Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My laptop isn't working! [Solved]


  • This topic is locked This topic is locked

#1
BuddyMG

BuddyMG

    Member

  • Member
  • PipPip
  • 80 posts

My laptop stopped working - well, it works, it turns on, but can't connect to internet and I took it to a guy and he was stumped. I thought I'd try here. I put FRST on the computer and ran it and brought the files to another computer where I'm loading this from! Any help is great appreciated

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by MainUser (administrator) on DESKTOP-LF5E1VE (28-05-2018 14:05:04)
Running from C:\Users\MainUser\Downloads
Loaded Profiles: MainUser (Available Profiles: MainUser)
Platform: Windows 10 Home Version 1607 14393.479 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Flexera Software LLC.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\TieringEngineService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\DrFone for iOS\DriverInstall.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2183752 2017-02-06] ()
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [67168 2017-04-07] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-914218364-682129428-2633252591-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.129.4
Tcpip\..\Interfaces\{c7d6b9ef-a94c-4f0b-b460-de260483b8fb}: [DhcpNameServer] 192.168.129.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-914218364-682129428-2633252591-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-914218364-682129428-2633252591-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-914218364-682129428-2633252591-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {856C24FA-A90A-4C90-937C-0F481FA2BA41} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-914218364-682129428-2633252591-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B5E81088-0F7A-4552-86DD-4D68A8434CF6}&mid=3f29db49d6a647ccb85f2d769db8103d-633a5ae48832f6e5f4a6578258a9dd8e89c0e18b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516av&pr=fr&d=2016-04-25 11:37:33&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-914218364-682129428-2633252591-1002 -> {856C24FA-A90A-4C90-937C-0F481FA2BA41} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-914218364-682129428-2633252591-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B5E81088-0F7A-4552-86DD-4D68A8434CF6}&mid=3f29db49d6a647ccb85f2d769db8103d-633a5ae48832f6e5f4a6578258a9dd8e89c0e18b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516av&pr=fr&d=2016-04-25 11:37:33&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-06] (AVG)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-06] (AVG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: raxbm8jo.default
FF ProfilePath: C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\raxbm8jo.default [2018-05-28]
FF Homepage: Mozilla\Firefox\Profiles\raxbm8jo.default -> hxxps://www.yahoo.com/
FF Extension: (Avira Browser Safety) - C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\raxbm8jo.default\Extensions\[email protected] [2017-05-31]
FF Extension: (Honey) - C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\raxbm8jo.default\Extensions\[email protected] [2017-03-30]
FF Extension: (Avira SafeSearch Plus) - C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\raxbm8jo.default\Extensions\[email protected] [2017-05-31] [Legacy]
FF SearchPlugin: C:\Users\MainUser\AppData\Roaming\Mozilla\Firefox\Profiles\raxbm8jo.default\searchplugins\avg-secure-search.xml [2017-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-01] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-21] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] ()
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default [2018-05-28]
CHR Extension: (Google Slides) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-02]
CHR Extension: (Google Docs) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-02]
CHR Extension: (Google Drive) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-02]
CHR Extension: (YouTube) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-02]
CHR Extension: (AVG Secure Search) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-05-07]
CHR Extension: (Google Search) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-02]
CHR Extension: (Google Sheets) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-02]
CHR Extension: (Google Docs Offline) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25]
CHR Extension: (Gmail) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\MainUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-01]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-914218364-682129428-2633252591-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-07] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-07] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-06] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\wtoolex\wpsupdatesvr.exe [133480 2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-14] (Realtek Semiconductor)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-06] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [File not signed]
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\DrFone for iOS\DriverInstall.exe [97792 2016-10-15] (Wondershare) [File not signed]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-02-06] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [18968 2015-08-18] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-08-18] (Advanced Micro Devices)
R4 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-04-10] (Avira Operations GmbH & Co. KG)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-02] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [67680 2016-09-02] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-24] (HP Inc.)
R4 avusbflt; System32\Drivers\avusbflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-28 14:02 - 2018-05-28 14:04 - 000043548 _____ C:\Users\MainUser\Downloads\Addition.txt
2018-05-28 14:01 - 2018-05-28 14:05 - 000018616 _____ C:\Users\MainUser\Downloads\FRST.txt
2018-05-28 14:00 - 2018-05-28 14:05 - 000000000 ____D C:\FRST
2018-05-28 13:58 - 2018-05-28 14:52 - 002413056 _____ (Farbar) C:\Users\MainUser\Downloads\FRST64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-28 13:31 - 2016-11-21 00:10 - 000000000 ____D C:\Users\MainUser\AppData\LocalLow\Mozilla
2018-05-28 13:30 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-28 13:29 - 2016-07-16 06:45 - 000000000 ____D C:\WINDOWS\INF
2018-05-28 13:25 - 2016-10-02 11:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-28 12:05 - 2017-05-31 11:15 - 000000000 ____D C:\Users\Public\Speedup Sessions
2018-05-28 12:05 - 2016-10-02 11:39 - 001933632 _____ C:\WINDOWS\system32\PerfStringBackup.INI

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-13 16:39

==================== End of FRST.txt ============================

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by MainUser (28-05-2018 14:06:18)
Running from C:\Users\MainUser\Downloads
Windows 10 Home Version 1607 14393.479 (X64) (2016-10-02 17:16:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-914218364-682129428-2633252591-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-914218364-682129428-2633252591-503 - Limited - Disabled)
Guest (S-1-5-21-914218364-682129428-2633252591-501 - Limited - Disabled)
MainUser (S-1-5-21-914218364-682129428-2633252591-1002 - Administrator - Enabled) => C:\Users\MainUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-97469788-c69c-4246-82e5-6851658c3e44) (Version: 3.0.2.118 - WildTangent) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-140c1ae6-f3e3-4210-8d79-93a68b3da00f) (Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-290893ae-d2bc-4156-a332-0fbba6d4185d) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Coyote The Outlander (HKLM-x32\...\WTA-aa31b519-0783-4e7f-9d09-7884e09a6d79) (Version: 3.0.2.59 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-0bacca11-4158-481b-b649-e8e406a2e858) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-a82f6c8b-5278-40d4-93d2-a19cfb1ad216) (Version: 3.0.2.59 - WildTangent) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-8b74d454-d91f-403a-89f1-3d7e3975a582) (Version: 3.0.2.59 - WildTangent) Hidden
Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.1.0.210 - Cast & Crew Production Software, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-04029695-bca4-4815-9497-640c0d7b4ebc) (Version: 3.0.2.59 - WildTangent) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-40647b65-571e-49d9-920e-86bd70d51463) (Version: 3.0.2.59 - WildTangent) Hidden
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-fb1b8326-f808-4a6b-8de5-2f6688ff59b7) (Version: 3.0.2.59 - WildTangent) Hidden
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Jewel Match Snowscapes (HKLM-x32\...\WTA-a8b03990-5971-4992-b096-a3eab02a7045) (Version: 3.0.2.118 - WildTangent) Hidden
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-284c222d-599f-4568-9d24-22509a3d7ad5) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-c5d9b44d-9222-438a-9b3d-d5d93ed6305a) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-b184fa20-1859-4f19-a7e6-c7a3da1a356d) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-1c2d15c7-05a7-4cb7-8126-ae2b94c730c4) (Version: 3.0.2.59 - WildTangent) Hidden
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-388dcbd2-9c41-48a6-8929-6301a589a863) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-914218364-682129428-2633252591-1002\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-8d7bf837-2af4-4f44-a69e-8215690f8cb3) (Version: 3.0.2.59 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Plagiarii (HKLM-x32\...\WTA-61ceb8d8-31cf-442e-97ef-ee85bf8781c6) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-63de153e-0539-463e-b2c7-96c149356991) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.60 - REALTEK Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-3729ffe4-e6ec-4363-9aee-64ba21a3faa6) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-2084626e-f040-46b6-979d-84b4b4f0335a) (Version: 3.0.2.59 - WildTangent) Hidden
Sky High Farm (HKLM-x32\...\WTA-f879519a-78f4-4c24-8517-3882d21e33b4) (Version: 3.0.2.59 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPS Office (9.1.0.5236) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5236 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-914218364-682129428-2633252591-1002_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-07] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-914218364-682129428-2633252591-1002: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\office6\qingshellext64.dll [2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-914218364-682129428-2633252591-1002: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\office6\qingshellext64.dll [2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5_S-1-5-21-914218364-682129428-2633252591-1002: [qingshellext] -> {67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F} => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\office6\qingshellext64.dll [2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {091AD7B6-29A1-4A16-AE5A-A3D92AB20899} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {0B75C8E9-F343-4CBD-BEA4-6A9A8BD4E331} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-07-01] (CyberLink Corp.)
Task: {1A3CDA08-F8ED-47C6-8993-91A5EF214E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {1DD0F2E0-FE0C-4198-8F2B-1B4DCB6A2346} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-06] (HP Inc.)
Task: {20E543B1-77F6-40C4-B265-AF280AA8AB40} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {3101C3A6-BD5C-43B4-81F6-BED40D1A2224} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {3447B40A-01B9-4A20-863D-358CD96D93E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.)
Task: {38CE9874-CD0E-4425-9FB7-2FFEA314E5E7} - System32\Tasks\WpsNotifyTask_MainUser => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\wtoolex\wpsnotify.exe [2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {526FEC7A-4BF9-477C-A6E1-DDFEAA75ED18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {55E7D036-48A9-443A-8CDB-0D7BA7C66236} - System32\Tasks\0316avUpdateInfo => C:\ProgramData\Avg_Update_0316av\0316av_AVG-Secure-Search-Update.exe [2016-03-06] ()
Task: {6701F8E3-B834-495D-A4CC-487ADC1B8693} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {67C90DC0-E529-46F2-99B5-AA07A34A8681} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-05-31] (Avira Operations GmbH & Co. KG )
Task: {69C37F15-D51E-4352-B2B8-48C34AFB9D78} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {6C05D067-9A8A-4F00-8487-312DB8BA9421} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {6F46ACA8-89C5-4C5F-9BA6-424021861104} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {74F742B7-8AE5-419A-B893-8148EB04844B} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {77372D4C-03CF-48E6-9490-FE0173E178E1} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\MainUser\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8684E44B-8640-4070-8F92-5860EE1ED968} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {8BE8BA12-84C7-4208-9C26-7B0361CDD98A} - System32\Tasks\0116pizUpdateInfo => C:\ProgramData\Avg_Update_0116piz\0116piz_AVG-Secure-Search-Update.exe [2016-01-10] ()
Task: {92BB8827-E1DF-478C-8ACF-A73B3E11C29E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {92F4EE75-52DF-4FEA-86BF-870668122AE4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {9D4E64A2-F80F-456A-8CF6-62C7D2F062F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-06] (HP Inc.)
Task: {AF941DA7-6FD4-4285-AD89-777FCBD03EB7} - System32\Tasks\WpsUpdateTask_MainUser => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\wtoolex\wpsupdate.exe [2016-02-06] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B78E3732-BCB0-4425-B881-537DE7598F5A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {D07B55B3-3D29-4632-ADC3-569B373C12D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {DD45B05B-C555-4E53-8A3A-616E95493191} - System32\Tasks\HPCeeScheduleForMainUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {F077E61F-1D11-4904-87E9-1AB63CD5B229} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {F58C9F47-D71E-4498-9C4B-7D7C6DE1EDC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {FB2A0650-EAB7-4921-A60E-3B4343B6D7FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForMainUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_MainUser.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_MainUser.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5236\wtoolex\wpsupdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) ==============

2016-04-25 11:37 - 2017-02-06 09:07 - 000981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 02:44 - 2017-05-09 02:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-07 00:39 - 2015-08-07 00:39 - 000127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-02-27 16:58 - 2014-04-14 21:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-16 06:42 - 2016-07-16 06:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 14:21 - 2016-12-09 05:29 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-18 15:16 - 2016-11-02 05:21 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-18 15:16 - 2016-11-02 05:15 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-18 15:16 - 2016-11-02 05:14 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-18 15:16 - 2016-11-02 05:15 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-18 15:16 - 2016-11-02 05:16 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-18 15:16 - 2016-11-02 05:17 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-25 11:37 - 2017-02-06 09:07 - 002183752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-10-02 15:15 - 2016-10-02 15:15 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-17 14:23 - 2016-12-09 04:41 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 06:04 - 2015-07-10 06:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-914218364-682129428-2633252591-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{21C55430-C60E-44D3-8EF4-B160EF37F53F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BE3C7642-1863-40A0-8A37-1A39D0D956F1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{3339486B-3426-4ABB-A939-A0DB4C59C625}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{432F3F17-FC8F-4291-9812-625D2E2FECDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{7BE19816-8F9E-41C5-AEBF-430C93154C0E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{862D1067-FF6E-4E2B-A0D4-2A6B48306714}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{7F940701-E4DD-47F9-8A34-E49810F79969}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{719B0FB8-EE17-4E0D-91A2-4BD5C846F014}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{4C99437E-3035-415C-B798-FEB6D45D3BF1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D46F3148-29C0-43A1-B682-78305E520415}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{19AC38CE-0C60-4705-A98B-516C8008D9B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{155E3B65-C577-4A3E-AA8B-C7C5B95EE42E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C607018-37F5-4EE1-BDAA-A2ECF64A165F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6D80E143-3BBB-4347-8D28-45AE77E65EA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A8887EF-A458-4C60-AC98-115F528612BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1438D929-2C33-4DE6-AADA-964F588551E0}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{78FA1F86-9266-4826-A7E2-E8906DFD3744}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

17-06-2017 12:41:23 Scheduled Checkpoint
13-08-2017 16:46:38 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is not configured correctly. (Code1)
Resolution: You may be prompted to provide the path of the driver. Windows may have the driver built-in, or may still have the driver files installed from the last time that you set up the device. If you are asked for the driver and you do not have it, you can try to download the latest driver from the hardware vendor�s Web site.
In the device properties dialog box, click the "Driver" tab, and then click "Update Driver" to start the "Hardware Update Wizard". Follow the instructions to update the driver. If updating the driver does not work, see your hardware documentation for more information.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2018 02:05:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/28/2018 02:01:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/28/2018 01:58:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-LF5E1VE)
Description: App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time.

Error: (05/28/2018 01:58:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.14393.82 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1f8c

Start Time: 01d3f6b5c6d4c920

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 0f991abc-62a9-11e8-9c5c-fc3fdb5cf9ce

Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (05/28/2018 01:46:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdge.exe version 11.0.14393.576 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2178

Start Time: 01d3f6b2a09adcea

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

Report Id: 666249ef-62a7-11e8-9c5c-fc3fdb5cf9ce

Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Faulting package-relative application ID: MicrosoftEdge

Error: (05/28/2018 01:43:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-LF5E1VE)
Description: App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time.

Error: (05/28/2018 01:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.14393.82 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 25c0

Start Time: 01d3f6b3baa79143

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 0c92c0a6-62a7-11e8-9c5c-fc3fdb5cf9ce

Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (05/28/2018 01:35:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.14393.82 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2b8

Start Time: 01d3f6b27beda514

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: d5a5e7ff-62a5-11e8-9c5c-fc3fdb5cf9ce

Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel


System errors:
=============
Error: (05/28/2018 01:43:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Remote Access Connection Manager service terminated with the following service-specific error:
{Virtual Memory Minimum Too Low}
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file.
During this process, memory requests for some applications may be denied. For more information, see Help.

Error: (05/28/2018 01:43:22 PM) (Source: RasMan) (EventID: 20030) (User: )
Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. There was an unknown error.

Error: (05/28/2018 01:38:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/28/2018 01:33:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/28/2018 01:27:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Remote Access Connection Manager service terminated with the following service-specific error:
{Virtual Memory Minimum Too Low}
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file.
During this process, memory requests for some applications may be denied. For more information, see Help.

Error: (05/28/2018 01:27:44 PM) (Source: RasMan) (EventID: 20030) (User: )
Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. There was an unknown error.

Error: (05/28/2018 01:26:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Remote Access Connection Manager service terminated with the following service-specific error:
{Virtual Memory Minimum Too Low}
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file.
During this process, memory requests for some applications may be denied. For more information, see Help.

Error: (05/28/2018 01:26:42 PM) (Source: RasMan) (EventID: 20030) (User: )
Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. There was an unknown error.


Windows Defender:
===================================
Date: 2017-01-31 11:28:33.888
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {50F8035A-6B28-44CE-B30F-7C000FBFBB57}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-01-29 14:37:54.096
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {14811465-36E2-49D7-BF5A-BBB5F0A7B516}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-01-29 11:21:06.487
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4B699F48-D9FB-432E-A06B-723724B1573B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-01-29 10:00:34.687
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6FC70B3E-A698-4D1C-9CBF-33949D09ACD3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-01-29 08:32:24.485
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D4E79ADD-5966-40DC-BD86-DB5B1EDB2264}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-05-28 13:44:08.041
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 116.72.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.12706.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-28 13:44:08.025
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.235.1805.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13407.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-28 13:44:08.024
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.235.1805.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13407.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-28 13:44:07.959
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.235.1805.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13407.0
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-05-28 13:27:25.032
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 116.72.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.12706.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2017-08-13 17:52:00.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.724
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.723
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.719
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.512
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.500
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 11:08:28.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A6-5200 APU with Radeon™ HD Graphics
Percentage of memory in use: 49%
Total physical RAM: 3537.01 MB
Available physical RAM: 1773.15 MB
Total Virtual: 4433.01 MB
Available Virtual: 2410.07 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:444.93 GB) (Free:143.01 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:2.26 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:1.86 GB) (Free:1.18 GB) FAT

\\?\Volume{d6c29179-6fd1-4c5a-9f27-52333b3fcee8}\ () (Fixed) (Total:0.81 GB) (Free:0.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 07FA63C3)

Partition: GPT.

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts
Hello BuddyMG, and welcome to logo.png
 
My name is Joeicam :), you can call me Joe, and I will be assisting you every step of the way.
 
Please Note: I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you have two people looking at your problem. 
 
If you have any questions or comments, or aren't quite sure about what to do, STOP AND ASK.
 
Before we begin, please familiarize yourself with the following:
  • Back up your files and folders, as sometimes malware infections can be severe. It's a good habit to plan for the worst.
  • Please follow my instructions exactly, and do not repeat any steps more than once, unless instructed.
  • Copy/Paste entire contents of your logs, and submit inside your post, instead of submitting as an attachment, unless told otherwise.
  • If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
 
Finally
  • As malware removal can be a complicated, multistep process, you should stick with me until I declare your system to be clean of all threats. It may seem like your system is running properly, but that does not mean that the infection is completely gone.
  • You must reply to this post within four days, if you do not, then the topic will be closed.
  • However, if you need more time to run the tools and fixes, or would like your topic to be reopened, please PM me or any Moderator to reactivate your topic.
 
If I have not responded to your post within 24 hours, then send me a private message (PM).
Otherwise, all communication is done in the forums.
 
Let's get to work! :)
 
____________________________________________________________________________________________________
 
The fixes presented are specific to your problem and should only be used for the issue on this machine!
____________________________________________________________________________________________________
 
I am currently in the process of reviewing your logs, and will reply with further instructions soon :)
 

  • 0

#3
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Hi Joe - I'm Mike, thank you - look forward to your help! Thank you in advance


  • 0

#4
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts

Hey Mike! Pleasure to be working with you :). Happy to be of assistance. 

 
Please continue with the following steps. Step 3 will require you to download software, so download that to your good machine and transfer that to your desktop on the machine that isn't working. 
 
***Registry Cleaner Warning***
 
You have following Registry Cleaners installed: CCleaner
 
This kind of program can be good for your PC, but take caution with the registry cleaner portion of the application. A registry cleaner will not increase your system's speed or performance, but it can damage your Registry, which can lead to an unbootable machine.
 
Please read this article for more information. 
 
Step 1 of 3: Uninstalling Programs
 
Please uninstall the following programs. Do so by right-clicking the Start button > selecting Control Panel > select Uninstall a Program > finding and uninstalling the programs below
 These programs include: 
  • AVG Web TuneUp
 
Note: During the uninstall process, some of these programs will attempt to scare you into keeping the program installed. However, know that these are indeed malware related. If you do not understand a certain message, please contact me about it. 
 
Step 2 of 3: Removing Google Chrome Extensions
 
1. Type chrome://extensions in the address bar and press enter
2. Click "Remove" by the following extension(s): AVG Secure Search
3. A confirmation dialog appears, click Remove.
 
Step 3 of 3: Scan with Farbar Service Scanner
 
Please download Farbar Service Scanner and run it on your machine
  • Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
 
 
===============================================
 
When you reply to me, I need to see:
  • Any questions/concerns you might have, or if you were not able to complete any of the steps above
  • The copied and pasted contents of the FSS.txt log

 


  • 0

#5
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Hi Joe - thank you - here is the FSS

 

Farbar Service Scanner Version: 27-01-2016
Ran by MainUser (administrator) on 29-05-2018 at 18:54:54
Running from "C:\Users\MainUser\Downloads"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


  • 0

#6
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I'm no computer expert but it doesn't seem like I gave you much to work with


  • 0

#7
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts

Hey Mike,

 

I'm no computer expert but it doesn't seem like I gave you much to work with

It's not much, but definitely a start  :)

 

Let's continue with this next tool...

 


Step 1 of 1: MiniToolBox
 
Please download MiniToolBox, save it to your desktop and run it. 
  • Put a checkmark in the Select All checkbox. 
  • Ensure that "All" is selected next to List Devices. 
Click Go and copy/paste the results MTB.txt into your next reply. A copy of MTB.txt will be saved in the same directory the tool is run. 
 
Note: When using "Reset FF Proxy Settings" option Firefox should be closed. 
 
===============================================
 
When you reply to me, I need to see:
  • Any questions/concerns you might have, or if you were not able to complete any of the steps above
  • The copied and pasted results of the MTB.txt file

 


  • 0

#8
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Hey Joe - No questions. Just that when you tell me to download something (in this case MiniToolBox) I download it on my desktop and put it on a stick and then run it on the laptop. I can't get the internet on the laptop (among whatever other problems it has!)

 

Here is the MTB file

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by MainUser (administrator) on 31-05-2018 at 09:13:53
Running from "C:\Users\MainUser\Documents\Downloads"
Microsoft Windows 10 Home  (X64)
Model: HP Notebook Manufacturer: HP
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-LF5E1VE
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : FC-3F-DB-5C-F9-CE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : CA-FF-28-7C-EF-1E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : C8-FF-28-7C-EF-1E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fd09:ccd4:8327:0:3def:8a74:2ea3:c403(Preferred)
   Temporary IPv6 Address. . . . . . : fd09:ccd4:8327:0:9937:5ca5:1244:1f3a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3def:8a74:2ea3:c403%9(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.196.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  fec0:0:0:ffff::1

Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  2...fc 3f db 5c f9 ce ......Realtek PCIe FE Family Controller
  7...ca ff 28 7c ef 1e ......Microsoft Wi-Fi Direct Virtual Adapter
  9...c8 ff 28 7c ef 1e ......Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      169.254.0.0      255.255.0.0         On-link     169.254.196.3    311
    169.254.196.3  255.255.255.255         On-link     169.254.196.3    311
  169.254.255.255  255.255.255.255         On-link     169.254.196.3    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     169.254.196.3    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     169.254.196.3    311
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  9    311 fd09:ccd4:8327::/64      On-link
  9    311 fd09:ccd4:8327:0:3def:8a74:2ea3:c403/128
                                    On-link
  9    311 fd09:ccd4:8327:0:9937:5ca5:1244:1f3a/128
                                    On-link
  9    311 fe80::/64                On-link
  9    311 fe80::3def:8a74:2ea3:c403/128
                                    On-link
  1    331 ff00::/8                 On-link
  9    311 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/31/2018 09:13:49 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (05/31/2018 09:13:46 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 06:26:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 06:26:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 09:12:20 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (05/30/2018 09:12:18 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 08:09:06 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 08:09:06 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/30/2018 08:09:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.

Error: (05/29/2018 08:51:50 PM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.


System errors:
=============
Error: (05/31/2018 09:14:07 AM) (Source: Service Control Manager) (User: )
Description: The Windows Camera Frame Server service terminated with the following error:
%%2147942405 = Access is denied.


Error: (05/31/2018 09:11:14 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/31/2018 09:11:14 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/30/2018 04:13:57 AM) (Source: Service Control Manager) (User: )
Description: The Windows Camera Frame Server service terminated with the following error:
%%2147942405 = Access is denied.


Error: (05/29/2018 06:46:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Camera Frame Server service terminated with the following error:
%%2147942405 = Access is denied.


Error: (05/29/2018 06:43:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/29/2018 06:43:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/28/2018 01:43:22 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service terminated with the following service-specific error:
%%635 = {Virtual Memory Minimum Too Low}
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file.
During this process, memory requests for some applications may be denied. For more information, see Help.


Error: (05/28/2018 01:43:22 PM) (Source: RasMan) (User: )
Description: Remote Access Connection Manager failed to start because it could not load one or more communication DLLs. Ensure that your communication hardware is installed and then restart the Remote Access Connection Manager service. If the problem persists, contact the system administrator. There was an unknown error.

Error: (05/28/2018 01:38:43 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2017-08-13 17:52:00.032
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.719
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.500
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 11:08:28.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 10:36:00.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-31 10:36:00.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-97469788-c69c-4246-82e5-6851658c3e44) (Version: 3.0.2.118 - WildTangent) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-140c1ae6-f3e3-4210-8d79-93a68b3da00f) (Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-290893ae-d2bc-4156-a332-0fbba6d4185d) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Coyote The Outlander (HKLM-x32\...\WTA-aa31b519-0783-4e7f-9d09-7884e09a6d79) (Version: 3.0.2.59 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-0bacca11-4158-481b-b649-e8e406a2e858) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entwined: The Perfect Murder (HKLM-x32\...\WTA-a82f6c8b-5278-40d4-93d2-a19cfb1ad216) (Version: 3.0.2.59 - WildTangent) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Family Vacation 2: Road Trip (HKLM-x32\...\WTA-8b74d454-d91f-403a-89f1-3d7e3975a582) (Version: 3.0.2.59 - WildTangent) Hidden
Final Draft (HKLM-x32\...\{E8FDC52C-83F4-4A0F-AA65-D0E8C0F3302F}) (Version: 9.1.0.210 - Cast & Crew Production Software, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-04029695-bca4-4815-9497-640c0d7b4ebc) (Version: 3.0.2.59 - WildTangent) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
IGT Slots: Paradise Garden (HKLM-x32\...\WTA-40647b65-571e-49d9-920e-86bd70d51463) (Version: 3.0.2.59 - WildTangent) Hidden
Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-fb1b8326-f808-4a6b-8de5-2f6688ff59b7) (Version: 3.0.2.59 - WildTangent) Hidden
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Jewel Match Snowscapes (HKLM-x32\...\WTA-a8b03990-5971-4992-b096-a3eab02a7045) (Version: 3.0.2.118 - WildTangent) Hidden
Living Legends: Frozen Beauty Collector's Edition (HKLM-x32\...\WTA-284c222d-599f-4568-9d24-22509a3d7ad5) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Lands: Dark Overlord Collector's Edition (HKLM-x32\...\WTA-c5d9b44d-9222-438a-9b3d-d5d93ed6305a) (Version: 3.0.2.59 - WildTangent) Hidden
Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-b184fa20-1859-4f19-a7e6-c7a3da1a356d) (Version: 3.0.2.59 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-1c2d15c7-05a7-4cb7-8126-ae2b94c730c4) (Version: 3.0.2.59 - WildTangent) Hidden
Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-388dcbd2-9c41-48a6-8929-6301a589a863) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mystery Expedition: Prisoners of Ice (HKLM-x32\...\WTA-8d7bf837-2af4-4f44-a69e-8215690f8cb3) (Version: 3.0.2.59 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Plagiarii (HKLM-x32\...\WTA-61ceb8d8-31cf-442e-97ef-ee85bf8781c6) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-63de153e-0539-463e-b2c7-96c149356991) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.60 - REALTEK Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-3729ffe4-e6ec-4363-9aee-64ba21a3faa6) (Version: 3.0.2.126 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-2084626e-f040-46b6-979d-84b4b4f0335a) (Version: 3.0.2.59 - WildTangent) Hidden
Sky High Farm (HKLM-x32\...\WTA-f879519a-78f4-4c24-8517-3882d21e33b4) (Version: 3.0.2.59 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPS Office (9.1.0.5236) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5236 - Kingsoft Corp.)

========================= Devices: ================================

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0B00\4&4F4305A&0

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{284D93AB-9F92-11E5-9BC9-806E6F6E6963}#0000000018500000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1531&SUBSYS_00000000&REV_00\3&2411E6FE&0&C1

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_1022&DEV_7808&SUBSYS_8137103C&REV_39\3&2411E6FE&0&92

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci
Device ID: PCI\VEN_1022&DEV_7808&SUBSYS_8137103C&REV_39\3&2411E6FE&0&9A

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1

Name: HP ePrint
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: HP
Service:
Device ID: SWD\PRINTENUM\{2A27F38B-BBE0-4A79-B1B5-990D02F2CB86}

Name: Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter
Description: Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Device ID: PCI\VEN_10EC&DEV_8179&SUBSYS_804B103C&REV_01\4&367E2265&0&0014

Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\PRINTQUEUES

Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&C95D7BC&3&13

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: SWD\WPDBUSENUM\_??_USBSTOR#DISK&VEN_TW8090&PROD_TWSC&REV_1.00#6&1BB07D8C&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}
Problem: : This device is not configured correctly. (Code1)
Resolution: You may be prompted to provide the path of the driver. Windows may have the driver built-in, or may still have the driver files installed from the last time that you set up the device. If you are asked for the driver and you do not have it, you can try to download the latest driver from the hardware vendor’s Web site.
In the device properties dialog box, click the "Driver" tab, and then click "Update Driver" to start the "Hardware Update Wizard". Follow the instructions to update the driver. If updating the driver does not work, see your hardware documentation for more information.

Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{9AD425B0-1436-432F-A515-234F2818B665}

Name: Firmware Resource
Description: Firmware Resource
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Microsoft
Service:
Device ID: UEFI\RES_{90C61ACA-5889-4FBF-A55B-467F02FEE781}\0

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{284D93AB-9F92-11E5-9BC9-806E6F6E6963}#0000006F87700000

Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C01\4&4F4305A&0

Name: HP Wireless Button Driver
Description: HP Wireless Button Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: HP
Service: WirelessButtonDriver64
Device ID: ACPI\HPQ6001\2&DABA3FF&2

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\TSZ0

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\TSZ2

Name: Microsoft RRAS Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MSRRAS\{5E259276-BC7E-40E3-B93B-8F89B5F3ABC0}

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0

Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\HPQ6001\3&9489F59&0&0000

Name: TW8090 Twsc USB Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: USBSTOR\DISK&VEN_TW8090&PROD_TWSC&REV_1.00\6&1BB07D8C&0

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\HPQ8001\4&4F4305A&0

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\4&4F4305A&0

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000

Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000

Name: Microsoft iSCSI Initiator
Description: Microsoft iSCSI Initiator
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: iScsiPrt
Device ID: ROOT\ISCSIPRT\0000

Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1533&SUBSYS_00000000&REV_00\3&2411E6FE&0&C3

Name: Synaptics SMBus TouchPad
Description: Synaptics SMBus TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN1EFC\4&4F4305A&0

Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\4&E804D03&0&0001

Name: AmdAS4 Device
Description: AmdAS4 Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Mirco Devices, Inc
Service: AmdAS4
Device ID: ACPI\ASD0001\2&DABA3FF&2

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&338630C3&0

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0282&SUBSYS_103C8137&REV_1000\4&9AF1D7&0&0001

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{284D93AB-9F92-11E5-9BC9-806E6F6E6963}#0000000010500000

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0000\4&4F4305A&0

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0D\2&DABA3FF&2

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{284D93AB-9F92-11E5-9BC9-806E6F6E6963}#0000000000100000

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt640x64
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_8137103C&REV_07\4&D9D0903&0&0015

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1530&SUBSYS_00000000&REV_00\3&2411E6FE&0&C0

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Device ID: PCI\VEN_1022&DEV_7807&SUBSYS_8137103C&REV_39\3&2411E6FE&0&90

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci
Device ID: PCI\VEN_1022&DEV_7807&SUBSYS_8137103C&REV_39\3&2411E6FE&0&98

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0103\3&2411E6FE&0

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1538&SUBSYS_00000000&REV_00\3&2411E6FE&0&10

Name: Microsoft Radio Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\RADIO\{3DB5895D-CC28-44B3-AD3D-6F01A782B8D2}

Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\CMN15CA\4&E766BCC&0&UID256

Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\1

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_1022&DEV_780D&SUBSYS_8137103C&REV_02\3&2411E6FE&0&A2

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_05C8&PID_022A\200901010001

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_TW8090&PROD_TWSC&REV_1.00#6&1BB07D8C&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B}

Name: Microsoft Print to PDF
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{D2B41799-9E68-4835-967F-302626D5E16E}

Name: AMD USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_1022&DEV_7814&SUBSYS_8137103C&REV_01\3&2411E6FE&0&80

Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&11

Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&14

Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_1022&DEV_1439&SUBSYS_12341022&REV_00\3&2411E6FE&0&15

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C09\4&4F4305A&0

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C04\4&4F4305A&0

Name: hp       DVDRW  GUB0N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_HP&PROD_DVDRW__GUB0N\4&6BB9DB8&0&010000

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0C\2&DABA3FF&2

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: HTREE\ROOT\0

Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000

Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service:
Device ID: SWD\PRINTENUM\{9FD1207D-C5CA-4A99-997A-97833467EBFE}

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1535&SUBSYS_00000000&REV_00\3&2411E6FE&0&C5

Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{BF5A69B9-AA31-4090-849E-BA7CB315B865}

Name: AMD Radeon HD 8400 / R3 Series
Description: AMD Radeon HD 8400 / R3 Series
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Device ID: PCI\VEN_1002&DEV_9830&SUBSYS_8137103C&REV_00\3&2411E6FE&0&08

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: SWD\MSRRAS\MS_SSTPMINIPORT

Name: Microsoft UEFI-Compliant System
Description: Microsoft UEFI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: UEFI
Device ID: ACPI_HAL\UEFI\0

Name: Final Draft PDF Converter 4
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer:
Service:
Device ID: SWD\PRINTENUM\{E8053DE9-2273-4CA3-A9F6-01AA41D866D1}

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&1AA4D718&0

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&2

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_0

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_1

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_2

Name: AMD A6-5200 APU with Radeon™ HD Graphics    
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM
Device ID: ACPI\AUTHENTICAMD_-_AMD64_FAMILY_22_MODEL_0_-_AMD_A6-5200_APU_WITH_RADEON™_HD_GRAPHICS____\_3

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\90

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0100\4&4F4305A&0

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1532&SUBSYS_00000000&REV_00\3&2411E6FE&0&C2

Name: HP Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_05C8&PID_022A&MI_00\6&F5078B0&0&0000

Name: Wi-Fi
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\RADIO\{73DB8895-639E-4F9A-8012-09983B9C9021}

Name: Microsoft GS Wavetable Synth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\MICROSOFTGSWAVETABLESYNTH

Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{246DA212-1D96-4B6C-B19E-E80D9DEFAB18}

Name: Smart Card Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\SCDEVICEENUMBUS\0

Name: Microsoft Passport Container Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Device ID: SWD\SCDEVICEENUMBUS\1

Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv
Device ID: PCI\VEN_1022&DEV_780E&SUBSYS_8137103C&REV_11\3&2411E6FE&0&A3

Name: AMD SATA Controller
Description: AMD SATA Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: amdsata
Device ID: PCI\VEN_1022&DEV_7804&SUBSYS_8137103C&REV_00\3&2411E6FE&0&88

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Device ID: USB\VID_1F75&PID_0817\5&1A58DF47&0&1

Name: AMD SMBus
Description: AMD SMBus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc
Service:
Device ID: PCI\VEN_1022&DEV_780B&SUBSYS_8137103C&REV_3A\3&2411E6FE&0&A0

Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{284D93AB-9F92-11E5-9BC9-806E6F6E6963}#0000006F53B00000

Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&245CB903&0&0

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&1D5A6EE6&0

Name: HGST HTS545050A7E680
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_HGST&PROD_HTS545050A7E680\4&6BB9DB8&0&000000

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0800\4&4F4305A&0

Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrv
Device ID: ACPI\SMB0001\3&2411E6FE&0

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus
Device ID: PCI\VEN_1022&DEV_7813&SUBSYS_8137103C&REV_01\3&2411E6FE&0&A7

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1536&SUBSYS_8137103C&REV_00\3&2411E6FE&0&00

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: PCI\VEN_1022&DEV_1534&SUBSYS_00000000&REV_00\3&2411E6FE&0&C4

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\4&4F4305A&0

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\3&2411E6FE&0

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB\4&113D41EB&0

Name: CyberLink WebCam Virtual Driver 6.0
Description: CyberLink WebCam Virtual Driver 6.0
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd6
Device ID: ROOT\MEDIA\0000

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_1002&DEV_9840&SUBSYS_8137103C&REV_00\3&2411E6FE&0&09

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0200\4&4F4305A&0


========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 3537.01 MB
Available physical RAM: 1880.04 MB
Total Virtual: 4433.01 MB
Available Virtual: 2519.88 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:444.93 GB) (Free:143.28 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.64 GB) (Free:2.26 GB) NTFS
4 Drive f: () (Removable) (Total:1.86 GB) (Free:1.17 GB) FAT

========================= Users: ========================================

User accounts for \\DESKTOP-LF5E1VE

Administrator            DefaultAccount           Guest                    
MainUser                 

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

17-06-2017 17:41:23 Scheduled Checkpoint
13-08-2017 21:46:38 Scheduled Checkpoint

**** End of log ****
 


  • 0

#9
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts
Hey Mike,
 
Just that when you tell me to download something (in this case MiniToolBox) I download it on my desktop and put it on a stick and then run it on the laptop.
Okay, yes, let's continue this process, it's working nicely until we get the internet back up and running on your laptop. 
 
Let's continue...
 
Download this Realtek Wi-Fi Adapter driver and place it on the desktop of the computer where the Internet isn't working correctly. Don't install it yet, as we need to uninstall the old driver first.
 
Step 1 of 1: Device Manager on Problem Computer
1. Right-click the Start  button, then select Device Manager from the context menu.
2. Under Network adapters, search for Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter. Right-click and click on "Uninstall"
3. Restart your computer
4. Right-click the .cab file on your desktop, and select "Install"
5. Restart your computer again
6. Check internet connectivity
 
===============================================
 
When you reply to me, I need to see:
  • Any questions/concerns you might have, or if you were not able to complete any of the steps above
  • If Internet connectivity has been restored

 


  • 0

#10
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I'm having a problem. I downloaded the .cab file you told me to onto my desktop, transferred it to the laptop and uninstalled the Realtek RTL8188EE 802.11 bgn Wi-Fi Adapter. After restarting the computer I unzipped the file and nothing is a .cab file. The main icon that comes up is netrtwlane and when I double-click that all that comes up is a Security Catalog.

 

What should I do?!


  • 0

Advertisements


#11
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts
Instead of clicking into the cabinet file, right-click it while it's on your desktop, and select install. See if that does the trick :)
  • 0

#12
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

When I right-click "Install isn't an option. I get a lot of choices, "Open" "Share With" "Add to Archive" etc., but not install. I've attached a picture of the choices...

Attached Thumbnails

  • IMG_4292.JPG

  • 0

#13
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts
Thanks for the picture, that was helpful. Let's try the Option 2 instructions from here: https://www.tenforum...ndows-10-a.html
  • 0

#14
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I'm getting an "Error 87" I've included a picture...

Attached Thumbnails

  • IMG_2280.JPG

  • 0

#15
BuddyMG

BuddyMG

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

A better picture of the Error 87 (sorry about the lighting and the reflection of the iPhone!

Attached Thumbnails

  • IMG_4293.JPG

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP