Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Download Speed (I Want To Rule Out The Possibility Of An Infection)


  • Please log in to reply
10 replies to this topic

#1 JayG93

JayG93

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 25 May 2017 - 04:08 PM

I have fast internet, but slow & unstable download speeds. I've begun to notice that sometimes internet pages don't load & I have to refresh them for them to load properly. Here's the main thread, I was told to come here to rule out the possibility of an infection. https://www.bleepingcomputer.com/forums/t/646963/fast-internet-slow-download-speed/



BC AdBot (Login to Remove)

 


#2 unopie

unopie

  • Malware Study Hall Senior
  • 252 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:09:22 PM

Posted 25 May 2017 - 04:49 PM

Always a safe option to run some scans huh?  :thumbup2:

 

Please follow these instructions to run some general scans:

 

 

1. Security check 18b017ac62b0f0034f5b9c3e9023c581.png (Credit to Broni for his canned speech)

  • 1. Please download securitycheck.exe using this hyperlink
  • 2. A command window will pop-up, press any key to continue.
  • 3. A notepad document will pop-up when it is finished, copy and paste this information in your next reply

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

 

2. Please download Malwarebytes' Anti-Malware to your desktop. e053db979cdb4479aada2e84d456e2db.png
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

3. Eset Online Scanner: (will take a while)44a377f2176a1295f25e1769a98603a1.png
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Press that you120o0zm.png the terms and conditions.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan Archives
Enable Anti-Stealth technology
 
 
Your settings should look like this picture:
cacd087c854a7a30dbaaa0373d1e260a.png
  • Click Scan to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
  • Copy and paste notepad contents to your next reply.

 


Edited by unopie, 25 May 2017 - 04:51 PM.


#3 JayG93

JayG93
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 26 May 2017 - 09:58 PM

 

Always a safe option to run some scans huh?  :thumbup2:

 

Please follow these instructions to run some general scans:

 

 

1. Security check 18b017ac62b0f0034f5b9c3e9023c581.png (Credit to Broni for his canned speech)

  • 1. Please download securitycheck.exe using this hyperlink
  • 2. A command window will pop-up, press any key to continue.
  • 3. A notepad document will pop-up when it is finished, copy and paste this information in your next reply

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

 

2. Please download Malwarebytes' Anti-Malware to your desktop. e053db979cdb4479aada2e84d456e2db.png
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

3. Eset Online Scanner: (will take a while)44a377f2176a1295f25e1769a98603a1.png
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Press that you120o0zm.png the terms and conditions.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan Archives
Enable Anti-Stealth technology
 
 
Your settings should look like this picture:
cacd087c854a7a30dbaaa0373d1e260a.png
  • Click Scan to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
  • Copy and paste notepad contents to your next reply.

 

 

1.

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome (58.0.3029.110) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamtray.exe  
 Windows Defender MSASCuiL.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
 
2.Hyper/Quick Scan wasn't available to me so I ran a Threat Scan.
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 5/26/17
Scan Time: 7:19 PM
Log File: Malwarebytes Threat Scan Results.txt
Administrator: Yes
 
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.2030
License: Expired
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-6V0T8LK\Phantom
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341464
Threats Detected: 15
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 3 min, 10 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 8
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, No Action By User, [524], [260991],1.0.2030
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, No Action By User, [631], [389038],1.0.2030
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, No Action By User, [631], [389038],1.0.2030
PUP.Optional.SearchManager, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, No Action By User, [524], [183362],1.0.2030
PUP.Optional.ProductSetup, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\PRODUCTSETUP, No Action By User, [14827], [242047],1.0.2030
PUP.Optional.InstallCore, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\csastats, No Action By User, [3], [260986],1.0.2030
PUP.Optional.WinYahoo, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}, No Action By User, [90], [182757],1.0.2030
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, No Action By User, [524], [260991],1.0.2030
 
Registry Value: 3
PUP.Optional.ProductSetup, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\PRODUCTSETUP|TB, No Action By User, [14827], [242047],1.0.2030
PUP.Optional.WinYahoo, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}|URL, No Action By User, [90], [182757],1.0.2030
PUP.Optional.NotChromeRun, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, No Action By User, [1382], [391151],1.0.2030
 
Registry Data: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-2439127063-1560542713-819147253-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, No Action By User, [90], [293459],1.0.2030
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 3
PUP.Optional.WinYahoo, C:\USERS\CALIF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BDWYDQH7.DEFAULT\PREFS.JS, No Action By User, [90], [303324],1.0.2030
PUP.Optional.ByteFence, C:\USERS\CALIF\APPDATA\LOCAL\TEMP\TMPSEC3153090\BYTEFENCE-INSTALLER_3.9.0.3.EXE, No Action By User, [631], [389016],1.0.2030
PUP.Optional.WinYahoo, C:\USERS\CALIF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BDWYDQH7.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, No Action By User, [90], [302726],1.0.2030
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 
 
 
3. It said "Can not get update. Is proxy configured?"


#4 unopie

unopie

  • Malware Study Hall Senior
  • 252 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:09:22 PM

Posted 26 May 2017 - 10:02 PM

The malwarebytes scan has only pups, so no worry there, however you said the eset wouldn't let you update hmmm...

 

Did you disable all antivirus beforehand? ( Windows Defender + Windows Firewall )

 

Do you use a vpn or proxy of the like which you could disable?



#5 JayG93

JayG93
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 26 May 2017 - 11:49 PM

The malwarebytes scan has only pups, so no worry there, however you said the eset wouldn't let you update hmmm...

 

Did you disable all antivirus beforehand? ( Windows Defender + Windows Firewall )

 

Do you use a vpn or proxy of the like which you could disable?

Yes, I did. I signed out & signed in after I disabled them as well.

 

I turned them back on, signed out & in. When I opened up ESET it immediately asked me if the proxy was configured. I tried to initiate the scan anyways & the scan worked. I'm assuming this has something to do with my fluctuating internet connection. It didn't find any threats. However, was while the antivirus was turned on. I could turn them off & try to scan with them off again, if you want. I don't mind.


Edited by JayG93, 26 May 2017 - 11:50 PM.


#6 unopie

unopie

  • Malware Study Hall Senior
  • 252 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:09:22 PM

Posted 27 May 2017 - 10:52 AM

Its fine that the av's were on if it didn't find anything and that it ran.

 

I'd say that malware isn't the problem for your case. 



#7 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 PM

Posted 27 May 2017 - 01:38 PM

Rerun MBAM and be sure to allow it to remove all that it found. Post the log.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

download MiniToolBox and run it.

Checkmark following boxes:

  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List last 10 Event Viewer logs
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 JayG93

JayG93
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 27 May 2017 - 04:47 PM

 

Rerun MBAM and be sure to allow it to remove all that it found. Post the log.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

download MiniToolBox and run it.

Checkmark following boxes:

  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List last 10 Event Viewer logs
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

 

MBAM didn't detect anything.
 
 
I've actually used CCleaner to clean the registry a couple weeks ago, I hope I didn't mess anything up.
 
 
AdwCleaner:
 
# AdwCleaner v6.047 - Logfile created 27/05/2017 at 14:29:41
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-26.6 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Phantom - DESKTOP-6V0T8LK
# Running from : C:\Users\Calif\Downloads\adwcleaner_6.047.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
 
 
***** [ Files ] *****
 
[-] File deleted: C:\END
[-] File deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage
[-] File deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage-journal
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: nonjdcjchghhkdoolnlbekcfllmednbl
[-] [C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1258 Bytes] - [17/05/2017 17:14:41]
C:\AdwCleaner\AdwCleaner[C2].txt - [1556 Bytes] - [27/05/2017 14:29:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [1301 Bytes] - [17/05/2017 17:09:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [1296 Bytes] - [18/05/2017 00:01:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [2231 Bytes] - [27/05/2017 14:27:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1848 Bytes] ##########
 
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Phantom (Administrator) on Sat 05/27/2017 at 14:37:57.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 4 
 
Successfully deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
Successfully deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg (Folder) 
Successfully deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
Successfully deleted: C:\Users\Calif\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage (File) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/27/2017 at 14:40:37.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
MTB:
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Phantom (administrator) on 27-05-2017 at 14:42:13
Running from "C:\Users\Calif\Downloads"
Microsoft Windows 10 Home  (X64)
Model: To be filled by O.E.M. Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/27/2017 02:29:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
Error: (05/27/2017 02:20:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
Error: (05/27/2017 01:44:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-6V0T8LK)
Description: Package Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (05/27/2017 01:36:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
Error: (05/27/2017 09:23:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-6V0T8LK)
Description: Package Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (05/27/2017 09:14:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
Error: (05/27/2017 12:23:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-6V0T8LK)
Description: Package Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (05/26/2017 08:52:12 PM) (Source: COM) (User: )
Description: {41FD88F7-F295-4D39-91AC-A85F3149A05B}
 
Error: (05/26/2017 08:05:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
Error: (05/26/2017 08:03:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
 
 
System errors:
=============
Error: (05/27/2017 02:38:49 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:38:49 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:31:55 PM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error: 
%%50 = The request is not supported.
 
 
Error: (05/27/2017 02:29:41 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.
 
 
Error: (05/27/2017 02:29:13 PM) (Source: Service Control Manager) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:29:11 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:29:11 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:29:11 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (05/27/2017 02:29:11 PM) (Source: Service Control Manager) (User: )
Description: The VIA Karaoke digital mixer Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/27/2017 02:29:11 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/27/2017 02:29:17 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (05/27/2017 02:20:15 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (05/27/2017 01:44:35 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-6V0T8LK)
Description: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe+App
 
Error: (05/27/2017 01:36:03 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (05/27/2017 09:23:09 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-6V0T8LK)
Description: Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App
 
Error: (05/27/2017 09:14:30 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (05/27/2017 12:23:13 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-6V0T8LK)
Description: Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe+App
 
Error: (05/26/2017 08:52:12 PM) (Source: COM)(User: )
Description: {41FD88F7-F295-4D39-91AC-A85F3149A05B}
 
Error: (05/26/2017 08:05:46 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (05/26/2017 08:03:20 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifestC:\Users\Calif\Downloads\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-05-27 14:16:42.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-05-26 22:44:00.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:43:59.588
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:43:59.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:43:59.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:43:58.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:26:17.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\WinMetadata\Windows.Graphics.winmd because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:26:17.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:26:16.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-05-26 22:26:16.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
ASTRO Command Center (HKLM-x32\...\{6D878A69-A6B5-4076-8D24-A57B72AADDA8}) (Version: 1.0.126 - Astro Gaming)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Corsair Utility Engine (HKLM-x32\...\{D1A3ECB3-18F1-4EB2-9C1B-A83DE1D16976}) (Version: 2.10.71 - Corsair)
DC Universe Online (HKLM\...\Steam App 24200) (Version:  - Daybreak Game Company)
DC Universe Online Live (HKCU\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
DRAGON BALL XENOVERSE 2 (HKLM\...\Steam App 454650) (Version:  - QLOC)
En Masse Launcher (HKLM-x32\...\{5d5e6f2b-6c03-4f96-8cd7-c16318764bc8}_is1) (Version: 1.0 - En Masse Entertainment)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Monitor Webcam Driver (1.01.02.0804)   (HKLM\...\Creative OA002) (Version:  - )
Mozilla Firefox 53.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 53.0.3 (x64 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.02 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.02 - ROCCAT GmbH)
Send Anywhere (HKLM-x32\...\{4C09F722-410A-481D-A488-D56FBE34334F}_is1) (Version: 3.2.22 - Estmob Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 12.0.0.14 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.5.0.0 - Zenimax Online Studios)
The Elder Scrolls Online: Tamriel Unlimited (HKLM\...\Steam App 306130) (Version:  - Zenimax Online Studios)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 35%
Total physical RAM: 8156.68 MB
Available physical RAM: 5265.8 MB
Total Virtual: 10076.68 MB
Available Virtual: 6892.22 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:930.12 GB) (Free:340.84 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-6V0T8LK
 
Administrator            DefaultAccount           Guest                    
Phantom                  
 
 
**** End of log ****
 


#9 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 PM

Posted 27 May 2017 - 05:34 PM

Uninstall these programs:

NVIDIA GeForce Experience 3.6.0.74

qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Do not reinstall Hover Zoom....it is spyware and adware.

 

Post the TWO lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 JayG93

JayG93
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 27 May 2017 - 05:52 PM

Uninstall these programs:

NVIDIA GeForce Experience 3.6.0.74

qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Do not reinstall Hover Zoom....it is spyware and adware.

 

Post the TWO lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

I've uninstalled them, although even after a fresh reset without these programs installed, the problem persists. I couldn't find Google Update Helper, but I removed Hover Zoom from my chrome extensions. I also found a "Google Update" exe here C:\Program Files (x86)\Google\Update I deleted the "Update" folder.

 

Windows Startups:

 

No HKCU:Run CCleaner Monitoring Piriform Ltd Phantom "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run OneDrive Microsoft Corporation Phantom "C:\Users\Calif\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
No HKCU:Run SendAnywhere Estmob Inc. Phantom "C:\Program Files (x86)\Send Anywhere\sendanywhere.exe" --tray
Yes HKCU:Run Steam Valve Corporation Phantom "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKLM:Run Corsair Utility Engine Corsair Components, Inc. All users "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
Yes HKLM:Run Razer Synapse Razer Inc. All users "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
Yes HKLM:Run SecurityHealth Microsoft Corporation All users %ProgramFiles%\Windows Defender\MSASCuiL.exe
Yes Startup Common ROCCAT Swarm.lnk ROCCAT All users C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
 

 

Scheduled Tasks:

 

Yes Task CCleanerSkipUAC Piriform Ltd Phantom "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)

Yes Task GoogleUpdateTaskMachineCore Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine Nota Inc. Phantom "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily Nota Inc. Phantom "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation Phantom %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
 
 
I see that "GoogleUpdate.exe" is still showing up in Scheduled Tasks even after deletion. Should I disable it via CCleaner?


#11 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:22 PM

Posted 27 May 2017 - 06:18 PM

Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run OneDrive Microsoft Corporation Phantom "C:\Users\Calif\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

Yes HKCU:Run Steam Valve Corporation Phantom "C:\Program Files (x86)\Steam\steam.exe" -silent

Yes Startup Common ROCCAT Swarm.lnk ROCCAT All users C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
 
Disable these Tasks:
Yes Task GoogleUpdateTaskMachineUA Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine Nota Inc. Phantom "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily Nota Inc. Phantom "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation Phantom %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
 

Any chance you have a Linux Live OS installed on a flash drive, CD or DVD?

If not, having one would be a good check to see if the download speed problem is in Windows or elsewhere...such as the router.

 

A Puppy distro would be a good choice as it is the smallest download but still between 100 and 200 mb download. Do you have access to download

at work or a friend?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users