Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Slow Bootups and slow program loading [Solved]

Started by denisg79 , Jan 27 2025 04:45 PM

Slow Bootup

This topic is locked

#16
denisg79

Posted 01 February 2025 - 03:24 PM

Member

Topic Starter
Member
46 posts

Here are the new files

Attached Files

Addition.txt 32.54KB 36 downloads
FRST.txt 26.87KB 36 downloads

#17
DR M

Posted 02 February 2025 - 05:01 AM

The Grecian Geek

Malware Removal
4,416 posts

Hi, Dennis.

Let's proceed to some maintenance.

1. Uninstall programs

Java: it is outdated, and this makes it to a security risk. If you really need it, you can download the latest version, but not now. When we finish from this cleaning process.

V41: it seems that there are activation issues with it. If you have a genuine license, uninstall and reinstall it. Otherwise, uninstall it completely.

2. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Start::
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1734]
FirewallRules: [TCP Query User{BDD731BC-B213-4548-8EE4-E2D438830DD7}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{728CF86C-4F84-467B-B648-A0571E212904}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
2025-01-21 10:49 - 2024-06-08 10:13 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::

Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt on your Desktop.
Post the log in your next reply.

In your next reply, please post:

If uninstalling the 2 programs ran smoothly
The fixlog.txt

#18
denisg79

Posted 02 February 2025 - 02:18 PM

Member

Topic Starter
Member
46 posts

I ran the FRST64 fix and Fixlog.txt is below. I then removed the V41 program successfully. I do have a program that uses the JAVA platform. I will go ahead and update that when you give me the OK. I noticed in the fix that there was some work on the EPIC Fortnite game. That was for my grandson, and he does not run that anymore and I was hoping that it was uninstalled. Maybe that is what the FIX did on anything still left out there.

Here is Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2025

Ran by denis (02-02-2025 13:16:13) Run:1

Running from C:\Users\denis\OneDrive\Desktop

Loaded Profiles: denis

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start::

CreateRestorePoint:

CloseProcesses:

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1734]

FirewallRules: [TCP Query User{BDD731BC-B213-4548-8EE4-E2D438830DD7}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File

FirewallRules: [UDP Query User{728CF86C-4F84-467B-B648-A0571E212904}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION

2025-01-21 10:49 - 2024-06-08 10:13 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert

CMD: DISM /Online /Cleanup-Image /RestoreHealth

CMD: SFC /scannow

EmptyTemp:

End::

*****************

Restore point was successfully created.

Processes closed successfully.

C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BDD731BC-B213-4548-8EE4-E2D438830DD7}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{728CF86C-4F84-467B-B648-A0571E212904}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully

HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully

HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully

"C:\Program Files (x86)\HitmanPro.Alert" Folder move:

Could not move "C:\Program Files (x86)\HitmanPro.Alert" => Scheduled to move on reboot.

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Deployment Image Servicing and Management tool

Version: 10.0.19041.3636

Image Version: 10.0.19045.5371

[== 3.8% ]

[== 4.2% ]

[== 4.6% ]

[== 4.8% ]

[=== 5.4% ]

[=== 5.5% ]

[=== 6.0% ]

[=== 6.3% ]

[=== 6.5% ]

[=== 6.6% ]

[==== 7.0% ]

[==== 7.3% ]

[==== 7.5% ]

[==== 7.8% ]

[==== 8.1% ]

[==== 8.2% ]

[==== 8.5% ]

[===== 8.8% ]

[===== 9.1% ]

[===== 9.2% ]

[===== 9.4% ]

[===== 9.7% ]

[===== 10.0% ]

[====== 10.4% ]

[====== 10.8% ]

[====== 11.2% ]

[====== 11.3% ]

[====== 11.8% ]

[======= 12.1% ]

[======= 12.5% ]

[======= 12.7% ]

[======= 12.8% ]

[======= 12.9% ]

[======= 13.1% ]

[======= 13.2% ]

[======= 13.5% ]

[======== 13.8% ]

[======== 14.3% ]

[======== 14.6% ]

[======== 14.7% ]

[======== 14.9% ]

[======== 15.2% ]

[========= 15.6% ]

[========= 15.9% ]

[========= 16.2% ]

[========= 16.3% ]

[========= 16.5% ]

[========= 16.9% ]

[========= 17.1% ]

[========== 17.3% ]

[========== 17.5% ]

[========== 17.8% ]

[========== 18.0% ]

[========== 18.3% ]

[========== 18.5% ]

[========== 18.6% ]

[========== 18.9% ]

[=========== 19.2% ]

[=========== 19.6% ]

[=========== 19.8% ]

[=========== 20.0% ]

[=========== 20.1% ]

[=========== 20.2% ]

[=========== 20.3% ]

[=========== 20.4% ]

[============ 20.8% ]

[============ 21.4% ]

[============= 22.4% ]

[============= 23.4% ]

[============== 24.3% ]

[============== 24.8% ]

[============== 25.3% ]

[=============== 26.2% ]

[=============== 26.9% ]

[================ 27.6% ]

[================ 28.2% ]

[================ 28.8% ]

[================ 28.9% ]

[================ 29.0% ]

[================ 29.1% ]

[================ 29.2% ]

[================= 29.5% ]

[================= 29.7% ]

[================= 30.0% ]

[================= 30.3% ]

[================= 30.6% ]

[================= 30.9% ]

[================= 31.0% ]

[================== 31.1% ]

[================== 31.3% ]

[================== 31.7% ]

[================== 32.5% ]

[=================== 33.4% ]

[=================== 33.9% ]

[=================== 34.4% ]

[==================== 34.6% ]

[==================== 35.2% ]

[==================== 35.5% ]

[==================== 35.8% ]

[===================== 36.3% ]

[===================== 36.6% ]

[===================== 37.1% ]

[===================== 37.4% ]

[===================== 37.7% ]

[====================== 38.0% ]

[====================== 38.3% ]

[====================== 38.6% ]

[====================== 38.9% ]

[====================== 39.0% ]

[====================== 39.2% ]

[====================== 39.4% ]

[====================== 39.6% ]

[======================= 39.8% ]

[======================= 39.9% ]

[======================= 40.1% ]

[======================= 40.3% ]

[======================= 40.5% ]

[======================= 40.6% ]

[======================= 40.7% ]

[======================= 40.8% ]

[======================= 40.9% ]

[======================= 41.0% ]

[======================= 41.1% ]

[======================= 41.2% ]

[======================== 41.7% ]

[======================== 42.0% ]

[======================== 42.2% ]

[======================== 42.3% ]

[======================== 42.4% ]

[======================== 42.6% ]

[======================== 42.8% ]

[======================== 43.1% ]

[========================= 43.2% ]

[========================= 43.3% ]

[========================= 43.5% ]

[========================= 43.7% ]

[========================= 43.8% ]

[========================= 43.9% ]

[========================= 44.2% ]

[========================= 44.4% ]

[========================= 44.5% ]

[========================= 44.6% ]

[========================= 44.7% ]

[========================= 44.8% ]

[========================== 44.8% ]

[========================== 44.9% ]

[========================== 45.1% ]

[========================== 45.2% ]

[========================== 45.4% ]

[========================== 45.7% ]

[========================== 45.9% ]

[========================== 46.0% ]

[========================== 46.1% ]

[========================== 46.2% ]

[========================== 46.3% ]

[========================== 46.4% ]

[========================== 46.5% ]

[===========================46.6% ]

[===========================46.7% ]

[===========================46.9% ]

[===========================47.0% ]

[===========================47.2% ]

[===========================47.5% ]

[===========================47.6% ]

[===========================47.8% ]

[===========================48.0% ]

[===========================48.1% ]

[===========================48.2% ]

[===========================48.3% ]

[===========================48.5% ]

[===========================48.7% ]

[===========================48.8% ]

[===========================49.0% ]

[===========================49.1% ]

[===========================49.2% ]

[===========================49.4% ]

[===========================49.7% ]

[===========================49.8% ]

[===========================49.9% ]

[===========================50.1% ]

[===========================50.3% ]

[===========================50.4% ]

[===========================50.5% ]

[===========================50.6% ]

[===========================50.7% ]

[===========================50.8% ]

[===========================50.9% ]

[===========================51.0% ]

[===========================51.1% ]

[===========================51.2% ]

[===========================51.4% ]

[===========================51.5% ]

[===========================51.8% ]

[===========================52.2% ]

[===========================52.3% ]

[===========================52.4% ]

[===========================52.9% ]

[===========================53.2% ]

[===========================53.5% ]

[===========================53.7% ]

[===========================54.0% ]

[===========================54.3% ]

[===========================54.6% ]

[===========================54.8% ]

[===========================54.9% ]

[===========================55.0% ]

[===========================55.1% ]

[===========================55.2% ]

[===========================55.3% ]

[===========================55.4% ]

[===========================55.5% ]

[===========================55.6% ]

[===========================55.7% ]

[===========================55.8% ]

[===========================55.9% ]

[===========================56.0% ]

[===========================56.1% ]

[===========================56.2% ]

[===========================56.3% ]

[===========================56.4% ]

[===========================56.5% ]

[===========================56.6% ]

[===========================56.7% ]

[===========================56.8% ]

[===========================56.9%= ]

[===========================57.0%= ]

[===========================57.1%= ]

[===========================57.2%= ]

[===========================57.3%= ]

[===========================57.4%= ]

[===========================57.5%= ]

[===========================57.6%= ]

[===========================58.0%= ]

[===========================58.1%= ]

[===========================58.6%= ]

[===========================58.6%== ]

[===========================58.8%== ]

[===========================59.5%== ]

[===========================60.1%== ]

[===========================62.3%==== ]

[===========================84.9%================= ]

[==========================100.0%==========================]

The restore operation completed successfully.

The operation completed successfully.

========= End of CMD: =========

========= SFC /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.

Verification 1% complete.

Verification 2% complete.

Verification 3% complete.

Verification 4% complete.

Verification 5% complete.

Verification 6% complete.

Verification 7% complete.

Verification 8% complete.

Verification 9% complete.

Verification 10% complete.

Verification 11% complete.

Verification 12% complete.

Verification 13% complete.

Verification 14% complete.

Verification 15% complete.

Verification 16% complete.

Verification 17% complete.

Verification 18% complete.

Verification 19% complete.

Verification 20% complete.

Verification 21% complete.

Verification 22% complete.

Verification 23% complete.

Verification 24% complete.

Verification 25% complete.

Verification 26% complete.

Verification 27% complete.

Verification 28% complete.

Verification 29% complete.

Verification 30% complete.

Verification 31% complete.

Verification 32% complete.

Verification 33% complete.

Verification 34% complete.

Verification 35% complete.

Verification 36% complete.

Verification 37% complete.

Verification 38% complete.

Verification 39% complete.

Verification 40% complete.

Verification 41% complete.

Verification 42% complete.

Verification 43% complete.

Verification 44% complete.

Verification 45% complete.

Verification 46% complete.

Verification 47% complete.

Verification 48% complete.

Verification 49% complete.

Verification 50% complete.

Verification 51% complete.

Verification 52% complete.

Verification 53% complete.

Verification 54% complete.

Verification 55% complete.

Verification 56% complete.

Verification 57% complete.

Verification 58% complete.

Verification 59% complete.

Verification 60% complete.

Verification 61% complete.

Verification 62% complete.

Verification 63% complete.

Verification 64% complete.

Verification 65% complete.

Verification 66% complete.

Verification 67% complete.

Verification 68% complete.

Verification 69% complete.

Verification 70% complete.

Verification 71% complete.

Verification 72% complete.

Verification 73% complete.

Verification 74% complete.

Verification 75% complete.

Verification 76% complete.

Verification 77% complete.

Verification 78% complete.

Verification 79% complete.

Verification 80% complete.

Verification 81% complete.

Verification 82% complete.

Verification 83% complete.

Verification 84% complete.

Verification 85% complete.

Verification 86% complete.

Verification 87% complete.

Verification 88% complete.

Verification 89% complete.

Verification 90% complete.

Verification 91% complete.

Verification 92% complete.

Verification 93% complete.

Verification 94% complete.

Verification 95% complete.

Verification 96% complete.

Verification 97% complete.

Verification 98% complete.

Verification 99% complete.

Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed

BITS transfer queue => 1310720 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 178626184 B

Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B

Windows/system/drivers => 118294739 B

Edge => 0 B

Firefox => 137537462 B

Opera => 0 B

Temp, IE cache, history, cookies, recent:

Default => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 899 B

systemprofile32 => 899 B

LocalService => 134217 B

NetworkService => 277621 B

denis => 18164957 B

RecycleBin => 50245029460 B

EmptyTemp: => 47.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-02-2025 13:54:57)

C:\Program Files (x86)\HitmanPro.Alert => Could not move

==== End of Fixlog 13:54:58 ====

#19
DR M

Posted 03 February 2025 - 10:52 AM

The Grecian Geek

Malware Removal
4,416 posts

Hi, Denis.

Yes, there were some remnants we removed. The fixed also repaired system files.

Did you uninstall Java? If not, please do so, and at the end you can install the latest version.

To ensure that everything is clean:

ESET Online Scan

Download ESET Online Scanner and save it to your desktop.

Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
When the tool opens, click Get Started.
Read and accept the license agreement.
At the Welcome to ESET Online Scanner window, click Get Started.
Select whether you would like to send anonymous data to ESET.
Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
Click on the Full Scan option.
Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
ESET will now begin scanning your computer. This may take some time.
When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

#20
denisg79

Posted 04 February 2025 - 08:38 AM

Member

Topic Starter
Member
46 posts

I removed JAVA and ran ESET. It ran across all my drives and the errors seem to have been on my external drives. Looks like did not find anything on my local C: drive.

ESET.txt

2/4/2025 8:27:43 AM

Scanned files: 6300666

Detected files: 8

Cleaned files: 8

Total scan time 15:12:45

Scan status: Finished

E:\DPGComputer30Dec2023\Documents\Ham_Radio\Tytera_MD_380\DriverFinderInstall.exe a variant of Win32/DriverFinder.A potentially unwanted application cleaned by deleting

E:\DPG_OldHPBackup23Jan2024\Documents\Ham_Radio\Tytera_MD_380\DriverFinderInstall.exe a variant of Win32/DriverFinder.A potentially unwanted application cleaned by deleting

E:\MyPassport-26Sept2024\WD Backup.swstor\gbwil\ZjdkMDQ0MWUyNTYyNGUxYj\Volume{17e6d7d7-00f4-40f3-8537-21ba5f112d68}\Users\gbwil\Downloads\mjaaqkioyg.wsf VBS/TrojanDownloader.Agent.ZNO trojan cleaned by deleting

E:\MyPassport-26Sept2024\WD Backup.swstor\Owner\MWY1ZTE4ODc4NTAyNDVkZT\Volume{19fc281d-0000-0000-0000-501f00000000}\Users\Owner\AppData\Local\Mozilla\Firefox\Profiles\emurg7ob.default\extensions\[email protected]\bootstrap.js JS/Mindspark.D potentially unwanted application cleaned by deleting

E:\MyPassport-26Sept2024\WD Backup.swstor\Owner\MWY1ZTE4ODc4NTAyNDVkZT\Volume{19fc281d-0000-0000-0000-501f00000000}\Users\Owner\Downloads\Wave Browser.exe a variant of Win32/WaveBrowser.C potentially unwanted application cleaned by deleting

G:\DPGComputer23Feb2024\Documents\Ham_Radio\Tytera_MD_380\DriverFinderInstall.exe a variant of Win32/DriverFinder.A potentially unwanted application cleaned by deleting

I:\AndreaBackupHP27Jun2024\Program Files (x86)\Freemake\Freemake Video Converter\FMCommon\ConverterCommon\BrowserPlugin.dll a variant of MSIL/Freemake.A potentially unwanted application cleaned by deleting

I:\DPG_OldHPBackup23Jan2024\Documents\Ham_Radio\Tytera_MD_380\DriverFinderInstall.exe a variant of Win32/DriverFinder.A potentially unwanted application cleaned by deleting

#21
DR M

Posted 04 February 2025 - 12:41 PM

The Grecian Geek

Malware Removal
4,416 posts

Yes, I can see that ESET didn't detect anything in C.

Remove the external drives and run another scan with FRST tool, please. Attach the 2 created logs.

Let me also know what issues you are experiencing right now.

#22
denisg79

Posted 04 February 2025 - 08:07 PM

Member

Topic Starter
Member
46 posts

I have rerun the FRST64 program and attached the files.

The major issue that O have is that the computer is still very slow in starting up and in starting up applications.

I have done some more testing and this is what I am getting:

Yesterday

From turning on the splash screen 4 minutes and 11 sec

another one minute and 35 sec to the login screen

another 37 sec to the full screen with all the icons

Today no external drives attached

From turning on the splash screen 1 minutes and 50 sec

another one minute and 14 sec to the login screen

another 1 min and 5 sec to the full screen with all the icons

Seems better but still longer than I think it should.

For example, I have an older file server with an I5-4570 chip, 14 gig of RAM and 1 terabyte HD

and it takes 23 sec to get to the splash screen, another 1 sec to login and another 2 sec to the

screen with all the icons. I can live with that.

Also, when I turned off my laptop, it took 14 sec for the screen to go black and another 1 minute and 33 sec for the power and disk lights to go out.

After the boot up, it took Edge 1 minute 32 secs to open up. I closed it and opened it again and it took 13 sec. closed it and now it takes about 1 sec to open up.

Firefox took 3 minutes and 1 sec to open up. I closed it and opened it again and took 4 sec

Excel took 2 minutes and 18 sec to open up. I closed it and opened it again and took 2 sec.

LibreCAD took 1 min and 3 sec to open up. I closed it and opened it again and took 3 sec.

iDRIVE took 59 sec to open up. I closed it and opened it again and took 33 sec.

So looks like it is taking "forever" to do the initial opening and after then it is faster.

On the old I5-4570 computer, it only took 2 sec for Edge to open the first time

and FIrefox only took 2.3 sec.

Any more thoughts would be greatly appreciated.

Denis G.

Attached Files

FRST.txt 27.73KB 34 downloads
Addition.txt 31.82KB 34 downloads

#23
DR M

Posted 05 February 2025 - 01:44 AM

The Grecian Geek

Malware Removal
4,416 posts

Hi, Denis.

It is not a malware issue.

I have two more things to check.

Here it's the first one:

Check services

Please download Farbar Service Scanner and save it on your Desktop.
Right click on the tool icon and run it as administrator.
Make sure all the options are checked.
Click on the Scan button.
It will create a log (FSS.txt) on your Desktop.
Copy and paste the log's content to your next reply.

#24
denisg79

Posted 05 February 2025 - 04:48 PM

Member

Topic Starter
Member
46 posts

FSS.txt

Farbar Service Scanner Version: 18-01-2025

Ran by denis (administrator) on 05-02-2025 at 16:41:11

Running from "C:\Users\denis\OneDrive\Desktop"

Microsoft Windows 10 Pro (X64)

Boot Mode: Normal

****************************************************************

RpcSs and PlugPlay:

================

C:\Windows\System32\umpnpmgr.dll => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

Internet Services:

============

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\DRIVERS\tdx.sys => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tcpip.sys => File is digitally signed

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

Firewall Disabled Policy:

==================

System Restore:

============

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

System Restore Policy:

========================

Windows Security:

============

C:\Windows\System32\SecurityHealthService.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

Windows Update:

===============

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Windows\System32\usosvc.dll => File is digitally signed

C:\Windows\System32\WaaSMedicSvc.dll => File is digitally signed

C:\Windows\System32\dosvc.dll => File is digitally signed

Windows Autoupdate Disabled Policy:

============================

Windows Defender Disabled Policy:

==========================

Windows Defender:

==============

windefend Service is not running. Checking service configuration:

The start type of windefend service is "Demand".

The ImagePath of windefend: ""C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe"".

WdNisSvc Service is not running. Checking service configuration:

The start type of WdNisSvc service is "Demand".

The ImagePath of WdNisSvc: ""%ProgramData%\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe"".

MDCoreSvc Service is not running. Checking service configuration:

The start type of MDCoreSvc service is "Demand".

The ImagePath of MDCoreSvc: ""%ProgramData%\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe"".

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe => File is digitally signed

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe => File is digitally signed

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe => File is digitally signed

Other Services:

==============

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\ipsecsvc.dll => File is digitally signed

C:\Windows\System32\termsrv.dll => File is digitally signed

**** End of log ****

#25
DR M

Posted 06 February 2025 - 04:50 AM

The Grecian Geek

Malware Removal
4,416 posts

The services are OK.

One last thing. I don't think it will add something to your initial issue, but it won't hurt.

In-place upgrade

This will reinstall and update the operating system and fix any corruptions, without removing any file or program.

Go to this Microsoft page and under the title Create Windows 10 installation media press on Download tool now.
Save the tool on your Desktop and double click to run it.
On the License terms page, if you accept the license terms, select Accept.
On the What do you want to do page, select Upgrade this PC now, and then select Next.
Follow the instructions and select Keep personal files and apps, when you are asked to.
It might take a couple of hours, depending on your wifi speed connection, to install Windows 10. Your PC will restart a few times. Make sure you don’t turn off your PC.
After downloading and installing, the tool will walk you through how to set up Windows 10 on your PC.

Let me know if everything ran smoothly.

#26
DR M

Posted 08 February 2025 - 02:16 AM

The Grecian Geek

Malware Removal
4,416 posts

Hi, Dennis.

Have you tried the above?

#27
denisg79

Posted 08 February 2025 - 04:21 PM

Member

Topic Starter
Member
46 posts

Yes, got it completed and here are some results:

Much faster, Bootup to splash screen 26 sec

then to login screen 18 sec.

then to working screen 4 sec

So, from Turning on to working screen, less than 1 minute.

Much better.

Start Task Manager 3 sec

Start edge 2 sec

Start firefox 4 sec

Start excel 6 sec

Start Word 3 sec

Start LibreCAD 6 sec

Start IDrive 10 sec

Start CrystalDiskInfo 14 sec Says C: is Good 44%

#28
DR M

Posted 10 February 2025 - 12:52 AM

The Grecian Geek

Malware Removal
4,416 posts

Hi, Denis.

Apologies for the delay.

Your news is good!

The only thing I never saw before is that 44% in the CrystalDiskInfo result. But since we performed additional checks, I would pass that and move on.

I think that we reached the end of the process.

If no other questions/concerns...

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.

Right-click kprm_(version).exe and select Run as Administrator.
Read and accept the disclaimer.
When the tool opens, ensure all boxes under Actions are checked.
Under Delete Quarantines select Delete Now, then click Run.
Once complete, click OK.
A log will open in Notepad titled kprm-(date).txt.
Please copy and paste its contents in your next reply.

Note: If there is a warning about this tool, go on to download it, since it is a false/positive. Choose More info and continue from there.

#29
denisg79

Posted 11 February 2025 - 01:06 PM

Member

Topic Starter
Member
46 posts

Here it is:

# Run at 2/11/2025 12:59:15 PM

# KpRm (Kernel-panik) version 2.18.0

# Website https://kernel-panik.me/tool/kprm/

# Run by denis from C:\Users\denis\OneDrive\Desktop

# Computer Name: DENIS-HPLAPTOP

# OS: Windows 10 X64 (19045) (10.0.19045.5371)

# Number of passes: 1

- Checked options -

~ Registry Backup

~ Delete Tools

~ Restore System Settings

~ UAC Restore

~ Delete Restore Points

~ Create Restore Point

~ Delete Quarantines

- Create Registry Backup -

~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up

~ [OK] Hive C:\Users\denis\NTUSER.dat backed up

[OK] Registry Backup: C:\KPRM\backup\2025-02-11-12-59-14

- Delete Tools -

## ESET Online Scanner

[OK] C:\Users\denis\OneDrive\Desktop\esetonlinescanner.exe deleted

[OK] C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk deleted

[OK] C:\Users\denis\AppData\Local\ESET\ESETOnlineScanner deleted

## FRST

[OK] C:\Users\denis\OneDrive\Desktop\Addition.txt deleted

[OK] C:\Users\denis\OneDrive\Desktop\FRST-OlderVersion deleted

[OK] C:\Users\denis\OneDrive\Desktop\FRST.txt deleted

[OK] C:\Users\denis\OneDrive\Desktop\FRST64.exe deleted

[OK] C:\FRST deleted

## FSS

[OK] C:\Users\denis\OneDrive\Desktop\FSS.exe deleted

[OK] C:\Users\denis\OneDrive\Desktop\FSS.txt deleted

- Restore System Settings -

[OK] Reset WinSock

[OK] FLUSHDNS

[OK] Hide Hidden file.

[OK] Show Extensions for known file types

[OK] Hide protected operating system files

- Restore UAC -

[OK] Set EnableLUA with default (1) value

[OK] Set ConsentPromptBehaviorAdmin with default (5) value

[OK] Set ConsentPromptBehaviorUser with default (3) value

[OK] Set EnableInstallerDetection with default (0) value

[OK] Set EnableSecureUIAPaths with default (1) value

[OK] Set EnableUIADesktopToggle with default (0) value

[OK] Set EnableVirtualization with default (1) value

[OK] Set FilterAdministratorToken with default (0) value

[OK] Set PromptOnSecureDesktop with default (1) value

[OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

[I] No system recovery points were found

- Create Restore Point -

[OK] System Restore Point created

- Display System Restore Point -

~ [I] RP named KpRm created at 02/11/2025 18:59:44

-- KPRM finished in 70.75s --

#30
DR M

Posted 11 February 2025 - 01:22 PM

The Grecian Geek

Malware Removal
4,416 posts

Thanks, Denis.

If you deal with any issue in the future, let us know.

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

As Featured On:

Geeks to Go Forum 343,493 topics
Quick Links FAQ Malware Cleaning Guide How it Works
Downloads 2+ million

View New Content

Slow Bootups and slow program loading [Solved]

#16
denisg79

Posted 01 February 2025 - 03:24 PM

Attached Files

Advertisements

#17
DR M

Posted 02 February 2025 - 05:01 AM

#18
denisg79

Posted 02 February 2025 - 02:18 PM

#19
DR M

Posted 03 February 2025 - 10:52 AM

#20
denisg79

Posted 04 February 2025 - 08:38 AM

#21
DR M

Posted 04 February 2025 - 12:41 PM

#22
denisg79

Posted 04 February 2025 - 08:07 PM

Attached Files

#23
DR M

Posted 05 February 2025 - 01:44 AM

#24
denisg79

Posted 05 February 2025 - 04:48 PM

#25
DR M

Posted 06 February 2025 - 04:50 AM

Advertisements

#26
DR M

Posted 08 February 2025 - 02:16 AM

#27
denisg79

Posted 08 February 2025 - 04:21 PM

#28
DR M

Posted 10 February 2025 - 12:52 AM

#29
denisg79

Posted 11 February 2025 - 01:06 PM

#30
DR M

Posted 11 February 2025 - 01:22 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Slow Bootups and slow program loading [Solved]

#16 denisg79 Posted 01 February 2025 - 03:24 PM

Attached Files

Advertisements

#17 DR M Posted 02 February 2025 - 05:01 AM

#18 denisg79 Posted 02 February 2025 - 02:18 PM

#19 DR M Posted 03 February 2025 - 10:52 AM

#20 denisg79 Posted 04 February 2025 - 08:38 AM

#21 DR M Posted 04 February 2025 - 12:41 PM

#22 denisg79 Posted 04 February 2025 - 08:07 PM

Attached Files

#23 DR M Posted 05 February 2025 - 01:44 AM

#24 denisg79 Posted 05 February 2025 - 04:48 PM

#25 DR M Posted 06 February 2025 - 04:50 AM

Advertisements

#26 DR M Posted 08 February 2025 - 02:16 AM

#27 denisg79 Posted 08 February 2025 - 04:21 PM

#28 DR M Posted 10 February 2025 - 12:52 AM

#29 denisg79 Posted 11 February 2025 - 01:06 PM

#30 DR M Posted 11 February 2025 - 01:22 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#16
denisg79

Posted 01 February 2025 - 03:24 PM

#17
DR M

Posted 02 February 2025 - 05:01 AM

#18
denisg79

Posted 02 February 2025 - 02:18 PM

#19
DR M

Posted 03 February 2025 - 10:52 AM

#20
denisg79

Posted 04 February 2025 - 08:38 AM

#21
DR M

Posted 04 February 2025 - 12:41 PM

#22
denisg79

Posted 04 February 2025 - 08:07 PM

#23
DR M

Posted 05 February 2025 - 01:44 AM

#24
denisg79

Posted 05 February 2025 - 04:48 PM

#25
DR M

Posted 06 February 2025 - 04:50 AM

#26
DR M

Posted 08 February 2025 - 02:16 AM

#27
denisg79

Posted 08 February 2025 - 04:21 PM

#28
DR M

Posted 10 February 2025 - 12:52 AM

#29
denisg79

Posted 11 February 2025 - 01:06 PM

#30
DR M

Posted 11 February 2025 - 01:22 PM