Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Farbar Scan Results

Started by bonezz777 , Jun 12 2017 07:21 AM

Please log in to reply

#1
bonezz777

Posted 12 June 2017 - 07:21 AM

Member

Member
99 posts

Hello,& thanks for Y'alls Help; Before I post the results, I Was able to use windows malicious tool remover ( no good), then I tried running "F-secure found 1 issue" but problems continue; Then I tried Sophos Virus removal tool, (no good) problems still there; Now I try Superantispyware, several times a day, & each time it finds anywhere between 4 to 596 things to delete, I also have Malwarebytes anti malware,& Adwcleaner, as well as bitdefender free( which has not done any good)...Symtoms are this:: My Desktop Page gets ALL rearranged everyday, My Wife likes to go to PCH publishers clearing house to "games" & play Mahjong, We have a beefy enough computer, to do what little bit we do, but NOW Her game just Hangs up or will be REALLY Delayed, She show me, said "watch this" She clicked on her move & i counted to around the count of 10 before her move would respond....Someone or something is really Bogging us down.. Ever since I bought this New, it's given me problems updating "windows update, ( tried all their tools & Cabinets) NO good...That's all we do, we are Not gamers we are old folks, that use our computer to watch movies, google/duck duck go searches, occasionally we buy something online from wally world or ebay....That's it..The other day my Wife was searching for movies,(and got a warning in Big Red writing saying"Warning Your computer has been put on Lockdown to prevent further infection call 1-800-bla-bla -bla" She freaked out & called me,and I told her Not to touch or do anything until I got home, I got home & ran every tool I had & I cant remember (old age Part timers) I call it, But I think all the tools only found (1) bugger...F Secure says it has items in quarantine; we could watch,'because we are "trying to live off my disability only, so Can't afford cable/satellite anymore...OKAY now You know what We Know, & We don't know diddly; Here is The Report Scan, Thanks in advance,Tim....(OH PS)All our writing on any web page Overlaps onto all other writing Making it look like gobblygoop:::::Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017

Ran by Tim (administrator) on TIM-HP (12-06-2017 08:30:02)

Running from C:\Users\Tim\Desktop

Loaded Profiles: Tim (Available Profiles: Tim & General Log In & Guest)

Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe

(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe

(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe

(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7570136 2014-04-14] (Realtek Semiconductor)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7956384 2017-06-01] (SUPERAntiSpyware)

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5791696 2017-03-21] (SecureMix LLC)

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\MountPoints2: {2301f08c-46ea-11e6-b913-a0d3c14a78f6} - WinCleaner Application Setup.exe

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation)

Lsa: [Notification Packages] DPPassFilter scecli

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

GroupPolicy: Restriction - Chrome <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3386813744-1969293527-735481815-1001] => http=127.0.0.1:8080

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

Tcpip\..\Interfaces\{B8692A19-E7CA-4985-B46C-556A84D4EF53}: [DhcpNameServer] 192.168.254.254

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-08] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => No File

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-24] (Google Inc.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-08] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-08] (Oracle Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-24] (Google Inc.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-08] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-24] (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-10-24] (Google Inc.)

Toolbar: HKU\S-1-5-21-3386813744-1969293527-735481815-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-10-24] (Google Inc.)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1486642584294

FireFox:

========

FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\2tXjV4ld.default [2016-10-26]

FF Extension: (Avira Browser Safety) - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\2tXjV4ld.default\Extensions\[email protected] [2016-12-04]

FF Extension: (Avira SafeSearch Plus) - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\2tXjV4ld.default\Extensions\[email protected] [2017-02-08]

FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome

FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-05-26] [not signed]

FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-08] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-08] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-02-10] (DigitalPersona, Inc.)

Chrome:

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.yahoo.com/"

CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}

CHR DefaultSearchKeyword: Default -> duckduckgo.com

CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list

CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default [2017-06-12]

CHR Extension: (Google Drive) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-24]

CHR Extension: (DuckDuckGo Search) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-05-05]

CHR Extension: (YouTube) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-24]

CHR Extension: (HTTPS Everywhere) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-06-06]

CHR Extension: (Click&Clean) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2017-06-01]

CHR Extension: (History Eraser) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2017-06-01]

CHR Extension: (J2TeaM Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlcjjclebjnfohgmgikjfnbmfkigocc [2017-06-08]

CHR Extension: (Cyber Security News by Gold Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcehljakhaojdgjoggcpnbjkehgglbfb [2017-05-28]

CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-05-19]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]

CHR Extension: (Click&Clean App) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-06-01]

CHR Extension: (Gmail) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-24]

CHR Extension: (Chrome Media Router) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]

CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-30]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-02-10]

Opera:

=======

OPR Extension: (Stormcrow) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2017-04-18]

OPR Extension: (360 Internet Protection) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2017-06-07]

OPR Extension: (Avira Browser Safety) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2016-10-25]

OPR Extension: (HTTPS Everywhere) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2017-06-08]

OPR Extension: (Privacy Badger) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\ldfkcgjipgfchpnojicdgpgiocoeelik [2017-05-26]

OPR Extension: (SurfPatrol) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\pafbnmdfbmigjdbkhkchclhpmfcoageo [2017-01-16]

OPR Extension: (Privacy Cleaner) - C:\Users\Tim\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdomeailoegpefbldkonkajkcolkbmhi [2017-01-16]

StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)

R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-02-10] (DigitalPersona, Inc.)

R2 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)

R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4393424 2017-03-21] (SecureMix LLC)

R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()

R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)

R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [79440 2015-08-14] (Advanced Micro Devices, Inc.)

R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-05-11] (Bitdefender)

R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-05-11] (Bitdefender)

R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-05-11] (Bitdefender)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmcsp; C:\Windows\System32\DRIVERS\amdkmcsp.sys [114456 2015-08-14] (Advanced Micro Devices, Inc. )

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)

R1 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [298776 2015-08-14] (Advanced Micro Devices, Inc. )

R0 Atc; C:\Windows\System32\DRIVERS\Atc.sys [937728 2017-05-16] (BitDefender S.R.L. Bucharest, ROMANIA)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1612648 2017-05-11] (BitDefender)

S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)

R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)

R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)

R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [370136 2017-05-11] (BitDefender S.R.L. Bucharest, ROMANIA)

R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [33248 2015-05-29] (SecureMix LLC)

R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [182944 2016-10-29] (BitDefender LLC)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-12] (Malwarebytes)

R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3434976 2014-04-16] (Intel Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R2 trufos; C:\Windows\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)

U0 aswVmm; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-12 08:30 - 2017-06-12 08:30 - 00019764 _____ C:\Users\Tim\Desktop\FRST.txt

2017-06-12 08:29 - 2017-06-12 08:30 - 00000000 ____D C:\FRST

2017-06-12 08:27 - 2017-06-12 08:27 - 02438656 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe

2017-06-08 18:50 - 2017-06-08 18:47 - 00000030 _____ C:\AVScanner.ini

2017-06-08 16:30 - 2017-06-10 05:16 - 00000000 ____D C:\Users\Tim\AppData\Local\FSDART

2017-06-08 16:30 - 2017-06-08 16:31 - 00000000 ____D C:\ProgramData\F-Secure

2017-06-08 16:17 - 2017-06-08 16:05 - 00206912 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2017-06-08 16:17 - 2017-06-08 16:05 - 00206912 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2017-06-08 16:07 - 2017-06-08 16:05 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll

2017-06-08 15:34 - 2017-06-08 15:35 - 00524248 _____ (F-Secure Corporation) C:\Users\Tim\Desktop\F-SecureOnlineScanner.exe

2017-06-06 13:57 - 2017-06-06 13:57 - 00313366 _____ C:\Users\Tim\Downloads\WindowsUpdate.diagcab

2017-06-02 05:05 - 2017-06-02 05:05 - 00029367 _____ C:\ProgramData\agent.update.1496394339.bdinstall.bin

2017-05-27 14:25 - 2017-05-27 14:25 - 00000000 ____D C:\Users\Tim\AppData\Local\Microsoft Corporation

2017-05-27 14:05 - 2017-05-27 14:06 - 43370704 _____ (Microsoft Corporation) C:\Users\Tim\Desktop\Windows-KB890830-x64-V5.48.exe

2017-05-25 21:04 - 2017-05-25 21:04 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk

2017-05-25 21:04 - 2017-05-25 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2017-05-25 21:04 - 2017-05-25 21:04 - 00000000 ____D C:\Program Files (x86)\Sophos

2017-05-25 20:25 - 2017-05-25 20:25 - 00000000 ____D C:\ProgramData\COMODO

2017-05-23 17:21 - 2017-05-23 17:21 - 04110280 _____ C:\Users\Tim\Desktop\adwcleaner_6.047 (1).exe

2017-05-23 17:14 - 2017-05-23 17:10 - 63364552 _____ (Malwarebytes ) C:\Users\Tim\Documents\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe

2017-05-16 18:19 - 2017-05-16 18:19 - 00937728 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\Atc.sys

2017-05-14 07:22 - 2017-05-14 07:14 - 63035592 _____ (Malwarebytes ) C:\Users\Tim\Documents\mb3-setup-consumer-3.1.2.1733 (1).exe

2017-05-14 07:22 - 2017-05-03 04:22 - 30649312 _____ (SecureMix LLC) C:\Users\Tim\Documents\GlassWireSetup (1).exe

2017-05-14 07:07 - 2017-05-14 07:08 - 63035592 _____ (Malwarebytes ) C:\Users\Tim\Downloads\mb3-setup-consumer-3.1.2.1733.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-12 08:13 - 2017-03-14 09:05 - 00000000 ____D C:\Program Files\Bitdefender Antivirus Free

2017-06-12 07:51 - 2009-07-14 00:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-06-12 07:51 - 2009-07-14 00:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-06-12 07:44 - 2017-02-08 21:17 - 00000000 ____D C:\Program Files\Bitdefender Agent

2017-06-12 07:44 - 2017-01-31 11:24 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-06-12 07:44 - 2015-12-12 03:31 - 25846858 _____ C:\Windows\SysWOW64\rootpa.e2e

2017-06-12 07:43 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2017-06-11 23:13 - 2015-12-12 03:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin

2017-06-11 16:05 - 2016-05-28 09:30 - 00000000 ____D C:\AdwCleaner

2017-06-10 21:15 - 2017-02-08 22:37 - 00000000 ____D C:\Program Files (x86)\Adobe

2017-06-10 21:13 - 2016-05-24 12:34 - 00000000 ____D C:\Users\Tim\AppData\LocalLow\Adobe

2017-06-10 21:13 - 2016-03-05 09:54 - 00000000 ____D C:\Windows\system32\Macromed

2017-06-10 21:13 - 2015-12-28 17:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2017-06-10 20:55 - 2016-01-07 08:12 - 00000000 ____D C:\Users\Tim\AppData\Local\Adobe

2017-06-10 06:10 - 2017-02-21 11:34 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTim

2017-06-10 06:10 - 2017-02-21 11:34 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForTim.job

2017-06-08 19:14 - 2017-02-08 22:48 - 00000000 ____D C:\Program Files\Common Files\McAfee

2017-06-08 19:14 - 2017-02-08 22:48 - 00000000 ____D C:\Program Files (x86)\McAfee

2017-06-08 18:28 - 2016-11-02 15:07 - 03255948 _____ C:\Windows\ntbtlog.txt

2017-06-08 18:26 - 2016-06-05 13:32 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2017-06-08 16:17 - 2016-12-05 11:49 - 00000000 ____D C:\Program Files\Java

2017-06-08 16:17 - 2016-04-08 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-06-08 16:07 - 2016-04-08 13:41 - 00000000 ____D C:\Program Files (x86)\Java

2017-06-08 16:05 - 2016-12-05 11:50 - 00318528 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2017-06-08 16:05 - 2016-12-05 11:50 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2017-06-08 16:04 - 2016-04-08 13:42 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2017-06-06 13:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF

2017-06-06 12:38 - 2017-01-31 11:24 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys

2017-06-02 04:49 - 2017-02-16 11:44 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2017-05-31 10:41 - 2016-12-14 11:00 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1481727622

2017-05-31 10:41 - 2016-12-14 10:59 - 00000000 ____D C:\Program Files\Opera

2017-05-28 06:53 - 2017-02-11 09:30 - 00000000 ____D C:\SUPERDelete

2017-05-27 08:23 - 2015-12-28 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\ElevatedDiagnostics

2017-05-23 17:11 - 2017-01-31 11:24 - 00001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-05-23 17:11 - 2017-01-31 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-05-23 07:07 - 2016-01-31 19:50 - 00000000 ____D C:\Windows\system32\MRT

2017-05-17 15:22 - 2009-07-14 01:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2017-05-16 05:23 - 2016-10-24 14:54 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Google

2017-05-15 17:34 - 2016-10-24 14:54 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2017-02-08 21:17 - 2017-02-08 21:17 - 0046788 _____ () C:\ProgramData\agent.1486603026.bdinstall.bin

2017-02-08 21:36 - 2017-02-08 21:36 - 0028706 _____ () C:\ProgramData\agent.1486604163.bdinstall.bin

2017-02-08 21:37 - 2017-02-08 21:37 - 0028778 _____ () C:\ProgramData\agent.1486604202.bdinstall.bin

2017-02-08 22:18 - 2017-02-08 22:18 - 0028778 _____ () C:\ProgramData\agent.1486606720.bdinstall.bin

2017-02-11 09:59 - 2017-02-11 09:59 - 0028780 _____ () C:\ProgramData\agent.1486821554.bdinstall.bin

2017-02-11 09:59 - 2017-02-11 09:59 - 0028780 _____ () C:\ProgramData\agent.1486821588.bdinstall.bin

2017-02-12 05:55 - 2017-02-12 05:55 - 0028779 _____ () C:\ProgramData\agent.1486893287.bdinstall.bin

2017-02-16 11:48 - 2017-02-16 11:48 - 0028497 _____ () C:\ProgramData\agent.1487260113.bdinstall.bin

2017-02-16 11:49 - 2017-02-16 11:49 - 0028427 _____ () C:\ProgramData\agent.1487260177.bdinstall.bin

2017-02-16 12:49 - 2017-02-16 12:49 - 0028780 _____ () C:\ProgramData\agent.1487263757.bdinstall.bin

2017-02-16 12:50 - 2017-02-16 12:50 - 0028780 _____ () C:\ProgramData\agent.1487263804.bdinstall.bin

2017-02-16 18:58 - 2017-02-16 18:58 - 0028780 _____ () C:\ProgramData\agent.1487285925.bdinstall.bin

2017-02-17 13:08 - 2017-02-17 13:08 - 0028780 _____ () C:\ProgramData\agent.1487351306.bdinstall.bin

2017-02-20 18:07 - 2017-02-20 18:07 - 0028780 _____ () C:\ProgramData\agent.1487628430.bdinstall.bin

2017-03-03 09:42 - 2017-03-03 09:42 - 0028780 _____ () C:\ProgramData\agent.1488548516.bdinstall.bin

2017-03-04 11:39 - 2017-03-04 11:39 - 0028780 _____ () C:\ProgramData\agent.1488641969.bdinstall.bin

2017-03-06 18:07 - 2017-03-06 18:07 - 0028780 _____ () C:\ProgramData\agent.1488838053.bdinstall.bin

2017-03-06 18:08 - 2017-03-06 18:08 - 0028780 _____ () C:\ProgramData\agent.1488838117.bdinstall.bin

2017-03-07 07:06 - 2017-03-07 07:06 - 0028780 _____ () C:\ProgramData\agent.1488884812.bdinstall.bin

2017-03-09 18:12 - 2017-03-09 18:12 - 0028780 _____ () C:\ProgramData\agent.1489097528.bdinstall.bin

2017-03-09 18:12 - 2017-03-09 18:12 - 0028779 _____ () C:\ProgramData\agent.1489097574.bdinstall.bin

2017-03-14 08:59 - 2017-03-14 08:59 - 0028736 _____ () C:\ProgramData\agent.1489496386.bdinstall.bin

2017-03-14 09:22 - 2017-03-14 09:22 - 0028601 _____ () C:\ProgramData\agent.1489497767.bdinstall.bin

2017-03-14 09:23 - 2017-03-14 09:23 - 0028743 _____ () C:\ProgramData\agent.1489497792.bdinstall.bin

2017-03-18 08:01 - 2017-03-18 08:01 - 0028738 _____ () C:\ProgramData\agent.1489838475.bdinstall.bin

2017-03-18 08:01 - 2017-03-18 08:01 - 0028745 _____ () C:\ProgramData\agent.1489838502.bdinstall.bin

2017-06-02 05:05 - 2017-06-02 05:05 - 0029367 _____ () C:\ProgramData\agent.update.1496394339.bdinstall.bin

2017-02-08 22:22 - 2017-02-08 22:22 - 0368084 _____ () C:\ProgramData\cl.1486606757.bdinstall.bin

2017-03-09 18:16 - 2017-03-09 18:16 - 0380034 _____ () C:\ProgramData\cl.repair.1489097691.bdinstall.bin

2017-03-14 09:20 - 2017-03-14 09:20 - 0215144 _____ () C:\ProgramData\cl.uninstall.1489497341.bdinstall.bin

2016-06-29 17:22 - 2016-06-29 17:23 - 1271840 _____ () C:\ProgramData\hpdam_install_log.txt

2016-06-29 17:22 - 2016-06-29 17:22 - 0272336 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-02 18:17

==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2017

Ran by Tim (12-06-2017 08:31:30)

Running from C:\Users\Tim\Desktop

Windows 7 Professional Service Pack 1 (X64) (2016-05-20 19:14:16)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3386813744-1969293527-735481815-500 - Administrator - Disabled)

General Log In (S-1-5-21-3386813744-1969293527-735481815-1002 - Limited - Enabled) => C:\Users\General Log In

Guest (S-1-5-21-3386813744-1969293527-735481815-501 - Limited - Disabled) => C:\Users\Guest

Tim (S-1-5-21-3386813744-1969293527-735481815-1001 - Administrator - Enabled) => C:\Users\Tim

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}

AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)

Bejeweled 2 Deluxe (HKLM-x32\...\Bejeweled 2 Deluxe) (Version: - PopCap Games)

Bejeweled Twist (HKLM-x32\...\Bejeweled Twist) (Version: - PopCap Games)

Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)

Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.6.12 - Bitdefender)

DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden

EarthLink Accelerator (HKLM-x32\...\EarthLink Accelerator) (Version: - )

GlassWire 1.2 (remove only) (HKLM-x32\...\GlassWire 1.2) (Version: 1.2.100 - SecureMix LLC)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)

Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.3.1786 - Hewlett-Packard Company)

HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)

HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)

HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)

HP Documentation (HKLM-x32\...\{F7A8FF27-1B85-4C23-A6FA-97DE491ECC9A}) (Version: 1.1.0.0 - Hewlett-Packard)

HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.20.1 - Hewlett-Packard Company)

HP PageLift (HKLM-x32\...\{59202086-BEA1-411A-8AA4-A5DCD28FF537}) (Version: 1.0.13.1 - Hewlett-Packard Company)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)

HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)

HP SoftPaq Download Manager (HKLM-x32\...\{23544215-E6E6-448B-B6E9-6268D5B3E74D}) (Version: 3.5.0.0 - Hewlett-Packard Company)

HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.4.14.41 - HP)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)

HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.7.22.13 - HP)

HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation)

Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

LSI USB 2.0 Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.102 - LSI Corporation)

Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)

Peggle Deluxe (HKLM-x32\...\Peggle Deluxe) (Version: - PopCap Games)

Peggle Nights (HKLM-x32\...\Peggle Nights) (Version: - PopCap Games)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.103.1007.2016 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)

Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.0 - Sophos Limited)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1236 - SUPERAntiSpyware.com)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)

WOLFCODERS ScreenSnag (HKLM-x32\...\{481875AB-8D00-46D0-92E2-27BB13B20975}_is1) (Version: - WOLFCODERS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForTim.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aeea6001c9fdcab9\Click&Clean.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ghgabhipcejejjmhhchfonmamedcbeod

ShortcutWithArgument: C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\66b9b787e09fde9f\History Eraser.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gjieilkfnnjoihjjonajndjldjoagffm

==================== Loaded Modules (Whitelisted) ==============

2017-03-14 09:24 - 2016-04-16 21:07 - 00280576 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll

2017-03-14 09:24 - 2017-02-07 12:29 - 01008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpbr.mdl

2017-03-14 09:24 - 2017-02-07 12:29 - 00541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpdsp.mdl

2017-03-14 09:24 - 2017-02-07 12:29 - 03243920 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttpph.mdl

2017-03-14 09:24 - 2017-02-07 12:29 - 01544568 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttprbl.mdl

2014-02-05 15:56 - 2014-02-05 15:56 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll

2017-05-15 17:34 - 2017-05-09 05:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-15 17:34 - 2017-05-09 05:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2017-03-21 06:19 - 2017-03-21 06:19 - 00178128 _____ () C:\Program Files (x86)\GlassWire\EasyHook32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]

AlternateDataStreams: C:\Users\Tim\Desktop\glasswire-free-firewall_1.2.96.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Desktop\SUPERAntiSpywarePro.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\adwcleaner_6.046.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\GlassWireSetup.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\IE9-Windows7-x64-enu.exe:a [420]

AlternateDataStreams: C:\Users\Tim\Downloads\mb3-setup-adwc.adwc100.3.0.6.1469.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\mb3-setup-consumer-3.1.2.1733.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\SkypeSetup.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Downloads\winupdatefix_1.3.exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Documents\GlassWireSetup (1).exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Documents\mb3-setup-consumer-3.1.2.1733 (1).exe:BDU [0]

AlternateDataStreams: C:\Users\Tim\Documents\mbar-1.09.3.1001.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\deere.com -> hxxps://jdparts.deere.com

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\flhsmv.gov -> hxxps://www.flhsmv.gov

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\hdonline.to -> hxxps://hdonline.to

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\pch.com -> hxxp://search.pch.com

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\usa4sale.net -> hxxp://contact.usa4sale.net

IE trusted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\winndixie.com -> hxxps://www.winndixie.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0411dd.com -> 0411dd.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0511zfhl.com -> 0511zfhl.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0632qyw.com -> 0632qyw.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-3386813744-1969293527-735481815-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-03-05 12:28 - 2017-06-08 17:02 - 00000033 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3386813744-1969293527-735481815-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.254.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: HPFSService => 2

MSCONFIG\startupreg: HP File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe

MSCONFIG\startupreg: Propel Accelerator => "C:\Program Files (x86)\EarthLink Accelerator\trayctl.exe" /STARTUPLAUNCH

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{D6F44F3E-63AD-4480-8981-1F8E4BC156A3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{92635564-B32B-4941-8709-EDC3534DA1F7}] => (Allow) C:\Program Files (x86)\Opera\launcher.exe

FirewallRules: [{0F7C25B6-D55C-4599-808E-70473E50600B}] => (Allow) C:\Program Files (x86)\Opera\launcher.exe

FirewallRules: [{50E9D51B-9089-4C78-8F73-3E2E5E0D42C5}] => (Allow) C:\Program Files (x86)\Opera\launcher.exe

FirewallRules: [{3D066DB3-3078-49D4-A3A6-AF4075CB1645}] => (Allow) C:\Program Files (x86)\Opera\launcher.exe

FirewallRules: [{9A373D22-61C3-4F8B-BBEF-1D2CEC770DB5}] => (Allow) C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe

FirewallRules: [{82B69666-6A08-4AB4-B240-B287A8D13E38}] => (Allow) C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe

FirewallRules: [{D32E408E-6053-455A-990F-9F46633386D8}] => (Allow) C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe

FirewallRules: [{38B50817-1FA9-4CB1-B36F-FAF8288E99E7}] => (Allow) C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe

FirewallRules: [{BDD0E46F-885B-4696-ADCE-C508C1F9F12A}] => (Allow) C:\Program Files\Microsoft Security Client\msseces.exe

FirewallRules: [{953F6506-888F-4867-B3B2-8E82E4E25263}] => (Allow) C:\Program Files\Microsoft Security Client\msseces.exe

FirewallRules: [{08BCF83E-E091-4FAC-9D79-87F5D20AEE8C}] => (Allow) C:\Program Files\Microsoft Security Client\msseces.exe

FirewallRules: [{AA04C2EA-8C48-467B-BC95-EDBCA22C98B5}] => (Allow) C:\Program Files\Microsoft Security Client\msseces.exe

FirewallRules: [{8FD07A63-7436-47CF-BA1F-834A0A492F69}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

FirewallRules: [{ACF8D3C4-FF9A-4CD3-8EA4-28D0784A5E00}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

FirewallRules: [{B3C0EE64-66A1-4F53-9ABE-C6637AB3FABA}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

FirewallRules: [{91069DC4-8EB5-4A7C-8804-CA63B1DB68C0}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

FirewallRules: [{6B43B3CE-DC50-45A5-8B9C-BBF6E68A2E22}] => (Allow) C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZM9O05\EW0DFB0B

FirewallRules: [{E2AFA9F5-1B1B-4500-8997-4963CA7BCF15}] => (Allow) C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZM9O05\EW0DFB0B

FirewallRules: [{285830EF-6348-490E-AF3E-A4E3BD091FBF}] => (Allow) C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZM9O05\EW0DFB0B

FirewallRules: [{2A1B1D2E-C4D7-42AF-9D46-A4D9F1592ACF}] => (Allow) C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CZM9O05\EW0DFB0B

FirewallRules: [{C962AA5F-D716-4894-A777-9980540483E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe

FirewallRules: [{D8BB9E0F-2592-4C32-B96F-AE69B073FAE5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe

FirewallRules: [{3EDE067A-8C7B-43BB-A5B7-58D0CC51B633}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

FirewallRules: [{E81B4361-07C3-4BFB-8571-B70DD4167B3A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe

FirewallRules: [{C9C94891-2C9B-40CE-8333-9A41D4FBA565}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe

FirewallRules: [{DD7DB7A0-CA86-416B-BBD9-BA1D7B2C6E53}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe

FirewallRules: [{DBFEDAD6-0BEB-4578-B149-3AB62C1B7D85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{C8501CF7-59E4-43E0-AA45-EE26755E751F}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe

FirewallRules: [UDP Query User{905779AE-D66A-4666-9FFB-56A8610A6FBA}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe

FirewallRules: [TCP Query User{C90C27C3-BCC7-4ACE-9E22-2C7488FE70FA}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe

FirewallRules: [UDP Query User{072E5150-569C-4950-833F-437FEC13136A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe

FirewallRules: [{D779D332-B00D-4FCC-8F0D-2038BDD79CD7}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

FirewallRules: [{25ABBA34-5506-420A-AA0A-93D0A7088E21}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

FirewallRules: [{92086CBF-6C8E-46CE-86EA-FAC5797DB131}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{9BD19296-35AA-446C-BCC4-23BCCEAE53A3}] => (Allow) C:\Program Files\Opera\45.0.2552.881\opera.exe

FirewallRules: [{26BE28BC-BE97-4D1D-BD8E-90F9C06978D4}] => (Allow) C:\Program Files\Opera\45.0.2552.888\opera.exe

==================== Restore Points =========================

09-06-2017 07:00:14 Windows Update

09-06-2017 22:42:28 Windows Update

10-06-2017 07:00:14 Windows Update

10-06-2017 21:14:13 Removed Adobe Acrobat Reader DC.

11-06-2017 07:00:12 Windows Update

11-06-2017 23:11:52 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/12/2017 07:54:51 AM) (Source: HP Active Health) (EventID: 2800) (User: )

Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.

at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)

at System.Diagnostics.PerformanceCounterLib.get_NameTable()

at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()

at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)

at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)

at System.Diagnostics.PerformanceCounter.InitializeImpl()

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)

at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/12/2017 07:43:46 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/11/2017 04:17:15 PM) (Source: HP Active Health) (EventID: 2800) (User: )

Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.

at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)

at System.Diagnostics.PerformanceCounterLib.get_NameTable()

at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()

at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)

at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)

at System.Diagnostics.PerformanceCounter.InitializeImpl()

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)

at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/11/2017 04:07:03 PM) (Source: WinMgmt) (EventID: 10) (User: )

Error: (06/10/2017 09:46:53 AM) (Source: HP Active Health) (EventID: 2800) (User: )

Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.

at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)

at System.Diagnostics.PerformanceCounterLib.get_NameTable()

at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()

at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)

at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)

at System.Diagnostics.PerformanceCounter.InitializeImpl()

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)

at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/10/2017 05:17:00 AM) (Source: WinMgmt) (EventID: 10) (User: )

Error: (06/09/2017 07:50:48 AM) (Source: HP Active Health) (EventID: 2800) (User: )

Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.

at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)

at System.Diagnostics.PerformanceCounterLib.get_NameTable()

at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()

at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)

at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)

at System.Diagnostics.PerformanceCounter.InitializeImpl()

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)

at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()

at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)

at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/09/2017 05:13:50 AM) (Source: WinMgmt) (EventID: 10) (User: )

Error: (06/08/2017 07:14:28 PM) (Source: flcdlock) (EventID: 1069) (User: )

Description: Current SID profile operation failed with unknown exception.

Error: (06/08/2017 07:14:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

System errors:

=============

Error: (06/12/2017 07:44:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

Atc

Error: (06/11/2017 11:13:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80073701: 2017-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4019264).

Error: (06/11/2017 11:12:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80073701: Update for Windows 7 for x64-based Systems (KB2952664).

Error: (06/11/2017 04:07:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

Atc

Error: (06/11/2017 04:06:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

The system cannot find the path specified.

Error: (06/11/2017 04:06:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:

The service did not start due to a logon failure.

Error: (06/11/2017 04:06:26 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:

The request is not supported.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/11/2017 04:06:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (06/11/2017 04:06:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (06/11/2017 04:06:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

CodeIntegrity:

===================================

Date: 2016-05-30 18:23:15.172

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-30 18:23:15.172

Date: 2016-05-30 12:34:09.752

Date: 2016-05-30 12:34:09.736

Date: 2016-05-30 06:39:39.690

Date: 2016-05-30 06:39:39.674

Date: 2016-05-30 06:38:10.580

Date: 2016-05-30 06:38:10.565

Date: 2016-05-29 07:13:05.844

==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics

Percentage of memory in use: 33%

Total physical RAM: 7612.08 MB

Available physical RAM: 5060.77 MB

Total Virtual: 15222.35 MB

Available Virtual: 12488.2 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:919.11 GB) (Free:856 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (HP_RECOVERY) (Fixed) (Total:11.3 GB) (Free:1.21 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6F9E5779)

Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=919.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=100 MB) - (Type=0C)

==================== End of Addition.txt ============================

Edited by bonezz777, 12 June 2017 - 07:35 AM.

#2
RKinner

Posted 13 June 2017 - 08:17 PM

Malware Expert

Expert
24,625 posts

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt

notepad \junk.txt

Open an Elevated Command Prompt:

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator

Right click and Paste (or Edit then Paste) and the copied lines should appear.

Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download

Latest Version button - Do NOT press the large Start Download button on the upper left!)

Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),

File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.

(It will be near the top about 10-20 lines down.) Save the file. Attach the file to your next post. (More Reply Options, Choose File, Open, Attach This File)

#3
bonezz777

Posted 14 June 2017 - 05:01 AM

Member

Topic Starter
Member
99 posts

Hi, I don't know anything about this stuff, but i'll try;..Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 86.26 0 K 24 K 0

GWCtlSrv.exe 3.67 45,464 K 48,420 K 1856 GlassWire Control Service SecureMix LLC (Verified) GlassWire

procexp64.exe 2.22 30,680 K 49,564 K 8100 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

sidebar.exe 1.72 30,040 K 42,968 K 3668 Windows Desktop Gadgets Microsoft Corporation (Verified) Microsoft Windows

flcdlock.exe 1.01 5,588 K 12,596 K 2756 HP Device Access Manager Hewlett-Packard Company (Verified) Hewlett-Packard Company

EvtEng.exe 0.60 5,724 K 13,264 K 1324 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

System 0.60 180 K 2,128 K 4

GWIdlMon.exe 0.56 13,432 K 15,504 K 5452 GlassWire Computer Idle Monitor SecureMix LLC (Verified) GlassWire

GlassWire.exe 0.50 40,964 K 49,448 K 3764 GlassWire SecureMix LLC (Verified) GlassWire

svchost.exe 0.50 231,904 K 240,592 K 1044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

dwm.exe 0.46 31,276 K 34,800 K 3992 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

Interrupts 0.38 0 K 0 K n/a Hardware Interrupts and DPCs

lsass.exe 0.30 5,772 K 13,876 K 808 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows

csrss.exe 0.28 3,428 K 15,720 K 712 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.23 11,568 K 15,572 K 1820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.18 24,196 K 21,808 K 628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.15 65,908 K 78,404 K 6956 Google Chrome Google Inc. (Verified) Google Inc

explorer.exe 0.12 31,896 K 49,776 K 4016 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.07 243,224 K 265,260 K 1564 Google Chrome Google Inc. (Verified) Google Inc

SUPERANTISPYWARE.EXE 0.05 95,332 K 5,580 K 3592 SUPERAntiSpyware Application SUPERAntiSpyware (Verified) SUPERAntiSpyware.com

svchost.exe 0.03 10,236 K 17,732 K 1244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.02 4,940 K 8,920 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

vsservppl.exe 0.02 19,516 K 23,560 K 2652 Bitdefender Correlation Service Bitdefender (Verified) Bitdefender SRL

svchost.exe 0.02 49,324 K 30,776 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 260,916 K 168,548 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

vsserv.exe 0.01 323,544 K 204,816 K 2552 Bitdefender Security Service Bitdefender (Verified) Bitdefender SRL

chrome.exe 0.01 71,620 K 81,808 K 5252 Google Chrome Google Inc. (Verified) Google Inc

SASCore64.exe 0.01 2,952 K 5,512 K 1948 Core Service SUPERAntiSpyware.com (Verified) SUPERAntiSpyware.com

mbamtray.exe 0.01 18,176 K 26,972 K 2236 Malwarebytes Tray Application Malwarebytes (Verified) Malwarebytes Corporation

chrome.exe 0.01 76,076 K 128,812 K 4588 Google Chrome Google Inc. (Verified) Google Inc

taskhost.exe < 0.01 16,084 K 18,112 K 3732 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

agr64svc.exe < 0.01 1,184 K 3,068 K 1996 LSI Soft Modem Call Progress Service LSI Corporation (Verified) LSI Corporation

SearchIndexer.exe < 0.01 57,132 K 50,384 K 4440 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

wmpnetwk.exe < 0.01 5,848 K 4,384 K 5564 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 7,376 K 11,796 K 3124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

lsm.exe < 0.01 2,860 K 4,756 K 820 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows

updatesrv.exe < 0.01 8,628 K 8,904 K 2448 Bitdefender Update Service Bitdefender (Verified) Bitdefender SRL

bdagent.exe < 0.01 16,576 K 22,268 K 5184 bdagent.exe Bitdefender (Verified) Bitdefender SRL

csrss.exe < 0.01 2,768 K 5,244 K 612 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

MBAMService.exe < 0.01 47,320 K 65,220 K 2872 Malwarebytes Service Malwarebytes (Verified) Malwarebytes Corporation

ZeroConfigService.exe 8,680 K 18,576 K 376 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

wuauclt.exe 2,428 K 7,324 K 7956 Windows Update Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 3,964 K 10,112 K 3160 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

wlanext.exe 6,284 K 15,540 K 1660 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows

winlogon.exe 3,776 K 8,296 K 780 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 1,724 K 4,748 K 688 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,892 K 5,616 K 3816 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows

TrustedInstaller.exe 52,572 K 52,756 K 1908 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows

tbaseprovisioning.exe 18,776 K 27,376 K 700 tbaseprovisioning Advanced Micro Devices, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher

svchost.exe 6,256 K 12,100 K 2020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,780 K 6,248 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,908 K 10,572 K 920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

spoolsv.exe 8,000 K 14,268 K 1772 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

smss.exe 544 K 1,240 K 356 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows

services.exe 5,412 K 9,404 K 744 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows

RtkNGUI64.exe 13,452 K 11,160 K 3448 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp

RtkAudioService64.exe 2,040 K 5,508 K 1336 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp

RegSrvc.exe 2,064 K 7,284 K 2368 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

RAVBg64.exe 15,020 K 12,192 K 1360 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp

ProductAgentService.exe 7,176 K 14,572 K 2320 Bitdefender Agent Bitdefender (Verified) Bitdefender SRL

procexp.exe 4,120 K 8,504 K 7876 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

jusched.exe 2,308 K 5,468 K 3704 Java Update Scheduler Oracle Corporation (Verified) Oracle America

HPSupportSolutionsFrameworkService.exe 55,800 K 52,104 K 3216 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.

HP.ProtectTools.DeviceAccessManager.ServiceHost.exe 19,724 K 22,464 K 5372 HP.ProtectTools.DeviceAccessManager.ServiceHost Hewlett-Packard Development Company (Verified) Hewlett-Packard Company

DpHostW.exe 16,148 K 25,560 K 1076 DigitalPersona Local Host DigitalPersona, Inc. (Verified) DigitalPersona

DpCardEngine.exe 3,820 K 8,608 K 2068 DigitalPersona Card Engine DigitalPersona, Inc. (Verified) DigitalPersona

conhost.exe 1,076 K 2,968 K 1668 Console Window Host Microsoft Corporation (Verified) Microsoft Windows

conhost.exe 2,900 K 4,492 K 5816 Console Window Host Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 4,756 K 7,116 K 4284 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 4,980 K 7,724 K 5416 Google Chrome Google Inc. (Verified) Google Inc

atiesrxx.exe 1,632 K 5,004 K 200 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 2,640 K 7,672 K 1456 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

AERTSr64.exe 1,284 K 3,096 K 1968 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics

#4
RKinner

Posted 18 June 2017 - 07:19 AM

Malware Expert

Expert
24,625 posts

Sorry. lost your reply.

I would uninstall GlassWire 1.2. It's using a lot of CPU and is not needed since you have BitDefender.

Also get rid of SUPERANTISPYWARE.

Also kill off Sidebar. Microsoft gave up on it long ago as a security risk. https://www.howtogee...s-on-windows-7/

There may be a firmware update for your hard drive. Go to:

http://www.seagate.c...es/desktop-hdd/

and put in your serial number. http://www.seagate.c...d-model-number/tells how to find your serial number.

BC

Attribute name Command Timeout

Real value 121

Current 100

Worst 99

Threshold 0

Raw Value 0000000079

Status Good

This eventually seems to be a problem with all Seagate drives. The claim is that it's caused by bad wiring or dirty connectors so you might try unplugging and replugging the SATA connectors but I sort of doubt it. I think it's a weakness in the drives. Perhaps the firmware update (if there is one) will help. Check it in speccy once in a while and see if it is getting worse.

You left your Windows serial number in the speccy log so I am going to delete it.

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt

notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

Regardless of the SFC result:

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

* System

4. Under 'Select type to list', select:

* Error

* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

#5
RKinner

Posted 25 June 2017 - 10:56 AM

Malware Expert

Expert
24,625 posts

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 25/06/2017 10:54:02 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 18/06/2017 10:46:54 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 25/06/2017 1:38:52 PM

Type: Error Category: 0

Event: 7026 Source: Service Control Manager

The following boot-start or system-start driver(s) failed to load: Atc

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not start due to a logon failure.

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7038 Source: Service Control Manager

The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Search service failed to start due to the following error: The service did not start due to a logon failure.

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7038 Source: Service Control Manager

The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Log: 'System' Date/Time: 25/06/2017 1:37:45 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Device Access Manager Usage Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The HP Device Locking / Auditing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The ProductAgentService service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 25/06/2017 1:47:35 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 24/06/2017 8:38:25 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 24/06/2017 10:20:09 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/06/2017 5:22:00 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 23/06/2017 3:10:06 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/06/2017 3:10:06 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 23/06/2017 12:43:04 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/06/2017 5:30:25 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/06/2017 2:50:45 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 22/06/2017 2:50:45 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 21/06/2017 3:19:06 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 21/06/2017 3:19:06 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 21/06/2017 3:17:17 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 21/06/2017 12:27:50 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/06/2017 11:00:15 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/06/2017 2:18:52 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/06/2017 10:47:11 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 20/06/2017 10:47:11 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 20/06/2017 9:55:20 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

#6
RKinner

Posted 25 June 2017 - 11:16 AM

Malware Expert

Expert
24,625 posts

Please reply to this thread. Do not PM me unless a scan shows info you need to keep secret.

Did you find a firmware update for your hard drive?

atc is a BitDefender driver and it's not working so I would reinstall BitDefender.

It's possible that the hard drive command timeouts are causing the services to fail. Can you post a new Speccy log? Please Attach it and remember to remove the serial number before posting.

Windows Media Player Network Sharing Service never seems to work so I would search for

services.msc

and hit Enter then find Windows Media Player Network Sharing Service and right click and select Properties then change the Startup Type: to Manual or Disabled and then OK.

See if you can turn off intel event logging per the instructions:

https://www.intel.co.../000007013.html

Then clear the alarms ( Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.)

Reboot.

Run VEW again as before..

#7
bonezz777

Posted 25 June 2017 - 05:57 PM

Member

Topic Starter
Member
99 posts

Hi, I didn't know I "PM" you, I informed you I don't know what I'm doing Sorry...No update available for firmware update; Also when I tried to kill off Sidebar it pulled it up but was white/just blank??; I will run VEW again & will get back, Thank You. also, I backspaced & removed the numbers, they was gone I don't know why they showed up;Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 25/06/2017 8:14:34 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 25/06/2017 8:18:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 25/06/2017 10:54:02 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 18/06/2017 10:46:54 PM

Type: Critical Category: 63

Event: 41 Source: Microsoft-Windows-Kernel-Power

The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 25/06/2017 1:38:52 PM

Type: Error Category: 0

Event: 7026 Source: Service Control Manager

The following boot-start or system-start driver(s) failed to load: Atc

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not start due to a logon failure.

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7038 Source: Service Control Manager

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Windows Search service failed to start due to the following error: The service did not start due to a logon failure.

Log: 'System' Date/Time: 25/06/2017 1:38:06 PM

Type: Error Category: 0

Event: 7038 Source: Service Control Manager

Log: 'System' Date/Time: 25/06/2017 1:37:45 PM

Type: Error Category: 0

Event: 10003 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The HP Device Access Manager Usage Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:36 PM

Type: Error Category: 0

Event: 7031 Source: Service Control Manager

The HP Device Locking / Auditing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The ProductAgentService service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 25/06/2017 1:37:35 PM

Type: Error Category: 0

Event: 7034 Source: Service Control Manager

The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 25/06/2017 1:38:07 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 25/06/2017 1:47:35 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 24/06/2017 8:38:25 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 24/06/2017 10:20:09 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/06/2017 5:22:00 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 23/06/2017 3:10:06 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/06/2017 3:10:06 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 23/06/2017 12:43:04 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/06/2017 5:30:25 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/06/2017 2:50:45 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 22/06/2017 2:50:45 AM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 21/06/2017 3:19:06 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 21/06/2017 3:19:06 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 21/06/2017 3:17:17 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 21/06/2017 12:27:50 PM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/06/2017 11:00:15 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 21/06/2017 2:18:52 AM

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/06/2017 10:47:11 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 20/06/2017 10:47:11 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 20/06/2017 9:55:20 PM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer