Author Topic: Better to run Windows Repair, or better to do a reset with keep files?  (Read 184271 times)

0 Members and 1 Guest are viewing this topic.

Offline dave_jaeger

  • Newbie
  • *
  • Join Date: Sep 2017
  • Posts: 3
  • Karma: 0
    • View Profile
Here's my issue:
After what I believe was a virus, I did a simple system restore from backup. Now the OS is sluggish, shutdown takes five minutes or more and I occasionally get the "Something went wrong..." screen. (running Windows 10) Seems ever since installing Win 10 each boot, or reboot offers up a new surprise, but that's another story. My question is should I try Windows Repair first (I have the pro version), or do a reset of Win 10 with keep files, or try to restore from backup again? With each method, it seems I have do a bit of fixing afterward, sometimes it's easy and sometimes it's a real pain. I'm wondering if something in the policy manager got hammered. (I have policy manager installed into Win 10 Home.) The OS was zipping right along before the virus, or whatever it was. Which method should I try first?

My Speccy log is below:
Summary
      Operating System
         Windows 10 Home 64-bit
      CPU
         AMD Phenom II X4 955   44 °C
         Deneb 45nm Technology
      RAM
         8.00GB Dual-Channel DDR2 @ 399MHz (6-6-6-18)
      Motherboard
         MICRO-STAR INTERNATIONAL CO.LTD 785GT-E63(MS-7551) (CPU 1)   47 °C
      Graphics
         2752 (1920x1080@60Hz)
         Acer G245HQ (1920x1080@60Hz)
         4095MB NVIDIA GeForce GT 740 (EVGA)   40 °C
      Storage
         465GB Western Digital WDC WD5001AALS-00LWTA0 ATA Device (SATA)   44 °C
         1397GB Western Digital WD Elements 10B8 USB Device (USB (SATA))   37 °C
         3726GB Seagate Backup+ Desk USB Device (USB (SATA))   38 °C
         3726GB Western Digital WDC WD40 04FZWX-00GBGB0 USB Device (USB (SATA))   37 °C
         465GB asmedia ASM1053E USB Device (USB (SATA))   40 °C
         1862GB Western Digital WD My Book 1140 USB Device (USB (SATA))   38 °C
      Optical Drives
         PIONEER DVD-RW DVR-118L ATA Device
         ASUS DRW-24B1ST i ATA Device
      Audio
         Realtek High Definition Audio
Operating System
   Windows 10 Home 64-bit
   Computer type: Tablet
   Installation Date: 7/11/2017 7:28:46 PM
      Windows Security Center
         User Account Control (UAC)   Enabled
         Notify level   0 - Never Notify
         Firewall   Enabled
      Windows Update
         AutoUpdate   Not configured
      Windows Defender
         Windows Defender   Disabled
      Antivirus
            Avast Antivirus
               Antivirus   Enabled
               Virus Signature Database   Up to date
            Windows Defender
               Antivirus   Disabled
               Virus Signature Database   Up to date
      .NET Frameworks installed
         v4.7 Full
         v4.7 Client
         v3.5 SP1
         v3.0 SP2
         v2.0 SP2
      Internet Explorer
         Version   11.540.15063.0
      PowerShell
         Version   5.1.15063.0
      Java
            Java Runtime Environment
               Path   C:\Program Files (x86)\Java\jre1.8.0_121\bin\java.exe
               Version   8.0
               Update   121
               Build   13
      Environment Variables
         USERPROFILE   C:\Users\Dave
         SystemRoot   C:\WINDOWS
            User Variables
               OneDrive   C:\Users\Dave\OneDrive
               Path   C:\Users\Dave\AppData\Local\Microsoft\WindowsApps
               C:\Program Files (x86)\GmoteServer\bin\vlc
               TEMP   C:\Users\Dave\AppData\Local\Temp
               TMP   C:\Users\Dave\AppData\Local\Temp
            Machine Variables
               ADSK_CLM_WPAD_PROXY_CHECK   FALSE
               asl.log   Destination=file
               ComSpec   C:\WINDOWS\system32\cmd.exe
               INTEL_DEV_REDIST   C:\Program Files (x86)\Common Files\Intel\Shared Libraries\
               MEDIAMALL   C:\Program Files (x86)\MediaMall\
               MIC_LD_LIBRARY_PATH   %INTEL_DEV_REDIST%compiler\lib\mic
               NUMBER_OF_PROCESSORS   4
               OS   Windows_NT
               Path   %INTEL_DEV_REDIST%redist\intel64\compiler
               C:\ProgramData\Oracle\Java\javapath
               C:\WINDOWS\system32
               C:\WINDOWS
               C:\WINDOWS\System32\Wbem
               C:\WINDOWS\System32\WindowsPowerShell\v1.0\
               C:\Program Files (x86)\Calibre2\
               C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
               C:\WINDOWS\system32\wbem
               C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile
               C:\WINDOWS\system32
               C:\WINDOWS
               C:\WINDOWS\System32\Wbem
               C:\WINDOWS\System32\WindowsPowerShell\v1.0\
               PATHEXT   .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
               PROCESSOR_ARCHITECTURE   AMD64
               PROCESSOR_IDENTIFIER   AMD64 Family 16 Model 4 Stepping 3, AuthenticAMD
               PROCESSOR_LEVEL   16
               PROCESSOR_REVISION   0403
               PSModulePath   %ProgramFiles%\WindowsPowerShell\Modules
               C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
               TEMP   C:\WINDOWS\TEMP
               TMP   C:\WINDOWS\TEMP
               USERNAME   SYSTEM
               windir   C:\WINDOWS
      Power Profile
         Active power scheme   High performance
         Hibernation   Enabled
         Turn Off Monitor after: (On AC Power)   15 min
         Turn Off Hard Disk after: (On AC Power)   20 min
         Suspend after: (On AC Power)   Never
         Screen saver   Disabled
      Uptime
            Current Session
               Current Time   9/6/2017 1:54:26 PM
               Current Uptime   88,828 sec (1 d, 00 h, 40 m, 28 s)
               Last Boot Time   9/5/2017 1:13:58 PM
      Services
         Running   Adobe Acrobat Update Service
         Running   Adobe Genuine Software Integrity Service
         Running   AdobeUpdateService
         Running   Apple Mobile Device Service
         Running   Application Host Helper Service
         Running   Application Information
         Running   aswbIDSAgent
         Running   Autodesk Desktop App Service
         Running   Avast Antivirus
         Running   Background Tasks Infrastructure Service
         Running   Base Filtering Engine
         Running   BlueSoleilCS
         Running   Bonjour Service
         Running   BsHelpCS
         Running   Chrome Remote Desktop Service
         Running   CNG Key Isolation
         Running   COM+ Event System
         Running   Computer Browser
         Running   Connected Devices Platform Service
         Running   Connected Devices Platform User Service_4777cf0
         Running   Contact Data_4777cf0
         Running   CoreMessaging
         Running   Credential Manager
         Running   Cryptographic Services
         Running   Data Sharing Service
         Running   Data Usage
         Running   DbxSvc
         Running   DCOM Server Process Launcher
         Running   Delivery Optimization
         Running   Device Association Service
         Running   DHCP Client
         Running   Diagnostic Policy Service
         Running   Diagnostic Service Host
         Running   Diagnostic System Host
         Running   Distributed Link Tracking Client
         Running   DNS Client
         Running   Encrypting File System (EFS)
         Running   Function Discovery Provider Host
         Running   Function Discovery Resource Publication
         Running   Geolocation Service
         Running   GlassWire Control Service
         Running   HomeGroup Provider
         Running   Human Interface Device Service
         Running   IIS Admin Service
         Running   IKE and AuthIP IPsec Keying Modules
         Running   Internet Off Service
         Running   IP Helper
         Running   IPsec Policy Agent
         Running   Local Session Manager
         Running   MediaMall Server
         Running   Microsoft Account Sign-in Assistant
         Running   Microsoft FTP Service
         Running   Microsoft Office Click-to-Run Service
         Running   Microsoft Passport
         Running   Microsoft Passport Container
         Running   Network Connected Devices Auto-Setup
         Running   Network Connection Broker
         Running   Network Connections
         Running   Network List Service
         Running   Network Location Awareness
         Running   Network Store Interface Service
         Running   NVIDIA Display Container LS
         Running   NVIDIA LocalSystem Container
         Running   NVIDIA Telemetry Container
         Running   Peer Name Resolution Protocol
         Running   Peer Networking Identity Manager
         Running   Plex Update Service
         Running   Plug and Play
         Running   Power
         Running   Print Spooler
         Running   Program Compatibility Assistant Service
         Running   Quality Windows Audio Video Experience
         Running   Remote Procedure Call (RPC)
         Running   RPC Endpoint Mapper
         Running   Sandboxie Service
         Running   Secondary Logon
         Running   Security Accounts Manager
         Running   Security Center
         Running   Sensor Service
         Running   Server
         Running   Shell Hardware Detection
         Running   Splashtop Remote Service
         Running   SSDP Discovery
         Running   State Repository Service
         Running   Storage Service
         Running   Sync Host_4777cf0
         Running   System Event Notification Service
         Running   System Events Broker
         Running   Task Scheduler
         Running   TCP/IP NetBIOS Helper
         Running   Themes
         Running   Tile Data model server
         Running   Time Broker
         Running   TokenBroker
         Running   Touch Keyboard and Handwriting Panel Service
         Running   Unchecky
         Running   UPnP Device Host
         Running   User Data Access_4777cf0
         Running   User Data Storage_4777cf0
         Running   User Manager
         Running   User Profile Service
         Running   VPN Unlimited Service
         Running   Windows Audio
         Running   Windows Audio Endpoint Builder
         Running   Windows Backup
         Running   Windows Connection Manager
         Running   Windows Defender Security Center Service
         Running   Windows Driver Foundation - User-mode Driver Framework
         Running   Windows Event Log
         Running   Windows Firewall
         Running   Windows Font Cache Service
         Running   Windows Image Acquisition (WIA)
         Running   Windows License Manager Service
         Running   Windows Management Instrumentation
         Running   Windows Process Activation Service
         Running   Windows Push Notifications System Service
         Running   Windows Push Notifications User Service_4777cf0
         Running   Windows Search
         Running   Windows Time
         Running   Windows Update
         Running   WinHTTP Web Proxy Auto-Discovery Service
         Running   WLAN AutoConfig
         Running   WMI Performance Adapter
         Running   Workstation
         Running   World Wide Web Publishing Service
         Stopped   ABBYY FineReader 12 PE Licensing Service
         Stopped   ActiveX Installer (AxInstSV)
         Stopped   Adobe Flash Player Update Service
         Stopped   AllJoyn Router Service
         Stopped   AOMEI Backupper Scheduler Service
         Stopped   App Readiness
         Stopped   Application Identity
         Stopped   Application Layer Gateway Service
         Stopped   AppX Deployment Service (AppXSVC)
         Stopped   ASP.NET State Service
         Stopped   Auto Time Zone Updater
         Stopped   Background Intelligent Transfer Service
         Stopped   BitLocker Drive Encryption Service
         Stopped   Block Level Backup Engine Service
         Stopped   Bluetooth Handsfree Service
         Stopped   Bluetooth Support Service
         Stopped   Certificate Propagation
         Stopped   Client License Service (ClipSVC)
         Stopped   COM+ System Application
         Stopped   Connected User Experiences and Telemetry
         Stopped   debugregsvc
         Stopped   Developer Tools Service
         Stopped   Device Install Service
         Stopped   Device Management Enrollment Service
         Stopped   Device Setup Manager
         Stopped   DevicesFlow_4777cf0
         Stopped   DevQuery Background Discovery Broker
         Stopped   Distributed Transaction Coordinator
         Stopped   dmwappushsvc
         Stopped   Downloaded Maps Manager
         Stopped   Dropbox Update Service (dbupdate)
         Stopped   Dropbox Update Service (dbupdatem)
         Stopped   Embedded Mode
         Stopped   Enterprise App Management Service
         Stopped   Extensible Authentication Protocol
         Stopped   Fax
         Stopped   File History Service
         Stopped   FlexNet Licensing Service 64
         Stopped   Garmin Device Interaction Service
         Stopped   Google Update Service (gupdate)
         Stopped   Google Update Service (gupdatem)
         Stopped   Group Policy Client
         Stopped   HomeGroup Listener
         Stopped   HV Host Service
         Stopped   Hyper-V Data Exchange Service
         Stopped   Hyper-V Guest Service Interface
         Stopped   Hyper-V Guest Shutdown Service
         Stopped   Hyper-V Heartbeat Service
         Stopped   Hyper-V PowerShell Direct Service
         Stopped   Hyper-V Remote Desktop Virtualization Service
         Stopped   Hyper-V Time Synchronization Service
         Stopped   Hyper-V Volume Shadow Copy Requestor
         Stopped   Infrared monitor service
         Stopped   Interactive Services Detection
         Stopped   Internet Connection Sharing (ICS)
         Stopped   IP Translation Configuration Service
         Stopped   iPod Service
         Stopped   KtmRm for Distributed Transaction Coordinator
         Stopped   Link-Layer Topology Discovery Mapper
         Stopped   LPA Service
         Stopped   LxssManager
         Stopped   MessagingService_4777cf0
         Stopped   Microsoft Diagnostics Hub Standard Collector Service
         Stopped   Microsoft iSCSI Initiator Service
         Stopped   Microsoft Software Shadow Copy Provider
         Stopped   Microsoft Storage Spaces SMP
         Stopped   Microsoft Windows SMS Router Service.
         Stopped   Mozilla Maintenance Service
         Stopped   Natural Authentication
         Stopped   Net.Tcp Port Sharing Service
         Stopped   Netlogon
         Stopped   Network Connectivity Assistant
         Stopped   Network Setup Service
         Stopped   NVIDIA NetworkService Container
         Stopped   Office 64 Source Engine
         Stopped   Optimize drives
         Stopped   Payments and NFC/SE Manager
         Stopped   Peer Networking Grouping
         Stopped   Performance Counter DLL Host
         Stopped   Performance Logs & Alerts
         Stopped   Phone Service
         Stopped   PNRP Machine Name Publication Service
         Stopped   Portable Device Enumerator Service
         Stopped   Printer Extensions and Notifications
         Stopped   Problem Reports and Solutions Control Panel Support
         Stopped   Radio Management Service
         Stopped   Remote Access Auto Connection Manager
         Stopped   Remote Access Connection Manager
         Stopped   Remote Desktop Configuration
         Stopped   Remote Desktop Services
         Stopped   Remote Desktop Services UserMode Port Redirector
         Stopped   Remote Packet Capture Protocol v.0 (experimental)
         Stopped   Remote Procedure Call (RPC) Locator
         Stopped   Remote Registry
         Stopped   Retail Demo Service
         Stopped   Routing and Remote Access
         Stopped   Secure Socket Tunneling Protocol Service
         Stopped   Sensor Data Service
         Stopped   Sensor Monitoring Service
         Stopped   Shared PC Account Manager
         Stopped   Smart Card
         Stopped   Smart Card Device Enumeration Service
         Stopped   Smart Card Removal Policy
         Stopped   SNMP Trap
         Stopped   Software Protection
         Stopped   Spot Verifier
         Stopped   SSH Server Broker
         Stopped   SSH Server Proxy
         Stopped   Still Image Acquisition Events
         Stopped   Storage Tiers Management
         Stopped   Superfetch
         Stopped   System Explorer Service
         Stopped   TeamViewer 12
         Stopped   Telephony
         Stopped   Update Orchestrator Service
         Stopped   Virtual Disk
         Stopped   Volume Shadow Copy
         Stopped   W3C Logging Service
         Stopped   WalletService
         Stopped   Web Management
         Stopped   Web Management Service
         Stopped   WebClient
         Stopped   Wi-Fi Direct Services Connection Manager Service
         Stopped   Windows Biometric Service
         Stopped   Windows Camera Frame Server
         Stopped   Windows Connect Now - Config Registrar
         Stopped   Windows Defender Antivirus Network Inspection Service
         Stopped   Windows Defender Antivirus Service
         Stopped   Windows Encryption Provider Host Service
         Stopped   Windows Error Reporting Service
         Stopped   Windows Event Collector
         Stopped   Windows Insider Service
         Stopped   Windows Installer
         Stopped   Windows Media Player Network Sharing Service
         Stopped   Windows Mobile Hotspot Service
         Stopped   Windows Modules Installer
         Stopped   Windows Perception Service
         Stopped   Windows Presentation Foundation Font Cache 3.0.0.0
         Stopped   Windows Remote Management (WS-Management)
         Stopped   Wired AutoConfig
         Stopped   Work Folders
         Stopped   WWAN AutoConfig
         Stopped   Xbox Accessory Management Service
         Stopped   Xbox Game Monitoring
         Stopped   Xbox Live Auth Manager
         Stopped   Xbox Live Game Save
         Stopped   Xbox Live Networking Service
      TimeZone
         TimeZone   GMT -8:00 Hours
         Language   English (United States)
         Location   United States
         Format   English (United States)
         Currency   $
         Date Format   M/d/yyyy
         Time Format   h:mm:ss tt
      Scheduler
         9/6/2017 1:50 PM;   HPCustParticipation HP Officejet Pro 8620
         9/6/2017 1:50 PM;   GoogleUpdateTaskMachineUA
         9/6/2017 1:57 PM;   Adobe Flash Player Updater
         9/6/2017 2:13 PM;   GoogleUpdateTaskUserS-1-5-21-805796551-2877709788-167495849-1001UA
         9/6/2017 2:16 PM;   DropboxUpdateTaskMachineUA
         9/6/2017 5:13 PM;   GoogleUpdateTaskUserS-1-5-21-805796551-2877709788-167495849-1001Core
         9/6/2017 5:39 PM;   SafeZone scheduled Autoupdate 1481223928
         9/7/2017 2:00 AM;   Adobe Acrobat Update Task
         9/7/2017 2:11 AM;   GarminUpdaterTask
         9/7/2017 3:50 AM;   GoogleUpdateTaskMachineCore
         9/7/2017 9:16 AM;   DropboxUpdateTaskMachineCore
         9/7/2017 10:38 AM;   Opera scheduled Autoupdate 1484591018
         9/7/2017 8:05 PM;   OneDrive Standalone Update Task-S-1-5-21-805796551-2877709788-167495849-1001
         9/8/2017 5:10 PM;   Adobe Flash Player PPAPI Notifier
         9/12/2017 3:14 PM;   Red Giant Link
         CCleanerSkipUAC
         CreateExplorerShellUnelevatedTask
         IObitSelfCheckTask
         MasterSeeker.UACBypass.47968b56bf088fc73896d2e2402e8b8b
         MasterSeeker.UACBypass.7507186413136a7eeb40ddce65c2d75a
         Open URL by RoboForm
         Process Explorer-DESKTOP-EBOILA5-Dave
         Run RoboForm TaskBar Icon
         Seagate_Install_Launch
         SmartDefrag_AutoAnalyze
         SmartDefrag_Update
         Tweaking.com - Windows Repair Tray Icon
      Hotfixes
            Installed
                  9/4/2017  Definition Update for Windows Defender - KB2267602 (Definition 1.251.434.0)
                     Install this update to revise the definition files that are used
                     to detect viruses, spyware, and other potentially unwanted software.
                     Once you have installed this item, it cannot be removed.
                  8/8/2017  2017-08 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4034674)
                     A security issue has been identified in a Microsoft software
                     product that could affect your system. You can help protect your
                     system by installing this update from Microsoft. For a complete
                     listing of the issues that are included in this update, see the
                     associated Microsoft Knowledge Base article. After you install
                     this update, you may have to restart your system.
                  8/8/2017  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - August 2017 (KB890830)
                     After the download, this tool runs one time to check your computer
                     for infection by specific, prevalent malicious software (including
                     Blaster, Sasser, and Mydoom) and helps remove any infection that
                     is found. If an infection is found, the tool will display a status
                     report the next time that you start your computer. A new version
                     of the tool will be offered every month. If you want to manually
                     run the tool on your computer, you can download a copy from the
                     Microsoft Download Center, or you can run an online version from
                     microsoft.com. This tool is not a replacement for an antivirus
                     product. To help protect your computer, you should use an antivirus
                     product.
                  8/8/2017  2017-08 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4034662)
                     A security issue has been identified in a Microsoft software
                     product that could affect your system. You can help protect your
                     system by installing this update from Microsoft. For a complete
                     listing of the issues that are included in this update, see the
                     associated Microsoft Knowledge Base article. After you install
                     this update, you may have to restart your system.
                  8/7/2017  MediaTek Inc. - Other hardware - MediaTek USB Port
                     MediaTek Inc. Other hardware software update released in January,
                     2015
                  8/7/2017  Definition Update for Windows Defender - KB2267602 (Definition 1.249.734.0)
                     Install this update to revise the definition files that are used
                     to detect viruses, spyware, and other potentially unwanted software.
                     Once you have installed this item, it cannot be removed.
                  8/6/2017  Definition Update for Windows Defender - KB2267602 (Definition 1.249.733.0)
                     Install this update to revise the definition files that are used
                     to detect viruses, spyware, and other potentially unwanted software.
                     Once you have installed this item, it cannot be removed.
                  7/12/2017  2017-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4025376)
                     A security issue has been identified in a Microsoft software
                     product that could affect your system. You can help protect your
                     system by installing this update from Microsoft. For a complete
                     listing of the issues that are included in this update, see the
                     associated Microsoft Knowledge Base article. After you install
                     this update, you may have to restart your system.
                  7/12/2017  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - July 2017 (KB890830)
                     After the download, this tool runs one time to check your computer
                     for infection by specific, prevalent malicious software (including
                     Blaster, Sasser, and Mydoom) and helps remove any infection that
                     is found. If an infection is found, the tool will display a status
                     report the next time that you start your computer. A new version
                     of the tool will be offered every month. If you want to manually
                     run the tool on your computer, you can download a copy from the
                     Microsoft Download Center, or you can run an online version from
                     microsoft.com. This tool is not a replacement for an antivirus
                     product. To help protect your computer, you should use an antivirus
                     product.
                  7/12/2017  2017-06 Update for Windows 10 Version 1703 for x64-based Systems (KB4022405)
                     Install this update to resolve issues in Windows. For a complete
                     listing of the issues that are included in this update, see the
                     associated Microsoft Knowledge Base article for more information.
                     After you install this item, you may have to restart your computer.
            Not Installed
                  8/7/2017  Definition Update for Windows Defender - KB2267602 (Definition 1.249.762.0)
                     Installation Status   Failed
                     Install this update to revise the definition files that are used
                     to detect viruses, spyware, and other potentially unwanted software.
                     Once you have installed this item, it cannot be removed.
                  7/29/2017  Definition Update for Windows Defender - KB2267602 (Definition 1.249.380.0)
                     Installation Status   Canceled
                     Install this update to revise the definition files that are used
                     to detect viruses, spyware, and other potentially unwanted software.
                     Once you have installed this item, it cannot be removed.
      System Folders
         Application Data   C:\ProgramData
         Cookies   C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCookies
         Desktop   C:\Users\Dave\Desktop
         Documents   C:\Users\Public\Documents
         Fonts   C:\WINDOWS\Fonts
         Global Favorites   C:\Users\Dave\Favorites
         Internet History   C:\Users\Dave\AppData\Local\Microsoft\Windows\History
         Local Application Data   C:\Users\Dave\AppData\Local
         Music   C:\Users\Public\Music
         Path for burning CD   C:\Users\Dave\AppData\Local\Microsoft\Windows\Burn\Burn
         Physical Desktop   C:\Users\Dave\Desktop
         Pictures   C:\Users\Public\Pictures
         Program Files   C:\Program Files
         Public Desktop   C:\Users\Public\Desktop
         Start Menu   C:\ProgramData\Microsoft\Windows\Start Menu
         Start Menu Programs   C:\ProgramData\Microsoft\Windows\Start Menu\Programs
         Startup   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
         Templates   C:\ProgramData\Microsoft\Windows\Templates
         Temporary Internet Files   C:\Users\Dave\AppData\Local\Microsoft\Windows\INetCache
         User Favorites   C:\Users\Dave\Favorites
         Videos   C:\Users\Public\Videos
         Windows Directory   C:\WINDOWS
         Windows/System   C:\WINDOWS\system32
      Process List
            acrotray.exe
               Process ID   24340
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
               Memory Usage   17 MB
               Peak Memory Usage   22 MB
            AdAppMgrSvc.exe
               Process ID   4964
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            Adobe CEF Helper.exe
               Process ID   13664
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
               Memory Usage   58 MB
               Peak Memory Usage   103 MB
            Adobe Desktop Service.exe
               Process ID   14540
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
               Memory Usage   64 MB
               Peak Memory Usage   134 MB
            AdobeIPCBroker.exe
               Process ID   12748
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
               Memory Usage   11 MB
               Peak Memory Usage   13 MB
            AdobeUpdateService.exe
               Process ID   4940
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
               Memory Usage   8.76 MB
               Peak Memory Usage   9.11 MB
            AGSService.exe
               Process ID   4900
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
               Memory Usage   15 MB
               Peak Memory Usage   17 MB
            AppleMobileDeviceService.exe
               Process ID   4892
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
               Memory Usage   12 MB
               Peak Memory Usage   13 MB
            ApplicationFrameHost.exe
               Process ID   25136
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\ApplicationFrameHost.exe
               Memory Usage   24 MB
               Peak Memory Usage   30 MB
            appnhost.exe
               Process ID   22420
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Users\Dave\AppData\Local\Mixesoft\AppNHost\appnhost.exe
               Memory Usage   12 MB
               Peak Memory Usage   13 MB
            armsvc.exe
               Process ID   4932
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
               Memory Usage   6.56 MB
               Peak Memory Usage   6.73 MB
            aswidsagenta.exe
               Process ID   1160
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
               Memory Usage   55 MB
               Peak Memory Usage   115 MB
            audiodg.exe
               Process ID   18316
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\audiodg.exe
               Memory Usage   27 MB
               Peak Memory Usage   30 MB
            AvastSvc.exe
               Process ID   3176
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\AVAST Software\Avast\AvastSvc.exe
               Memory Usage   67 MB
               Peak Memory Usage   408 MB
            AvastUI.exe
               Process ID   21800
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\AVAST Software\Avast\AvastUI.exe
               Memory Usage   43 MB
               Peak Memory Usage   43 MB
            BlueSoleilCS.exe
               Process ID   4908
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
               Memory Usage   14 MB
               Peak Memory Usage   14 MB
            BsHelpCS.exe
               Process ID   2512
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
               Memory Usage   5.61 MB
               Peak Memory Usage   7.91 MB
            BtTray.exe
               Process ID   24060
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
               Memory Usage   22 MB
               Peak Memory Usage   22 MB
            CCLibrary.exe
               Process ID   14448
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
               Memory Usage   3.41 MB
               Peak Memory Usage   3.63 MB
            CCXProcess.exe
               Process ID   27300
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
               Memory Usage   3.36 MB
               Peak Memory Usage   3.57 MB
            chrome.exe
               Process ID   30160
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   8.21 MB
               Peak Memory Usage   76 MB
            chrome.exe
               Process ID   3660
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   109 MB
               Peak Memory Usage   291 MB
            chrome.exe
               Process ID   11652
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   8.14 MB
               Peak Memory Usage   71 MB
            chrome.exe
               Process ID   27104
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   13 MB
               Peak Memory Usage   72 MB
            chrome.exe
               Process ID   18512
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   14 MB
               Peak Memory Usage   77 MB
            chrome.exe
               Process ID   21356
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   14 MB
               Peak Memory Usage   74 MB
            chrome.exe
               Process ID   20552
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   105 MB
               Peak Memory Usage   279 MB
            chrome.exe
               Process ID   16224
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   24 MB
               Peak Memory Usage   82 MB
            chrome.exe
               Process ID   29948
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   14 MB
               Peak Memory Usage   73 MB
            chrome.exe
               Process ID   29928
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   23 MB
               Peak Memory Usage   81 MB
            chrome.exe
               Process ID   11344
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   19 MB
               Peak Memory Usage   91 MB
            chrome.exe
               Process ID   76
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   18 MB
               Peak Memory Usage   75 MB
            chrome.exe
               Process ID   15672
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   48 MB
               Peak Memory Usage   132 MB
            chrome.exe
               Process ID   5360
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   14 MB
               Peak Memory Usage   77 MB
            chrome.exe
               Process ID   24180
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   28 MB
               Peak Memory Usage   115 MB
            chrome.exe
               Process ID   17576
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   21 MB
               Peak Memory Usage   112 MB
            chrome.exe
               Process ID   984
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   17 MB
               Peak Memory Usage   81 MB
            chrome.exe
               Process ID   18132
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   268 MB
               Peak Memory Usage   332 MB
            chrome.exe
               Process ID   24288
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   158 MB
               Peak Memory Usage   160 MB
            chrome.exe
               Process ID   12520
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   51 MB
               Peak Memory Usage   98 MB
            chrome.exe
               Process ID   25696
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   131 MB
               Peak Memory Usage   398 MB
            chrome.exe
               Process ID   9780
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   14 MB
               Peak Memory Usage   77 MB
            chrome.exe
               Process ID   21576
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   8.17 MB
               Peak Memory Usage   44 MB
            chrome.exe
               Process ID   14480
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   8.17 MB
               Peak Memory Usage   45 MB
            chrome.exe
               Process ID   28936
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   75 MB
               Peak Memory Usage   171 MB
            chrome.exe
               Process ID   20388
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
               Memory Usage   105 MB
               Peak Memory Usage   356 MB
            cmd.exe
               Process ID   13436
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\cmd.exe
               Memory Usage   3.39 MB
               Peak Memory Usage   3.39 MB
            conhost.exe
               Process ID   10496
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   9.96 MB
               Peak Memory Usage   10 MB
            conhost.exe
               Process ID   11492
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   10 MB
               Peak Memory Usage   11 MB
            conhost.exe
               Process ID   28800
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   9.98 MB
               Peak Memory Usage   10 MB
            conhost.exe
               Process ID   3532
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   9.96 MB
               Peak Memory Usage   10 MB
            conhost.exe
               Process ID   12532
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   11 MB
               Peak Memory Usage   12 MB
            conhost.exe
               Process ID   24520
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   808 KB
               Peak Memory Usage   10 MB
            conhost.exe
               Process ID   14484
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\conhost.exe
               Memory Usage   8.11 MB
               Peak Memory Usage   12 MB
            CoreSync.exe
               Process ID   25416
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
               Memory Usage   37 MB
               Peak Memory Usage   39 MB
            Creative Cloud.exe
               Process ID   23492
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
               Memory Usage   46 MB
               Peak Memory Usage   87 MB
            csrss.exe
               Process ID   760
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\csrss.exe
               Memory Usage   6.16 MB
               Peak Memory Usage   7.34 MB
            csrss.exe
               Process ID   19488
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\csrss.exe
               Memory Usage   5.28 MB
               Peak Memory Usage   23 MB
            dasHost.exe
               Process ID   2844
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\dasHost.exe
               Memory Usage   20 MB
               Peak Memory Usage   22 MB
            DbxSvc.exe
               Process ID   4980
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\DbxSvc.exe
               Memory Usage   6.35 MB
               Peak Memory Usage   6.59 MB
            DesktopOK_x64.exe
               Process ID   21736
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\DesktopOK\DesktopOK_x64.exe
               Memory Usage   24 MB
               Peak Memory Usage   25 MB
            dllhost.exe
               Process ID   10140
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\dllhost.exe
               Memory Usage   10 MB
               Peak Memory Usage   12 MB
            dllhost.exe
               Process ID   28360
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\dllhost.exe
               Memory Usage   11 MB
               Peak Memory Usage   13 MB
            dllhost.exe
               Process ID   28628
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\dllhost.exe
               Memory Usage   8.50 MB
               Peak Memory Usage   8.52 MB
            Dropbox.exe
               Process ID   22480
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
               Memory Usage   8.11 MB
               Peak Memory Usage   8.42 MB
            Dropbox.exe
               Process ID   3900
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
               Memory Usage   216 MB
               Peak Memory Usage   229 MB
            Dropbox.exe
               Process ID   18692
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
               Memory Usage   7.27 MB
               Peak Memory Usage   7.65 MB
            DropboxUpdate.exe
               Process ID   2352
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
               Memory Usage   4.06 MB
               Peak Memory Usage   9.57 MB
            dwm.exe
               Process ID   27936
               User   DWM-1
               Domain   Window Manager
               Path   C:\Windows\System32\dwm.exe
               Memory Usage   53 MB
               Peak Memory Usage   60 MB
            EvernoteClipper.exe
               Process ID   22544
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            Everything.exe
               Process ID   14104
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Everything\Everything.exe
               Memory Usage   164 MB
               Peak Memory Usage   174 MB
            Everything.exe
               Process ID   16496
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Everything\Everything.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            explorer.exe
               Process ID   18460
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\explorer.exe
               Memory Usage   132 MB
               Peak Memory Usage   168 MB
            fontdrvhost.exe
               Process ID   524
               User   UMFD-0
               Domain   Font Driver Host
               Path   C:\Windows\System32\fontdrvhost.exe
               Memory Usage   16 MB
               Peak Memory Usage   19 MB
            fontdrvhost.exe
               Process ID   3092
               User   UMFD-1
               Domain   Font Driver Host
               Path   C:\Windows\System32\fontdrvhost.exe
               Memory Usage   43 MB
               Peak Memory Usage   55 MB
            GWCtlSrv.exe
               Process ID   4924
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
               Memory Usage   150 MB
               Peak Memory Usage   614 MB
            GWIdlMon.exe
               Process ID   1180
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\GlassWire\GWIdlMon.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            inetinfo.exe
               Process ID   4996
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\inetsrv\inetinfo.exe
               Memory Usage   11 MB
               Peak Memory Usage   20 MB
            InternetOff.exe
               Process ID   3736
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\InternetOff\InternetOff.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            IOffSvc.exe
               Process ID   1832
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\InternetOff\IOffSvc.exe
               Memory Usage   7.71 MB
               Peak Memory Usage   12 MB
            lsass.exe
               Process ID   988
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\lsass.exe
               Memory Usage   23 MB
               Peak Memory Usage   23 MB
            mDNSResponder.exe
               Process ID   4916
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\Bonjour\mDNSResponder.exe
               Memory Usage   6.62 MB
               Peak Memory Usage   6.80 MB
            MediaMallServer.exe
               Process ID   28428
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\MediaMall\MediaMallServer.exe
               Memory Usage   320 MB
               Peak Memory Usage   331 MB
            Memory Compression
               Process ID   6004
               User   SYSTEM
               Domain   NT AUTHORITY
               Memory Usage   216 MB
               Peak Memory Usage   241 MB
            MSASCuiL.exe
               Process ID   21680
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Windows Defender\MSASCuiL.exe
               Memory Usage   9.38 MB
               Peak Memory Usage   9.60 MB
            node.exe
               Process ID   3904
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
               Memory Usage   54 MB
               Peak Memory Usage   62 MB
            node.exe
               Process ID   9924
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
               Memory Usage   64 MB
               Peak Memory Usage   71 MB
            nvcontainer.exe
               Process ID   17740
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
               Memory Usage   28 MB
               Peak Memory Usage   55 MB
            nvcontainer.exe
               Process ID   5124
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
               Memory Usage   15 MB
               Peak Memory Usage   25 MB
            NVDisplay.Container.exe
               Process ID   2044
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
               Memory Usage   13 MB
               Peak Memory Usage   14 MB
            NVDisplay.Container.exe
               Process ID   12640
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
               Memory Usage   25 MB
               Peak Memory Usage   25 MB
            NVIDIA Web Helper.exe
               Process ID   20872
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
               Memory Usage   7.92 MB
               Peak Memory Usage   35 MB
            NvTelemetryContainer.exe
               Process ID   5132
               User   NETWORK SERVICE
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            nvtray.exe
               Process ID   9536
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            OfficeClickToRun.exe
               Process ID   16340
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
               Memory Usage   33 MB
               Peak Memory Usage   88 MB
            OneDrive.exe
               Process ID   19592
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Users\Dave\AppData\Local\Microsoft\OneDrive\OneDrive.exe
               Memory Usage   47 MB
               Peak Memory Usage   58 MB
            Plex DLNA Server.exe
               Process ID   2152
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
               Memory Usage   15 MB
               Peak Memory Usage   15 MB
            Plex Media Server.exe
               Process ID   7020
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
               Memory Usage   43 MB
               Peak Memory Usage   50 MB
            Plex Tuner Service.exe
               Process ID   29268
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
               Memory Usage   10.00 MB
               Peak Memory Usage   10 MB
            Plex Update Service.exe
               Process ID   5872
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
               Memory Usage   8.16 MB
               Peak Memory Usage   8.57 MB
            PlexScriptHost.exe
               Process ID   26724
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
               Memory Usage   35 MB
               Peak Memory Usage   35 MB
            procexp64.exe
               Process ID   19404
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Process Explorer\procexp64.exe
               Memory Usage   19 MB
               Peak Memory Usage   22 MB
            RAVCpl64.exe
               Process ID   20396
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
               Memory Usage   14 MB
               Peak Memory Usage   15 MB
            RemindersServer.exe
               Process ID   10488
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
               Memory Usage   18 MB
               Peak Memory Usage   23 MB
            remoting_host.exe
               Process ID   5688
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
               Memory Usage   9.90 MB
               Peak Memory Usage   10 MB
            remoting_host.exe
               Process ID   3548
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
               Memory Usage   13 MB
               Peak Memory Usage   15 MB
            Repair_Windows.exe
               Process ID   1416
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe
               Memory Usage   8.16 MB
               Peak Memory Usage   45 MB
            rf-chrome-nm-host.exe
               Process ID   28432
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
               Memory Usage   16 MB
               Peak Memory Usage   30 MB
            robotaskbaricon.exe
               Process ID   22000
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
               Memory Usage   40 MB
               Peak Memory Usage   41 MB
            RuntimeBroker.exe
               Process ID   11784
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\RuntimeBroker.exe
               Memory Usage   49 MB
               Peak Memory Usage   75 MB
            SbieSvc.exe
               Process ID   2912
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files\Sandboxie\SbieSvc.exe
               Memory Usage   6.25 MB
               Peak Memory Usage   6.76 MB
            SearchFilterHost.exe
               Process ID   13844
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\SearchFilterHost.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            SearchIndexer.exe
               Process ID   5800
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\SearchIndexer.exe
               Memory Usage   54 MB
               Peak Memory Usage   105 MB
            SearchProtocolHost.exe
               Process ID   18288
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\SearchProtocolHost.exe
               Memory Usage   20 MB
               Peak Memory Usage   20 MB
            SearchUI.exe
               Process ID   27512
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
               Memory Usage   86 MB
               Peak Memory Usage   216 MB
            SecurityHealthService.exe
               Process ID   5784
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\SecurityHealthService.exe
               Memory Usage   13 MB
               Peak Memory Usage   13 MB
            services.exe
               Process ID   940
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\services.exe
               Memory Usage   11 MB
               Peak Memory Usage   11 MB
            SettingSyncHost.exe
               Process ID   19916
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\SettingSyncHost.exe
               Memory Usage   5.86 MB
               Peak Memory Usage   14 MB
            ShellExperienceHost.exe
               Process ID   17744
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
               Memory Usage   46 MB
               Peak Memory Usage   80 MB
            sihost.exe
               Process ID   17624
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\sihost.exe
               Memory Usage   27 MB
               Peak Memory Usage   28 MB
            smss.exe
               Process ID   480
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\smss.exe
               Memory Usage   1.17 MB
               Peak Memory Usage   1.18 MB
            Speccy64.exe
               Process ID   16680
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Program Files\Speccy\Speccy64.exe
               Memory Usage   30 MB
               Peak Memory Usage   31 MB
            SpeechRuntime.exe
               Process ID   21436
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
               Memory Usage   42 MB
               Peak Memory Usage   61 MB
            spoolsv.exe
               Process ID   4308
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\spoolsv.exe
               Memory Usage   23 MB
               Peak Memory Usage   24 MB
            SpotifyWebHelper.exe
               Process ID   22592
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Users\Dave\AppData\Roaming\Spotify\SpotifyWebHelper.exe
               Memory Usage   7.95 MB
               Peak Memory Usage   8.24 MB
            spsetup131.exe
               Process ID   21288
               User   Dave
               Domain   DESKTOP-EBOILA5
               Path   C:\Users\Dave\Downloads\spsetup131.exe
               Memory Usage   35 MB
               Peak Memory Usage   36 MB
            SRFeature.exe
               Process ID   26864
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
               Memory Usage   10 MB
               Peak Memory Usage   11 MB
            SRManager.exe
               Process ID   9244
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
               Memory Usage   14 MB
               Peak Memory Usage   16 MB
            SRServer.exe
               Process ID   21960
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
               Memory Usage   19 MB
               Peak Memory Usage   24 MB
            SRService.exe
               Process ID   5660
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
               Memory Usage   5.80 MB
               Peak Memory Usage   6.25 MB
            svchost.exe
               Process ID   1672
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   6.05 MB
               Peak Memory Usage   6.40 MB
            svchost.exe
               Process ID   1744
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   8.58 MB
               Peak Memory Usage   8.65 MB
            svchost.exe
               Process ID   1872
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   15 MB
               Peak Memory Usage   19 MB
            svchost.exe
               Process ID   1968
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   10 MB
               Peak Memory Usage   10 MB
            svchost.exe
               Process ID   1992
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.66 MB
               Peak Memory Usage   7.81 MB
            svchost.exe
               Process ID   2052
               User   NETWORK SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   2076
               User   NETWORK SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   2188
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   5.79 MB
               Peak Memory Usage   6.04 MB
            svchost.exe
               Process ID   2204
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.82 MB
               Peak Memory Usage   7.88 MB
            svchost.exe
               Process ID   2464
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   11 MB
            svchost.exe
               Process ID   2532
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   8.29 MB
               Peak Memory Usage   8.55 MB
            svchost.exe
               Process ID   2556
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   8.31 MB
               Peak Memory Usage   8.90 MB
            svchost.exe
               Process ID   2564
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   8.71 MB
               Peak Memory Usage   18 MB
            svchost.exe
               Process ID   2652
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   27 MB
               Peak Memory Usage   37 MB
            svchost.exe
               Process ID   2820
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   13 MB
               Peak Memory Usage   13 MB
            svchost.exe
               Process ID   2868
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   19 MB
            svchost.exe
               Process ID   1456
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   6.31 MB
               Peak Memory Usage   6.43 MB
            svchost.exe
               Process ID   2284
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   2252
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   14 MB
               Peak Memory Usage   14 MB
            svchost.exe
               Process ID   3068
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.94 MB
               Peak Memory Usage   8.48 MB
            svchost.exe
               Process ID   3104
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   13 MB
               Peak Memory Usage   13 MB
            svchost.exe
               Process ID   3212
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   9.66 MB
               Peak Memory Usage   9.83 MB
            svchost.exe
               Process ID   3320
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   9.66 MB
               Peak Memory Usage   11 MB
            svchost.exe
               Process ID   3344
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   12 MB
               Peak Memory Usage   13 MB
            svchost.exe
               Process ID   3500
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   19 MB
               Peak Memory Usage   43 MB
            svchost.exe
               Process ID   3604
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   12 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   3968
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.66 MB
               Peak Memory Usage   7.93 MB
            svchost.exe
               Process ID   4120
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   9.30 MB
               Peak Memory Usage   9.79 MB
            svchost.exe
               Process ID   4516
               User   NETWORK SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.83 MB
               Peak Memory Usage   8.09 MB
            svchost.exe
               Process ID   4988
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   11 MB
            svchost.exe
               Process ID   5004
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   27 MB
               Peak Memory Usage   76 MB
            svchost.exe
               Process ID   5012
               User   NETWORK SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   13 MB
               Peak Memory Usage   16 MB
            svchost.exe
               Process ID   5020
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   5064
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.66 MB
               Peak Memory Usage   8.02 MB
            svchost.exe
               Process ID   5072
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   19 MB
               Peak Memory Usage   24 MB
            svchost.exe
               Process ID   5088
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   11 MB
               Peak Memory Usage   12 MB
            svchost.exe
               Process ID   5144
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   9.41 MB
               Peak Memory Usage   16 MB
            svchost.exe
               Process ID   5208
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   16 MB
               Peak Memory Usage   17 MB
            svchost.exe
               Process ID   5260
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   16 MB
               Peak Memory Usage   22 MB
            svchost.exe
               Process ID   23748
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   10 MB
               Peak Memory Usage   11 MB
            svchost.exe
               Process ID   5316
               User   SYSTEM
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   5.73 MB
               Peak Memory Usage   5.94 MB
            svchost.exe
               Process ID   5376
               User   LOCAL SERVICE
               Domain   NT AUTHORITY
               Path   C:\Windows\System32\svchost.exe
               Memory Usage   7.14 MB
« Last Edit: September 06, 2017, 02:09:19 pm by dave_jaeger »

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Better to run Windows Repair, or better to do a reset with keep files?
« Reply #1 on: September 06, 2017, 02:52:15 pm »
It's possible that the restore point you chose may not have been as pristine as you would expect and trying another may do it, but when I have problems with my Win 10 I'll normally perform a repair install.

If you don't have Win 10 install media you can create either a bootable disk or USB after reading the instructions in https://www.microsoft.com/en-gb/software-download/windows10

However, should there be some residue of the infection left, in this instance I think you should go for the Reset, keeping your personal stuff but will clean out anything untoward that could remain.

Windows Repair cannot fix infection damage if anything of an infection remains.

How did you get the infection ?.

It's possible that running Avast and Windows Defender together could have an impact on performance as they'll both be doing the same job, although both relying upon Windows Firewall.

For future ref. - to perform a repair install, boot up Windows - open Windows Explorer - This PC and insert the disk or USB.

If using a DVD, double click on the drive and that will start the process but if using an USB, that will open the files where you will need to click on setup Application or right click on it and select Run as administrator.

Offline dave_jaeger

  • Newbie
  • *
  • Join Date: Sep 2017
  • Posts: 3
  • Karma: 0
    • View Profile
Re: Better to run Windows Repair, or better to do a reset with keep files?
« Reply #2 on: September 06, 2017, 03:42:30 pm »
I think it was a drive-by when downloading a Linux distro on a torrent site. I just don't know for certain as a strange browser window popped up then suddenly disappeared. That's usually a bad sign. I will try your suggestions and report back. Thanks for your help.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: Better to run Windows Repair, or better to do a reset with keep files?
« Reply #3 on: September 07, 2017, 01:17:17 am »
After you have done the Reset, go into System protection to check that it is still turned on and create restore points as you progress with putting things back on.

Don't forget to let us know how you get on.

Offline dave_jaeger

  • Newbie
  • *
  • Join Date: Sep 2017
  • Posts: 3
  • Karma: 0
    • View Profile
Re: Better to run Windows Repair, or better to do a reset with keep files?
« Reply #4 on: September 07, 2017, 07:36:13 am »
Thank you. Will do.