulesProcessor.exe 4,976 K 10,828 K 4064 Dell Data Vault Rules Processor Dell Inc. (Verified) Dell Inc
DDVDataCollector.exe 24,484 K 9,176 K 5936 Dell Data Vault Data Collector Service Dell Inc. (Verified) Dell Inc
DDVCollectorSvcApi.exe 1,412 K 4,996 K 4976 Dell Data Vault Data Collector Service API Dell Inc. (Verified) Dell Inc
ctfmon.exe 4,852 K 11,368 K 7752
conhost.exe 6,220 K 4,064 K 4456
chrome.exe 16,476 K 42,748 K 12964 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,900 K 40,588 K 3092 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 15,180 K 24,744 K 6184 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 16,768 K 29,964 K 2496 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,564 K 37,624 K 4392 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 17,708 K 36,272 K 216 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 17,476 K 46,544 K 2804 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 7,232 K 9,000 K 9912 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,548 K 37,688 K 9512 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,264 K 36,960 K 6824 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,084 K 35,980 K 11220 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 15,252 K 39,532 K 6180 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 17,928 K 46,904 K 13196 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,248 K 37,128 K 13144 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 15,856 K 39,716 K 12588 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 15,660 K 40,452 K 11720 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 23,216 K 57,440 K 9616 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 65,368 K 64,460 K 11180 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 55,348 K 32,512 K 7700 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 20,180 K 49,924 K 12156 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,764 K 39,024 K 11988 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 35,108 K 70,784 K 1652 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 38,100 K 80,784 K 13132 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 7,220 K 4,452 K 9596 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,124 K 4,300 K 9788 Google Chrome Google LLC (Verified) Google LLC
BlueScreenView.exe 12,836 K 36,676 K 10668
ApplicationFrameHost.exe 17,984 K 23,676 K 6832 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

Edited by elkski, 10 August 2021 - 04:07 PM.

  • 0

#5
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

TASKLIST /SVC  > \junk.txt

I ran this in a elevated command prompt. first time without checking as administrator since it is windows 10.. said access denied. then it seemed to run when I ran cmd with checked as administrator . but when I ran notepad \junk.txt it opens notepad but says file not found?.  


  • 0

#6
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

Speccy snuck in a download of  winzip25 without asking  then came speccy.  didn't see the CCcleaner or the big download on the upper left corner.. they may have changed it to trick you

Attached Files


  • 0

#7
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:00:25  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        DESKTOP-UM503BC
OS version:                                           Windows 10, 10.0, version 2009, build: 19042 (x64)
Hardware:                                             Inspiron 3481, Dell Inc.
CPU:                                                  GenuineIntel Intel® Core™ i3-7020U CPU @ 2.30GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  3997 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2304 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   550.0
Average measured interrupt to process latency (µs):   10.233277
 
Highest measured interrupt to DPC latency (µs):       495.50
Average measured interrupt to DPC latency (µs):       3.286848
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              128.234375
Driver with highest ISR routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.032519
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.063458
 
ISR count (execution time <250 µs):                   2606
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              1182.309896
Driver with highest DPC routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.093355
Driver with highest DPC total execution time:         iaStorAC.sys - Intel® Rapid Storage Technology driver - x64, Intel Corporation
 
Total time spent in DPCs (%)                          0.419889
 
DPC count (execution time <250 µs):                   27290
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              110
DPC count (execution time 1000-2000 µs):              2
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 compattelrunner.exe
 
Total number of hard pagefaults                       3002
Hard pagefault count of hardest hit process:          2691
Number of processes hit:                              19
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.688241
CPU 0 ISR highest execution time (µs):                128.234375
CPU 0 ISR total execution time (s):                   0.062776
CPU 0 ISR count:                                      2525
CPU 0 DPC highest execution time (µs):                1182.309896
CPU 0 DPC total execution time (s):                   0.335469
CPU 0 DPC count:                                      20847
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.106794
CPU 1 ISR highest execution time (µs):                24.771701
CPU 1 ISR total execution time (s):                   0.001119
CPU 1 ISR count:                                      81
CPU 1 DPC highest execution time (µs):                250.214410
CPU 1 DPC total execution time (s):                   0.018320
CPU 1 DPC count:                                      1411
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.168229
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                734.599826
CPU 2 DPC total execution time (s):                   0.054454
CPU 2 DPC count:                                      3962
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.084805
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                116.987847
CPU 3 DPC total execution time (s):                   0.014536
CPU 3 DPC count:                                      1182
_________________________________________________________________________________________________________

  • 0

#8
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
still lagging badly
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by USER (administrator) on DESKTOP-UM503BC (Dell Inc. Inspiron 3481) (10-08-2021 18:02:50)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER
Platform: Windows 10 Home Single Language Version 20H2 19042.1110 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Daniel Terhell -> Resplendence Software Projects Sp.) C:\Program Files\LatencyMon\LatMon.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <58>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(LINE Corporation -> LINE Corporation) C:\Users\USER\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AppData\LINE\Data\plugin\LineMediaPlayer\1.2.0.363\LineMediaPlayer.exe
(LINE Corporation) C:\Program Files\WindowsApps\NAVER.LINEwin8_7.1.0.0_x86__8ptj331gd3tyt\LINEAPP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nir Sofer -> NirSoft) C:\Users\USER\Downloads\bluescreenview-x64\BlueScreenView.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\Speccy\Speccy64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Config.Msi\4bc737c.rbf
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1081136 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-02] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {305DA005-5C08-44B3-8177-4E7C6ADC1BEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A749691-DC91-439C-B04F-90D55DC9453F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {773ED0D3-7286-4127-88EE-8C9B5457315A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133422552 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7C99644E-78D3-4AB6-93FB-8B5551F4B3D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
Task: {A07912E9-B55C-4B23-A890-8078C61CE4BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C591A672-CB66-44F1-8506-6CE3B161FF49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D982DC0F-38DF-40CE-853A-E31D0295CEB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a7b40a35-fced-4f9e-85bc-8c4127ec827d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-10]
 
Chrome: 
=======
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-08-10]
CHR DefaultSearchURL: Default -> hxxps://th.search.yahoo.com/search?fr=mcafee&type=E211TH826G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://th.search.yahoo.com/sugg/gossip/gossip-th-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-02]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-02]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-02]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-02]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-03]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2018-08-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50376 2021-03-31] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2020-01-06] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{883F8A0E-0B08-4883-90FE-208704736ABD} [21312 2021-08-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-18] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-22] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cpuz149; C:\Users\USER\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [44320 2021-08-10] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 MpKsl3a414131; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFB53AD3-15CF-4F08-8081-C855DC5BC1B2}\MpKslDrv.sys [123112 2021-08-09] (Microsoft Windows -> Microsoft Corporation)
R3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-10 17:43 - 2021-08-10 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-08-10 17:43 - 2021-08-10 17:43 - 000000000 ____D C:\Program Files\LatencyMon
2021-08-10 17:43 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-08-10 17:02 - 2021-08-10 17:03 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\USER\Downloads\LatencyMon (1).exe
2021-08-10 17:02 - 2021-08-10 17:03 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\USER\Desktop\LatencyMon.exe
2021-08-10 17:00 - 2021-08-10 17:01 - 000115931 _____ C:\Users\USER\Downloads\DESKTOP-UM503BC.txt
2021-08-10 17:00 - 2021-08-10 17:01 - 000115931 _____ C:\Users\USER\Downloads\DESKTOP-UM503BC (1).txt
2021-08-10 16:55 - 2021-08-10 16:56 - 000115931 _____ C:\Users\USER\Desktop\DESKTOP-UM503BC.txt
2021-08-10 16:54 - 2021-08-10 16:54 - 000115963 _____ C:\Users\USER\Documents\DESKTOP-UM503BC.txt
2021-08-10 16:49 - 2021-08-10 16:49 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-08-10 16:49 - 2021-08-10 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-08-10 16:49 - 2021-08-10 16:49 - 000000000 ____D C:\Program Files\Speccy
2021-08-10 16:39 - 2021-08-10 16:42 - 008234296 _____ (Piriform Software Ltd) C:\Users\USER\Downloads\spsetup132.exe
2021-08-10 16:39 - 2021-08-10 16:39 - 000977344 _____ (WinZip Computing) C:\Users\USER\Downloads\winzip25-p014.exe
2021-08-10 16:32 - 2021-08-10 16:32 - 000019037 _____ C:\WINDOWS\system32\junk.txt
2021-08-10 16:32 - 2021-08-10 16:32 - 000000000 _____ C:\junk.txt
2021-08-10 16:05 - 2021-08-10 16:05 - 000022298 _____ C:\Users\USER\Desktop\Registry.txt
2021-08-10 15:59 - 2021-08-10 15:59 - 002834320 _____ (Sysinternals - www.sysinternals.com) C:\Users\USER\Desktop\procexp.exe
2021-08-10 15:56 - 2021-08-10 15:56 - 000002202 _____ C:\Users\USER\Desktop\BSOD.txt
2021-08-10 15:53 - 2021-08-10 15:54 - 000000000 ____D C:\Users\USER\Downloads\bluescreenview-x64
2021-08-10 15:52 - 2021-08-10 15:52 - 000085380 _____ C:\Users\USER\Downloads\bluescreenview-x64.zip
2021-08-10 09:49 - 2021-08-10 09:49 - 000000000 ____D C:\Users\USER\AppData\Local\LineCall
2021-08-09 22:16 - 2021-08-09 22:23 - 000030297 _____ C:\Users\USER\Desktop\Addition.txt
2021-08-09 19:08 - 2021-08-10 18:07 - 000014159 _____ C:\Users\USER\Desktop\FRST.txt
2021-08-09 19:08 - 2021-08-09 19:08 - 000000000 ____D C:\Users\USER\Desktop\FRST-OlderVersion
2021-08-09 19:06 - 2021-08-10 18:05 - 000000000 ____D C:\FRST
2021-08-09 19:02 - 2021-08-09 19:08 - 002300416 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2021-08-09 17:43 - 2021-08-09 17:46 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-09 17:43 - 2021-08-09 17:45 - 009244332 _____ C:\WINDOWS\Minidump\080921-80171-01.dmp
2021-08-09 17:43 - 2021-08-09 17:43 - 1070517026 _____ C:\WINDOWS\MEMORY.DMP
2021-08-06 13:00 - 2021-08-06 13:00 - 000000000 ____D C:\Program Files (x86)\DummyDir
2021-08-06 11:23 - 2021-08-06 07:16 - 000000000 ____D C:\Windows.old
2021-08-06 11:18 - 2021-08-06 11:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-08-06 11:12 - 2021-08-06 11:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-08-06 11:12 - 2021-08-06 11:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-08-06 10:40 - 2021-08-06 10:40 - 000000000 ____D C:\ProgramData\ssh
2021-08-06 10:24 - 2021-08-06 10:24 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-06 10:22 - 2021-08-06 10:22 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-08-06 10:21 - 2021-08-06 10:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-06 10:21 - 2021-08-06 10:21 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-08-06 10:21 - 2021-08-06 10:21 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-08-06 10:21 - 2021-08-06 10:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-08-06 10:20 - 2021-08-06 10:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-08-06 10:20 - 2021-08-06 10:20 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-06 10:19 - 2021-08-06 10:19 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-08-06 10:19 - 2021-08-06 10:19 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-08-06 10:19 - 2021-08-06 10:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-06 10:18 - 2021-08-06 10:18 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-08-06 10:17 - 2021-08-06 10:17 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-08-06 10:15 - 2021-08-06 10:15 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-08-06 10:15 - 2021-08-06 10:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-08-06 10:15 - 2021-08-06 10:15 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-08-06 10:14 - 2021-08-06 10:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-08-06 10:13 - 2021-08-06 10:13 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-08-06 10:12 - 2021-08-06 10:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-08-06 10:12 - 2021-08-06 10:12 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-08-06 10:09 - 2021-08-06 10:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-08-06 10:09 - 2021-08-06 10:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-08-06 10:07 - 2021-08-06 10:07 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-08-06 10:06 - 2021-08-06 10:06 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-08-06 10:06 - 2021-08-06 10:06 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-08-06 09:15 - 2021-08-06 09:15 - 000000697 _____ C:\WINDOWS\system32\NOISE.THA
2021-08-06 09:12 - 2021-08-06 09:12 - 000000000 ____D C:\WINDOWS\system32\th
2021-08-06 07:31 - 2021-08-06 07:31 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-08-06 07:20 - 2021-08-06 07:20 - 000000020 ___SH C:\Users\USER\ntuser.ini
2021-08-05 21:34 - 2021-08-09 17:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-05 21:34 - 2021-08-07 11:30 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1001
2021-08-05 21:34 - 2021-08-06 00:41 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-06 00:41 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1002
2021-08-05 21:34 - 2021-08-05 21:34 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-05 21:34 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-08-05 20:54 - 2021-08-09 17:49 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-05 20:37 - 2021-08-07 11:30 - 000002382 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:37 - 2021-08-05 20:52 - 000000000 ____D C:\Users\elksk
2021-08-05 20:37 - 2019-12-07 02:10 - 000001105 _____ C:\Users\elksk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:26 - 2021-08-10 17:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-05 20:26 - 2021-08-05 20:27 - 000315680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-05 20:24 - 2021-08-09 17:43 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-05 13:06 - 2021-08-06 07:20 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-04 12:59 - 2021-08-04 12:59 - 000000000 ___HD C:\$WinREAgent
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-10 18:17 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-10 17:56 - 2020-01-02 10:46 - 000000000 ____D C:\Users\USER\AppData\Local\PlaceholderTileLogoFolder
2021-08-10 17:18 - 2020-01-02 10:55 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-10 16:41 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-10 16:30 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-10 16:12 - 2021-03-27 22:05 - 000000000 ____D C:\Users\USER\AppData\Local\D3DSCache
2021-08-10 09:57 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-10 09:42 - 2020-01-02 05:02 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
2021-08-10 09:42 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-09 22:23 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-09 18:50 - 2020-01-02 05:01 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2021-08-09 18:49 - 2019-03-06 11:08 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-08-09 17:48 - 2019-03-06 11:23 - 000000000 ____D C:\ProgramData\Dell
2021-08-09 17:43 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-09 09:57 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-09 09:21 - 2020-12-03 00:53 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-07 11:30 - 2020-01-02 05:08 - 000000000 ___RD C:\Users\USER\OneDrive
2021-08-06 13:33 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-08-06 11:23 - 2020-01-16 03:04 - 000000000 ____D C:\Program Files\UNP
2021-08-06 11:23 - 2019-12-07 02:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-06 11:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-08-06 11:23 - 2019-03-06 11:03 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2021-08-06 11:23 - 2019-03-06 10:59 - 000000000 ____D C:\Program Files\Intel
2021-08-06 11:23 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-08-06 11:22 - 2019-12-07 02:18 - 000000000 ____D C:\WINDOWS\Setup
2021-08-06 11:21 - 2019-12-07 02:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-08-06 11:19 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-08-06 11:18 - 2020-02-21 04:04 - 000000000 ____D C:\WINDOWS\Firmware
2021-08-06 10:41 - 2019-12-07 02:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\IME
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-08-06 10:37 - 2019-12-07 02:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-08-06 10:37 - 2019-12-07 02:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-08-06 07:47 - 2020-12-05 16:51 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-06 07:47 - 2020-12-05 16:51 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-06 07:44 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-08-06 07:27 - 2020-01-02 05:05 - 000000000 ____D C:\ProgramData\Packages
2021-08-06 07:27 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-06 07:24 - 2020-01-02 05:02 - 000000000 ___RD C:\Users\USER\3D Objects
2021-08-06 07:24 - 2019-03-06 12:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-06 07:20 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-06 07:18 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-08-06 07:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-06 06:31 - 2019-03-06 11:27 - 000000000 ____D C:\ProgramData\RivetNetworks
2021-08-05 21:34 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-05 21:34 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-05 21:31 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Registration
2021-08-05 20:58 - 2020-04-11 12:03 - 000026988 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-08-05 20:53 - 2020-01-02 11:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 20:53 - 2020-01-02 11:09 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 20:42 - 2020-01-02 19:49 - 000000000 ____D C:\Users\elksk\AppData\Local\Packages
2021-08-05 20:30 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-08-05 20:29 - 2019-03-06 11:02 - 000000000 ____D C:\Intel
2021-08-05 14:06 - 2020-01-06 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-05 14:02 - 2020-01-06 18:00 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-04 13:05 - 2019-03-06 10:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-16 09:45 - 2020-12-03 00:53 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-16 09:45 - 2020-02-20 04:22 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
 
==================== FLock ==============================
 
2021-08-05 20:28 C:\Recovery
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by USER (administrator) on DESKTOP-UM503BC (Dell Inc. Inspiron 3481) (10-08-2021 18:02:50)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER
Platform: Windows 10 Home Single Language Version 20H2 19042.1110 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Daniel Terhell -> Resplendence Software Projects Sp.) C:\Program Files\LatencyMon\LatMon.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <58>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_39c3e17a2e95f0ed\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(LINE Corporation -> LINE Corporation) C:\Users\USER\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AppData\LINE\Data\plugin\LineMediaPlayer\1.2.0.363\LineMediaPlayer.exe
(LINE Corporation) C:\Program Files\WindowsApps\NAVER.LINEwin8_7.1.0.0_x86__8ptj331gd3tyt\LINEAPP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nir Sofer -> NirSoft) C:\Users\USER\Downloads\bluescreenview-x64\BlueScreenView.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\Speccy\Speccy64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Config.Msi\4bc737c.rbf
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1081136 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-02] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-04] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {305DA005-5C08-44B3-8177-4E7C6ADC1BEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A749691-DC91-439C-B04F-90D55DC9453F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {773ED0D3-7286-4127-88EE-8C9B5457315A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133422552 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7C99644E-78D3-4AB6-93FB-8B5551F4B3D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
Task: {A07912E9-B55C-4B23-A890-8078C61CE4BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C591A672-CB66-44F1-8506-6CE3B161FF49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D982DC0F-38DF-40CE-853A-E31D0295CEB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-02] (Google LLC -> Google LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{a7b40a35-fced-4f9e-85bc-8c4127ec827d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-10]
 
Chrome: 
=======
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-08-10]
CHR DefaultSearchURL: Default -> hxxps://th.search.yahoo.com/search?fr=mcafee&type=E211TH826G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://th.search.yahoo.com/sugg/gossip/gossip-th-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-02]
CHR Extension: (Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-02]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-02]
CHR Extension: (Sheets) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-02]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-03]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2018-08-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50376 2021-03-31] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2020-01-06] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{883F8A0E-0B08-4883-90FE-208704736ABD} [21312 2021-08-06] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-18] (Dell Inc -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-22] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cpuz149; C:\Users\USER\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [44320 2021-08-10] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 MpKsl3a414131; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFB53AD3-15CF-4F08-8081-C855DC5BC1B2}\MpKslDrv.sys [123112 2021-08-09] (Microsoft Windows -> Microsoft Corporation)
R3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-10 17:43 - 2021-08-10 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-08-10 17:43 - 2021-08-10 17:43 - 000000000 ____D C:\Program Files\LatencyMon
2021-08-10 17:43 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-08-10 17:02 - 2021-08-10 17:03 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\USER\Downloads\LatencyMon (1).exe
2021-08-10 17:02 - 2021-08-10 17:03 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\USER\Desktop\LatencyMon.exe
2021-08-10 17:00 - 2021-08-10 17:01 - 000115931 _____ C:\Users\USER\Downloads\DESKTOP-UM503BC.txt
2021-08-10 17:00 - 2021-08-10 17:01 - 000115931 _____ C:\Users\USER\Downloads\DESKTOP-UM503BC (1).txt
2021-08-10 16:55 - 2021-08-10 16:56 - 000115931 _____ C:\Users\USER\Desktop\DESKTOP-UM503BC.txt
2021-08-10 16:54 - 2021-08-10 16:54 - 000115963 _____ C:\Users\USER\Documents\DESKTOP-UM503BC.txt
2021-08-10 16:49 - 2021-08-10 16:49 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-08-10 16:49 - 2021-08-10 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-08-10 16:49 - 2021-08-10 16:49 - 000000000 ____D C:\Program Files\Speccy
2021-08-10 16:39 - 2021-08-10 16:42 - 008234296 _____ (Piriform Software Ltd) C:\Users\USER\Downloads\spsetup132.exe
2021-08-10 16:39 - 2021-08-10 16:39 - 000977344 _____ (WinZip Computing) C:\Users\USER\Downloads\winzip25-p014.exe
2021-08-10 16:32 - 2021-08-10 16:32 - 000019037 _____ C:\WINDOWS\system32\junk.txt
2021-08-10 16:32 - 2021-08-10 16:32 - 000000000 _____ C:\junk.txt
2021-08-10 16:05 - 2021-08-10 16:05 - 000022298 _____ C:\Users\USER\Desktop\Registry.txt
2021-08-10 15:59 - 2021-08-10 15:59 - 002834320 _____ (Sysinternals - www.sysinternals.com) C:\Users\USER\Desktop\procexp.exe
2021-08-10 15:56 - 2021-08-10 15:56 - 000002202 _____ C:\Users\USER\Desktop\BSOD.txt
2021-08-10 15:53 - 2021-08-10 15:54 - 000000000 ____D C:\Users\USER\Downloads\bluescreenview-x64
2021-08-10 15:52 - 2021-08-10 15:52 - 000085380 _____ C:\Users\USER\Downloads\bluescreenview-x64.zip
2021-08-10 09:49 - 2021-08-10 09:49 - 000000000 ____D C:\Users\USER\AppData\Local\LineCall
2021-08-09 22:16 - 2021-08-09 22:23 - 000030297 _____ C:\Users\USER\Desktop\Addition.txt
2021-08-09 19:08 - 2021-08-10 18:07 - 000014159 _____ C:\Users\USER\Desktop\FRST.txt
2021-08-09 19:08 - 2021-08-09 19:08 - 000000000 ____D C:\Users\USER\Desktop\FRST-OlderVersion
2021-08-09 19:06 - 2021-08-10 18:05 - 000000000 ____D C:\FRST
2021-08-09 19:02 - 2021-08-09 19:08 - 002300416 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2021-08-09 17:43 - 2021-08-09 17:46 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-09 17:43 - 2021-08-09 17:45 - 009244332 _____ C:\WINDOWS\Minidump\080921-80171-01.dmp
2021-08-09 17:43 - 2021-08-09 17:43 - 1070517026 _____ C:\WINDOWS\MEMORY.DMP
2021-08-06 13:00 - 2021-08-06 13:00 - 000000000 ____D C:\Program Files (x86)\DummyDir
2021-08-06 11:23 - 2021-08-06 07:16 - 000000000 ____D C:\Windows.old
2021-08-06 11:18 - 2021-08-06 11:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-08-06 11:12 - 2021-08-06 11:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-08-06 11:12 - 2021-08-06 11:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-08-06 10:40 - 2021-08-06 10:40 - 000000000 ____D C:\ProgramData\ssh
2021-08-06 10:24 - 2021-08-06 10:24 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-06 10:24 - 2021-08-06 10:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-06 10:22 - 2021-08-06 10:22 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-08-06 10:21 - 2021-08-06 10:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-06 10:21 - 2021-08-06 10:21 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-08-06 10:21 - 2021-08-06 10:21 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-08-06 10:21 - 2021-08-06 10:21 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-08-06 10:21 - 2021-08-06 10:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-08-06 10:21 - 2021-08-06 10:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-08-06 10:20 - 2021-08-06 10:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-08-06 10:20 - 2021-08-06 10:20 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-08-06 10:20 - 2021-08-06 10:20 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-08-06 10:20 - 2021-08-06 10:20 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-06 10:19 - 2021-08-06 10:19 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-08-06 10:19 - 2021-08-06 10:19 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-08-06 10:19 - 2021-08-06 10:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-08-06 10:19 - 2021-08-06 10:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-08-06 10:19 - 2021-08-06 10:19 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-08-06 10:19 - 2021-08-06 10:19 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-06 10:18 - 2021-08-06 10:18 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-08-06 10:18 - 2021-08-06 10:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-08-06 10:18 - 2021-08-06 10:18 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-08-06 10:17 - 2021-08-06 10:17 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-08-06 10:17 - 2021-08-06 10:17 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-08-06 10:17 - 2021-08-06 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:16 - 2021-08-06 10:16 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-08-06 10:15 - 2021-08-06 10:15 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-08-06 10:15 - 2021-08-06 10:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-08-06 10:15 - 2021-08-06 10:15 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-08-06 10:15 - 2021-08-06 10:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-08-06 10:15 - 2021-08-06 10:15 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-08-06 10:14 - 2021-08-06 10:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-08-06 10:13 - 2021-08-06 10:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-08-06 10:13 - 2021-08-06 10:13 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-06 10:12 - 2021-08-06 10:12 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-08-06 10:12 - 2021-08-06 10:12 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-08-06 10:12 - 2021-08-06 10:12 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-08-06 10:12 - 2021-08-06 10:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-08-06 10:12 - 2021-08-06 10:12 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-08-06 10:09 - 2021-08-06 10:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-08-06 10:09 - 2021-08-06 10:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-08-06 10:09 - 2021-08-06 10:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-08-06 10:08 - 2021-08-06 10:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-08-06 10:07 - 2021-08-06 10:07 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-08-06 10:06 - 2021-08-06 10:06 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-08-06 10:06 - 2021-08-06 10:06 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-06 10:06 - 2021-08-06 10:06 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-08-06 10:06 - 2021-08-06 10:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-08-06 10:06 - 2021-08-06 10:06 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-08-06 09:15 - 2021-08-06 09:15 - 000000697 _____ C:\WINDOWS\system32\NOISE.THA
2021-08-06 09:12 - 2021-08-06 09:12 - 000000000 ____D C:\WINDOWS\system32\th
2021-08-06 07:31 - 2021-08-06 07:31 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-08-06 07:20 - 2021-08-06 07:20 - 000000020 ___SH C:\Users\USER\ntuser.ini
2021-08-05 21:34 - 2021-08-09 17:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-05 21:34 - 2021-08-07 11:30 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1001
2021-08-05 21:34 - 2021-08-06 00:41 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-06 00:41 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318631204-1972825221-1620860807-1002
2021-08-05 21:34 - 2021-08-05 21:34 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-05 21:34 - 2021-08-05 21:34 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-05 21:34 - 2021-08-05 21:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-08-05 21:32 - 2021-08-05 21:34 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-08-05 20:54 - 2021-08-09 17:49 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-05 20:37 - 2021-08-07 11:30 - 000002382 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:37 - 2021-08-05 20:52 - 000000000 ____D C:\Users\elksk
2021-08-05 20:37 - 2019-12-07 02:10 - 000001105 _____ C:\Users\elksk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-05 20:26 - 2021-08-10 17:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-05 20:26 - 2021-08-05 20:27 - 000315680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-05 20:24 - 2021-08-09 17:43 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-05 13:06 - 2021-08-06 07:20 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-04 12:59 - 2021-08-04 12:59 - 000000000 ___HD C:\$WinREAgent
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-08-10 18:17 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-10 17:56 - 2020-01-02 10:46 - 000000000 ____D C:\Users\USER\AppData\Local\PlaceholderTileLogoFolder
2021-08-10 17:18 - 2020-01-02 10:55 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-10 16:41 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-10 16:30 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-10 16:12 - 2021-03-27 22:05 - 000000000 ____D C:\Users\USER\AppData\Local\D3DSCache
2021-08-10 09:57 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-10 09:42 - 2020-01-02 05:02 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
2021-08-10 09:42 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-09 22:23 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-09 18:50 - 2020-01-02 05:01 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2021-08-09 18:49 - 2019-03-06 11:08 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-08-09 17:48 - 2019-03-06 11:23 - 000000000 ____D C:\ProgramData\Dell
2021-08-09 17:43 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-09 09:57 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-09 09:21 - 2020-12-03 00:53 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-07 11:30 - 2020-01-02 05:08 - 000000000 ___RD C:\Users\USER\OneDrive
2021-08-06 13:33 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-08-06 11:23 - 2020-01-16 03:04 - 000000000 ____D C:\Program Files\UNP
2021-08-06 11:23 - 2019-12-07 02:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-08-06 11:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-06 11:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-08-06 11:23 - 2019-03-06 11:03 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2021-08-06 11:23 - 2019-03-06 10:59 - 000000000 ____D C:\Program Files\Intel
2021-08-06 11:23 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-08-06 11:22 - 2019-12-07 02:18 - 000000000 ____D C:\WINDOWS\Setup
2021-08-06 11:21 - 2019-12-07 02:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-08-06 11:19 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-08-06 11:18 - 2020-02-21 04:04 - 000000000 ____D C:\WINDOWS\Firmware
2021-08-06 10:41 - 2019-12-07 02:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-08-06 10:41 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\IME
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-06 10:40 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-08-06 10:37 - 2019-12-07 02:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-08-06 10:37 - 2019-12-07 02:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-08-06 09:12 - 2019-12-07 02:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-08-06 07:47 - 2020-12-05 16:51 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-06 07:47 - 2020-12-05 16:51 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-06 07:44 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-08-06 07:27 - 2020-01-02 05:05 - 000000000 ____D C:\ProgramData\Packages
2021-08-06 07:27 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-06 07:24 - 2020-01-02 05:02 - 000000000 ___RD C:\Users\USER\3D Objects
2021-08-06 07:24 - 2019-03-06 12:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-08-06 07:20 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-06 07:18 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-08-06 07:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-06 06:31 - 2019-03-06 11:27 - 000000000 ____D C:\ProgramData\RivetNetworks
2021-08-05 21:34 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-05 21:34 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-05 21:31 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Registration
2021-08-05 20:58 - 2020-04-11 12:03 - 000026988 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-08-05 20:53 - 2020-01-02 11:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 20:53 - 2020-01-02 11:09 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 20:42 - 2020-01-02 19:49 - 000000000 ____D C:\Users\elksk\AppData\Local\Packages
2021-08-05 20:30 - 2019-03-06 11:01 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-08-05 20:29 - 2019-03-06 11:02 - 000000000 ____D C:\Intel
2021-08-05 14:06 - 2020-01-06 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-05 14:02 - 2020-01-06 18:00 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-04 13:05 - 2019-03-06 10:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-16 09:45 - 2020-12-03 00:53 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-16 09:45 - 2020-02-20 04:22 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
 
==================== FLock ==============================
 
2021-08-05 20:28 C:\Recovery
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 

Attached Thumbnails

  • lmon.jpg
  • lmon2.jpg

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,949 posts
  • MVP
You posted the FRST log twice and left off the Addition.txt.
 
Also when you ran Process Explorer and did the screen shot of the Processes tab you didn't sort things by Hard Pagefaults so I can't see what is eating up your time.
 
I do see this:
 
Highest ISR routine execution time (µs):              128.234375
Driver with highest ISR routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation

 

 

This is usually a problem with an outdated BIOS and looking at the support page for your Inspiron 3481

https://www.dell.com...-laptop/drivers

I see there is an urgent BIOS update listed.  Please update the BIOS:

 

Also update the Intel Rapid Storage Technology Driver which is also showing an Urgent flag.

 

Also update the Qualcomm QCA61x4A/QCA9377 Wi-Fi and Bluetooth Driver as Blue Screen View says the software caused the last crash.

 

Search for

task scheduler

hit Enter

Click on the arrow in front of Task Scheduler Library then

Click on the arrow in front of Microsoft

Click on the arrow in front of Windows

Click on Application Experience.  In the next pane to the right, right click on each Task and Disable.  Should be three or four (later versions) tasks.

Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Disable.  Should be two tasks.

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program and reboot.

Rerun Latency Monitor and post the summary.


  • 0

#10
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

I got kinda sloppy last evening.. sorry... and so sorry I didn't go to dell service tag first...

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by USER (10-08-2021 18:23:51)
Running from C:\Users\USER\Desktop
Windows 10 Home Single Language Version 20H2 19042.1110 (X64) (2021-08-06 14:16:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3318631204-1972825221-1620860807-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318631204-1972825221-1620860807-503 - Limited - Disabled)
elksk (S-1-5-21-3318631204-1972825221-1620860807-1002 - Administrator - Enabled) => C:\Users\elksk
Guest (S-1-5-21-3318631204-1972825221-1620860807-501 - Limited - Disabled)
USER (S-1-5-21-3318631204-1972825221-1620860807-1001 - Administrator - Enabled) => C:\Users\USER
WDAGUtilityAccount (S-1-5-21-3318631204-1972825221-1620860807-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Dell Digital Delivery Services (HKLM-x32\...\{3722784A-D530-4C82-BB78-4DF3E1A4CAD9}) (Version: 4.0.90.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.200 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.11000.6436 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6292 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.1.1012 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10487 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8560 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
 
Packages:
=========
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.3.57.0_x64__2dgmkzkw4h30c [2021-08-05] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.90.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-08-05] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2021-08-05] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86__htrsf667h5kn2 [2021-03-27] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-16] (Dropbox Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-05] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-08-05] (INTEL CORP)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_7.1.0.0_x86__8ptj331gd3tyt [2021-08-10] (LINE Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-01-02] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-05] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-05] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-24] (Microsoft Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-08-05] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-05] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2020-01-02] (Waves Audio)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-08-10 09:42 - 2021-08-10 09:42 - 001030144 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\NAVER.LINEwin8_7.1.0.0_x86__8ptj331gd3tyt\dbghelp.dll
2021-08-10 09:43 - 2021-08-10 09:43 - 002467328 _____ (NBP Corp) [File not signed] c:\users\user\appdata\local\packages\naver.linewin8_8ptj331gd3tyt\AppData\LINE\Data\plugin\LineMediaPlayer\1.2.0.363\libnelo2.dll
2019-11-21 20:02 - 2019-11-21 20:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 00:31 - 2018-09-15 00:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
HKU\S-1-5-21-3318631204-1972825221-1620860807-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-3318631204-1972825221-1620860807-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{54794CE1-5F6E-4C06-9A15-8D0289FD02FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{200CF588-37CA-4330-ACCD-3029EEE1FA7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9169FDB9-DC12-4B87-8867-1E60A3DFD2C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{084A7794-09DC-4CCB-ADF8-A3F0D094254F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88D47F9E-39DF-4C5C-82A1-F34AE62FB9FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6145E633-835C-4B98-B2CC-6EAC5C2D3E38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{07BD91C7-19D1-4694-8E8C-0449DF608C41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{80CEAAB8-59F8-4679-B619-F0ED06B2162B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26060D02-36B1-4272-88E4-5F85CCDBA2F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B819342-255F-47AD-84CE-F3A36E45564D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC8D0D1D-CB81-4B43-A9E7-D5A57912DB54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{441789B5-A558-4BC8-81F1-FC5F24675BB2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4526D03D-BCFE-4BF0-B3FB-77A68106D696}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42BD0292-6702-4861-B3AF-23F173EEA28B}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{D6B2A81F-873D-4B52-8A3A-3EAB81A3AD9F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{4DA3DEFF-FC9C-4B4A-B123-499B80399E7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D92CE210-7187-47CC-A40F-D6B31A89032C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
08-08-2021 19:15:16 Windows Modules Installer
09-08-2021 22:43:49 Language Pack Removal
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/10/2021 03:44:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x10c4
Faulting application start time: 0x01d78e38921e7bd5
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: unknown
Report Id: 3f57c015-79af-4a01-89c5-875e4c6b10eb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/10/2021 03:44:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceLayer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at CropAssist.UnsafeNativeMethods.crop_assist_exit()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.Deinitialize()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.HandleWatchdogFailure()
   at ServiceLayer.CoreService.OnCustomCommand(Int32)
   at System.ServiceProcess.ServiceBase.DeferredCustomCommand(Int32)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr, System.Object[], System.Object, System.Object[] ByRef)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessageSink)
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.DoAsyncCall()
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.ThreadPoolCallBack(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (08/10/2021 03:39:22 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Logitech VC ServiceLayer because of this error.
 
Program: Logitech VC ServiceLayer
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (08/10/2021 03:39:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: mscorlib.ni.dll, version: 4.8.4390.0, time stamp: 0x609c41da
Exception code: 0xc0000096
Fault offset: 0x005c2729
Faulting process id: 0x2f54
Faulting application start time: 0x01d78e37bf5f699b
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c74164a61bdb8a6e084e3913485dcb67\mscorlib.ni.dll
Report Id: 22061652-06cb-4c0c-a408-8148867f5823
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/10/2021 03:39:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceLayer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at CropAssist.UnsafeNativeMethods.crop_assist_exit()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.Deinitialize()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.HandleWatchdogFailure()
   at ServiceLayer.CoreService.OnCustomCommand(Int32)
   at System.ServiceProcess.ServiceBase.DeferredCustomCommand(Int32)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr, System.Object[], System.Object, System.Object[] ByRef)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessageSink)
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.DoAsyncCall()
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.ThreadPoolCallBack(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (08/10/2021 03:33:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceLayer.exe, version: 1.15.3.0, time stamp: 0x5d014774
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x18bc
Faulting application start time: 0x01d78e36eb78a314
Faulting application path: C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
Faulting module path: unknown
Report Id: ed36cf87-69cc-43dc-88a5-ee9c44f9c211
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/10/2021 03:33:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceLayer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at CropAssist.UnsafeNativeMethods.crop_assist_exit()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.Deinitialize()
   at ServiceLayer.CropAssistAPI.CropAssistHelper.HandleWatchdogFailure()
   at ServiceLayer.CoreService.OnCustomCommand(Int32)
   at System.ServiceProcess.ServiceBase.DeferredCustomCommand(Int32)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr, System.Object[], System.Object, System.Object[] ByRef)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessageSink)
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.DoAsyncCall()
   at System.Runtime.Remoting.Proxies.AgileAsyncWorkerItem.ThreadPoolCallBack(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (08/10/2021 03:27:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Logitech VC ServiceLayer because of this error.
 
Program: Logitech VC ServiceLayer
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
 
System errors:
=============
Error: (08/10/2021 05:37:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UM503BC)
Description: The server Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (08/10/2021 04:31:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UM503BC)
Description: The server Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (08/10/2021 03:44:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/10/2021 03:39:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/10/2021 03:35:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UM503BC)
Description: The server Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (08/10/2021 03:33:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/10/2021 03:27:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (08/10/2021 03:21:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Logitech Video Camera Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
 
Windows Defender:
================
Date: 2021-08-10 07:52:51
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-08-07 18:56:36
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-08-07 16:25:22
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.7.0 02/14/2020
Motherboard: Dell Inc. 0GRMXT
Processor: Intel® Core™ i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 85%
Total physical RAM: 3997.05 MB
Available physical RAM: 579.05 MB
Total Virtual: 10818.93 MB
Available Virtual: 1419.14 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.58 GB) (Free:828.86 GB) NTFS
 
\\?\Volume{d6adc38a-dc29-438a-bba2-1e050b3794b0}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.28 GB) NTFS
\\?\Volume{0f085613-3772-44ac-96a5-5ec319959e95}\ (Image) (Fixed) (Total:11.07 GB) (Free:0.2 GB) NTFS
\\?\Volume{daff9608-4e77-4997-8677-b5b639b0ee7d}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.48 GB) NTFS
\\?\Volume{00aa0561-0b3d-439c-a73f-3bcae356f391}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 559EA8AF)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

Advertisements


#11
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

I dont understand the hard page fault thing? 


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,949 posts
  • MVP

Click on the Hard PageFault column header (circled in red) once or twice until you see the non zero pagefaults at the top of the list (in yellow).  This step may not be necessary any more as when I did it this time I had the non-zero pagefaults already at the top of the list.  But just in case the sort is not complete this will enure that we see all of the non-zero values.

 

latmon.jpg

 

Dell's Support Assist program is supposed to help keep your drivers and such up-to-date but in my experience it doesn't do a good job and just slows down the PC.

 

Once you get your updates done, let's use a fixlist to check your system files.  Will take about 20 minutes so be patient.  System will reboot when done:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   414bytes   60 downloads

Run FRST and press Fix
A fix log will be generated please post that

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Almost forgot.  Speccy shows you have major interference on the WiFi channel you are using on the laptop.  You have three equal strength signals all on Channel 128.  The one in bold is the one you are currently using.  I can sort of understand the guest one if you have a stupid router but the one with no name is definitely going to cause a problem.  Your internet connection may be very slow because of the interference.  If you are using an extender try unplugging it.  Do you have access to the router?  There should be login & password information on a sticker on the router.  Also note the make and model number of the router.  Then open a browser and put in 192.168.4.1 and hit Enter.  That should connect you to the router.  Use the password info if available and change the wifi channel assignment from automatic to manual then pick a channel that is not 128.  If you can't figure out how or there is no password on the label  then give me the make and model number and I will look it up.

 

Wi-Fi (Lonepeak)
                    SSID    Lonepeak
                    Frequency    5640000 kHz
                    Channel Number    128
                    Name    Lonepeak
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    Currently Connected to this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK

                Wi-Fi (Lonepeak Guest)
                    SSID    Lonepeak Guest
                    Frequency    5640000 kHz
                    Channel Number    128
                    Name    Lonepeak Guest
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK

 

Wi-Fi ()
                    SSID
                    Frequency    5640000 kHz
                    Channel Number    128
                    Name    No name
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    Not supported

To test your speed go to

https://www.speedtest.net/

 

Hit Go.

 

For best results pause your antivirus and close all other programs and browser tabs.

When it finishes you will get the download and upload speed.  Does the download speed look like what you pay for?
 


  • 0

#13
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

loading drivers one at a time.   this micron ssd didn't install it says.

[Wed Aug 11 07:55:07 2021] Update Package Execution Started
[Wed Aug 11 07:55:07 2021] Original command line: "C:\Users\USER\Downloads\Micron-2300-PCIe-NVMe-Solid-State-Drive-Firmware_G75TH_WIN64_2300.0030_A00.EXE" 
[Wed Aug 11 07:55:07 2021] DUP Framework EXE Version: 4.8.7.95
[Wed Aug 11 07:55:07 2021] DUP Release: G75THA00
[Wed Aug 11 07:55:07 2021] Initializing framework...
[Wed Aug 11 07:55:07 2021] Data in smbios table is (hex)value = a , Chasis type (hex)value = a , System type is : Client 
[Wed Aug 11 07:55:09 2021] logo.png
[Wed Aug 11 07:55:12 2021] User Command: attended
[Wed Aug 11 07:55:12 2021] DUP Capabilities Value: 2097151 (0x1FFFFF)
[Wed Aug 11 07:55:12 2021] DUP Vendor Software Version: 2300.0030
[Wed Aug 11 07:55:12 2021] System ID:  08CE
[Wed Aug 11 07:55:12 2021] System model description:  Inspiron 3481
[Wed Aug 11 07:55:12 2021] Match found: 3481 (08CE)
[Wed Aug 11 07:55:12 2021] Local System/Model Compatible with this Package? Yes
[Wed Aug 11 07:55:12 2021] Local System OS Version: 10.0.0.0
[Wed Aug 11 07:55:12 2021] OS Compatible with this Package? Unknown
[Wed Aug 11 07:55:12 2021] Local System OS Language: Unknown
[Wed Aug 11 07:55:12 2021] Language Compatible with this Package? Unknown
[Wed Aug 11 07:55:13 2021] Identified Behavior : attended
[Wed Aug 11 07:55:13 2021] Extraction-miniunz path: c:\PROGRA~3\dell\drivers\4EE6C6~1\miniunz.exe
[Wed Aug 11 07:55:13 2021] Extraction-arguments:  -x C:\Users\USER\DOWNLO~1\MICRON~1.EXE -o -d c:\PROGRA~3\dell\drivers\4EE6C6~1
[Wed Aug 11 07:55:14 2021] Extraction-GetExitCode: 0
[Wed Aug 11 07:55:14 2021] Temporary payload log file name: C:\ProgramData\dell\drivers\4ee6c6b4-f3fc-4240-8bbe-374f17f8fde2\DUP437B.tmp
[Wed Aug 11 07:55:14 2021] payloadExe: Micron_2300_23000030.exe
[Wed Aug 11 07:55:14 2021] payloadArgs: /log=C:\ProgramData\dell\drivers\4ee6c6b4-f3fc-4240-8bbe-374f17f8fde2\DUP437B.tmp
[Wed Aug 11 07:55:14 2021] payloadDir: C:\ProgramData\dell\drivers\4ee6c6b4-f3fc-4240-8bbe-374f17f8fde2
[Wed Aug 11 07:55:14 2021] MUP Spec version is less than 3 or Not a DCH Package.
[Wed Aug 11 07:55:14 2021] Legacy installation is selected. Calling Vendor Installer...
[Wed Aug 11 07:55:30 2021] Appending Vendor Software Log.
[Wed Aug 11 07:55:30 2021]
--- Start of Vendor Software Log ---
 
[Wed Aug 11 07:55:30 2021] ASCII payload log file detected: 
[Wed Aug 11 07:55:30 2021] Log File Name: DUP437B.tmp
[Wed Aug 11 07:55:30 2021]
****************** Start of Firmware Update by DELL MUP ******************
Start Time of Execution: Wed Aug 11 07:55:19 2021
Command by which MUP Invoked: C:\ProgramData\Dell\drivers\4ee6c6b4-f3fc-4240-8bbe-374f17f8fde2\Micron_2300_23000030.exe /log=C:\ProgramData\dell\drivers\4ee6c6b4-f3fc-4240-8bbe-374f17f8fde2\DUP437B.tmp
No drives needing firmware update found, all the drives are up to date!Final Status :  Success: Firmware up to date!
End Time of Execution: Wed Aug 11 07:55:25 2021
 
****************** End of Firmware Update by DELL MUP ******************
 
[Wed Aug 11 07:55:30 2021]
--- End of Vendor Software Log ---
 
[Wed Aug 11 07:55:30 2021] Vendor Software Return Code: 4000
[Wed Aug 11 07:55:32 2021] logo.png
[Wed Aug 11 07:55:32 2021] Name of Exit Code: DEP_SOFT_ERROR
[Wed Aug 11 07:55:32 2021] Exit Code set to: 3 (0x3)
[Wed Aug 11 07:55:32 2021] Result: FAILURE
[Wed Aug 11 07:55:43 2021] User Command: attended
[Wed Aug 11 07:55:43 2021] DUP Capabilities Value: 2097151 (0x1FFFFF)
[Wed Aug 11 07:55:43 2021] DUP Vendor Software Version: 2300.0030
[Wed Aug 11 07:55:43 2021] System ID:  08CE
[Wed Aug 11 07:55:43 2021] System model description:  Inspiron 3481
[Wed Aug 11 07:55:43 2021] Match found: 3481 (08CE)
[Wed Aug 11 07:55:43 2021] Local System/Model Compatible with this Package? Yes
[Wed Aug 11 07:55:43 2021] Local System OS Version: 10.0.0.0
[Wed Aug 11 07:55:43 2021] OS Compatible with this Package? Unknown
[Wed Aug 11 07:55:43 2021] Local System OS Language: Unknown
[Wed Aug 11 07:55:43 2021] Language Compatible with this Package? Unknown
[Wed Aug 11 07:55:43 2021] User Parameter: logfile
[Wed Aug 11 07:55:43 2021] User Parameter: logfile changed to: C:\ProgramData\Dell\UpdatePackage\Log\Micron-2300-PCIe-NVMe-Solid-State-Drive-Firmware_G75TH_WIN64_2300.0030_A00.txt
[Wed Aug 11 07:55:43 2021] Identified Behavior : attended
[Wed Aug 11 07:55:43 2021] Extraction-miniunz path: c:\PROGRA~3\dell\drivers\AF3189~1\miniunz.exe
[Wed Aug 11 07:55:43 2021] Extraction-arguments:  -x C:\Users\USER\DOWNLO~1\MICRON~1.EXE -o -d c:\PROGRA~3\dell\drivers\AF3189~1
[Wed Aug 11 07:55:43 2021] Extraction-GetExitCode: 0
[Wed Aug 11 07:55:43 2021] Temporary payload log file name: C:\ProgramData\dell\drivers\af3189c5-aaa5-4e27-ad91-057b67ecf731\DUPB65B.tmp
[Wed Aug 11 07:55:43 2021] payloadExe: Micron_2300_23000030.exe
[Wed Aug 11 07:55:43 2021] payloadArgs: /log=C:\ProgramData\dell\drivers\af3189c5-aaa5-4e27-ad91-057b67ecf731\DUPB65B.tmp
[Wed Aug 11 07:55:43 2021] payloadDir: C:\ProgramData\dell\drivers\af3189c5-aaa5-4e27-ad91-057b67ecf731
[Wed Aug 11 07:55:43 2021] MUP Spec version is less than 3 or Not a DCH Package.
[Wed Aug 11 07:55:43 2021] Legacy installation is selected. Calling Vendor Installer...
[Wed Aug 11 07:55:53 2021] Appending Vendor Software Log.
[Wed Aug 11 07:55:53 2021]
--- Start of Vendor Software Log ---
 
[Wed Aug 11 07:55:53 2021] ASCII payload log file detected: 
[Wed Aug 11 07:55:53 2021] Log File Name: DUPB65B.tmp
[Wed Aug 11 07:55:53 2021]
****************** Start of Firmware Update by DELL MUP ******************
Start Time of Execution: Wed Aug 11 07:55:46 2021
Command by which MUP Invoked: C:\ProgramData\Dell\drivers\af3189c5-aaa5-4e27-ad91-057b67ecf731\Micron_2300_23000030.exe /log=C:\ProgramData\dell\drivers\af3189c5-aaa5-4e27-ad91-057b67ecf731\DUPB65B.tmp
No drives needing firmware update found, all the drives are up to date!Final Status :  Success: Firmware up to date!
End Time of Execution: Wed Aug 11 07:55:50 2021
 
****************** End of Firmware Update by DELL MUP ******************
 
[Wed Aug 11 07:55:53 2021]
--- End of Vendor Software Log ---
 
[Wed Aug 11 07:55:53 2021] Vendor Software Return Code: 4000
[Wed Aug 11 07:55:53 2021] logo.png
[Wed Aug 11 07:55:53 2021] Name of Exit Code: DEP_SOFT_ERROR
[Wed Aug 11 07:55:53 2021] Exit Code set to: 3 (0x3)
[Wed Aug 11 07:55:53 2021] Result: FAILURE
[Wed Aug 11 07:55:59 2021] Open file: C:\ProgramData\Dell\UpdatePackage\Log\Micron-2300-PCIe-NVMe-Solid-State-Drive-Firmware_G75TH_WIN64_2300.0030_A00.txt

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,949 posts
  • MVP

You don't have an SSD.  Just update the items I asked you to do.


  • 0

#15
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

ok I did update those drivers you requested plus a few others. 

The router is a EROS mesh and from what I read you cant assign channels. unless your talking about a different channel.  Supposedly EROS roams channels but only shows as being on 1.  This is a sore spot with users.   Sorry for being slow today but wife and I had to get a big batch of pasta sauce going. Garden tomatoes were stacking up.   LEt me now take time to read all of your instructions. 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP