Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus Infection

Started by ForrestGump , Oct 05 2022 11:38 PM
Virus

  • Please log in to reply

#46
ForrestGump
Posted 18 October 2022 - 10:33 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Do you have a link to the F23 BIOS file

 

HP Serial is (S) CNF9424GMC

 

HP Product # VM354UA#ABC


  • 0

Advertisements

#47
RKinner
Posted 19 October 2022 - 10:10 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It appears that F.15 is the newest for your PC.  I was using the info from Latency Monitor which just called it a G61.

 

Were you able to get the newest graphics driver to load?

 

Have you tried another browser yet?  I use Brave which seems pretty quick once you tell it you don't want to see any ads even if they supposedly pay you for seeing them.


  • 0

#48
ForrestGump
Posted 20 October 2022 - 06:38 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

I did install the Link you provided for the updated Realtek PCI Family Controller & posted the results of the Latency Monitor with the new Realtek controller but I still have high CPU usage on YT, Using Google Chrome or Opera does not help reduce CPU either, Perhaps some of the 2006 Drivers may be part of this issue? I did post previously a Speccy, Would another Speccy assist in highlighting some outdated potentially problematic drivers/software or is Latency Monitor the better tool for system problem analysis?

 

I am trying out Process Lasso as a bandaid to see if it can assist in managing the high CPU usage when using YT.

 

Maybe I could use as it is built in on W10 Pro, Microsoft Hyper-V & use it with Chrome OS FLEX for YT?  

 

Just a couple of thoughts I had on trying to find a work around if no further updated drivers can be found.

 

I also tried installing AMD W8 & W7 CCC Drivers but the install log indicated Failed to install Display Diver.

 

 

I was looking in Device MGR & found some odd to me indications with a few Location UNKNOWNS for the following,

 

Computer ACPI X64 -Based PC,21/06/2006, 10.0.19041.1, Device Descripition, ACPI x64-based PC

Location UNKNOWN?, Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}?, Config ID, Value, hal.inf:acpiapic,ACPI_AMD64_HAL?
 
Microsoft RRAS Root Enumerator,21/06/2006, 10.0.19041.1, Device Description, Generic software device?
Location UNKNOWN?, Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}?, Config ID, Value, c_swdevice.inf:SWD\GenericRaw,SoftwareDevice?
All the WAN miniports indicate On Location, RRAS Root Enumerator but if the Location is UNKNOWN for this device is this a system config error?
 
Microsoft Device Association Root Enumerator,21/06/2006, 10.0.19041.1, Device Description, Generic software device?
Location UNKNOWN?, Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}?, Config ID, Value, c_swdevice.inf:SWD\GenericRaw,SoftwareDevice?
 
Microsoft Storage Spaces Controller, 21/06/2006, 10.0.19041.1949, Device Description, Microsoft Storage Spaces Controller, 
Location UNKNOWN?, Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}?, Config ID, Value, spaceport.inf:Root\Spaceport,Spaceport_Install?
 
Microsoft GS Wavetable Synth, 21/06/2006, 10.0.19041.1, Device Description, Generic software device? 
Location UNKNOWN?, Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}?, Config ID,Value,  c_swdevice.inf:SWD\GenericRaw,SoftwareDevice?
 
Would the Location UNKNOWNS be an issue & the Container ID, Value, {00000000-0000-0000-ffff-ffffffffffff}? Not sure if these are metadata value errors?
 
 
 
 
 
 
 
 

Edited by ForrestGump, 20 October 2022 - 07:01 PM.

  • 0

#49
ForrestGump
Posted 21 October 2022 - 02:08 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
ProcessLassoEdgeLog-Every 30 secs or less , ProBalance feature of ProcessLasso needs to lower the Process priority of Edge as the CPU usage climbs to 80%....???
 
"UTC","LocalTime","Machine","User","PID","Basename","ActionId","Action","Info","Path","CommandLine"
"133108117230832274","10-21-2022 03:42:03","HAL900","doher","4232","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --instant-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6087727816 --mojo-platform-channel-handle=3680 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117230842287","10-21-2022 03:42:03","HAL900","doher","3608","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117230842287","10-21-2022 03:42:03","HAL900","doher","3608","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117281752271","10-21-2022 03:42:08","HAL900","doher","4232","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --instant-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6087727816 --mojo-platform-channel-handle=3680 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117281752271","10-21-2022 03:42:08","HAL900","doher","4232","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --instant-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6087727816 --mojo-platform-channel-handle=3680 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117353062258","10-21-2022 03:42:15","HAL900","doher","1616","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117353062258","10-21-2022 03:42:15","HAL900","doher","1616","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117373472279","10-21-2022 03:42:17","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117373482263","10-21-2022 03:42:17","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117403992273","10-21-2022 03:42:20","HAL900","doher","1616","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117404002257","10-21-2022 03:42:20","HAL900","doher","1616","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117424242262","10-21-2022 03:42:22","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117424242262","10-21-2022 03:42:22","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117495442343","10-21-2022 03:42:29","HAL900","doher","1616","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117495442343","10-21-2022 03:42:29","HAL900","doher","1616","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117515812292","10-21-2022 03:42:31","HAL900","doher","1616","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117515822265","10-21-2022 03:42:31","HAL900","doher","1616","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117587002291","10-21-2022 03:42:38","HAL900","doher","3608","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117587012286","10-21-2022 03:42:38","HAL900","doher","3608","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117647952312","10-21-2022 03:42:44","HAL900","doher","3608","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117647952312","10-21-2022 03:42:44","HAL900","doher","3608","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108117668392393","10-21-2022 03:42:46","HAL900","doher","1616","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117668392393","10-21-2022 03:42:46","HAL900","doher","1616","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117913303841","10-21-2022 03:43:11","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117913313824","10-21-2022 03:43:11","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117943935184","10-21-2022 03:43:14","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108117943935184","10-21-2022 03:43:14","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108117974435199","10-21-2022 03:43:17","HAL900","doher","1616","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108117974445202","10-21-2022 03:43:17","HAL900","doher","1616","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118025435216","10-21-2022 03:43:22","HAL900","doher","1616","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118025435216","10-21-2022 03:43:22","HAL900","doher","1616","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=20338293780 --mojo-platform-channel-handle=9764 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118168220754","10-21-2022 03:43:36","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118168220754","10-21-2022 03:43:36","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118423243026","10-21-2022 03:44:02","HAL900","doher","4016","taskmgr.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108118423253023","10-21-2022 03:44:02","HAL900","doher","4016","taskmgr.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108118453714134","10-21-2022 03:44:05","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118453724132","10-21-2022 03:44:05","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118484204159","10-21-2022 03:44:08","HAL900","doher","4016","taskmgr.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108118484204159","10-21-2022 03:44:08","HAL900","doher","4016","taskmgr.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108118667534159","10-21-2022 03:44:26","HAL900","doher","3764","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118667544162","10-21-2022 03:44:26","HAL900","doher","3764","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118697994164","10-21-2022 03:44:29","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118697994164","10-21-2022 03:44:29","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108118698004173","10-21-2022 03:44:29","HAL900","doher","5480","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=utility --utility-sub-type=edge_webassist.mojom.SemanticEncoder --lang=en-GB --service-sandbox-type=onnx_runtime --mojo-platform-channel-handle=3756 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:8"
"133108118698014153","10-21-2022 03:44:29","HAL900","doher","5480","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=utility --utility-sub-type=edge_webassist.mojom.SemanticEncoder --lang=en-GB --service-sandbox-type=onnx_runtime --mojo-platform-channel-handle=3756 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:8"
"133108118728484163","10-21-2022 03:44:32","HAL900","doher","3764","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118728484163","10-21-2022 03:44:32","HAL900","doher","3764","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118738694160","10-21-2022 03:44:33","HAL900","doher","3764","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118738694160","10-21-2022 03:44:33","HAL900","doher","3764","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118789684198","10-21-2022 03:44:38","HAL900","doher","3764","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118789684198","10-21-2022 03:44:38","HAL900","doher","3764","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118799863816","10-21-2022 03:44:39","HAL900","doher","3764","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118799863816","10-21-2022 03:44:39","HAL900","doher","3764","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118799863816","10-21-2022 03:44:39","HAL900","doher","5480","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=utility --utility-sub-type=edge_webassist.mojom.SemanticEncoder --lang=en-GB --service-sandbox-type=onnx_runtime --mojo-platform-channel-handle=3756 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:8"
"133108118799863816","10-21-2022 03:44:39","HAL900","doher","5480","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=utility --utility-sub-type=edge_webassist.mojom.SemanticEncoder --lang=en-GB --service-sandbox-type=onnx_runtime --mojo-platform-channel-handle=3756 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:8"
"133108118850789801","10-21-2022 03:44:45","HAL900","doher","3764","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108118850789801","10-21-2022 03:44:45","HAL900","doher","3764","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --extension-process --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6091001219 --mojo-platform-channel-handle=5940 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108119167115424","10-21-2022 03:45:16","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108119167115424","10-21-2022 03:45:16","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108119544755423","10-21-2022 03:45:54","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108119544755423","10-21-2022 03:45:54","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120136415410","10-21-2022 03:46:53","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120136425075","10-21-2022 03:46:53","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120258815172","10-21-2022 03:47:05","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120258815172","10-21-2022 03:47:05","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120309855448","10-21-2022 03:47:10","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120309855448","10-21-2022 03:47:10","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120656840697","10-21-2022 03:47:45","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108120656840697","10-21-2022 03:47:45","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108121095815092","10-21-2022 03:48:29","HAL900","doher","6528","taskmgr.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108121095825082","10-21-2022 03:48:29","HAL900","doher","6528","taskmgr.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108121167040738","10-21-2022 03:48:36","HAL900","doher","6528","taskmgr.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108121167040738","10-21-2022 03:48:36","HAL900","doher","6528","taskmgr.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\windows\system32\taskmgr.exe","""C:\WINDOWS\System32\Taskmgr.exe"" /2"
"133108121850790728","10-21-2022 03:49:45","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108121850800695","10-21-2022 03:49:45","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108122289280713","10-21-2022 03:50:28","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108122289280713","10-21-2022 03:50:28","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108123772656556","10-21-2022 03:52:57","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108123772666228","10-21-2022 03:52:57","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124027856195","10-21-2022 03:53:22","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124027856195","10-21-2022 03:53:22","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124302816220","10-21-2022 03:53:50","HAL900","doher","116","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124302826207","10-21-2022 03:53:50","HAL900","doher","116","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124394666191","10-21-2022 03:53:59","HAL900","doher","116","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124394666191","10-21-2022 03:53:59","HAL900","doher","116","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:2"
"133108124445736241","10-21-2022 03:54:04","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124445736241","10-21-2022 03:54:04","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124455886270","10-21-2022 03:54:05","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124455886270","10-21-2022 03:54:05","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124466106229","10-21-2022 03:54:06","HAL900","doher","1800","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124466106229","10-21-2022 03:54:06","HAL900","doher","1800","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124516917773","10-21-2022 03:54:11","HAL900","doher","1800","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124516917773","10-21-2022 03:54:11","HAL900","doher","1800","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124537277409","10-21-2022 03:54:13","HAL900","doher","1800","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124537277409","10-21-2022 03:54:13","HAL900","doher","1800","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124547477768","10-21-2022 03:54:14","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124547477768","10-21-2022 03:54:14","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124588287729","10-21-2022 03:54:18","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124588297722","10-21-2022 03:54:18","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124588297722","10-21-2022 03:54:18","HAL900","doher","1800","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124588297722","10-21-2022 03:54:18","HAL900","doher","1800","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=21070930540 --mojo-platform-channel-handle=1876 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124608617471","10-21-2022 03:54:20","HAL900","doher","3608","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108124608627473","10-21-2022 03:54:20","HAL900","doher","3608","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108124659277761","10-21-2022 03:54:25","HAL900","doher","3608","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108124659277761","10-21-2022 03:54:25","HAL900","doher","3608","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --profile-directory=Default"
"133108124740927762","10-21-2022 03:54:34","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108124740927762","10-21-2022 03:54:34","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125149327763","10-21-2022 03:55:14","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125149337478","10-21-2022 03:55:14","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125200387717","10-21-2022 03:55:20","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125200387717","10-21-2022 03:55:20","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125343377762","10-21-2022 03:55:34","HAL900","doher","7960","msedge.exe","43","(0x2b) ProBalance begun","This process is now being acted on by ProBalance.","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125343387749","10-21-2022 03:55:34","HAL900","doher","7960","msedge.exe","44","(0x2c) Process priority temporarily lowered by ProBalance","This process may have been affecting system responsiveness. ProBalance has temporarily adjusted its priority class. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125394397422","10-21-2022 03:55:39","HAL900","doher","7960","msedge.exe","46","(0x2e) Restored original process priority","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"
"133108125394397422","10-21-2022 03:55:39","HAL900","doher","7960","msedge.exe","32","(0x20) ProBalance restraint ended","The process has quit affecting system responsiveness. ","c:\program files (x86)\microsoft\edge\application\msedge.exe","""C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"" --type=renderer --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale=en_AU --disable-gpu-compositing --lang=en-GB --js-flags=""--ms-user-locale=en_AU --jitless --wasm-jitless"" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --time-ticks-at-unix-epoch=-1666317773006286 --launch-time-ticks=6185193666 --mojo-platform-channel-handle=4968 --field-trial-handle=1996\,i\,421539199872374607\,17936559702123415289\,131072 /prefetch:1"

  • 0

#50
ForrestGump
Posted 21 October 2022 - 02:42 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by Rockets (administrator) on HAL900 (Hewlett-Packard HP G61 Notebook PC) (21-10-2022 04:12:50)
Running from C:\Users\doher\OneDrive\Desktop
Loaded Profiles: doher & Rockets
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2130 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(C:\Program Files\Process Lasso\srvstub.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(services.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\srvstub.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) C:\Program Files\Process Lasso\bitsumsessionagent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\doher\AppData\Local\Microsoft\OneDrive\22.207.1002.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-03-31] (Synaptics Incorporated -> Synaptics Incorporated)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (No File)
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rockets\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-19] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02178FB0-F955-4AD3-A5FD-2A2BC36D4324} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B2DD316-E565-4EDA-A945-FDB0C4AEC3B6} - System32\Tasks\GoogleUpdateTaskMachineUA{0717EB36-F14D-4CAF-B4C7-35EEF5CE9D66} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {4234D3CA-4F77-4C86-8764-7247FD0B5151} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [565240 2022-09-06] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {4FA0D689-1ADE-4663-9CE5-F739AE27C07E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6EF3AA06-A01D-41CE-87BA-D40A8252602F} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1812976 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {7873D287-2371-4AC5-A655-3E3BF809A0DB} - System32\Tasks\GoogleUpdateTaskMachineCore{E1E5E758-0FC3-44B6-B274-BE6C593587F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {835BB124-B242-4CA3-9B2F-6F32ABA79E46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EF2F690-BA78-4DB8-823E-D058E632024D} - System32\Tasks\Session agent for Process Lasso => C:\Program Files\Process Lasso\bitsumsessionagent.exe [174576 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {D927F2D4-FBB3-4B9C-AB6E-8397A633D05F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7df6fe4a-5cee-4651-96b6-17a0c1353ec2}: [DhcpNameServer] 192.168.2.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-20]
Edge Notifications: Default -> hxxps://www.youtube.com
Edge Extension: (Enhancer for YouTube™) - C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlgfaleeejmphhnemjgiaekdbonkagkd [2022-10-18]
Edge Extension: (AdGuard AdBlocker) - C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-10-18]
 
Chrome: 
=======
CHR Profile: C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default [2022-10-19]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Google Docs Offline) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-19]
CHR Extension: (Speedtest by Ookla) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2022-10-19]
CHR Extension: (Chromebook Recovery Utility) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\pocpnlppkickgojjlmhdmidojbmbodfm [2022-10-19]
CHR Extension: (Enhancer for YouTube™) - C:\Users\Rockets\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2022-10-19]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ProcessGovernor; C:\Program Files\Process Lasso\processgovernor.exe [1291248 2022-10-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKIS; C:\WINDOWS\System32\drivers\AppleKIS.sys [66976 2022-09-14] (Apple Inc. -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleRSM; C:\WINDOWS\System32\drivers\AppleRSM.sys [77720 2022-09-13] (Apple Inc. -> Apple Inc.)
S3 MirayRAMDrive; C:\WINDOWS\System32\drivers\mrdo.sys [65488 2022-02-10] (Miray Software AG -> Miray)
R3 MpKslf4c3283c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BFC97003-9858-457B-9804-3051198A08B7}\MpKslDrv.sys [228632 2022-10-20] (Microsoft Windows -> Microsoft Corporation)
S3 RtNdPt640; C:\WINDOWS\system32\DRIVERS\RtNdPt640.sys [58464 2020-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2022-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-18] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-20 22:20 - 2022-10-20 22:20 - 000000000 ____D C:\Users\Rockets\AppData\Local\CrashDumps
2022-10-20 22:18 - 2022-10-20 22:18 - 013471344 _____ C:\Users\Rockets\Downloads\MB-SupportTool.exe
2022-10-20 22:18 - 2022-10-20 22:18 - 002373632 _____ (Farbar) C:\Users\Rockets\Downloads\FRSTEnglish.exe
2022-10-20 22:05 - 2022-10-20 22:05 - 000000000 ____D C:\Users\Rockets\AppData\Local\mbam
2022-10-20 21:41 - 2022-10-20 21:41 - 002632256 _____ (Malwarebytes) C:\Users\doher\Downloads\MBSetup.exe
2022-10-20 21:29 - 2022-10-20 21:29 - 000000000 ____D C:\Users\doher\AppData\Local\mbam
2022-10-20 21:26 - 2022-10-20 21:48 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-20 15:05 - 2022-10-20 15:05 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1890784580-1000596592-3856219040-1002_0
2022-10-20 13:53 - 2022-10-20 13:57 - 000000000 ___HD C:\$WinREAgent
2022-10-19 17:54 - 2022-10-19 17:54 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1890784580-1000596592-3856219040-1001_0
2022-10-19 17:53 - 2022-10-19 17:53 - 000000000 ____D C:\Users\doher\AppData\Roaming\ProcessLasso
2022-10-19 17:53 - 2022-10-19 17:53 - 000000000 ____D C:\Users\doher\AppData\Local\Google
2022-10-19 05:11 - 2022-10-19 05:12 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-19 05:11 - 2022-10-19 05:12 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-19 05:10 - 2022-10-19 05:10 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{0717EB36-F14D-4CAF-B4C7-35EEF5CE9D66}
2022-10-19 05:10 - 2022-10-19 05:10 - 000003372 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1E5E758-0FC3-44B6-B274-BE6C593587F4}
2022-10-19 05:10 - 2022-10-19 05:10 - 000000000 ____D C:\Program Files\Google
2022-10-19 05:09 - 2022-10-21 04:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-19 05:09 - 2022-10-19 05:16 - 000000000 ____D C:\Users\Rockets\AppData\Local\Google
2022-10-19 05:09 - 2022-10-19 05:09 - 001427176 _____ (Google LLC) C:\Users\Rockets\Downloads\ChromeSetup.exe
2022-10-19 04:19 - 2022-10-19 04:19 - 006823693 _____ C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1 (1).zip
2022-10-19 04:10 - 2022-10-19 04:13 - 000000000 ____D C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1
2022-10-19 04:06 - 2020-12-29 14:36 - 000058464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtNdPt640.sys
2022-10-19 04:05 - 2022-10-19 04:05 - 006823693 _____ C:\Users\Rockets\Downloads\Diagnostic_v2.0.7.3_0801_1.zip
2022-10-19 03:55 - 2022-10-19 03:55 - 001117856 _____ (Bitsum LLC) C:\Users\Rockets\Desktop\parkcontrolsetup64.exe
2022-10-19 03:55 - 2022-10-19 03:55 - 000003108 _____ C:\WINDOWS\system32\Tasks\ParkControl
2022-10-19 03:55 - 2022-10-19 03:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2022-10-19 03:55 - 2022-10-19 03:55 - 000000000 ____D C:\Program Files\ParkControl
2022-10-19 03:52 - 2022-10-20 23:33 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-10-19 03:52 - 2022-10-20 23:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-19 03:51 - 2022-10-19 03:51 - 004975146 _____ C:\Users\Rockets\Downloads\Install_Win10_10060_08222022.zip
2022-10-19 03:18 - 2022-10-19 03:39 - 000170110 _____ C:\Users\Rockets\Desktop\Fixlog.txt
2022-10-19 03:07 - 2022-10-19 03:07 - 000068713 _____ C:\Users\Rockets\Downloads\regbench.zip
2022-10-19 02:57 - 2022-10-19 02:57 - 000003274 _____ C:\WINDOWS\system32\Tasks\Session agent for Process Lasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000003106 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2022-10-19 02:57 - 2022-10-19 02:57 - 000001978 _____ C:\Users\Public\Desktop\Process Lasso.lnk
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Users\Rockets\AppData\Local\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\ProgramData\ProcessLasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
2022-10-19 02:57 - 2022-10-19 02:57 - 000000000 ____D C:\Program Files\Process Lasso
2022-10-19 02:55 - 2022-10-19 02:55 - 002592664 _____ (Bitsum LLC) C:\Users\Rockets\Downloads\processlassosetup64.exe
2022-10-19 02:34 - 2022-10-19 02:34 - 006131940 _____ (Manuel Gil) C:\Users\Rockets\Downloads\wureset11009_setup_winx64.exe
2022-10-18 22:12 - 2022-10-18 22:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-10-18 22:09 - 2022-10-18 22:09 - 001395272 _____ (Akeo Consulting) C:\Users\Rockets\Downloads\rufus-3.20 (1).exe
2022-10-18 22:07 - 2022-10-18 22:07 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64 (1).exe
2022-10-18 22:05 - 2022-10-18 22:07 - 858821775 _____ C:\Users\Rockets\Downloads\Camd64OS_R91-13904.B-Special (2).7z
2022-10-18 21:39 - 2022-10-18 21:39 - 000000000 ____D C:\Users\Rockets\AppData\Local\D3DSCache
2022-10-18 20:37 - 2022-10-18 20:37 - 000000000 ____D C:\Users\doher\AppData\Local\D3DSCache
2022-10-18 20:01 - 2022-10-18 23:21 - 000000000 ____D C:\Users\doher\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 17:45 - 2022-10-18 17:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-18 17:41 - 2022-10-18 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-18 17:41 - 2022-10-18 17:41 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-10-18 17:40 - 2022-10-18 17:41 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-10-18 17:34 - 2022-10-20 17:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-18 17:33 - 2022-10-20 17:55 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1001
2022-10-18 17:30 - 2022-10-18 23:21 - 000000000 ____D C:\Users\doher\AppData\Local\ConnectedDevicesPlatform
2022-10-18 17:30 - 2022-10-18 20:01 - 000000000 ____D C:\Users\doher\AppData\Local\Packages
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Roaming\Adobe
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Local\VirtualStore
2022-10-18 17:30 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher\AppData\Local\Publishers
2022-10-18 17:29 - 2022-10-18 21:22 - 000000000 ____D C:\Users\Rockets\AppData\Local\PlaceholderTileLogoFolder
2022-10-18 17:29 - 2022-10-18 17:29 - 000000020 ___SH C:\Users\doher\ntuser.ini
2022-10-18 15:10 - 2022-10-18 11:25 - 000000000 ____D C:\WINDOWS\Panther
2022-10-18 15:09 - 2022-10-18 11:25 - 000000000 ____D C:\Windows.old
2022-10-18 15:08 - 2022-10-18 15:08 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-18 15:04 - 2022-10-18 15:04 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-18 15:04 - 2022-10-18 15:04 - 000000000 ____D C:\ProgramData\ssh
2022-10-18 14:56 - 2022-10-18 14:56 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-10-18 14:56 - 2022-10-18 14:56 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-10-18 14:56 - 2022-10-18 14:56 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000188928 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2022-10-18 14:56 - 2022-10-18 14:56 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-18 14:55 - 2022-10-18 14:55 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-18 14:55 - 2022-10-18 14:55 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-10-18 14:55 - 2022-10-18 14:55 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-10-18 14:55 - 2022-10-18 14:55 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-18 14:54 - 2022-10-18 14:54 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-10-18 14:54 - 2022-10-18 14:54 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-10-18 14:54 - 2022-10-18 14:54 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-18 14:54 - 2022-10-18 14:54 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-18 14:53 - 2022-10-18 14:53 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2022-10-18 14:53 - 2022-10-18 14:53 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-10-18 14:52 - 2022-10-18 14:52 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-10-18 14:52 - 2022-10-18 14:52 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-10-18 14:52 - 2022-10-18 14:52 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-10-18 14:52 - 2022-10-18 14:52 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2022-10-18 14:51 - 2022-10-18 14:51 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2022-10-18 14:51 - 2022-10-18 14:51 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2022-10-18 14:51 - 2022-10-18 14:51 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files\MSBuild
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-18 14:36 - 2022-10-18 14:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-18 14:31 - 2022-10-18 14:31 - 000000000 ____D C:\Program Files\Synaptics
2022-10-18 14:28 - 2022-10-18 14:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-18 14:09 - 2022-10-18 11:19 - 000000000 ___HD C:\$SysReset
2022-10-18 11:29 - 2022-10-20 22:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-18 11:28 - 2022-10-20 22:05 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1890784580-1000596592-3856219040-1002
2022-10-18 11:28 - 2022-10-18 11:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-18 11:26 - 2022-10-20 15:11 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-18 11:26 - 2022-10-18 11:44 - 000000000 ____D C:\ProgramData\Packages
2022-10-18 11:26 - 2022-10-18 11:26 - 000000000 ____D C:\Users\Rockets\AppData\Local\Publishers
2022-10-18 11:25 - 2022-10-18 17:32 - 000000000 ____D C:\Users\Rockets\AppData\Local\Packages
2022-10-18 11:25 - 2022-10-18 11:25 - 000000020 ___SH C:\Users\Rockets\ntuser.ini
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Roaming\Adobe
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Local\VirtualStore
2022-10-18 11:25 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets\AppData\Local\ConnectedDevicesPlatform
2022-10-18 11:20 - 2022-10-20 22:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-18 11:20 - 2022-10-18 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-10-18 11:20 - 2022-10-18 11:20 - 000003612 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{4A32544D-66CF-4EA4-A7FC-E5F88E92A221}
2022-10-18 11:20 - 2022-10-18 11:20 - 000003488 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{3C1EAF42-B76F-4333-8265-DEA80EC93EE7}
2022-10-18 11:19 - 2022-10-18 11:19 - 000007252 _____ C:\Users\Rockets\Desktop\Removed Apps.html
2022-10-18 11:16 - 2022-10-20 22:05 - 000002391 _____ C:\Users\Rockets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-18 11:16 - 2022-10-20 17:55 - 000002385 _____ C:\Users\doher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-18 11:16 - 2022-10-18 17:30 - 000000000 ____D C:\Users\doher
2022-10-18 11:16 - 2022-10-18 11:25 - 000000000 ____D C:\Users\Rockets
2022-10-18 11:13 - 2022-10-18 11:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2022-10-18 11:13 - 2022-10-18 11:13 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2022-10-18 11:12 - 2022-10-20 23:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-18 11:12 - 2022-10-18 11:12 - 000257824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-18 09:44 - 2021-06-14 15:13 - 2512468480 _____ C:\Users\Rockets\Downloads\chromiumos_image.img
2022-10-18 09:41 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-18 09:02 - 2022-10-18 09:02 - 001395272 _____ (Akeo Consulting) C:\Users\Rockets\Downloads\rufus-3.20.exe
2022-10-18 08:59 - 2022-10-18 08:59 - 001575742 _____ (Igor Pavlov) C:\Users\Rockets\Downloads\7z2201-x64.exe
2022-10-18 08:54 - 2022-10-18 08:55 - 858821775 _____ C:\Users\Rockets\Downloads\Camd64OS_R91-13904.B-Special.7z
2022-10-18 06:21 - 2022-10-18 06:21 - 000000840 _____ C:\Users\doher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2022-10-18 06:20 - 2022-10-18 06:20 - 002788752 _____ (Opera Software) C:\Users\doher\Downloads\OperaSetup.exe
2022-10-18 06:20 - 2022-10-18 06:20 - 000000000 ___HD C:\Users\doher\Downloads\.opera
2022-10-18 04:43 - 2022-10-18 04:43 - 000000000 ____D C:\Users\Rockets\Downloads\Realtek PCIe FE Family Controller
2022-10-18 04:41 - 2022-10-18 04:41 - 000000000 ____D C:\Users\Rockets\Downloads\ATI Mobility Radeon HD 4200 Series
2022-10-18 04:41 - 2022-10-18 04:41 - 000000000 ____D C:\Users\Rockets\Downloads\AMD Athlon™ II Dual-Core M300
2022-10-18 04:11 - 2022-10-18 04:11 - 000007535 _____ C:\Users\Rockets\Desktop\LatencymonitorMain.txt
2022-10-18 03:33 - 2022-10-18 03:33 - 003479544 _____ (Alexander Roshal) C:\Users\Rockets\Downloads\winrar-x64-611.exe
2022-10-18 03:24 - 2022-10-18 03:38 - 000000000 ____D C:\Users\Rockets\Downloads\ATI Radeon HD 4200 Full Latest Version For AMD
2022-10-18 03:18 - 2022-10-18 03:19 - 049696573 _____ C:\Users\Rockets\Downloads\ATI Radeon HD 4200 Full Latest Version For AMD.zip
2022-10-18 03:03 - 2022-10-18 03:04 - 153684128 _____ (Advanced Micro Devices, Inc.) C:\Users\Rockets\Downloads\13-1-legacy_vista_win7_win8_64_dd_ccc.exe
2022-10-18 02:47 - 2022-10-18 02:47 - 000000773 _____ C:\Users\Rockets\Desktop\3D Objects - Shortcut.lnk
2022-10-18 02:33 - 2022-10-18 02:34 - 515402246 _____ C:\Users\Rockets\Downloads\fbb634ff-ab48-4866-bb29-df9a82ee26af_2df1efde6717e8897f03db30ffdaf49a9538f08b.cab
2022-10-18 02:13 - 2022-10-18 02:13 - 031638744 _____ (Treexy) C:\Users\Rockets\Downloads\driverfusionfreesetup.exe
2022-10-18 01:47 - 2022-10-18 01:47 - 000027677 _____ C:\Users\doher\Downloads\Processexplorer (1).txt
2022-10-18 01:44 - 2022-10-18 01:44 - 000027677 _____ C:\Users\doher\Downloads\Processexplorer.txt
2022-10-18 01:14 - 2022-10-18 01:14 - 000000000 ____D C:\Users\Rockets\Desktop\Processexputube
2022-10-18 00:44 - 2022-10-18 00:52 - 000027288 _____ C:\Users\Rockets\Documents\Processexplorer.txt
2022-10-18 00:41 - 2022-10-18 00:43 - 000028288 _____ C:\Users\Rockets\Downloads\Processexplorer.txt
2022-10-18 00:32 - 2022-10-18 01:10 - 000027677 _____ C:\Users\Rockets\Desktop\Processexplorer.txt
2022-10-17 23:25 - 2022-10-17 23:34 - 000001044 _____ C:\Users\Rockets\Desktop\UserBenchmark.lnk
2022-10-17 23:24 - 2022-10-17 23:24 - 000521728 _____ (UserBenchmark) C:\Users\doher\Downloads\UserBenchmarkInstaller (1).exe
2022-10-17 22:11 - 2022-10-17 22:11 - 003594016 _____ (RCS LT) C:\Users\Rockets\Downloads\CCSetup.exe
2022-10-17 20:24 - 2022-10-17 20:29 - 000000000 ____D C:\AMD
2022-10-17 20:17 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2022-10-16 21:22 - 2022-10-16 21:22 - 000023795 _____ C:\Users\Rockets\Desktop\ProcessExplorerData&EdgeBrowserOpen.txt
2022-10-16 21:18 - 2022-10-16 21:18 - 000021184 _____ C:\Users\Rockets\Desktop\ProcessExplorerData.txt
2022-10-16 21:17 - 2022-10-16 21:17 - 000021212 _____ C:\Users\Rockets\Desktop\MsMpEng.exe.txt
2022-10-16 20:55 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-10-16 20:55 - 2022-10-16 20:55 - 000001124 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2022-10-16 20:54 - 2022-10-16 20:54 - 017342976 _____ (VS Revo Group ) C:\Users\Rockets\Downloads\RevoUninProSetup.exe
2022-10-16 20:15 - 2022-10-16 20:15 - 000037782 _____ C:\Users\Rockets\Desktop\FRST10162022815PM.txt
2022-10-16 20:11 - 2022-10-16 20:11 - 000006817 _____ C:\Users\Rockets\Desktop\Addition10162022809PM.txt
2022-10-16 20:00 - 2022-10-16 20:00 - 000000000 ____D C:\Users\Rockets\Desktop\FRST-OlderVersion
2022-10-16 18:31 - 2022-10-16 18:31 - 000009290 _____ C:\Users\Rockets\Desktop\CHKDSKResults.txt
2022-10-15 23:38 - 2022-10-15 23:38 - 000017679 _____ C:\Users\Rockets\Desktop\WithEdge.txt
2022-10-15 23:33 - 2022-10-15 23:38 - 000017430 _____ C:\Users\Rockets\Desktop\svchost.exe.txt
2022-10-15 23:19 - 2022-10-15 23:19 - 002839416 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rockets\Desktop\procexp.exe
2022-10-15 22:22 - 2022-10-15 22:22 - 003622480 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\LatencyMon.exe
2022-10-15 22:22 - 2022-10-15 22:22 - 003040528 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\WhySoSlowSetup.exe
2022-10-15 22:20 - 2022-10-15 22:20 - 003124592 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Downloads\sanitySetup (1).exe
2022-10-15 22:20 - 2022-10-15 22:20 - 003124592 _____ (Resplendence Software Projects Sp. ) C:\Users\Rockets\Desktop\sanitySetup.exe
2022-10-15 21:59 - 2022-10-15 22:16 - 000000000 ____D C:\Users\Rockets\Desktop\mbar
2022-10-15 21:58 - 2022-10-15 21:58 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Rockets\Downloads\mbar-1.10.3.1001.exe
2022-10-15 21:39 - 2022-10-19 02:36 - 000011401 _____ C:\Users\Rockets\Desktop\Addition.txt
2022-10-15 21:26 - 2022-10-19 02:36 - 000043250 _____ C:\Users\Rockets\Desktop\FRST.txt
2022-10-15 21:22 - 2022-10-16 20:00 - 002373632 _____ (Farbar) C:\Users\Rockets\Desktop\FRST64.exe
2022-10-15 21:10 - 2022-10-18 11:28 - 000000000 ___RD C:\Users\Rockets\OneDrive
2022-10-15 21:02 - 2022-10-18 11:25 - 000000000 ___RD C:\Users\Rockets\3D Objects
2022-10-15 20:23 - 2022-08-18 10:47 - 001188672 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-10-15 20:22 - 2022-10-15 20:22 - 000000000 ____D C:\Users\doher\Downloads\Install_Win10_10060_08222022
2022-10-15 20:21 - 2022-10-15 20:21 - 004975146 _____ C:\Users\doher\Downloads\Install_Win10_10060_08222022.zip
2022-10-15 00:09 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiMon
2022-10-14 23:44 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2022-10-14 22:52 - 2022-10-14 22:52 - 000001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2022-10-14 21:50 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2022-10-14 20:50 - 2022-10-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2022-10-14 19:34 - 2022-10-14 19:34 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2022-10-14 19:15 - 2022-10-15 23:44 - 000011666 _____ C:\junk.txt
2022-10-13 02:08 - 2022-10-13 02:09 - 030831256 _____ (Proton Technologies AG) C:\Users\doher\Downloads\ProtonVPN_win_v2.1.1.exe
2022-10-13 00:41 - 2022-10-13 00:41 - 000000000 _____ C:\Users\doher\whoami
2022-10-12 02:43 - 2022-09-23 04:48 - 006126344 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2022-10-12 02:43 - 2022-09-23 04:48 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000066976 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKIS.sys
2022-10-12 02:43 - 2022-09-14 00:33 - 000036744 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleKISInterface.dll
2022-10-12 02:43 - 2022-09-13 06:30 - 000077720 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSM.sys
2022-10-12 02:43 - 2022-09-13 06:30 - 000036768 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleRSMInterface.dll
2022-10-12 00:37 - 2022-10-12 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-10-12 00:36 - 2022-09-23 14:59 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2022-10-12 00:35 - 2022-10-12 00:37 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-10-11 05:52 - 2022-10-11 05:52 - 000000000 ____D C:\Users\Public\Desktop\CC Support
2022-10-10 02:28 - 2022-10-10 02:28 - 000000000 ___HD C:\$Windows.~WS
2022-10-09 19:29 - 2022-10-09 19:29 - 001666080 _____ (O&O Software GmbH) C:\Users\doher\Downloads\OOSU10.exe
2022-10-08 23:54 - 2022-10-08 23:54 - 000000112 ___SH C:\bootTel.dat
2022-10-08 03:32 - 2022-10-18 21:22 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-05 17:31 - 2022-10-21 04:13 - 000000000 ____D C:\FRST
2022-10-03 04:54 - 2022-10-03 04:55 - 000000000 ____D C:\Users\doher\AppData\LocalLow\IObit
2022-09-22 20:23 - 2022-09-22 20:23 - 000000000 ____D C:\ATTO
2022-09-22 20:22 - 2022-09-22 20:22 - 003993048 _____ (ATTO Technology, Inc.) C:\Users\doher\Downloads\win_app_benchmark_4000f2.exe
2022-09-22 02:50 - 2022-09-22 02:50 - 000000000 ____D C:\Users\doher\.wdc
2022-09-22 02:32 - 2022-09-22 02:32 - 003637651 _____ C:\Users\doher\Downloads\c01868653.pdf
2022-09-21 00:02 - 2022-09-21 00:02 - 000001024 ____H C:\SYSTAG.BIN
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-21 02:14 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-20 23:38 - 2022-09-18 17:48 - 000000000 ___RD C:\Users\doher\OneDrive
2022-10-20 23:33 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-20 23:31 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-20 22:02 - 2022-09-18 07:26 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-20 22:02 - 2019-12-07 05:03 - 000131072 _____ C:\WINDOWS\system32\config\BBI
2022-10-20 14:10 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-20 14:09 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2022-10-19 03:32 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-10-19 03:27 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-18 21:22 - 2022-09-18 07:31 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-18 17:47 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-18 17:45 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-18 17:33 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-18 17:30 - 2022-09-18 17:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-18 17:30 - 2022-09-18 17:44 - 000000000 ___RD C:\Users\doher\3D Objects
2022-10-18 17:30 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-18 15:10 - 2019-12-07 05:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-18 15:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-18 15:05 - 2019-12-07 05:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-18 15:05 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-18 15:05 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-18 15:04 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\IME
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-18 15:04 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-18 15:02 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-10-18 15:02 - 2019-12-07 05:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-10-18 15:02 - 2019-12-07 05:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-18 15:02 - 2019-12-07 05:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-18 14:38 - 2019-12-07 05:52 - 000000000 ____D C:\WINDOWS\OCR
2022-10-18 14:34 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-18 14:34 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-18 11:27 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-18 11:25 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-10-18 11:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-18 11:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-18 11:20 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-18 11:12 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-03 08:37 - 2022-09-18 17:49 - 000000000 ___HD C:\OneDriveTemp
2022-09-22 23:31 - 2022-09-20 23:05 - 000001024 ____H C:\AMTAG.BIN
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#51
ForrestGump
Posted 21 October 2022 - 02:44 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by Rockets (21-10-2022 04:25:49)
Running from C:\Users\doher\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2130 (X64) (2022-10-18 15:25:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1890784580-1000596592-3856219040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1890784580-1000596592-3856219040-503 - Limited - Disabled)
doher (S-1-5-21-1890784580-1000596592-3856219040-1001 - Limited - Enabled) => C:\Users\doher
Guest (S-1-5-21-1890784580-1000596592-3856219040-501 - Limited - Disabled)
Rockets (S-1-5-21-1890784580-1000596592-3856219040-1002 - Administrator - Enabled) => C:\Users\Rockets
WDAGUtilityAccount (S-1-5-21-1890784580-1000596592-3856219040-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1890784580-1000596592-3856219040-1001\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\...\OneDriveSetup.exe) (Version: 22.202.0925.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
ParkControl (HKLM-x32\...\ParkControl) (Version: 2.4.0.2 - Bitsum)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 11.1.1.26 - Bitsum)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.60.615.2022 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
 
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-18] (Microsoft Studios) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1890784580-1000596592-3856219040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\doher\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1890784580-1000596592-3856219040-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{1BB36080-C7EE-485A-AE02-24C9AA781EDA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1A8AFFC-F3EA-4D7B-BB4D-7C79FC0FF5CD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
19-10-2022 12:56:50 Windows Modules Installer
20-10-2022 13:57:15 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/20/2022 10:20:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mb-support.exe, version: 1.8.7.918, time stamp: 0x6129248d
Faulting module name: KERNELBASE.dll, version: 10.0.19041.2130, time stamp: 0x3206f737
Exception code: 0xe0434352
Fault offset: 0x0012df72
Faulting process ID: 0x1370
Faulting application start time: 0x01d8e4f372e36e81
Faulting application path: C:\Users\Rockets\AppData\Local\Temp\mwb88D3.tmp\mb-support.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 1b1029f7-8527-4819-bd3d-cf47dcd6f5ce
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/20/2022 10:20:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: mb-support.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at MalwareBytes.Libs.MBFix..ctor()
   at mbsupport.Model.SystemRepairService..ctor()
 
Exception Info: System.Reflection.TargetInvocationException
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeConstructorInfo.Invoke(System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
   at GalaSoft.MvvmLight.Ioc.SimpleIoc.MakeInstance[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]()
 
Exception Info: System.Reflection.TargetInvocationException
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
   at System.Delegate.DynamicInvokeImpl(System.Object[])
   at GalaSoft.MvvmLight.Ioc.SimpleIoc.DoGetService(System.Type, System.String, Boolean)
   at GalaSoft.MvvmLight.Ioc.SimpleIoc.MakeInstance[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]()
 
Exception Info: System.Reflection.TargetInvocationException
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
   at System.Delegate.DynamicInvokeImpl(System.Object[])
   at GalaSoft.MvvmLight.Ioc.SimpleIoc.DoGetService(System.Type, System.String, Boolean)
   at GalaSoft.MvvmLight.Ioc.SimpleIoc.GetInstance[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]()
   at mbsupport.Helpers.NavigationService.NavigateTo(System.Object, System.Object)
   at mbsupport.ViewModel.AdvancedViewModel.ExecuteFixCommand()
 
Exception Info: System.Reflection.TargetInvocationException
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
   at System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
   at GalaSoft.MvvmLight.Helpers.WeakAction.Execute()
   at GalaSoft.MvvmLight.Command.RelayCommand.Execute(System.Object)
   at MS.Internal.Commands.CommandHelpers.CriticalExecuteCommandSource(System.Windows.Input.ICommandSource, Boolean)
   at System.Windows.Controls.Primitives.ButtonBase.OnClick()
   at System.Windows.Controls.Button.OnClick()
   at System.Windows.Controls.Primitives.ButtonBase.OnMouseLeftButtonUp(System.Windows.Input.MouseButtonEventArgs)
   at System.Windows.UIElement.OnMouseLeftButtonUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
   at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
   at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.ReRaiseEventAs(System.Windows.DependencyObject, System.Windows.RoutedEventArgs, System.Windows.RoutedEvent)
   at System.Windows.UIElement.OnMouseUpThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
   at System.Windows.Input.MouseButtonEventArgs.InvokeEventHandler(System.Delegate, System.Object)
   at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
   at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
   at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
   at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs, Boolean)
   at System.Windows.Input.InputManager.ProcessStagingArea()
   at System.Windows.Input.InputManager.ProcessInput(System.Windows.Input.InputEventArgs)
   at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
   at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
   at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at mbsupport.App.Main()
 
Error: (10/20/2022 09:45:45 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
 
System errors:
=============
Error: (10/20/2022 03:05:21 PM) (Source: DCOM) (EventID: 10010) (User: HAL900)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
 
 
Windows Defender:
================
Date: 2022-10-19 13:15:03
Description: 
Controlled Folder Access blocked C:\Windows\System32\WinSAT.exe from making changes to memory.
Detection time: 2022-10-19T17:15:03.661Z
Path: \Device\CdRom0
Process Name: C:\Windows\System32\WinSAT.exe
Security intelligence Version: 1.377.471.0
Engine Version: 1.1.19700.3
Product Version: 4.18.2209.7

==================== Memory info =========================== 
 
BIOS: Hewlett-Packard F.15 05/17/2010
Motherboard: Hewlett-Packard 363F
Processor: AMD Athlon™ II Dual-Core M300
Percentage of memory in use: 53%
Total physical RAM: 7932.2 MB
Available physical RAM: 3687.05 MB
Total Virtual: 9852.2 MB
Available Virtual: 5248.79 MB
 
==================== Drives ================================
 
Drive c: (C ) (Fixed) (Total:444.36 GB) (Free:379.59 GB) (Model: WD Blue SA510 2.5 500GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Removable) (Total:0 GB) (Free:0 GB) 
Drive f: (RECOVERY) (Fixed) (Total:21.1 GB) (Free:9.64 GB) (Model: WD Blue SA510 2.5 500GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: WD Blue SA510 2.5 500GB) FAT32
Drive h: (EFI-SYSTEM) (Removable) (Total:0.06 GB) (Free:0.03 GB) FAT
 
\\?\Volume{7dda13fc-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7DDA13FC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=444.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=108 MB) - (Type=0C)
 
==========================================================
Disk: 1 (Size: 28.7 GB) (Disk ID: 60388F5B)
Partition 1: (Active) - (Size=64 MB) - (Type=0C)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#52
ForrestGump
Posted 21 October 2022 - 02:58 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
ProcessexplorerwithEdge&YT
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
msedge.exe 39.43 376,724 K 437,812 K 7960 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
System Idle Process 25.30 60 K 8 K 0
msedge.exe 12.65 42,976 K 63,440 K 116 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
procexp64.exe 6.70 35,920 K 73,068 K 4884 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
MsMpEng.exe 2.23 256,548 K 201,192 K 3524 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Windows Publisher
Interrupts 2.23 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 2.23 70,740 K 63,008 K 5784 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 2.23 7,380 K 12,848 K 3012 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
msedge.exe 1.49 8,668 K 23,152 K 4652 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
explorer.exe 1.49 80,152 K 148,920 K 1408 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
Taskmgr.exe 0.74 22,248 K 41,716 K 6528 Task Manager Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe 0.74 4,924 K 19,288 K 1984 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 0.74 29,388 K 25,844 K 3340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.74 9,816 K 27,740 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ProcessLasso.exe 0.74 15,944 K 35,716 K 4868 Process Lasso Bitsum LLC (Verified) Bitsum Technologies (Bitsum LLC)
System < 0.01 204 K 3,736 K 4
csrss.exe < 0.01 9,376 K 6,008 K 2520 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
ProcessGovernor.exe < 0.01 4,712 K 10,884 K 3168 Process Lasso Core Engine Bitsum LLC (Verified) Bitsum Technologies (Bitsum LLC)
services.exe < 0.01 6,068 K 10,148 K 660 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,412 K 8,036 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
msedge.exe < 0.01 131,072 K 212,276 K 3608 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe < 0.01 7,972 K 22,032 K 668 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe < 0.01 2,040 K 9,328 K 4252 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3,520 K 21,204 K 2636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
msdt.exe < 0.01 8,644 K 35,204 K 344 Diagnostics Troubleshooting Wizard Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 5,116 K 17,140 K 5376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ShellExperienceHost.exe < 0.01 50,600 K 93,316 K 4964 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 14,500 K 15,124 K 1448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 7,568 K 14,816 K 968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
bitsumsessionagent.exe < 0.01 1,080 K 2,228 K 3896 Process Lasso Session Agent Bitsum LLC (Verified) Bitsum Technologies (Bitsum LLC)
msedge.exe < 0.01 46,072 K 84,760 K 5556 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 5,032 K 16,164 K 7796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
msedge.exe < 0.01 18,320 K 40,824 K 396 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 1,564 K 5,868 K 1064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,908 K 13,676 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
msedge.exe < 0.01 8,724 K 19,116 K 5000 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe < 0.01 1,816 K 5,296 K 484 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,452 K 11,956 K 3820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Memory Compression < 0.01 412 K 101,572 K 2068
WUDFHost.exe 2,028 K 7,932 K 1820 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,764 K 14,472 K 3252 Windows Log-on Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,364 K 6,656 K 592 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
TextInputHost.exe 13,928 K 44,680 K 6512 Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 2,968 K 11,904 K 3372 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SystemSettingsBroker.exe 5,732 K 25,396 K 3416 System Settings Broker Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,060 K 4,964 K 2176 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPEnhService.exe 1,160 K 4,628 K 3476 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 2,184 K 7,012 K 1804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,808 K 9,136 K 3428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,872 K 9,076 K 2280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,896 K 9,948 K 8104 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,308 K 25,588 K 2392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,492 K 12,228 K 4388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,920 K 16,064 K 1736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,940 K 19,264 K 3348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,012 K 11,400 K 3396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,432 K 9,260 K 2092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,388 K 8,976 K 3420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,612 K 14,608 K 3328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,340 K 8,412 K 2628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,320 K 13,608 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,732 K 20,552 K 7408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,840 K 11,252 K 4428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,748 K 7,596 K 4124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,456 K 29,992 K 7916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,944 K 7,272 K 4212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,064 K 9,372 K 7132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,460 K 13,812 K 2804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,956 K 16,228 K 6076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,804 K 11,100 K 5604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,700 K 19,808 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,052 K 12,504 K 3532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,208 K 8,460 K 1908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,380 K 19,696 K 3540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,528 K 15,504 K 2944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,804 K 7,688 K 5320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,484 K 19,416 K 4672 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,924 K 6,020 K 5212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,944 K 7,452 K 1940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,824 K 8,496 K 792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,096 K 6,448 K 1692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,300 K 11,788 K 5400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,048 K 10,920 K 6976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,920 K 25,216 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,216 K 12,408 K 2992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,896 K 11,988 K 8040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,324 K 9,676 K 1088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,180 K 15,396 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,472 K 13,992 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,116 K 8,416 K 1204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,688 K 7,652 K 1292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,444 K 6,688 K 1436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,332 K 5,740 K 1996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,872 K 7,648 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,760 K 7,104 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,864 K 7,656 K 2236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,060 K 7,912 K 2400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,664 K 6,344 K 2700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,472 K 9,284 K 2716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,992 K 7,772 K 3120 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,240 K 5,612 K 3276 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,608 K 6,212 K 3452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,248 K 5,448 K 3504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,728 K 9,728 K 3656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,296 K 5,200 K 3720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,344 K 15,244 K 5100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,244 K 5,436 K 4220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,684 K 8,000 K 472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,756 K 11,908 K 5912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe 27,396 K 68,652 K 7340 (Verified) Microsoft Windows
srvstub.exe 660 K 3,544 K 3268 Stub for service execution Bitsum LLC (Verified) Bitsum Technologies (Bitsum LLC)
spoolsv.exe 5,104 K 12,896 K 2060 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 1,060 K 1,016 K 376 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
smartscreen.exe 7,736 K 23,340 K 2364 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe 6,248 K 30,384 K 3844 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe 4,456 K 7,644 K 6520 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SecurityHealthSystray.exe 1,716 K 9,300 K 940 Windows Security notification icon Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 5,036 K 15,796 K 4848 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchProtocolHost.exe 3,468 K 21,632 K 5660 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 28,984 K 34,360 K 6340 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 2,652 K 12,940 K 2868 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
SearchApp.exe Suspended 92,444 K 86,232 K 6008 Search application Microsoft Corporation (Verified) Microsoft Windows
sdiagnhost.exe 60,168 K 71,412 K 7436 Scripted Diagnostics Native Host Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 6,480 K 20,352 K 4496 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 8,104 K 30,428 K 4940 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 6,692 K 21,368 K 7268 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,084 K 17,908 K 5752 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
Registry 5,596 K 74,524 K 92
procexp.exe 4,256 K 11,384 K 2184 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
OneDrive.exe 21,836 K 71,808 K 5368 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 3,960 K 10,364 K 4772 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Windows Publisher
msedge.exe 65,392 K 99,860 K 1988 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 38,600 K 69,856 K 348 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 59,608 K 78,148 K 3764 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 8,660 K 25,880 K 6068 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 20,388 K 40,596 K 1356 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 20,452 K 37,080 K 6816 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 23,000 K 43,656 K 1700 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 93,388 K 144,968 K 280 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 72,592 K 116,772 K 4232 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 2,072 K 7,276 K 1816 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
GoogleCrashHandler64.exe 1,860 K 1,060 K 7108 Google Crash Handler Google LLC (Verified) Google LLC
GoogleCrashHandler.exe 1,756 K 1,104 K 7100 Google Crash Handler Google LLC (Verified) Google LLC
fontdrvhost.exe 3,400 K 8,344 K 2112 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe 1,264 K 3,596 K 784 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
FileCoAuth.exe 5,164 K 26,984 K 5884 Microsoft OneDriveFile Co-Authoring Executable Microsoft Corporation (Verified) Microsoft Corporation
dllhost.exe 3,928 K 12,612 K 7520 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 5,268 K 14,568 K 7588 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
ctfmon.exe 4,052 K 19,860 K 2504 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 6,672 K 12,768 K 2268 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,100 K 4,628 K 1792 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,284 K 9,264 K 6344 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
ApplicationFrameHost.exe 4,904 K 23,496 K 7420 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

  • 0

#53
ForrestGump
Posted 21 October 2022 - 03:10 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts
LatencyMonwithEdge&YT
 
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:01:00  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        HAL900
OS version:                                           Windows 10, 10.0, version 2009, build: 19045 (x64)
Hardware:                                             HP G61 Notebook PC, Hewlett-Packard
BIOS:                                                 Default System BIOS
CPU:                                                  AuthenticAMD AMD Athlon™ II Dual-Core M300
Logical processors:                                   2
Processor groups:                                     1
Processor group size:                                 2
RAM:                                                  7932 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed (WMI):                             20 MHz
Reported CPU speed (registry):                        1995 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   388.20
Average measured interrupt to process latency (µs):   8.027434
 
Highest measured interrupt to DPC latency (µs):       238.90
Average measured interrupt to DPC latency (µs):       2.75020
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              70.681203
Driver with highest ISR routine execution time:       storport.sys - Microsoft Storage Port Driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.082378
Driver with highest ISR total time:                   i8042prt.sys - i8042 Port Driver, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.260756
 
ISR count (execution time <250 µs):                   33888
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              417.147870
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.154522
Driver with highest DPC total execution time:         dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
 
Total time spent in DPCs (%)                          0.554754
 
DPC count (execution time <250 µs):                   69355
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              2
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 compattelrunner.exe
 
Total number of hard pagefaults                       698
Hard pagefault count of hardest hit process:          675
Number of processes hit:                              10
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       2.542902
CPU 0 ISR highest execution time (µs):                70.681203
CPU 0 ISR total execution time (s):                   0.301225
CPU 0 ISR count:                                      29347
CPU 0 DPC highest execution time (µs):                417.147870
CPU 0 DPC total execution time (s):                   0.507090
CPU 0 DPC count:                                      58419
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.612912
CPU 1 ISR highest execution time (µs):                11.114787
CPU 1 ISR total execution time (s):                   0.014368
CPU 1 ISR count:                                      4541
CPU 1 DPC highest execution time (µs):                269.185464
CPU 1 DPC total execution time (s):                   0.164329
CPU 1 DPC count:                                      10938
_________________________________________________________________________________________________________

  • 0

#54
ForrestGump
Posted 21 October 2022 - 03:43 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

LatencyMonProcesseswithEdge&YT.jpg


  • 0

#55
ForrestGump
Posted 21 October 2022 - 04:22 AM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

LatencyMonDriversWithEdge&Youtube.jpg


  • 0

Advertisements

#56
ForrestGump
Posted 21 October 2022 - 02:47 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Here are my Edge file types & folder details as something within these files/folders is causing ProcessLasso to continually reduce Edge processes

 

Attached File  Edgefiletype&folderinfo.txt   2.05KB   166 downloads


  • 0

#57
RKinner
Posted 21 October 2022 - 03:28 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

The devices with unknown location are the same on mine so not a problem.

 

I expect the problem with Edge is in your profile rather than the actual program.

 

If you look at:

 

C:\Users\doher\AppData\Local\Microsoft\Edge\User Data

 

C:\Users\Rockets\AppData\Local\Microsoft\Edge\User Data

 

This is where it stores data specific to the user.  (I think the Default folder is the one with your actual profile info)  By the way do you see the same problem with both users?

 

We need to do this again:

 

Search for
 
task scheduler
 
When it finds it, right click and Run As Administrator
 
Click on the arrow in front of Task Scheduler Library then
 
Click on the arrow in front of Microsoft
 
Click on the arrow in front of Windows
 
Click on Application Experience.  In the next pane to the right, right click on each Task and Delete.  Should be three or four (later versions) tasks.
 
Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Delete.  Should be two tasks.
 
Close Task Scheduler.
 
Search for
services.msc
hit Enter
 
Find SysMain
Right click on it and select Properties.  Change the Startup Type from Automatic to Disabled.  OK
 
 
 
Download OOSU10.exe:
 
 
Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then go to the Download folder and Right click on the downloaded file and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.
 
Close the program and reboot.
Rerun Latency Monitor and post the summary and a screenshot of the Processes tab.

  • 0

#58
ForrestGump
Posted 21 October 2022 - 03:44 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Here are the TaskMgrProcessDetails, Those Edge Processes look bizzare?

 

Attached File  TaskMgrProcessDetails.txt   30.62KB   166 downloads


  • 0

#59
ForrestGump
Posted 21 October 2022 - 03:57 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

Just saw your post, When I make changes to the OS using the ADMIN Profile does it also make the same changes for the standard user? 


  • 0

#60
ForrestGump
Posted 21 October 2022 - 04:00 PM

ForrestGump

    Member

  • Topic Starter
  • Member
  • PipPip
  • 91 posts

BTW Edge CPU usage is the same on either profile


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP