Hi, Firefly. Thank you so much for your help.
1. I successfully ran the steps to perform the restore point AND registry back up.
2. I successfully performed my file backup to an external HD.
3. The FRST and Additional logs are posted below.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by MediaCenter (administrator) on MEDIACENTER-PC on 18-06-2015 08:52:19
Running from E:\__PCFixesTSG
Loaded Profiles: MediaCenter (Available Profiles: MediaCenter)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [49152 2003-06-25] (Hewlett-Packard)
HKLM\...\Run: [HP Component Manager] => C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [212992 2003-04-11] (Hewlett-Packard Company)
HKLM\...\Run: [DeviceDiscovery] => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [229437 2003-05-21] (Hewlett-Packard)
HKLM\...\Run: [OrderReminder] => C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-1506548412-1360968716-356857802-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.symantec.com/redirects/s...epage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-21-1506548412-1360968716-356857802-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: XFINITY Toolbar -> {4b9bcce8-a70b-402a-a7e1-db96831ee26f} -> C:\Program Files\xfin_portal\comcastdx.dll [2012-11-16] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files\xfin_portal\auxi\comcastAu.dll [2012-11-16] (Visicom Media)
Toolbar: HKLM - XFINITY Toolbar - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll [2012-11-16] ()
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
http://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc1.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-04-11] (Hewlett-Packard Company)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll File not found
Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll File not found
Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll File not found
Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll File not found
Winsock: Catalog9 15 C:\Windows\system32\MyOSProtect.dll File not found
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={35008849-C865-11E2-9B0F-0016172948B2}
CHR StartupUrls: Default -> "hxxp://xfinity.comcast.net/?cid=dd_mtmh05282014"
CHR DefaultSearchKeyword: Default -> start.sweetim.com
CHR DefaultSearchURL: Default -> http://start.sweetpacks.com?src=6&q={searchTerms}&barid={35008849-C865-11E2-9B0F-0016172948B2}&crg=3.5000006.10042&st=23
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-28]
CHR Extension: (Google Search) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-28]
CHR Extension: (Bookmark Manager) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Norton Safe) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-15]
CHR Extension: (Google Wallet) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
CHR Extension: (Gmail) - C:\Users\MediaCenter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-28]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKU\S-1-5-21-1506548412-1360968716-356857802-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] -
https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-05-19] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\MediaCenter\AppData\Local\Temp\7zS37A1\hpslpsvc32.dll [X]
S2 Update Klip Pal; "C:\Program Files\Klip Pal\updateKlipPal.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AFS; C:\Windows\system32\Drivers\AFS.sys [77004 2013-01-29] (Oak Technology Inc.) [File not signed]
R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-18] (Realtek Semiconductor Corp.)
R0 amacpi; C:\Windows\System32\DRIVERS\null.sys [4608 2009-07-13] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [22176 2012-01-18] (Logitech Inc.)
R3 hcwPP2; C:\Windows\System32\DRIVERS\hcwPP2.sys [185728 2007-02-06] (Hauppauge Computer Works, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 08:49 - 2015-06-18 08:52 - 00000000 ____D C:\FRST
2015-06-18 08:46 - 2015-06-18 08:46 - 00002181 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-06-18 08:46 - 2015-06-18 08:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-06-18 08:46 - 2015-06-18 08:46 - 00000000 ____D C:\Program Files\Tweaking.com
2015-06-03 21:19 - 2015-06-03 21:19 - 00015360 ___SH C:\Users\MediaCenter\Desktop\Thumbs.db
2015-05-31 14:29 - 2014-01-23 17:16 - 00051928 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\Rtnicxp.sys
2015-05-31 14:29 - 2013-10-31 10:24 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2015-05-31 14:28 - 2015-05-31 14:29 - 00000000 ____D C:\Program Files\Realtek
2015-05-19 21:46 - 2015-05-19 22:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-19 21:45 - 2015-05-19 21:45 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-19 21:45 - 2015-05-19 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-19 21:45 - 2015-05-19 21:45 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-05-19 21:45 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-19 21:45 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-19 21:45 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-19 20:54 - 2015-05-31 14:32 - 00000000 ____D C:\ProgramData\ProductData
2015-05-19 20:54 - 2015-05-19 20:54 - 00000000 ____D C:\Users\MediaCenter\AppData\Roaming\IObit
2015-05-19 20:54 - 2015-05-19 20:54 - 00000000 ____D C:\ProgramData\IObit
2015-05-19 20:54 - 2015-05-19 20:54 - 00000000 ____D C:\Program Files\IObit
2015-05-19 20:53 - 2015-05-19 20:53 - 00000000 ____D C:\Program Files\ESET
2015-05-19 20:45 - 2015-05-19 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-19 09:35 - 2015-05-19 09:35 - 00000654 _____ C:\Users\MediaCenter\Desktop\RegBUMay19.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 08:21 - 2010-11-20 17:01 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-18 08:19 - 2009-07-14 00:34 - 00027888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 08:19 - 2009-07-14 00:34 - 00027888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 07:45 - 2013-01-30 18:14 - 00000000 ____D C:\Users\MediaCenter\Documents\Matt Dox
2015-06-07 19:56 - 2013-01-30 18:13 - 00000000 ____D C:\Users\MediaCenter\Documents\Bill Dox
2015-05-31 16:39 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\NDF
2015-05-31 16:32 - 2013-01-26 01:10 - 01171166 _____ C:\Windows\WindowsUpdate.log
2015-05-31 16:29 - 2009-07-14 00:53 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-31 16:29 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-05-31 16:29 - 2009-07-14 00:39 - 00053485 _____ C:\Windows\setupact.log
2015-05-31 14:28 - 2013-01-25 23:21 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-21 09:30 - 2010-11-20 17:48 - 03055630 _____ C:\Windows\PFRO.log
2015-05-19 22:02 - 2013-01-25 23:33 - 00000000 ____D C:\Program Files\Google
2015-05-19 22:02 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Vss
2015-05-19 21:44 - 2013-01-25 23:33 - 00000000 ____D C:\Users\MediaCenter\AppData\Local\Google
2015-05-19 21:17 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\registration
2015-05-19 20:57 - 2015-04-08 20:14 - 00000000 ____D C:\Program Files\Minitab
2015-05-19 20:51 - 2013-11-07 12:14 - 00000000 ____D C:\ProgramData\Big Fish
2015-05-19 20:51 - 2013-11-07 12:13 - 00000000 ____D C:\BigFishCache
2015-05-19 09:41 - 2013-01-25 22:19 - 00000000 ____D C:\Users\MediaCenter
2015-05-19 08:16 - 2013-01-30 15:13 - 00000000 ____D C:\Users\MediaCenter\Documents\Symantec
==================== Files in the root of some directories =======
2013-02-04 22:32 - 2013-02-04 22:32 - 0057230 _____ () C:\Users\MediaCenter\AppData\Roaming\userenv.xml
2013-02-04 22:32 - 2013-02-04 22:32 - 0076196 _____ () C:\Users\MediaCenter\AppData\Roaming\userenv.xml.urlencode
2013-02-12 12:03 - 2015-03-07 16:34 - 0001177 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Some files in TEMP:
====================
C:\Users\MediaCenter\AppData\Local\Temp\ose00000.exe
C:\Users\MediaCenter\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_28831.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 00:40
==================== End of log ============================
ADDITIONAL:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by MediaCenter at 2015-06-18 08:53:00
Running from E:\__PCFixesTSG
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1506548412-1360968716-356857802-500 - Administrator - Disabled)
Guest (S-1-5-21-1506548412-1360968716-356857802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1506548412-1360968716-356857802-1002 - Limited - Enabled)
MediaCenter (S-1-5-21-1506548412-1360968716-356857802-1001 - Administrator - Enabled) => C:\Users\MediaCenter
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bootstrapper (Version: 1.2.2.0 - Minitab, Inc.) Hidden
CameraHelperMsi (Version: 13.50.854.0 - Logitech) Hidden
Canon PowerShot A4000 IS and A3400 IS and A2400 IS and A2300 and A1300 and A810 Camera User Guide (HKLM\...\CameraUserGuide-PSA4000ISandA3400ISandA2400ISandA2300andA1300andA810) (Version: 1.0.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM\...\ImageBrowser EX) (Version: 1.2.1.13 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
hp deskjet 5600 (HKLM\...\{8CDC6712-AF80-459E-911F-F1E156CB0AB0}) (Version: 1.01.0000 - Hewlett-Packard)
HP LCD Monitor Driver Software 2.00 (HKLM\...\{A258F8EC-1BA2-48F1-9559-66B95C202A55}) (Version: - )
HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0001 - {&Tahoma8}Hewlett-Packard)
hp print screen utility (HKLM\...\hp print screen utility) (Version: - )
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - )
LightScribe System Software (HKLM\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Minitab17 (Version: 17.2.1.0 - Minitab Inc) Hidden
Minitab17 (Version: 17.2.1.0 - Minitab, Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OrderReminder HP LaserJet 1020 (HKLM\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - )
Quicken 2013 (HKLM\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - )
Realtek PCI Fast Ethernet Controller Driver (HKLM\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 6.112.123.2014 - Realtek)
Sansa Updater (HKU\S-1-5-21-1506548412-1360968716-356857802-1001\...\Sansa Updater) (Version: 1.313 - SanDisk Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoftwareManager (Version: 1.2.0.0 - Minitab, Inc.) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
XFINITY Toolbar (HKLM\...\xfin_portal) (Version: 4.0.0.17 - )
Zuma Deluxe (HKLM\...\{9D274133-8E61-4BC3-9A0B-932810FAC63A}) (Version: 1.00.0000 - Valusoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
21-04-2015 02:48:57 Windows Update
28-04-2015 12:02:50 Windows Update
01-05-2015 19:41:34 Windows Update
05-05-2015 02:49:10 Windows Update
12-05-2015 02:49:28 Windows Update
13-05-2015 03:02:04 Windows Update
13-05-2015 19:12:00 Windows Update
17-05-2015 15:13:25 Removed Adobe Reader XI (11.0.11).
17-05-2015 15:15:57 Removed iTunes
17-05-2015 17:42:05 Restore Operation
31-05-2015 14:28:47 Installed Realtek PCI Fast Ethernet Controller Driver
18-06-2015 08:23:32 before malware fix
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {004DD49B-AA64-4785-8963-6FA0DE0FAB3B} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\SymErr.exe
Task: {0C3163D7-6F59-4942-9E61-4A00666574A1} - System32\Tasks\{750C21E8-F7B3-40AB-B67B-DC45C16A048A} => pcalua.exe -a "C:\Users\MediaCenter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K5TR2ACX\MP10Setup.exe" -d C:\Users\MediaCenter\Desktop
Task: {1528C4F7-F0ED-4626-93F0-A2139BA72007} - System32\Tasks\Driver Manager-RTMRules => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
Task: {33B127A2-1D85-4F02-9107-5CB68E8D1C77} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {38475DD6-DE27-494E-A7AA-9AFF8823444C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {65D1EB64-87B8-451D-A769-887816B4E712} - System32\Tasks\{632B7967-2317-49D2-9EAC-19B0BB42A86B} => C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {75A2B29D-3E66-4488-85E2-628E4D2F459B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {7B7366B1-9425-4D7D-83A3-6B6E789FBADF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {944A9F02-1888-4F36-981F-412C4336C24D} - System32\Tasks\Driver Manager-RTMScan => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
Task: {946738A6-9ECC-4FAC-A3E2-FABC2E25A944} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A2FDB102-49D1-47AE-B4BD-2E2A5C8DC92A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A7F4E8C2-C3AA-4AF9-8D18-64F614958886} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {ACCC2CEB-60DB-40A7-8A0C-971175FA606D} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe
Task: {BB4E3AFD-BB47-486D-9D64-A685625642FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CE949480-3FA7-4B0B-A718-4EBD87CC1566} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\SymErr.exe
Task: {DB232EE9-2B88-452D-B987-4335588DB4CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E3C523BE-77EF-4D22-83CE-47FC05F613E4} - System32\Tasks\{854A26F5-0DF4-444F-8711-4CFBDE7FA799} => pcalua.exe -a E:\Display_menu.exe -d E:\
Task: {EB460832-F575-4627-A944-F5E6835B2888} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {F05CF934-27B0-4748-9340-5113DF343922} - System32\Tasks\Driver Manager-RTMUpdater => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
Task: {F13ABDE9-A6A4-4587-9AC4-F4EE9BF61671} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-01-29 12:32 - 2012-09-18 16:26 - 00169472 _____ () C:\Windows\System32\ZLhp1020.DLL
2013-01-29 12:33 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-11-11 15:07 - 2011-11-11 15:07 - 00265240 _____ () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-07-23 16:10 - 2012-07-23 16:10 - 00336232 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2011-08-12 13:19 - 2011-08-12 13:19 - 00680984 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:A1D3FEF0
AlternateDataStreams: C:\ProgramData\TEMP:A3E39C6A
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1506548412-1360968716-356857802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MediaCenter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{47CA2694-1AE6-4DE0-9660-CD43010DA34B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{164599CD-4DFA-420B-B7B1-4B8FF21DE512}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D900AE1C-D982-4092-941C-87CFD2486DCC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{2E4300A0-7C2E-4C7F-B338-9EE8D4BD8F46}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{E270AAEF-55C1-4FAD-97B1-1D80FB6507D0}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{629BE428-65A4-49BD-99DE-83B0911EFAD8}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{6D932D28-DB97-47EE-A67B-6914425873B0}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{93408C3E-18E4-4BE7-985D-D55A1ABF4987}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{ED901594-D2C3-435C-B2C0-AC78312F244A}] => (Allow) C:\Users\MediaCenter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{59BF26FC-04EC-4295-880D-6979C9982A63}] => (Allow) C:\Users\MediaCenter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{879B8440-8139-4D8C-A785-439799561A99}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{8E9F6777-C990-4C63-B5DA-60B3C447B1B9}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{7015CA9B-EBED-403D-BCEF-E09A48B0D470}] => (Allow) C:\Users\MediaCenter\AppData\Local\Temp\7zS37A1\hppiw.exe
FirewallRules: [{0C0EAC42-A1A3-415B-86BC-F23E22F54305}] => (Allow) C:\Users\MediaCenter\AppData\Local\Temp\7zS37A1\hppiw.exe
FirewallRules: [{532DBBE1-F516-4EE3-9EA8-725A57EEDD28}] => (Allow) C:\Users\MediaCenter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{01DD037A-9AE9-440F-8A36-DD48221F862E}] => (Allow) C:\Users\MediaCenter\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{45041913-5D78-477D-A6E4-EF2D4FBDCCF3}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{6197FFA7-C9BD-4232-BC0D-5D9877CF1510}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{BF1C5695-49F1-4975-BE5F-87F7C0AF5764}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{F5B0F2AB-0867-4E0C-B745-6F350E7F2110}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{F1C86B4D-B602-47CE-8428-CC58DFE36FC1}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{8D2053BC-A190-4374-A33F-FB0FE3B0618A}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{D2377BE1-FC2B-42F2-8F86-C495F2D8115C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2015 08:34:10 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/18/2015 07:34:10 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/14/2015 10:42:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/13/2015 03:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/13/2015 02:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/13/2015 01:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/13/2015 00:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (06/10/2015 10:25:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005
Error: (05/31/2015 04:31:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 04:29:47 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
System errors:
=============
Error: (06/18/2015 07:34:10 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (06/18/2015 07:07:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106
Error: (06/18/2015 07:07:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106
Error: (06/15/2015 09:11:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106
Error: (06/15/2015 09:11:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106
Error: (06/15/2015 09:11:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106
Error: (06/15/2015 09:11:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106
Error: (06/15/2015 08:40:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%10106
Error: (06/15/2015 08:40:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106
Error: (06/14/2015 10:42:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%10106
Microsoft Office:
=========================
Error: (06/18/2015 08:34:10 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/18/2015 07:34:10 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/14/2015 10:42:20 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/13/2015 03:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/13/2015 02:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/13/2015 01:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/13/2015 00:21:33 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (06/10/2015 10:25:44 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80070005
Error: (05/31/2015 04:31:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 04:29:47 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Percentage of memory in use: 24%
Total physical RAM: 3006.55 MB
Available physical RAM: 2270 MB
Total Pagefile: 6011.42 MB
Available Pagefile: 5075.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:444.6 GB) (Free:318.9 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:14.64 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CEE8CEE8)
Partition 1: (Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=444.6 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 14.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================
FYI -- Even though I cannot yet connect to my WiFi, the "trouble" PC's Ethernet port is hardwired and the green lights are on.