Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer suddenly grew sluggish a few weeks ago and needs examined


  • Please log in to reply

#1
Warship

Warship

    Member

  • Member
  • PipPip
  • 61 posts

My computer isn't that old. It is a Dell bought brand new several years ago. It has grown sluggish very suddenly in the past few weeks. I have no explanation as I have not seen any evidence of anything suspicious. It is very slow to respond in many cases and sometimes I have to reboot, which typically does not resolve the issue for very long. It seemingly runs short of memory. I readily admit it COULD be the architecture not keeping up. I hope someone can take a look and help me get to the bottom of it. 

 

Scan results:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2021
Ran by Shaun (13-10-2021 21:39:20)
Running from C:\Users\Shaun\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1237 (X64) (2020-11-17 17:38:25)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1717062034-1452997292-2084382277-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1717062034-1452997292-2084382277-503 - Limited - Disabled)
Guest (S-1-5-21-1717062034-1452997292-2084382277-501 - Limited - Disabled)
Shaun (S-1-5-21-1717062034-1452997292-2084382277-1001 - Administrator - Enabled) => C:\Users\Shaun
WDAGUtilityAccount (S-1-5-21-1717062034-1452997292-2084382277-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{388A412B-5C0C-4C1E-8BF7-B6E9E117F367}) (Version: 4.4.2.9869 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{4990dc23-fdee-4fec-8bde-9f5d4745f88b}) (Version: 4.4.2.9869 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.3.0 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.1.1028 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{E7173746-C254-4F4E-ACCB-D6BD55E76EFE}) (Version: 1.1.70.527 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14430.20270 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10454 - Qualcomm)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.637 - McAfee, LLC)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-14] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-07-19] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-02] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.188.0_x64__rz1tebttyb220 [2021-10-13] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-14] (Dropbox Inc.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy [2021-09-17] (McAfee LLC.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-28] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2021.922.1.0_x64__8kea50m9krsh2 [2021-10-02] (Code Spark)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2020-02-12] (Pandora Media Inc) [Startup Task]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-28] (Microsoft Corporation)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-03-13] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-13] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-08-17] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0 [2021-10-13] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-07-31] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2020-02-12] (WinZip Computing)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxDTCM.dll [2021-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-04-12 06:36 - 2020-04-12 06:36 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-09-17 18:36 - 2021-09-17 18:36 - 016744448 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.dll
2020-08-14 21:29 - 2020-08-14 21:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001 -> DefaultScope {E41F9496-1A62-486C-9355-D9712E136A11} URL = 
SearchScopes: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001 -> {E41F9496-1A62-486C-9355-D9712E136A11} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-09] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-09] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{8057CBD6-21A2-4EE1-AC42-95E08676F319}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{03FC484A-0C52-4799-B315-F1C27395241C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{0CB1F0AF-D04D-4567-9AF8-1ECDB47508E3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{5C0DC3AC-07B2-4AEC-BCA1-B2365C528895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FFE23972-562F-4120-A24F-9FB0733297F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31DE2818-CABE-48B1-ADDA-C224E340B7B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F0AD0F33-9243-4640-AE8D-0658C6273CAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6D82AB8-7573-4306-B294-8C0551FEEBFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD8C3620-6522-474B-BEC8-CAA965773040}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4671B03E-7499-4EC1-AB38-0D1B0330EF99}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7164D723-93D1-437D-A370-8E83C0FB40ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E7BD9E20-E31D-42B6-B1CB-D24FBD0EA6C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7351A67-EF65-40EA-A244-E4630C35AC8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A3D8B4C-1F54-4D01-BD78-AD0D9B9DFA21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{91BA0919-240D-4600-A83D-AF212A677247}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBD9A2E6-0928-4231-92B7-77AAFFE750FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A0EFB516-D411-4B86-B61F-C0E24CFEA39E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66B1B43D-239C-4187-AA89-81D200151A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
24-09-2021 14:58:40 Scheduled Checkpoint
03-10-2021 14:28:35 Scheduled Checkpoint
12-10-2021 16:24:08 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/13/2021 09:05:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x2e38
Faulting application start time: 0x01d7c0978b6eb0c4
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 992cd103-7d6f-4d9a-b98f-c42819ef050d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/13/2021 09:05:24 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 09:04:12 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 08:20:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x2d64
Faulting application start time: 0x01d7c0913fa82ae9
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 7166c02a-a9db-44d6-acbe-d9b04ef8c286
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/13/2021 08:19:08 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 08:13:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/13/2021 01:28:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x5208
Faulting application start time: 0x01d7c057a5ed1f29
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e1896e34-4762-4c84-983d-643b6e9a33db
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/12/2021 01:05:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x38c8
Faulting application start time: 0x01d7bf8b605bf85e
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 7a5ebd64-a070-417a-a02e-f90f422d7210
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the mfemms service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the ModuleCoreService service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the mccspsvc service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.
 
Error: (10/13/2021 11:20:49 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (10/13/2021 01:37:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CMF42HE)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca did not register with DCOM within the required timeout.
 
Error: (10/08/2021 10:12:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CMF42HE)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.
 
Error: (10/08/2021 10:07:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
 
Windows Defender:
================
Date: 2021-10-13 13:13:00
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-12 12:42:50
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-11 12:36:27
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-10 11:41:48
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-09 11:59:39
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-10-13 21:06:04
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2021-10-13 21:04:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-10-13 21:02:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.12.0 04/18/2019
Motherboard: Dell Inc. 07F37C
Processor: Intel® Core™ i3-7100 CPU @ 3.90GHz
Percentage of memory in use: 89%
Total physical RAM: 4004.14 MB
Available physical RAM: 434.11 MB
Total Virtual: 8612.14 MB
Available Virtual: 3273.38 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.8 GB) (Free:861.79 GB) NTFS
 
\\?\Volume{5628e818-bc28-416b-a394-320b3ab3447d}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{559769b0-1b03-4394-9f4c-5b80ce85e54f}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.2 GB) NTFS
\\?\Volume{756d53f9-9b75-42ea-b8ab-c09b2a7e718e}\ (DELLSUPPORT) (Fixed) (Total:1.04 GB) (Free:0.35 GB) NTFS
\\?\Volume{dee77eb3-7747-412e-a909-4f920ff25df5}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 433315AF)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,931 posts
  • MVP

Need the FRST.txt log.

 

Also I would uninstall McAfee since you are not using it and it is creating errors.  Make sure you run the McAfee Consumer Product Removal tool (MCPR) afterward to get rid of all of it:

 

Download MCPR.exe from:

https://download.mca...s/MCPR/MCPR.exe

Save then go to the download folder and right click on MCPR.exe and Run As Admin.

 

After you do that then:

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.




Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 7.0 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.


  • 0

#3
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

I'm so sorry I forgot to paste the addition log. How silly of me. Thanks for the advice about McAfee. I will remove it as soon as I can.

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2021
Ran by Shaun (14-10-2021 09:26:43)
Running from C:\Users\Shaun\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1237 (X64) (2020-11-17 17:38:25)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1717062034-1452997292-2084382277-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1717062034-1452997292-2084382277-503 - Limited - Disabled)
Guest (S-1-5-21-1717062034-1452997292-2084382277-501 - Limited - Disabled)
Shaun (S-1-5-21-1717062034-1452997292-2084382277-1001 - Administrator - Enabled) => C:\Users\Shaun
WDAGUtilityAccount (S-1-5-21-1717062034-1452997292-2084382277-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{388A412B-5C0C-4C1E-8BF7-B6E9E117F367}) (Version: 4.4.2.9869 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{4990dc23-fdee-4fec-8bde-9f5d4745f88b}) (Version: 4.4.2.9869 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.3.0 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.1.1028 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{E7173746-C254-4F4E-ACCB-D6BD55E76EFE}) (Version: 1.1.70.527 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9177.0 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14430.20270 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10454 - Qualcomm)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.637 - McAfee, LLC)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-09-14] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-07-19] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-09-02] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.188.0_x64__rz1tebttyb220 [2021-10-13] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-14] (Dropbox Inc.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy [2021-09-17] (McAfee LLC.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-28] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2021.922.1.0_x64__8kea50m9krsh2 [2021-10-02] (Code Spark)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2020-02-12] (Pandora Media Inc) [Startup Task]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-28] (Microsoft Corporation)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-03-13] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-15] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-13] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2018-08-17] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0 [2021-10-13] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-07-31] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2020-02-12] (WinZip Computing)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxDTCM.dll [2021-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-08-14 21:29 - 2020-08-14 21:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001 -> DefaultScope {E41F9496-1A62-486C-9355-D9712E136A11} URL = 
SearchScopes: HKU\S-1-5-21-1717062034-1452997292-2084382277-1001 -> {E41F9496-1A62-486C-9355-D9712E136A11} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-09] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-09] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{8057CBD6-21A2-4EE1-AC42-95E08676F319}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{03FC484A-0C52-4799-B315-F1C27395241C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{0CB1F0AF-D04D-4567-9AF8-1ECDB47508E3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{5C0DC3AC-07B2-4AEC-BCA1-B2365C528895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FFE23972-562F-4120-A24F-9FB0733297F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31DE2818-CABE-48B1-ADDA-C224E340B7B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F0AD0F33-9243-4640-AE8D-0658C6273CAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6D82AB8-7573-4306-B294-8C0551FEEBFA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD8C3620-6522-474B-BEC8-CAA965773040}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4671B03E-7499-4EC1-AB38-0D1B0330EF99}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7164D723-93D1-437D-A370-8E83C0FB40ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E7BD9E20-E31D-42B6-B1CB-D24FBD0EA6C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7351A67-EF65-40EA-A244-E4630C35AC8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A3D8B4C-1F54-4D01-BD78-AD0D9B9DFA21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{91BA0919-240D-4600-A83D-AF212A677247}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBD9A2E6-0928-4231-92B7-77AAFFE750FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A0EFB516-D411-4B86-B61F-C0E24CFEA39E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66B1B43D-239C-4187-AA89-81D200151A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
24-09-2021 14:58:40 Scheduled Checkpoint
03-10-2021 14:28:35 Scheduled Checkpoint
12-10-2021 16:24:08 Scheduled Checkpoint
14-10-2021 07:46:38 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/14/2021 01:16:43 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (10/13/2021 09:05:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x2e38
Faulting application start time: 0x01d7c0978b6eb0c4
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 992cd103-7d6f-4d9a-b98f-c42819ef050d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/13/2021 09:05:24 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 09:04:12 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 08:20:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x2d64
Faulting application start time: 0x01d7c0913fa82ae9
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 7166c02a-a9db-44d6-acbe-d9b04ef8c286
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/13/2021 08:19:08 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (10/13/2021 08:13:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/13/2021 01:28:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrsysinfocommunication.p5x, version: 6.0.7303.352, time stamp: 0x61023fe3
Faulting module name: ntdll.dll, version: 10.0.19041.1202, time stamp: 0x4f115fac
Exception code: 0xc0000005
Fault offset: 0x0000000000024785
Faulting process id: 0x5208
Faulting application start time: 0x01d7c057a5ed1f29
Faulting application path: C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\pcdrsysinfocommunication.p5x
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e1896e34-4762-4c84-983d-643b6e9a33db
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the mfemms service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the ModuleCoreService service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the mccspsvc service.
 
Error: (10/13/2021 08:14:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.
 
Error: (10/13/2021 11:20:49 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (10/13/2021 01:37:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CMF42HE)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca did not register with DCOM within the required timeout.
 
Error: (10/08/2021 10:12:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CMF42HE)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.
 
Error: (10/08/2021 10:07:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
 
Windows Defender:
================
Date: 2021-10-13 13:13:00
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-12 12:42:50
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-11 12:36:27
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-10 11:41:48
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-10-09 11:59:39
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-10-13 21:06:04
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2021-10-13 21:04:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-10-13 21:02:13
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.12.0 04/18/2019
Motherboard: Dell Inc. 07F37C
Processor: Intel® Core™ i3-7100 CPU @ 3.90GHz
Percentage of memory in use: 79%
Total physical RAM: 4004.14 MB
Available physical RAM: 803.61 MB
Total Virtual: 8612.14 MB
Available Virtual: 3481.49 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.8 GB) (Free:859.48 GB) NTFS
 
\\?\Volume{5628e818-bc28-416b-a394-320b3ab3447d}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{559769b0-1b03-4394-9f4c-5b80ce85e54f}\ (Image) (Fixed) (Total:11.54 GB) (Free:0.2 GB) NTFS
\\?\Volume{756d53f9-9b75-42ea-b8ab-c09b2a7e718e}\ (DELLSUPPORT) (Fixed) (Total:1.04 GB) (Free:0.35 GB) NTFS
\\?\Volume{dee77eb3-7747-412e-a909-4f920ff25df5}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 433315AF)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,931 posts
  • MVP

NO you already posted the addition.txt file.  We need the FRST.txt file.


  • 0

#5
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Oh JEEZ! I am so sorry. I keep pasting the wrong one. I'm not as dumb as I seem, believe it or not. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021
Ran by Shaun (administrator) on DESKTOP-CMF42HE (Dell Inc. Inspiron 3268) (14-10-2021 12:06:29)
Running from C:\Users\Shaun\Desktop
Loaded Profiles: Shaun
Platform: Microsoft Windows 10 Home Version 21H1 19043.1237 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a83a57c91f6fd100\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® RMT -> Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.exe
(McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\3.1.160.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\PEF\CORE\PEFService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_18_12\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.2101.28.0_x64__8wekyb3d8bbwe\Time.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-06] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235464 2017-05-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494024 2017-05-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\...\Run: [MicrosoftEdgeAutoLaunch_F95D26AAF271BBEFBD774A1AC86EDFBB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1717062034-1452997292-2084382277-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  --profile-directory=Default --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switche (the data entry has 131 more characters).
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-12] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A79ABCA-5CB2-460A-8262-5012E5976514} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {129F9B6D-F6F1-42E0-808D-56EA36BFFFCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1445A26F-309A-405E-9BAE-52AEAE27BED1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {379F2A1D-DFA9-4F0F-BFC7-C01D1158553B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CFBB38E-CCB8-4303-9A3F-9B458DCF59A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-04] (Google Inc -> Google LLC)
Task: {698E4646-281C-4521-A66C-C64CF5592908} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [756672 2018-11-13] (McAfee, Inc. -> McAfee, Inc.)
Task: {716AE560-502F-4F58-9891-B4D3E80838A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F2E7436-D926-4BC3-A3AA-37418FCE9199} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {868312F3-F1A3-4B2E-BB0B-AD53CC319694} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1022656 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
Task: {942FBB44-CACA-413E-924B-817321906E7A} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1022656 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
Task: {B395A624-F08F-4B56-8E31-8A39A1235197} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B60A86DD-41FB-4C29-9650-2CAA5912F13E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {B96C25D7-8AF5-473B-AD3D-6C455078DDBB} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.6.106\DADUpdater.exe [4114288 2021-08-12] (McAfee, LLC -> McAfee, LLC)
Task: {C5C5D9FE-71AA-4F4C-80EC-2BE90CD5BD31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-04] (Google Inc -> Google LLC)
Task: {D72B7DD1-C7D8-4239-B955-1B9CA25B1AB3} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-08-30] (McAfee, LLC -> McAfee, LLC)
Task: {EACD6B70-EB7E-43D4-860B-8B699119D0AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB157BD9-EDAA-44EF-B8E9-4835E36E7840} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP CMF42HE 01
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{26a5d33e-fedd-47b5-be48-d750b8f9b848}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a34b5ba2-caa7-466d-8e8b-218689f670f4}: [DhcpNameServer] 71.10.216.2 71.10.216.1
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Shaun\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-14]
Edge DownloadDir: Default -> C:\Users\Shaun\Desktop
Edge HomePage: Default -> hxxp://www.google.com/
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-10-09] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-03-12] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default [2021-09-22]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-04]
CHR Extension: (Docs) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-04]
CHR Extension: (Google Drive) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-04]
CHR Extension: (Sheets) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-23]
CHR Extension: (Gmail) - C:\Users\Shaun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [301768 2019-08-12] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [182384 2016-08-12] (Intel® RMT -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973040 2021-10-09] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [509728 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1360384 2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-10-14 12:05 - 2021-10-14 12:06 - 002310656 _____ (Farbar) C:\Users\Shaun\Desktop\FRST64 (1).exe
2021-10-14 10:42 - 2021-10-14 10:42 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-10-14 10:41 - 2021-10-14 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-10-13 21:39 - 2021-10-14 09:30 - 000029306 _____ C:\Users\Shaun\Desktop\Addition.txt
2021-10-13 21:34 - 2021-10-14 12:08 - 000024055 _____ C:\Users\Shaun\Desktop\FRST.txt
2021-10-13 21:33 - 2021-10-14 12:06 - 000000000 ____D C:\Users\Shaun\Desktop\FRST-OlderVersion
2021-10-13 21:29 - 2021-10-14 12:07 - 000000000 ____D C:\FRST
2021-10-13 21:29 - 2021-10-13 21:29 - 000000000 ____D C:\Users\Shaun\Downloads\FRST-OlderVersion
2021-10-13 21:28 - 2021-10-13 21:29 - 002310656 _____ (Farbar) C:\Users\Shaun\Downloads\FRST64.exe
2021-10-13 11:31 - 2021-10-13 11:31 - 000000000 ___HD C:\$WinREAgent
2021-09-15 23:22 - 2021-09-15 23:22 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 23:21 - 2021-09-15 23:21 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 23:21 - 2021-09-15 23:21 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 23:20 - 2021-09-15 23:20 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 23:20 - 2021-09-15 23:20 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 23:20 - 2021-09-15 23:20 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 23:20 - 2021-09-15 23:20 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 23:20 - 2021-09-15 23:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 23:20 - 2021-09-15 23:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 23:20 - 2021-09-15 23:20 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 23:20 - 2021-09-15 23:20 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 23:19 - 2021-09-15 23:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 23:18 - 2021-09-15 23:18 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 23:18 - 2021-09-15 23:18 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 23:18 - 2021-09-15 23:18 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 23:17 - 2021-09-15 23:18 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 23:17 - 2021-09-15 23:17 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 23:17 - 2021-09-15 23:17 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 23:17 - 2021-09-15 23:17 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-15 23:17 - 2021-09-15 23:17 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-10-14 12:09 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-14 11:21 - 2019-06-04 17:57 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-14 10:57 - 2020-11-17 13:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-14 10:43 - 2020-11-17 13:37 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{839F4962-EE57-40F5-8E52-E3261F4F060A}
2021-10-14 10:42 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-14 10:38 - 2018-03-13 22:28 - 000000000 __SHD C:\Users\Shaun\IntelGraphicsProfiles
2021-10-14 10:36 - 2020-11-17 13:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-14 10:36 - 2020-11-17 13:17 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-14 10:36 - 2017-08-21 14:38 - 000000000 ____D C:\Intel
2021-10-14 10:35 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-14 07:50 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-13 20:16 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-13 19:57 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-13 19:57 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-13 11:40 - 2020-06-23 17:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-13 11:40 - 2020-06-23 17:22 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-12 17:23 - 2019-06-04 17:58 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-12 17:23 - 2019-06-04 17:58 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-09 18:58 - 2020-11-30 11:30 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bd076fbe40a2
2021-10-09 18:58 - 2020-11-17 13:37 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 13:48 - 2017-08-21 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-09 07:40 - 2020-09-30 00:26 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-06 11:28 - 2018-05-10 09:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 18:42 - 2017-08-21 14:44 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-10-05 13:07 - 2020-11-17 13:37 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2021-10-05 10:54 - 2020-11-17 13:37 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1717062034-1452997292-2084382277-1001
2021-10-05 10:54 - 2020-11-17 05:20 - 000002385 _____ C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-30 19:16 - 2020-11-17 13:37 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 19:16 - 2020-11-17 13:37 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-22 08:03 - 2019-07-27 14:55 - 000000000 ____D C:\Users\Shaun\AppData\Local\D3DSCache
2021-09-16 02:02 - 2020-11-17 13:32 - 000842482 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-16 01:55 - 2020-11-17 13:17 - 000436680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 01:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 01:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 01:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 01:51 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 01:51 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-15 22:24 - 2018-03-15 01:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 22:20 - 2018-03-15 01:33 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-14 15:20 - 2019-04-05 13:12 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,931 posts
  • MVP

No sign of malware.  You should get a performance boost just by uninstalling McAFee

 

I would also uninstall

Dell SupportAssist

as it is causing problems and if the PC is several years old Dell probably is not going to have a lot of updates for it.  If you really like Dell SupportAssist you can get a new copy on the dell support site for your PC.  It might work better than what you currently have.


  • 0

#7
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

OK, thank goodness. Something surprising happened. Sometime today my computer went into an update and restarted. Upon restart, it's performance has been greatly improved. The "sticking" sluggish problem seems to be gone. Perhaps the update is what it needed.

 

I will proceed with the uninstalling of McAfee. Thanks for the assistance.


Edited by Warship, 14 October 2021 - 12:46 PM.

  • 0

#8
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Unfortunately the "sluggish" problems largely returned. I guess it is just the system showing a little age. Since there is no sign of malware, should we close the topic?  

 

Thanks for the assistance.


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,931 posts
  • MVP

I expect we can find the problem if you want to follow my instructions in

http://www.geekstogo...d/#entry2661466


  • 0

#10
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Yesterday I used the tool provided to remove McAfee. Do you wish for all to be posted at once or one at a time?

 

Here is the registry scan file:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 95.87 60 K 8 K 0
procexp (1)64.exe 1.14 34,604 K 68,164 K 4324 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
SmartByteTelemetry.exe 0.76 27,572 K 7,220 K 10396 SmartByteTelemetry DELL (Verified) Rivet Networks LLC
RAPS.exe 0.76 6,704 K 10,576 K 5712
System 0.38 256 K 27,176 K 4
Interrupts 0.38 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.38 75,012 K 43,392 K 2844
csrss.exe 0.38 2,980 K 2,808 K 10624
msedge.exe < 0.01 107,148 K 146,596 K 8232 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 3,156 K 5,480 K 2340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SmartByteNetworkService.exe < 0.01 137,856 K 28,812 K 3608 SmartByte Network Service Rivet Networks (Verified) Rivet Networks LLC
SupportAssistAgent.exe < 0.01 591,688 K 72,672 K 7712 Service Dell Inc. (Verified) Dell Inc
Dsapi.exe < 0.01 105,696 K 10,704 K 8656 PC-Doctor Dell SupportAssist API PC-Doctor, Inc. (Verified) PC-Doctor, Inc.
msedge.exe < 0.01 39,488 K 90,700 K 5020 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe < 0.01 61,676 K 154,516 K 848 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 7,028 K 9,872 K 2700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 9,940 K 11,244 K 972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ServiceShell.exe < 0.01 118,684 K 35,212 K 2692 ServiceShell (Verified) Dell Inc
MsMpEng.exe < 0.01 406,552 K 272,008 K 3712 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Windows Publisher
explorer.exe < 0.01 64,320 K 75,264 K 7456 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
msedge.exe < 0.01 35,348 K 75,752 K 14196 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
SgrmBroker.exe < 0.01 4,896 K 4,844 K 7664 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
msedge.exe < 0.01 41,920 K 49,828 K 7232 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe < 0.01 7,544 K 9,692 K 8188 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 13,968 K 28,352 K 420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,060 K 16,448 K 10868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
conhost.exe < 0.01 6,712 K 6,344 K 5756
DellSupportAssistRemedationService.exe < 0.01 47,368 K 15,076 K 6268 Dell SupportAssist Remediation Dell Inc. (Verified) Dell Inc
svchost.exe < 0.01 6,140 K 9,644 K 10236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AdminService.exe < 0.01 2,156 K 5,604 K 3396 Windows Setup API Windows ® Win 7 DDK provider (Verified) Qualcomm Atheros
svchost.exe < 0.01 1,556 K 1,552 K 2384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
OfficeClickToRun.exe < 0.01 34,916 K 8,088 K 4148 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 79,404 K 72,108 K 1936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
RAVBg64.exe < 0.01 4,168 K 10,132 K 2960 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
msedge.exe < 0.01 7,784 K 6,868 K 12604 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 3,836 K 9,808 K 4256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
RAPSService.exe < 0.01 14,784 K 9,016 K 4804 Windows Service Wrapper Rivet Networks, LLC. (Verified) Rivet Networks LLC
YourPhone.exe Suspended 28,916 K 15,212 K 8372 YourPhone Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
WmiPrvSE.exe 25,856 K 32,144 K 1668
winlogon.exe 2,764 K 2,264 K 7892
wininit.exe 1,572 K 4,708 K 780
WavesSysSvc64.exe 4,884 K 6,012 K 3636 WavesSysSvc Service Application Waves Audio Ltd. (Verified) Waves Inc
WavesSvc64.exe 16,160 K 8,760 K 6836 Waves MaxxAudio Service Application Waves Audio Ltd. (Verified) Waves Inc
Video.UI.exe Suspended 20,152 K 652 K 4668 (No signature was present in the subject)
UserOOBEBroker.exe 2,024 K 5,212 K 4304 User OOBE Broker Microsoft Corporation (Verified) Microsoft Windows
Time.exe Suspended 22,000 K 1,456 K 4296 Time (No signature was present in the subject) 
TextInputHost.exe 13,108 K 9,276 K 11368 Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 6,188 K 15,876 K 3784 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SystemSettings.exe Suspended 23,920 K 2,076 K 8384 Settings Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,388 K 2,208 K 2136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 17,720 K 26,480 K 3424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 11,192 K 13,472 K 10344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,548 K 3,152 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,988 K 3,084 K 9328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,184 K 3,208 K 2236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,504 K 4,960 K 2652 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,516 K 12,176 K 1408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 16,524 K 11,308 K 1756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,136 K 5,776 K 3284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,636 K 8,896 K 2488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,236 K 6,436 K 5032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,476 K 6,952 K 4016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,800 K 4,264 K 2644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,692 K 18,416 K 10380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,780 K 2,896 K 2660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,736 K 1,552 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 29,980 K 29,676 K 3408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,492 K 18,468 K 3668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,008 K 13,356 K 2920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,520 K 13,212 K 2072 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,580 K 18,660 K 3432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,720 K 5,564 K 1260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,392 K 18,764 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,336 K 4,500 K 1268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,168 K 5,040 K 3840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,728 K 14,268 K 3444 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,060 K 4,068 K 1484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,976 K 5,980 K 8460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,532 K 8,656 K 7976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,592 K 6,320 K 5480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,068 K 3,304 K 6076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,704 K 14,624 K 5872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,872 K 5,892 K 6152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,780 K 4,048 K 2440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,568 K 2,328 K 3796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,264 K 3,012 K 2096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,316 K 1,248 K 1932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,332 K 12,824 K 6316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,980 K 7,876 K 7468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,560 K 4,604 K 2400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,956 K 5,944 K 3980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,336 K 2,996 K 4248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,916 K 6,220 K 5232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,828 K 8,392 K 4168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,612 K 3,836 K 3616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,284 K 3,700 K 3660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,980 K 5,668 K 3644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,292 K 3,312 K 3948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,620 K 5,192 K 3884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,832 K 11,184 K 3140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,452 K 2,520 K 3104 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 11,520 K 10,940 K 3240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,388 K 2,256 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,720 K 8,972 K 1884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,712 K 736 K 2480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,456 K 1,644 K 1636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,856 K 2,164 K 1996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,728 K 5,252 K 1904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,984 K 872 K 1988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,604 K 712 K 1476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,992 K 1,028 K 1704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,800 K 620 K 1284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,912 K 2,868 K 1264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,656 K 7,516 K 5436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,688 K 3,200 K 4268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,004 K 21,916 K 9776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,152 K 1,400 K 10232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,136 K 10,288 K 10996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SupportAssistOsRecovery.exe 22,176 K 9,896 K 9940
StartMenuExperienceHost.exe 29,588 K 15,888 K 8284 (Verified) Microsoft Windows
spoolsv.exe 6,284 K 13,876 K 3184 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 1,068 K 780 K 456
SmartByteAnalyticsService.exe 1,488 K 3,556 K 3628 SmartByte Analytics Service Rivet Networks (Verified) Rivet Networks LLC
sihost.exe 6,564 K 16,712 K 428 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,324 K 8,440 K 900
SecurityHealthSystray.exe 1,792 K 9,280 K 3472 Windows Security notification icon Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 4,640 K 10,796 K 1124 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchIndexer.exe 40,728 K 34,164 K 6424 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchApp.exe Suspended 90,576 K 1,688 K 4860 Search application Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 10,020 K 27,128 K 11704 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 1,700 K 2,424 K 12276 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,112 K 16,536 K 7776 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 8,720 K 8,980 K 10576 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,300 K 16,324 K 8692 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 5,636 K 5,548 K 8412 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 2,880 K 6,116 K 10476 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,072 K 20,768 K 9176 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 7,636 K 13,820 K 9580 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe 1,748 K 1,512 K 2536 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
Registry 7,660 K 35,144 K 100
RAVBg64.exe 5,872 K 13,208 K 7868
procexp (1).exe 4,348 K 12,296 K 7464 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 24,400 K 13,840 K 5952 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
OneDrive.exe 40,320 K 31,016 K 9056 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 9,060 K 10,464 K 608 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Windows Publisher
MusNotifyIcon.exe 4,592 K 1,948 K 12452 MusNotifyIcon.exe Microsoft Corporation (Verified) Microsoft Windows
msedge.exe 217,328 K 170,600 K 2740 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 14,448 K 48,640 K 9616 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 24,176 K 69,504 K 13464 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 11,792 K 26,060 K 800 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 8,512 K 10,544 K 7844 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 2,092 K 3,168 K 9360 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
Microsoft.Photos.exe Suspended 48,896 K 6,680 K 4196 (No signature was present in the subject)
Memory Compression 1,192 K 125,900 K 1392
MDLCSvc.exe 45,020 K 3,652 K 2980 MDLCService Dell Inc. (Verified) Dell Inc
lsass.exe 9,832 K 19,024 K 920 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
LockApp.exe Suspended 15,384 K 4,528 K 6564 LockApp.exe Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 4,032 K 3,396 K 9456 Intel® Local Management Service Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
jhi_service.exe 1,296 K 3,796 K 4328 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
IRMTService.exe 2,356 K 7,816 K 3456 Intel® Ready Mode Technology Service Intel Corporation (Verified) Intel® RMT
IntelCpHeciSvc.exe 1,352 K 852 K 1724 IntelCpHeciSvc Executable Intel Corporation (Verified) Intel® pGFX 2020
IntelCpHDCPSvc.exe 1,444 K 536 K 1456 Intel HD Graphics Drivers for Windows® Intel Corporation (Verified) Intel® pGFX 2020
igfxEM.exe 6,328 K 17,976 K 11020 igfxEM Module Intel Corporation (Verified) Intel® pGFX 2020
igfxCUIService.exe 1,892 K 1,360 K 1768 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX 2020
IAStorIcon.exe 20,208 K 2,404 K 11944 IAStorIcon Intel Corporation (Verified) Intel® Rapid Storage Technology
IAStorDataMgrSvc.exe 27,444 K 16,500 K 9796 IAStorDataSvc Intel Corporation (Verified) Intel® Rapid Storage Technology
fontdrvhost.exe 3,448 K 4,832 K 4548
fontdrvhost.exe 1,788 K 924 K 636
dllhost.exe 3,708 K 9,028 K 2608
DDVRulesProcessor.exe 6,380 K 6,616 K 6860 Dell Data Vault Rules Processor Dell Technologies Inc. (Verified) Dell Technologies Inc.
DDVDataCollector.exe 23,776 K 12,948 K 8624 Dell Data Vault Data Collector Service Dell Technologies Inc. (Verified) Dell Technologies Inc.
DDVCollectorSvcApi.exe 1,928 K 2,288 K 4664 Dell Data Vault Data Collector Service API Dell Technologies Inc. (Verified) Dell Technologies Inc.
dasHost.exe 4,456 K 2,552 K 2572
ctfmon.exe 4,016 K 18,936 K 868
csrss.exe 2,052 K 4,288 K 668
ApplicationFrameHost.exe 15,484 K 30,232 K 3624 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

Edited by Warship, Yesterday, 11:24 AM.

  • 0

#11
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Speccy:

 

 

Attached Files


  • 0

#12
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

LatencyMon:

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:01:03  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        DESKTOP-CMF42HE
OS version:                                           Windows 10, 10.0, version 2009, build: 19043 (x64)
Hardware:                                             Inspiron 3268, Dell Inc.
CPU:                                                  GenuineIntel Intel® Core™ i3-7100 CPU @ 3.90GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  4004 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   3912 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   308.40
Average measured interrupt to process latency (µs):   6.678726
 
Highest measured interrupt to DPC latency (µs):       270.20
Average measured interrupt to DPC latency (µs):       1.870673
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              29.834356
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.001382
Driver with highest ISR total time:                   HDAudBus.sys - High Definition Audio Bus Driver, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.001626
 
ISR count (execution time <250 µs):                   607
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              482.689417
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.132328
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Total time spent in DPCs (%)                          0.230429
 
DPC count (execution time <250 µs):                   57909
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              73
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 msmpeng.exe
 
Total number of hard pagefaults                       329
Hard pagefault count of hardest hit process:          210
Number of processes hit:                              13
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       1.001322
CPU 0 ISR highest execution time (µs):                29.834356
CPU 0 ISR total execution time (s):                   0.004145
CPU 0 ISR count:                                      607
CPU 0 DPC highest execution time (µs):                482.689417
CPU 0 DPC total execution time (s):                   0.522937
CPU 0 DPC count:                                      50547
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.182311
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                408.578732
CPU 1 DPC total execution time (s):                   0.037606
CPU 1 DPC count:                                      3705
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.152811
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                149.035532
CPU 2 DPC total execution time (s):                   0.018613
CPU 2 DPC count:                                      2615
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.131248
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                187.304448
CPU 3 DPC total execution time (s):                   0.008289
CPU 3 DPC count:                                      1115
_________________________________________________________________________________________________________
 

  • 0

#13
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

I cannot take a screenshot. I have no operational camera at the present time.


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,931 posts
  • MVP

Use one of the methods here to take a screenshot:

https://www.pcmag.co...s-in-windows-10

 

Save As a .jpg so the forum will accept it then Attach the file like you did the Speccy log.

 

Right now all I am seeing is a lot of Hard Page Faults.  Since you have a non-SSD these cause big delays.  Let's see if we can cut down on them:

 

Search for
 
task scheduler
 
hit Enter
 
Click on the arrow in front of Task Scheduler Library then
 
Click on the arrow in front of Microsoft
 
Click on the arrow in front of Windows
 
Click on Application Experience.  In the next pane to the right, right click on each Task and Disable.  Should be three or four (later versions) tasks.
 
Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Disable.  Should be two tasks.
 
Download OOSU10.exe:
 
 
Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.
 
Close the program and reboot.
 
Rerun Latency Monitor  and give me a page shot of the Processes tab.  Make sure you sort the Hard Pagefault column so that the processes with the most faults are at the top of the list.
 
Speccy reports the hard drive is showing a ridiculous value for start up time which may indicate that it is getting slow so let's get HD Tune
 
 
 
Actual download is at:
 
 
 
 
Download, Save, right click and Run As Admin.  Run the Benchmark test and report your min, max & average transfer times.  (Or take a screenshot and post that) Ideally the graph would be flat or slightly tilted to the right.  On a bad drive you will see sharp drops.  The fewer programs running at the same time the better.  Pause your anti-virus.

  • 0

#15
Warship

Warship

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

LatencyMon screenshot is below. Thanks for teaching me a little about how to do that and use the clipboard. Those are two tools I have NEVER used.

Attached Thumbnails

  • Latency.jpg

Edited by Warship, 4 minutes ago.

  • 0






Similar Topics

3 user(s) are reading this topic

1 members, 2 guests, 0 anonymous users


    Warship

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP