Computer froze up.

Corrine · April 22, 2024, 10:07:25 PM

I'm glad that finally worked and you were able to run FRST. DR M is also going to need to see FRST.txt which will be located in the same place as Addition.txt. Follow the same steps you used to copy/paste Addition.txt and post FRST.txt as a reply.

ron350 · April 22, 2024, 11:04:31 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by Ron (administrator) on DESKTOP-J4MTF94 (Dell Inc. OptiPlex 7010) (22-04-2024 14:00:24)
Running from C:\Users\Ron\Desktop\FRST64.exe
Loaded Profiles: Ron
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2917632 2016-08-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1533190171-1017924844-2528464932-1001\...\Run: [MicrosoftEdgeAutoLaunch_9D847451E3A3A387AE6EDE98F9EC1B0B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1533190171-1017924844-2528464932-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP2030PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP2030PP.DLL [65024 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP2030LM: C:\WINDOWS\system32\HP2030LM.DLL [246784 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor India Private Limited.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E61CF834-7ED9-4A64-ADDE-3BF61246ECDE} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => %ProgramFiles%\CUAssistant\culauncher.exe (No File)
Task: {ABC7C92E-59A2-45BE-98D5-54DE6A06685F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66515A92-1FDD-4A0C-88E9-7C2B3F94BC28} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0325FFC0-A947-4EFD-B43A-C2BA11098B55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13DF739B-89CB-45CF-9126-A3414219ACC4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{31e5774b-c91d-46c0-ab78-1b1e41b86a8a}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{31e5774b-c91d-46c0-ab78-1b1e41b86a8a}: [DhcpDomain] bham.rr.com

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ron\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-22]
Edge HomePage: Default -> hxxps://mail.yahoo.com/b/?.src=ym&reason=myc
Edge StartupUrls: Default -> "hxxps://mail.yahoo.com/b/?.src=ym&reason=myc"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Ron\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-04-10]
Edge Extension: (Google Docs Offline) - C:\Users\Ron\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Ron\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-18] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-22 13:54 - 2024-04-22 13:56 - 000020776 _____ C:\Users\Ron\Desktop\Addition.txt
2024-04-22 13:52 - 2024-04-22 14:01 - 000008600 _____ C:\Users\Ron\Desktop\FRST.txt
2024-04-22 13:31 - 2024-04-22 13:32 - 002394112 _____ (Farbar) C:\Users\Ron\Desktop\FRST64.exe
2024-04-22 13:10 - 2024-04-22 13:10 - 008790880 _____ (Malwarebytes) C:\Users\Ron\Desktop\adwcleaner(1).exe
2024-04-22 13:02 - 2024-04-22 13:04 - 000000000 ____D C:\AdwCleaner
2024-04-22 12:03 - 2024-04-22 12:03 - 002394112 _____ (Farbar) C:\Users\Ron\Downloads\Unconfirmed 186212.crdownload.crdownload.crdownload.crdownload
2024-04-22 12:00 - 2024-04-22 12:00 - 002394112 _____ (Farbar) C:\Users\Ron\Downloads\Unconfirmed 186212.crdownload.crdownload.crdownload
2024-04-22 11:23 - 2024-04-22 11:23 - 000000000 ____D C:\Users\Ron\AppData\Local\D3DSCache
2024-04-22 11:05 - 2024-04-22 11:05 - 002394112 _____ (Farbar) C:\Users\Ron\Downloads\FRST.exe.crdownload
2024-04-21 11:58 - 2024-04-21 11:58 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2024-04-21 10:48 - 2024-04-21 10:51 - 000000000 ___HD C:\$WinREAgent
2024-04-20 12:17 - 2024-04-22 14:00 - 000000000 ____D C:\FRST
2024-04-09 20:16 - 2024-04-09 20:16 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-09 20:15 - 2024-04-09 20:15 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-22 13:11 - 2023-05-09 18:29 - 000000000 ____D C:\Users\Ron\AppData\Local\Malwarebytes
2024-04-22 12:48 - 2022-02-15 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-22 12:06 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-22 08:33 - 2018-04-10 22:14 - 000000000 __SHD C:\Users\Ron\IntelGraphicsProfiles
2024-04-21 21:37 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-21 11:17 - 2022-10-02 20:05 - 000000000 ____D C:\Users\Ron\AppData\LocalLow\IGDump
2024-04-21 10:35 - 2018-04-10 22:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-21 08:53 - 2022-02-05 17:01 - 000000000 ____D C:\Users\Ron\AppData\Local\CrashDumps
2024-04-20 17:27 - 2022-02-15 18:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-20 17:27 - 2022-02-15 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-20 17:27 - 2019-12-07 04:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-04-20 17:20 - 2022-02-15 16:10 - 000000000 ____D C:\Users\Ron
2024-04-20 17:19 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-04-20 17:17 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-20 17:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-20 17:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\registration
2024-04-20 17:13 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-20 11:38 - 2022-02-15 18:01 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1533190171-1017924844-2528464932-1001
2024-04-20 11:38 - 2022-02-15 18:01 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1533190171-1017924844-2528464932-1001
2024-04-20 11:38 - 2022-02-15 16:10 - 000002384 _____ C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-20 11:12 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-04-19 18:06 - 2022-02-15 17:59 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-19 07:19 - 2022-02-15 12:23 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-19 07:19 - 2022-02-15 12:23 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-18 18:35 - 2022-02-15 18:05 - 000000000 ____D C:\ProgramData\Packages
2024-04-11 05:08 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-10 12:34 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-10 12:30 - 2022-02-15 17:47 - 000259496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-10 12:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-10 12:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-10 12:28 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-10 12:27 - 2023-12-13 12:30 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-10 12:27 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-10 12:27 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-10 12:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-10 12:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-10 12:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-10 12:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-09 20:21 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-09 20:15 - 2022-02-15 17:51 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-09 19:22 - 2022-01-31 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-09 19:21 - 2022-01-31 23:16 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-04 18:55 - 2023-08-20 21:56 - 000000427 _____ C:\Users\Ron\Documents\Hairpin Puller.txt
2024-04-04 08:45 - 2022-02-15 18:01 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 08:45 - 2022-02-15 18:01 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-28 08:27 - 2018-04-10 22:15 - 000000000 ____D C:\Users\Ron\AppData\Local\Packages

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

DR M · April 24, 2024, 03:25:15 PM

Hi, Ron.

You fought to download FRST tool and post the logs, but it worth it, because now you know that your system is clean.

There is some maintenance we can do, though. Also, we need to remove the restriction you have on Windows updates.

1. Question about Malwarebytes

Do you have the Premium version or the free one?

2. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Code (auto:0) Select

Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {E61CF834-7ED9-4A64-ADDE-3BF61246ECDE} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => %ProgramFiles%\CUAssistant\culauncher.exe  (No File)
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::

Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt on your Desktop.
Post the log in your next reply.

In your next reply please post:

1. Your reply about Malwarebytes
2. The fixlog.txt

ron350 · April 24, 2024, 05:04:02 PM

I am sorry about all the trouble.

Corrine helped me acquire a lifetime version of Malwarebytes.

ron350 · April 24, 2024, 05:14:30 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by Ron (24-04-2024 10:48:48) Run:1
Running from C:\Users\Ron\Desktop
Loaded Profiles: Ron
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {E61CF834-7ED9-4A64-ADDE-3BF61246ECDE} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => %ProgramFiles%\CUAssistant\culauncher.exe (No File)
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E61CF834-7ED9-4A64-ADDE-3BF61246ECDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E61CF834-7ED9-4A64-ADDE-3BF61246ECDE}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CUAssistant\CULauncher" => removed successfully

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.19041.3636

Image Version: 10.0.19045.4291

[== 3.8% ]

[== 3.8% ]

[== 4.0% ]

[== 4.4% ]

[== 4.5% ]

[== 4.7% ]

[== 4.8% ]

[== 4.9% ]

[== 5.1% ]

[=== 5.3% ]

[=== 5.4% ]

[=== 5.6% ]

[=== 5.8% ]

[=== 5.9% ]

[=== 6.0% ]

[=== 6.3% ]

[=== 6.6% ]

[=== 6.8% ]

[==== 7.0% ]

[==== 7.2% ]

[==== 7.4% ]

[==== 7.5% ]

[==== 7.8% ]

[==== 7.9% ]

[==== 8.2% ]

[==== 8.5% ]

[===== 8.8% ]

[===== 9.1% ]

[===== 9.2% ]

[===== 9.4% ]

[===== 9.7% ]

[===== 9.8% ]

[===== 9.8% ]

[===== 10.0% ]

[===== 10.1% ]

[===== 10.2% ]

[===== 10.3% ]

[====== 10.5% ]

[====== 10.6% ]

[====== 10.9% ]

[====== 11.2% ]

[====== 11.4% ]

[====== 11.6% ]

[====== 11.8% ]

[====== 11.9% ]

[======= 12.2% ]

[======= 12.5% ]

[======= 12.8% ]

[======= 13.0% ]

[======= 13.2% ]

[======= 13.3% ]

[======= 13.5% ]

[======= 13.7% ]

[======== 14.0% ]

[======== 14.0% ]

[======== 14.3% ]

[======== 14.6% ]

[======== 14.9% ]

[======== 15.2% ]

[======== 15.4% ]

[========= 15.7% ]

[========= 15.9% ]

[========= 16.0% ]

[========= 16.2% ]

[========= 16.4% ]

[========= 16.6% ]

[========= 16.8% ]

[========= 17.1% ]

[========== 17.4% ]

[========== 17.7% ]

[========== 17.9% ]

[========== 18.2% ]

[========== 18.3% ]

[========== 18.6% ]

[========== 18.8% ]

[=========== 19.0% ]

[=========== 19.1% ]

[=========== 19.2% ]

[=========== 19.4% ]

[=========== 19.5% ]

[=========== 19.8% ]

[=========== 19.9% ]

[=========== 20.1% ]

[=========== 20.3% ]

[=========== 20.5% ]

[============ 20.8% ]

[============ 20.9% ]

[============ 20.9% ]

[============ 20.9% ]

[============ 21.0% ]

[============ 21.0% ]

[============ 21.0% ]

[============ 21.0% ]

[============ 21.0% ]

[============ 21.1% ]

[============ 21.1% ]

[============ 21.1% ]

[============ 21.1% ]

[============ 21.1% ]

[============ 21.6% ]

[============ 21.9% ]

[============= 22.4% ]

[============= 23.2% ]

[============= 23.9% ]

[============== 24.7% ]

[============== 25.1% ]

[============== 25.5% ]

[=============== 26.0% ]

[=============== 26.6% ]

[=============== 27.3% ]

[================ 28.0% ]

[================ 28.4% ]

[================ 28.6% ]

[================ 28.8% ]

[================ 29.1% ]

[================= 29.4% ]

[================= 29.4% ]

[================= 29.7% ]

[================= 29.7% ]

[================= 29.8% ]

[================= 29.8% ]

[================= 29.9% ]

[================= 30.0% ]

[================= 30.3% ]

[================= 30.5% ]

[================= 30.8% ]

[================== 31.2% ]

[================== 31.4% ]

[================== 31.8% ]

[================== 32.2% ]

[================== 32.4% ]

[================== 32.6% ]

[=================== 33.0% ]

[=================== 33.3% ]

[=================== 33.7% ]

[=================== 33.8% ]

[=================== 34.0% ]

[=================== 34.0% ]

[=================== 34.1% ]

[=================== 34.2% ]

[==================== 34.5% ]

[==================== 34.8% ]

[==================== 35.2% ]

[==================== 35.5% ]

[==================== 35.8% ]

[==================== 36.1% ]

[===================== 36.2% ]

[===================== 36.4% ]

[===================== 36.4% ]

[===================== 36.5% ]

[===================== 36.9% ]

[===================== 37.1% ]

[===================== 37.4% ]

[===================== 37.4% ]

[===================== 37.7% ]

[===================== 37.9% ]

[====================== 38.0% ]

[====================== 38.0% ]

[====================== 38.1% ]

[====================== 38.1% ]

[====================== 38.5% ]

[====================== 38.6% ]

[====================== 38.9% ]

[====================== 39.2% ]

[====================== 39.4% ]

[======================= 39.8% ]

[======================= 39.8% ]

[======================= 39.9% ]

[======================= 40.0% ]

[======================= 40.1% ]

[======================= 40.2% ]

[======================= 40.4% ]

[======================= 40.5% ]

[======================= 40.8% ]

[======================= 41.2% ]

[======================== 41.4% ]

[======================== 41.6% ]

[======================== 41.7% ]

[======================== 41.9% ]

[======================== 42.0% ]

[======================== 42.3% ]

[======================== 42.3% ]

[======================== 42.6% ]

[======================== 42.6% ]

[======================== 42.8% ]

[======================== 42.8% ]

[======================== 42.9% ]

[======================== 42.9% ]

[======================== 42.9% ]

[======================== 43.0% ]

[======================== 43.1% ]

[======================== 43.1% ]

[========================= 43.2% ]

[========================= 43.3% ]

[========================= 43.4% ]

[========================= 43.5% ]

[========================= 43.6% ]

[========================= 43.7% ]

[========================= 43.8% ]

[========================= 43.8% ]

[========================= 43.9% ]

[========================= 44.0% ]

[========================= 44.0% ]

[========================= 44.1% ]

[========================= 44.2% ]

[========================= 44.4% ]

[========================= 44.5% ]

[========================= 44.6% ]

[========================= 44.6% ]

[========================== 44.8% ]

[========================== 44.8% ]

[========================== 44.9% ]

[========================== 45.0% ]

[========================== 45.0% ]

[========================== 45.1% ]

[========================== 45.1% ]

[========================== 45.2% ]

[========================== 45.2% ]

[========================== 45.3% ]

[========================== 45.4% ]

[========================== 45.4% ]

[========================== 45.5% ]

[========================== 45.6% ]

[========================== 45.7% ]

[========================== 45.8% ]

[========================== 45.8% ]

[========================== 45.9% ]

[========================== 46.0% ]

[========================== 46.2% ]

[========================== 46.2% ]

[========================== 46.3% ]

[========================== 46.3% ]

[========================== 46.5% ]

[========================== 46.5% ]

[===========================46.6% ]

[===========================46.6% ]

[===========================46.6% ]

[===========================46.6% ]

[===========================46.7% ]

[===========================46.7% ]

[===========================46.9% ]

[===========================47.0% ]

[===========================47.2% ]

[===========================47.4% ]

[===========================47.5% ]

[===========================47.6% ]

[===========================47.8% ]

[===========================47.9% ]

[===========================48.1% ]

[===========================48.2% ]

[===========================48.2% ]

[===========================48.2% ]

[===========================48.4% ]

[===========================48.5% ]

[===========================48.8% ]

[===========================49.0% ]

[===========================49.1% ]

[===========================49.1% ]

[===========================49.3% ]

[===========================49.5% ]

[===========================49.7% ]

[===========================49.7% ]

[===========================50.0% ]

[===========================50.2% ]

[===========================50.6% ]

[===========================50.6% ]

[===========================50.7% ]

[===========================50.9% ]

[===========================51.0% ]

[===========================51.5% ]

[===========================52.0% ]

[===========================52.4% ]

[===========================52.9% ]

[===========================53.3% ]

[===========================53.6% ]

[===========================53.9% ]

[===========================54.1% ]

[===========================54.4% ]

[===========================54.4% ]

[===========================54.6% ]

[===========================54.6% ]

[===========================54.6% ]

[===========================54.6% ]

[===========================54.7% ]

[===========================54.7% ]

[===========================54.7% ]

[===========================54.8% ]

[===========================54.9% ]

[===========================54.9% ]

[===========================54.9% ]

[===========================54.9% ]

[===========================55.0% ]

[===========================55.0% ]

[===========================55.0% ]

[===========================55.0% ]

[===========================55.0% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.3% ]

[===========================55.3% ]

[===========================55.4% ]

[===========================55.4% ]

[===========================55.4% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.6% ]

[===========================55.6% ]

[===========================55.6% ]

[===========================55.7% ]

[===========================55.7% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================56.0% ]

[===========================56.0% ]

[===========================56.0% ]

[===========================56.1% ]

[===========================56.1% ]

[===========================56.1% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.3% ]

[===========================56.3% ]

[===========================56.3% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.6% ]

[===========================56.6% ]

[===========================56.6% ]

[===========================56.6% ]

[===========================56.7% ]

[===========================56.7% ]

[===========================56.7% ]

[===========================56.7% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.9%= ]

[===========================56.9%= ]

[===========================57.0%= ]

[===========================57.0%= ]

[===========================57.0%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.2%= ]

[===========================57.3%= ]

[===========================57.3%= ]

[===========================57.3%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.5%= ]

[===========================57.5%= ]

[===========================57.5%= ]

[===========================57.5%= ]

[===========================57.6%= ]

[===========================57.6%= ]

[===========================57.6%= ]

[===========================57.7%= ]

[===========================57.7%= ]

[===========================57.7%= ]

[===========================57.8%= ]

[===========================57.8%= ]

[===========================57.8%= ]

[===========================57.8%= ]

[===========================57.9%= ]

[===========================57.9%= ]

[===========================57.9%= ]

[===========================57.9%= ]

[===========================58.0%= ]

[===========================58.0%= ]

[===========================58.1%= ]

[===========================58.2%= ]

[===========================58.3%= ]

[===========================58.3%= ]

[===========================58.3%= ]

[===========================58.4%= ]

[===========================58.6%= ]

[===========================58.6%== ]

[===========================58.9%== ]

[===========================59.2%== ]

[===========================59.7%== ]

[===========================59.8%== ]

[===========================59.8%== ]

[===========================62.3%==== ]

[===========================77.4%============ ]

[===========================84.9%================= ]

[==========================100.0%==========================]

Error: 0x800f081f

The source files could not be found.
Use the "Source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source location, see https://go.microsoft.com/fwlink/?LinkId=243077.

The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log

========= End of CMD: =========

========= SFC /scannow =========

Beginning system scan. This process will take some time.

There is a system repair pending which requires reboot to complete. Restart

Windows and run sfc again.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45265715 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 438824369 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1254960 B
NetworkService => 1568114 B
Ron => 1420834539 B

RecycleBin => 80135028 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:26:58 ====

ron350 · April 24, 2024, 05:22:42 PM

This my version of Malwarebytes

DR M · April 24, 2024, 05:42:30 PM

No trouble at all, and you are very welcome.

SFC didn't run via FRST. Let's do it using another way.

Click on the Start button and in the search box, type Command Prompt
When you see Command Prompt on the list, right-click on it and select Run as administrator
Enter the command below and press on Enter

Code (auto:0) Select

sfc /scannow

Let the scan finish.
You will normally get one of the following results:

Code (auto:0) Select

Windows Resource Protection did not find any integrity violations
Windows Resource Protection found corrupt files and successfully repaired them
Windows Resource Protection found corrupt files but was unable to fix some of them
Windows Resource Protection could not perform the requested operation

Please post the result you got (a screenshot).

ron350 · April 24, 2024, 08:46:49 PM

Well that was worth a shot but it says i am not the Administrator.
I don't have to log in when i turn this computer on.

Corrine · April 24, 2024, 10:04:25 PM

Hi, Ron.

There are two ways to enable the Administrator account in Windows 10. Fortunately, I can point you to illustrated instructions by someone I've known online and as a fellow former MVP. See the two methods at Enable or Disable the Built-in Administrator Account in Windows 10 by Andre Da Costa.

ron350 · April 24, 2024, 10:58:12 PM

This is what i end up with.
Why does it say system 32 i thought this was a 64 computer?

Microsoft Windows [Version 10.0.19045.4355]
(c) Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>sfc/scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\WINDOWS\system32>

DR M · April 25, 2024, 02:55:29 PM

Ron,

System32 is a system's folder. It contains important operating system files that Windows needs in order to function properly. Nothing to do with 32 or 64 bit. When you run something as administrator, it runs via system32.

The result is good.

Let's now change a Malwarebytes setting, so Windows Defender will take action as the primary antivirus, with Malwarebytes as the antimalware.

Open Malwarebytes.
Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
Code (auto:0) Select Expand
Under the title Scan Options, all the options are checked. Under the title Windows Security Center (Premium only) the option is unchecked. Under the title Potentially unwanted items all options are set to Always.
Click on the little gear to return to the main menu and close the program.

How is the computer running now? Any remaining issue/question/concern?

ron350 · April 25, 2024, 04:58:02 PM

So far there have not been any problems.

Just to make sure i followed directions all i changes was one togle.

WINDOWS SECURITY CENTER
Always register Malwarebytes in the Windows Security Center. From ON to OFF

DR M · April 25, 2024, 05:34:38 PM

Quote from: ron350 on April 25, 2024, 04:58:02 PMSo far there have not been any problems.

Just to make sure i followed directions all i changes was one togle.

WINDOWS SECURITY CENTER
Always register Malwarebytes in the Windows Security Center. From ON to OFF

Yes! That's it.

Since you have no issues, and everything is checked, rename FRST64.exe to uninstall.exe. Double click on the renamed file, so the tool and its logs delete themselves.

ron350 · April 26, 2024, 12:08:17 AM

Thanks for all the great help.

Does this forum accept donations?

DR M · April 26, 2024, 07:09:45 PM

You are very welcome, Ron!

I'm glad we could help.

As to donations, maybe Corrine can give more information.