Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop Sluggish and Mouse is Erratic


  • Please log in to reply

#1
Jackpine

Jackpine

    Member

  • Member
  • PipPipPip
  • 426 posts

Hi,

 

A couple of days ago, my laptop began operating slowly (loading pages, opening documents, etc.), and at the same time, my mouse began behaving erratically. For example, often when I double click a shortcut to open, nothing happens.  If I single click on a program, it won't open.  This behaviour is erratic.  Sometimes the mouse works fine, other times it is non-responsive.  When it doesn't respond, I found that by clicking a few times on the bottom of the screen will cause it to work. I replace the mouse with a known working one, and the same behaviour occurs.

 

Help please!

 

FRST logs are shown below.

 

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\ReflectUI.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Photodex Corporation -> ) C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2015-02-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5614320 2020-01-08] (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed]
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [171832 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31190360 2021-10-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\MountPoints2: {a188ff1a-5ee1-11eb-8735-5435306021e4} - "G:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31190360 2021-10-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series XPS: C:\Windows\system32\CNMXLMCS.DLL [409088 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HP 6412 Status Monitor: C:\Windows\system32\hpinksts6412LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-12] (Google LLC -> Google LLC)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {054B3168-3537-4FFA-8F83-38329D62AA21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-14] (Google Inc -> Google Inc.)
Task: {11A5B995-4763-471C-8197-B969BC6D4B12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [555640 2021-03-25] (HP Inc. -> HP Inc.)
Task: {19AAEA31-D5D8-4FAB-81E2-BFF88DAA5313} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {239337C7-8207-44E5-BF5B-8272DE84CFB8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {3D600A82-9FD8-40DB-A0C7-EEF56E157CCC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {4B40DB7F-A298-4F8A-8A0F-3A77F167429F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {4C3CEB43-87E5-456A-BC90-95308A36C2F2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {50F237AC-D237-4B74-8F4A-ED0373E391B5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {573DFF1F-BF71-45E5-A502-6D7BDE057A6B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {5759E379-6A87-4D0A-96EA-7AF7CF014852} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {5FD4AD66-57F9-446C-8658-6A55AA23BB09} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {6510AEDA-4D54-4636-99E7-5D346A87696D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {68AB952A-7620-4D51-9A04-9ACFB2B2B7DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {6C227263-548B-4933-B09C-E3D629707727} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {72332503-C558-4BCF-BBB1-3539C4E3A889} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2021-10-06] (Garmin International, Inc. -> )
Task: {7FB5B528-C84D-4353-9D87-1ED8DF2F161C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {82ABAF53-F6C7-433B-961E-3F6FA8AF9D88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-14] (Google Inc -> Google Inc.)
Task: {850B844A-9D1F-4459-97DE-2021CE45525F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2015-02-18] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {856B9036-4BDE-4A22-9034-1998E7490AB7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.)
Task: {8C5733EB-5D00-4602-988D-109420577FB4} - System32\Tasks\G2MUpdateTask-S-1-5-21-3511957844-2261570385-1743981658-1005 => C:\Users\Robert\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-06-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {8CABF83B-0C09-4FC1-A763-45065D5E325D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {9923C0EB-B11D-4BE7-BB7A-F7D65262E63F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {A2F89395-00DB-4E6F-9E90-F75CE57FDF29} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4966200 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {A6F0DB50-88A5-4730-A995-20613662F8F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {A90C7AA3-D269-4F3E-9B40-7858EB23B002} - System32\Tasks\{FB1A9DC6-BD16-42C2-B04F-5221F8745A03} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Task: {B396B1EB-A075-4586-8E1F-3AD9EDD28A78} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {BBF4AC2F-7854-45DB-85D7-B7A22AA481D8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {C6621C13-DF98-45EE-B1AE-94155E7F0D5F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {CD582F0A-09B9-4B81-BDC3-8F01946124C7} - System32\Tasks\{4979924A-EB1C-4F5D-B5AF-D4EBC35946DD} => C:\Windows\system32\pcalua.exe -a C:\Users\Robert\Downloads\x-video-converter.exe -d C:\Users\Robert\Downloads
Task: {DB3EB686-B7C1-4B28-8A1E-C3854FE5924B} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe
Task: {DF4123C2-437B-4A0A-A375-BC554AE4BED5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {E1FD1497-5993-461F-AFB8-6FACDC1EBA84} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {E3866197-0E21-4BC7-AB8F-9EA108005DAD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {F154AE9B-0342-40FC-B740-D1D178CC4B36} - System32\Tasks\G2MUploadTask-S-1-5-21-3511957844-2261570385-1743981658-1005 => C:\Users\Robert\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-06-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F4E129AB-7B3D-4C2F-B248-2AFF728F2996} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3511957844-2261570385-1743981658-1005.job => C:\Users\Robert\AppData\Local\GoToMeeting\19796\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3511957844-2261570385-1743981658-1005.job => C:\Users\Robert\AppData\Local\GoToMeeting\19796\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{42E1B6EA-3728-42A7-8E02-53ADCE251643}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{7C57A303-A069-4AAA-A050-8A4F276FEC6D}: [DhcpNameServer] 192.168.99.10 192.168.99.12

FireFox:
========
FF DefaultProfile: rkbdbks1.default-1462932459567
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\rkbdbks1.default-1462932459567 [2021-10-16]
FF Notifications: Mozilla\Firefox\Profiles\rkbdbks1.default-1462932459567 -> hxxps//photos.google.com; hxxps//www.kijiji.ca
FF Extension: (uBlock Origin) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\rkbdbks1.default-1462932459567\Extensions\[email protected] [2021-10-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-16] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2014-05-12] () [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-08-10]

Chrome:
=======
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2021-10-15]
CHR Notifications: Default -> hxxps//retirehappy.ca; hxxps//www.aliexpress.com
CHR Extension: (Slides) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-09]
CHR Extension: (Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-09]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-09]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-09]
CHR Extension: (uBlock Origin) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-13]
CHR Extension: (Proper Menubar for Google Chrome) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\egclcjdpndeoioimlbbbmdhcaopnedkp [2020-12-10]
CHR Extension: (Share link via email) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2021-05-03]
CHR Extension: (Sheets) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-09]
CHR Extension: (Google Docs Offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-09]
CHR HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [630584 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [378168 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8360560 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5453200 2020-01-08] (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2014-05-12] (Photodex Corporation -> )
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-06-23] (SolidWorks) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (SlySoft, Inc. -> RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (SlySoft, Inc. -> RedFox)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [35848 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [221728 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [369232 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250480 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99440 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41504 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [184792 2021-09-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [538632 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [108000 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83064 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851864 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [557288 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [215536 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [328712 2021-09-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [380384 2021-09-09] (Google LLC -> Google, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-18] (Martin Malik - REALiX -> REALiX™)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205448 2015-02-18] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\program files\macrium\reflect\wimmount.sys [33600 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-16 14:32 - 2021-10-16 14:37 - 000031348 _____ C:\Users\Robert\Desktop\FRST.txt
2021-10-16 11:02 - 2021-10-16 11:02 - 000000000 ____D C:\Users\Robert\Desktop\FRST-OlderVersion
2021-10-16 11:01 - 2021-10-16 11:02 - 002310656 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2021-10-16 08:47 - 2021-10-16 10:22 - 000000000 ____D C:\Users\Robert\Downloads\Good Day for a Hanging
2021-10-13 19:20 - 2021-10-05 03:00 - 001500872 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-13 19:20 - 2021-10-01 21:51 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-13 19:20 - 2021-10-01 21:47 - 000403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-13 19:20 - 2021-09-21 01:53 - 000019720 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys
2021-10-13 19:04 - 2021-10-13 19:04 - 000116060 _____ C:\Users\Robert\Documents\Bob Chachel Contract .pdf
2021-10-11 20:16 - 2021-10-11 20:16 - 000000000 ____D C:\Users\Robert\Downloads\Appointment with Danger
2021-10-11 20:03 - 2021-10-11 20:03 - 000001873 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2021-10-11 20:03 - 2021-10-11 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-10-11 08:45 - 2021-10-11 08:45 - 000000000 ____D C:\Users\Robert\Downloads\Above Suscpicion
2021-10-11 08:44 - 2021-10-11 08:44 - 000000000 ____D C:\Users\Robert\Downloads\A_CRY_IN_THE_WILDERNESS
2021-10-10 21:09 - 2021-10-10 21:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-10-10 21:05 - 2021-10-12 15:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-27 14:45 - 2021-09-27 14:49 - 000000000 ____D C:\Users\Robert\Downloads\Man_on_a_Tightrope
2021-09-25 19:04 - 2021-09-25 19:04 - 000000935 _____ C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Mahjong.lnk
2021-09-24 18:24 - 2021-09-24 18:24 - 000000000 ____D C:\Users\Robert\Downloads\THE_NIGHT_rmHD
2021-09-24 16:21 - 2021-09-24 16:23 - 000000000 ____D C:\Users\Robert\Downloads\Cloudburst
2021-09-24 15:23 - 2021-09-24 16:15 - 000000000 ____D C:\Users\Robert\Downloads\Gunman in the Streets
2021-09-24 00:28 - 2021-10-15 15:33 - 000002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-24 00:28 - 2021-10-15 15:33 - 000001877 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-24 00:28 - 2021-10-15 15:33 - 000001877 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-24 00:28 - 2021-10-15 15:33 - 000001865 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-24 00:28 - 2021-09-09 10:29 - 000380384 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys
2021-09-23 13:17 - 2021-09-23 13:17 - 000340792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-09-23 13:17 - 2021-09-23 13:17 - 000215536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2021-09-23 09:36 - 2021-09-23 09:51 - 000000000 ____D C:\Users\Robert\Downloads\Fast and Furious 9 The Fast Saga (2021) NTSC DVD9
2021-09-22 16:51 - 2021-09-22 16:51 - 000002363 _____ C:\Users\Robert\Desktop\Secret City Chalk of Fate Collectors.lnk
2021-09-20 19:28 - 2021-09-20 19:28 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Teyon
2021-09-19 21:45 - 2021-09-19 21:45 - 000000000 ____D C:\Users\Robert\AppData\Local\Artifex Mundi
2021-09-19 20:19 - 2021-09-19 20:19 - 032903895 _____ C:\Users\Robert\Documents\Edible_and_Poisonous_Mushrooms_of_Canada.pdf
2021-09-19 20:18 - 2021-09-19 20:18 - 000000000 ____D C:\Users\Robert\Documents\Mushrooms of Canada
2021-09-19 07:57 - 2021-09-19 07:57 - 000000000 ____D C:\Users\Robert\Downloads\The House of the Seven Hawks - 1959 - NTSC_WAC_DVD5-TIK

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-16 14:35 - 2020-02-21 23:17 - 000000000 ____D C:\FRST
2021-10-16 14:32 - 2016-11-29 23:05 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Mozilla
2021-10-16 14:32 - 2014-04-25 22:55 - 000000000 ____D C:\Users\Robert\AppData\Roaming\uTorrent
2021-10-16 14:31 - 2014-04-23 19:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-16 14:30 - 2016-05-14 23:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-16 14:26 - 2020-08-16 12:22 - 000000000 ____D C:\ProgramData\AVG
2021-10-16 14:26 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-16 14:21 - 2014-04-23 19:02 - 000000000 ____D C:\Users\Robert\AppData\Roaming\ClassicShell
2021-10-16 13:24 - 2021-05-04 14:01 - 000000660 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3511957844-2261570385-1743981658-1005.job
2021-10-16 13:23 - 2021-05-04 14:01 - 000000564 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3511957844-2261570385-1743981658-1005.job
2021-10-16 12:36 - 2014-04-23 18:58 - 000003934 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{8A055C58-84B1-4BA9-AD00-A48621AAEA0A}
2021-10-16 10:53 - 2020-01-02 13:45 - 000000000 ____D C:\Users\Robert\AppData\Local\ElevatedDiagnostics
2021-10-16 08:46 - 2019-02-03 10:56 - 000000000 ____D C:\Users\Robert\Documents\Movie Collector
2021-10-16 00:05 - 2013-12-12 04:31 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-10-15 20:55 - 2015-05-06 18:10 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3511957844-2261570385-1743981658-1005
2021-10-15 20:02 - 2021-05-04 14:01 - 000003664 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3511957844-2261570385-1743981658-1005
2021-10-15 20:02 - 2021-05-04 14:01 - 000003568 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3511957844-2261570385-1743981658-1005
2021-10-15 20:02 - 2020-08-17 13:36 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-10-15 20:02 - 2020-08-16 12:25 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-10-15 20:02 - 2019-04-22 16:48 - 000003150 _____ C:\Windows\system32\Tasks\{4979924A-EB1C-4F5D-B5AF-D4EBC35946DD}
2021-10-15 20:02 - 2017-01-03 21:39 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2021-10-15 20:02 - 2016-05-14 23:16 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-15 20:02 - 2016-05-14 23:16 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-15 20:02 - 2016-02-13 20:57 - 000003886 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-10-15 20:02 - 2014-04-27 16:23 - 000003124 _____ C:\Windows\system32\Tasks\{FB1A9DC6-BD16-42C2-B04F-5221F8745A03}
2021-10-15 20:02 - 2013-12-12 04:32 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-10-15 15:36 - 2014-04-27 16:37 - 000000000 ____D C:\Downloaded Games
2021-10-15 04:07 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2021-10-14 16:25 - 2013-09-07 13:33 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-10-14 16:24 - 2016-04-06 17:33 - 000000000 ____D C:\Program Files (x86)\HP
2021-10-14 16:24 - 2013-09-07 13:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-10-14 16:23 - 2019-03-06 17:07 - 000000000 ____D C:\swsetup
2021-10-14 15:05 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-10-13 22:55 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\AppReadiness
2021-10-13 21:13 - 2013-08-22 10:44 - 000512208 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-13 21:13 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2021-10-13 21:06 - 2013-08-22 11:36 - 000000000 ___RD C:\Windows\ToastData
2021-10-13 19:37 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2021-10-13 19:31 - 2014-04-23 04:09 - 000000000 ____D C:\Windows\system32\MRT
2021-10-13 19:23 - 2014-04-23 04:09 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-13 19:04 - 2020-08-05 15:59 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-10-13 18:17 - 2020-02-21 16:13 - 000000000 ____D C:\Users\Robert\Documents\Website Info
2021-10-13 08:56 - 2014-04-23 18:57 - 000000000 ____D C:\Users\Robert
2021-10-12 15:40 - 2020-12-09 20:32 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-12 15:26 - 2014-04-23 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-12 10:05 - 2019-05-22 18:25 - 000000000 ____D C:\Users\Robert\Documents\Camping Menus and Gear Lists
2021-10-12 10:01 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\registration
2021-10-11 20:03 - 2017-01-03 21:40 - 000000000 ____D C:\ProgramData\Garmin
2021-10-11 20:03 - 2017-01-03 21:39 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-10-11 20:03 - 2013-12-12 04:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-11 20:02 - 2013-08-26 02:09 - 000962108 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-10 21:09 - 2014-04-23 19:20 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-10 21:07 - 2020-02-13 20:30 - 000001250 _____ C:\Users\Public\Desktop\Movie Collector.lnk
2021-09-27 15:59 - 2018-10-19 22:12 - 000000000 ____D C:\Users\Robert\AppData\Local\Microsoft Games
2021-09-27 09:18 - 2020-10-21 02:41 - 000184792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2021-09-24 00:28 - 2020-10-16 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-23 13:17 - 2020-08-16 12:25 - 000851864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000557288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000538632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000369232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000328712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000250480 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000221728 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000108000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000099440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000083064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000041504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2021-09-23 13:17 - 2020-08-16 12:25 - 000035848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2021-09-23 10:29 - 2020-11-14 19:49 - 000000000 ____D C:\Users\Robert\Documents\MAPS
2021-09-22 16:51 - 2015-04-25 14:32 - 000000000 ____D C:\Users\Robert\AppData\Roaming\DominiGames
2021-09-22 16:46 - 2014-05-04 17:08 - 000000000 ____D C:\Program Files (x86)\Games
2021-09-20 19:29 - 2020-08-25 21:46 - 000000000 ____D C:\Users\Robert\AppData\Local\CrashDumps
2021-09-19 21:45 - 2020-01-01 14:49 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Artifex Mundi

==================== Files in the root of some directories ========

2018-01-14 13:30 - 2018-01-14 13:31 - 000000077 _____ () C:\Users\Robert\SudokuWorks8.exe
2014-07-11 23:15 - 2020-12-23 18:58 - 000007609 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-10-16 09:35
==================== End of FRST.txt ========================

 

==================== Memory info ===========================

BIOS: Insyde F.37 10/22/2015
Motherboard: Hewlett-Packard 213B
Processor: AMD A6-5200 APU with Radeon™ HD Graphics
Percentage of memory in use: 27%
Total physical RAM: 7643.95 MB
Available physical RAM: 5576.97 MB
Total Virtual: 8859.95 MB
Available Virtual: 6905.45 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:677.33 GB) (Free:433.05 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.54 GB) (Free:2.01 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{b412d7c1-a189-4967-aa4a-59b14fdfd4c1}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3A472083)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,941 posts
  • MVP

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 7.0 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   414bytes   6 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0

#3
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

Process explore file:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    92.90    0 K    4 K    0            
procexp64.exe    3.73    34,276 K    66,560 K    12044    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
firefox.exe    1.49    131,164 K    159,552 K    10660    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
System    0.75    128 K    10,996 K    4            
PDAgent.exe    0.75    5,080 K    13,132 K    1832    PDAgent Module    Raxco Software, Inc.    (Verified) Raxco Software, Inc.
firefox.exe    0.37    204,236 K    278,464 K    11124    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        
express.exe    < 0.01    60,568 K    89,668 K    10424    Garmin Express    Garmin Ltd. or its subsidiaries    (Verified) Garmin International, Inc.
dwm.exe    < 0.01    15,656 K    27,172 K    10816    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
ReflectMonitor.exe    < 0.01    2,728 K    10,452 K    6472    Macrium Reflect Disk Imaging and Backup    Paramount Software UK Ltd    (Verified) Paramount Software UK Ltd
csrss.exe    < 0.01    2,576 K    7,628 K    10876    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AVGUI.exe    < 0.01    33,732 K    56,900 K    6532    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
CNMNSST.exe    < 0.01    1,480 K    6,252 K    5280    Canon IJ Network Scanner Selector EX    CANON INC.    (Verified) Canon Inc.
AVGSvc.exe    < 0.01    93,840 K    40,428 K    1496    AVG Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
explorer.exe    < 0.01    66,296 K    113,716 K    2404    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    87,848 K    92,584 K    1172    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
MOM.exe    < 0.01    27,084 K    4,528 K    5424    Catalyst Control Center: Monitoring program    Advanced Micro Devices Inc.    (No signature was present in the subject) Advanced Micro Devices Inc.
aswidsagent.exe    < 0.01    27,328 K    44,804 K    4108    AVG Software Analyzer    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
CCC.exe    < 0.01    84,064 K    21,176 K    5828    Catalyst Control Center: Host application    ATI Technologies Inc.    (No signature was present in the subject) ATI Technologies Inc.
firefox.exe    < 0.01    31,472 K    26,684 K    12164    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SynTPEnh.exe    < 0.01    4,080 K    15,620 K    4416    Synaptics TouchPad 64-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe    < 0.01    22,736 K    41,724 K    1084    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    69,864 K    83,012 K    4252    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
lsass.exe    < 0.01    6,160 K    13,620 K    904    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    16,124 K    22,052 K    576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    79,320 K    92,320 K    3716    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
hpservice.exe    < 0.01    956 K    4,220 K    1264    HpService    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
wsc_proxy.exe        3,840 K    9,684 K    320    AVG remediation exe    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
wmpnetwk.exe        6,352 K    19,492 K    4744    Windows Media Player Network Sharing Service    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        3,324 K    9,456 K    5224    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,424 K    7,720 K    5628    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1,500 K    11,792 K    9520    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,044 K    4,656 K    792    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        1,084 K    4,880 K    4172    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
taskhostex.exe        4,668 K    10,152 K    11248    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SynTPHelper.exe        936 K    3,964 K    2412    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPEnhService.exe        720 K    3,216 K    4084    64-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        4,288 K    11,276 K    976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,232 K    8,604 K    1016    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,800 K    14,820 K    2784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,320 K    15,940 K    1108    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,856 K    17,252 K    1396    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,292 K    23,792 K    1472    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,392 K    8,336 K    2712    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,540 K    10,728 K    2760    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,976 K    6,816 K    4068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        7,224 K    18,752 K    1780    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        276 K    1,036 K    492    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe        4,140 K    8,324 K    888    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchIndexer.exe        27,800 K    30,204 K    4568    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
scsiaccess.exe        708 K    2,868 K    4016            (Verified) Photodex Corporation
RtkNGUI64.exe        4,268 K    10,280 K    868    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe        1,640 K    6,084 K    1332    Realtek Audio Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
ReflectUI.exe        2,972 K    10,156 K    8620    Macrium Reflect UI Watcher    Paramount Software UK Ltd    (The digital signature of the object did not verify) Paramount Software UK Ltd
RAVBg64.exe        5,820 K    11,236 K    5336    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RAVBg64.exe        5,420 K    10,616 K    4956    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
procexp.exe        4,672 K    9,096 K    11556    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PDEngine.exe        5,628 K    13,284 K    3800    PDEngine Module    Raxco Software, Inc.    (Verified) Raxco Software, Inc.
PDAgentS1.exe        1,132 K    4,540 K    6368    PDAgentS1 Module    Raxco Software, Inc.    (Verified) Raxco Software, Inc.
NMIndexStoreSvr.exe        11,380 K    16,608 K    9756    Nero Home    Nero AG    (Verified) Nero AG
NMIndexingService.exe        5,316 K    10,844 K    5240    Nero Home    Nero AG    (Verified) Nero AG
NMBgMonitor.exe        5,000 K    11,036 K    3592    Nero Home    Nero AG    (Verified) Nero AG
mDNSResponder.exe        1,480 K    5,148 K    2736    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
MacriumService.exe        3,260 K    11,024 K    3660    Macrium Reflect Utility Service    Paramount Software UK Ltd    (The digital signature of the object did not verify) Paramount Software UK Ltd
ijplmsvc.exe        1,004 K    4,352 K    3624    Inkjet Printer/Scanner/Fax Extended Survey Program Service        (Verified) Canon Inc.
HPWMISVC.exe        1,356 K    5,764 K    2956    HP WMI Service    Hewlett-Packard Development Company, L.P.    (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe        41,240 K    47,152 K    1124    HP Support Solutions Framework Service    HP Inc.    (Verified) HP Inc.
hpqwmiex.exe        1,812 K    7,448 K    7164    HP Software Framework WMI Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
HPMSGSVC.exe        1,544 K    6,656 K    8244    HP Message Service    Hewlett-Packard Development Company, L.P.    (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe        1,484 K    244 K    4552    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler.exe        1,520 K    212 K    2976    Google Crash Handler    Google LLC    (Verified) Google LLC
Fuel.Service.exe        1,736 K    7,408 K    2688    AMD Fuel Service    Advanced Micro Devices, Inc.    (No signature was present in the subject) Advanced Micro Devices, Inc.
firefox.exe        49,336 K    65,444 K    3096    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        34,060 K    32,324 K    11580    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dasHost.exe        6,340 K    15,280 K    3024    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        2,248 K    5,092 K    696    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
crashpad_handler.exe        1,168 K    4,584 K    11936            (Verified) Google LLC
crashpad_handler.exe        1,200 K    4,276 K    5872            (Verified) Google LLC
crashpad_handler.exe        1,196 K    4,328 K    11892            (Verified) Google LLC
ClassicStartMenu.exe        2,848 K    9,056 K    4168    Classic Start Menu    IvoSoft    (Certificate expired) IvoSoft
CefSharp.BrowserSubprocess.exe        15,572 K    24,160 K    2120    CefSharp.BrowserSubprocess    The CefSharp Authors    (No signature was present in the subject) The CefSharp Authors
AVGUI.exe        22,864 K    39,292 K    3792    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
AVGUI.exe        14,588 K    28,968 K    10472    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
AVGUI.exe        15,760 K    35,224 K    10976    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
avgToolsSvc.exe        35,008 K    52,956 K    1960    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
audiodg.exe        8,900 K    13,688 K    11660    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
atiesrxx.exe        832 K    3,484 K    804    AMD External Events Service Module    AMD    (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe        2,304 K    7,848 K    712    AMD External Events Client Module    AMD    (Verified) Microsoft Windows Hardware Compatibility Publisher
aswEngSrv.exe        61,492 K    110,592 K    2876    AVG Antivirus engine server    AVG Technologies CZ, s.r.o.    (Verified) AVG Technologies USA, LLC
armsvc.exe        1,056 K    4,372 K    2560    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems, Incorporated
AERTSr64.exe        504 K    2,528 K    2656    Andrea filters APO access service (64-bit)    Andrea Electronics Corporation    (Verified) Andrea Electronics
AdaptiveSleepService.exe        1,264 K    4,888 K    2532            (No signature was present in the subject)
acrotray.exe        1,872 K    6,356 K    2596    AcroTray    Adobe Systems Inc.    (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe        1,664 K    2,268 K    7276    Hp Accelerometer System Tray    Hewlett-Packard Company    (Verified) Hewlett-Packard Company


 


  • 0

#4
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

specey file attached.

Attached Files


  • 0

#5
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

___Latency Monitoring Log:

______________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:36  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        SHADOWFAX
OS version:                                           Windows 8.1, 6.3, build: 9600 (x64)
Hardware:                                             HP Pavilion 17 Notebook PC, Hewlett-Packard
CPU:                                                  AuthenticAMD AMD A6-5200 APU with Radeon™ HD Graphics
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  7643 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   1996 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   1224.948948
Average measured interrupt to process latency (µs):   14.309475

Highest measured interrupt to DPC latency (µs):       350.864774
Average measured interrupt to DPC latency (µs):       4.782015


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              77.359719
Driver with highest ISR routine execution time:       USBPORT.SYS - USB 1.1 & 2.0 Port Driver, Microsoft Corporation

Highest reported total ISR routine time (%):          0.004055
Driver with highest ISR total time:                   storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%)                          0.004680

ISR count (execution time <250 µs):                   820
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              800.116232
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%):          0.015931
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Total time spent in DPCs (%)                          0.098750

DPC count (execution time <250 µs):                   13406
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              57
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 aswengsrv.exe

Total number of hard pagefaults                       5
Hard pagefault count of hardest hit process:          2
Number of processes hit:                              3


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.367670
CPU 0 ISR highest execution time (µs):                19.430361
CPU 0 ISR total execution time (s):                   0.001545
CPU 0 ISR count:                                      190
CPU 0 DPC highest execution time (µs):                800.116232
CPU 0 DPC total execution time (s):                   0.078177
CPU 0 DPC count:                                      10372
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.190006
CPU 1 ISR highest execution time (µs):                19.414830
CPU 1 ISR total execution time (s):                   0.001848
CPU 1 ISR count:                                      232
CPU 1 DPC highest execution time (µs):                675.026052
CPU 1 DPC total execution time (s):                   0.026869
CPU 1 DPC count:                                      1269
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.145188
CPU 2 ISR highest execution time (µs):                21.341683
CPU 2 ISR total execution time (s):                   0.001440
CPU 2 ISR count:                                      195
CPU 2 DPC highest execution time (µs):                444.360220
CPU 2 DPC total execution time (s):                   0.017064
CPU 2 DPC count:                                      889
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.273053
CPU 3 ISR highest execution time (µs):                77.359719
CPU 3 ISR total execution time (s):                   0.001926
CPU 3 ISR count:                                      203
CPU 3 DPC highest execution time (µs):                621.027054
CPU 3 DPC total execution time (s):                   0.020519
CPU 3 DPC count:                                      933
_________________________________________________________________________________________________________

 


  • 0

#6
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

I took a screenshot of the Drivers tab, but there was nothing in the Screenshot folder.


  • 0

#7
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

LatencyMon Drivers Tab and Processes Tab screenshots attached.

Attached Thumbnails

  • LatencyMon Drivers Tab.PNG
  • LatencyMon Processes Tab.PNG

  • 0

#8
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

Fixlog show below.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2021
Ran by Robert (17-10-2021 11:29:40) Run:2
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 6.3.9600.19408

Image Version: 6.3.9600.19397

The restore operation completed successfully. The component store corruption was repaired.
The operation completed successfully.

========= End of CMD: =========


========= SFC /scannow =========


Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATTENTION

 


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,941 posts
  • MVP

Are the two screenshots from the same Latency Monitor run as the Summary?  There should have been some pagefaults on the Processes tab.  Perhaps the sort has them at the bottom?  Click again on the column header for Hard Pagefaults and it should bring them to the top.

 

The fixlist failed because it timed out.  Not sure why that happened but at least it got through the DISM check OK.  Let's do it again with just the spc check.

 

Attached File  fixlist.txt   316bytes   2 downloads

 

Normally takes about 10 minutes to complete.

 

 


  • 0

#10
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

The two screenshots were not taken from the LatencyMon run as a Summary.  I will redo this and post the results.  Fixlog is too large to post.  I will attach the file.

 

.

Attached Files


  • 0

#11
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

LatencyMon rerun:

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:42  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        SHADOWFAX
OS version:                                           Windows 8.1, 6.3, build: 9600 (x64)
Hardware:                                             HP Pavilion 17 Notebook PC, Hewlett-Packard
CPU:                                                  AuthenticAMD AMD A6-5200 APU with Radeon™ HD Graphics
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  7643 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   1996 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   1446.547752
Average measured interrupt to process latency (µs):   16.655514

Highest measured interrupt to DPC latency (µs):       1434.236708
Average measured interrupt to DPC latency (µs):       5.889101


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              97.959419
Driver with highest ISR routine execution time:       rtbth.sys - Ralink Bluetooth Adapter, Ralink Technology, Corp.

Highest reported total ISR routine time (%):          0.001775
Driver with highest ISR total time:                   storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%)                          0.002267

ISR count (execution time <250 µs):                   284
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              1586.263527
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%):          0.020701
Driver with highest DPC total execution time:         ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Total time spent in DPCs (%)                          0.09510

DPC count (execution time <250 µs):                   15644
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              24
DPC count (execution time 1000-2000 µs):              3
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 latmon.exe

Total number of hard pagefaults                       3
Hard pagefault count of hardest hit process:          2
Number of processes hit:                              1


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.490854
CPU 0 ISR highest execution time (µs):                97.959419
CPU 0 ISR total execution time (s):                   0.001438
CPU 0 ISR count:                                      119
CPU 0 DPC highest execution time (µs):                1586.263527
CPU 0 DPC total execution time (s):                   0.118168
CPU 0 DPC count:                                      13664
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.207819
CPU 1 ISR highest execution time (µs):                19.388778
CPU 1 ISR total execution time (s):                   0.000529
CPU 1 ISR count:                                      42
CPU 1 DPC highest execution time (µs):                1165.413327
CPU 1 DPC total execution time (s):                   0.013562
CPU 1 DPC count:                                      696
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.167023
CPU 2 ISR highest execution time (µs):                91.464429
CPU 2 ISR total execution time (s):                   0.000542
CPU 2 ISR count:                                      30
CPU 2 DPC highest execution time (µs):                663.121242
CPU 2 DPC total execution time (s):                   0.009159
CPU 2 DPC count:                                      399
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.366669
CPU 3 ISR highest execution time (µs):                71.021042
CPU 3 ISR total execution time (s):                   0.001315
CPU 3 ISR count:                                      93
CPU 3 DPC highest execution time (µs):                218.131764
CPU 3 DPC total execution time (s):                   0.019533
CPU 3 DPC count:                                      912
_________________________________________________________________________________________________________

Drivers and Processes tab screenshots to follow.


  • 0

#12
Jackpine

Jackpine

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 426 posts

LatencyMon Drivers and Processes screenshots attached.

Attached Thumbnails

  • Drivers.JPG
  • Processes.JPG

  • 0






Similar Topics

4 user(s) are reading this topic

1 members, 3 guests, 0 anonymous users


    Jackpine

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP