Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-03-2019
Ran by LFS Hyper & EFM (08-03-2019 10:27:08)
Running from C:\Users\LFS Hyper & EFM\Desktop
Microsoft Windows 10 Pro Insider Preview Version 1703 16353.1000 (X86)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2386456517-1555999374-3366907636-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2386456517-1555999374-3366907636-503 - Limited - Disabled)
Guest (S-1-5-21-2386456517-1555999374-3366907636-501 - Limited - Disabled)
LFS Hyper & EFM (S-1-5-21-2386456517-1555999374-3366907636-1004 - Administrator - Enabled) => C:\Users\LFS Hyper & EFM
WDAGUtilityAccount (S-1-5-21-2386456517-1555999374-3366907636-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

aimp-avg-cyberlink setup (HKLM\...\aimp-avg-cyberlink setup) (Version: 1.0 - Jean-Marie)
CyberLink PresenterLink+ (HKLM\...\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}) (Version: 1.0.0527.0 - CyberLink Corp.)
Diag version 1.1.1.0 (HKLM\...\10DBD048-433A-4BC3-951F-055296F077B3_is1) (Version: 1.1.1.0 - Adlice Software)
IconPack X0 ttone (HKLM\...\IconPack) (Version: X0 ttone - SkinPack)
Microsoft OneDrive (HKU\S-1-5-21-2386456517-1555999374-3366907636-1004\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Moo0 RightClicker Pro 1.48 (HKLM\...\Moo0 RightClicker) (Version: - )
ProtectStar(TM) iShredder 7 (HKLM\...\{79087BA9-C5B5-4081-A374-310AC02E2896}) (Version: 7.0.1809 - ProtectStar Inc.)
Reload Icons Cache 1.00 (HKLM\...\Reload Icons Cache 1.00) (Version: 1.00 - Mr Blade Design's)
Silent Install Builder 5 (HKLM\...\{2452C59D-5140-4A9A-A97F-B925390619E1}) (Version: 5.1.4.0 - Aprel Tech, LLC)
Software Update Pro 5.44.0.41 (HKLM\...\Software Update Pro) (Version: 5.44.0.41 - Glarysoft Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2386456517-1555999374-3366907636-1004_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers2: [DataShredderShellExt] -> {A39AC900-3ABE-4C69-B42D-FA8EEF89CB03} => C:\Program Files (x86)\ProtectStar\DataShredder\DataShredderShellExt.dll [2018-06-14] (ProtectStar, Inc. -> ProtectStar(TM), Inc.)
ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers5: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\SysWOW64\appresolver.dll [2017-08-26] (Microsoft Windows -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-16 18:19 - 2014-09-29 17:21 - 001200400 ____N () C:\Windows\Temp\SecurePro.exe
2019-01-16 19:37 - 2019-01-16 19:37 - 001093120 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2019-01-16 19:38 - 2019-01-16 19:38 - 000057344 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80ENU.DLL

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amdrv.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-08-26 08:30 - 2017-08-26 08:29 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2386456517-1555999374-3366907636-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{F193F5EC-79BC-4D27-8F7C-CF5D508A3A41}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [UDP Query User{CAD13419-3190-4FAE-9A2E-B1B2A29D3213}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe (Glarysoft LTD -> Glarysoft Ltd)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Generic SDIO Device
Description: Generic SDIO Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Broadcom AUXSPI Controller
Description: Broadcom AUXSPI Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TODO-Set-Provider
Service: bcmauxspi
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Generic SDIO Device
Description: Generic SDIO Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2019 08:44:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-UJ4L4QK)
Description: Package Microsoft.Windows.Photos_2017.37071.14820.0_arm__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (03/08/2019 08:44:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.16353.1000, time stamp: 0x59a0e6ce
Faulting module name: ntdll.dll, version: 10.0.16353.1000, time stamp: 0xa5d653db
Exception code: 0xc0000409
Fault offset: 0x00023c20
Faulting process id: 0x230
Faulting application start time: 0x01d4d589d09e79a8
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 9b7fc085-b5df-49b5-9619-d32668b69612
Faulting package full name: Microsoft.MicrosoftEdge_41.16353.1000.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

Error: (03/08/2019 08:34:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-UJ4L4QK)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16353.1000_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (03/08/2019 08:29:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-UJ4L4QK)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16353.1000_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (03/08/2019 08:18:47 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=c4c81773-38fd-49d4-82c4-018b996d09de;Action=NotifyUser;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=60;Trigger=TimerEvent

Error: (03/08/2019 07:19:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=c4c81773-38fd-49d4-82c4-018b996d09de;Action=NotifyUser;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=60;Trigger=TimerEvent

Error: (01/16/2019 06:50:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-UJ4L4QK)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16353.1000_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (01/16/2019 06:49:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-UJ4L4QK)
Description: Package Microsoft.Windows.Cortana_1.9.6.16353_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.


System errors:
=============
Error: (03/08/2019 10:01:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WarpJITSvc service terminated unexpectedly. It has done this 10 time(s).

Error: (03/08/2019 09:44:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UJ4L4QK)
Description: Event-ID 10016

Error: (03/08/2019 09:43:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (03/08/2019 09:43:01 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (03/08/2019 09:42:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (03/08/2019 09:30:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WarpJITSvc service terminated unexpectedly. It has done this 9 time(s).

Error: (03/08/2019 09:04:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WarpJITSvc service terminated unexpectedly. It has done this 8 time(s).

Error: (03/08/2019 09:03:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WarpJITSvc service terminated unexpectedly. It has done this 7 time(s).


Windows Defender:
===================================
Date: 2019-01-16 20:35:45.972
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.249.82.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14003.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-16 20:35:45.969
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 116.1.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.13804.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-16 20:35:45.919
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.249.82.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14003.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-16 20:35:45.915
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.249.82.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14003.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-01-16 20:35:45.912
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.249.82.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14003.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2019-03-08 10:26:24.117
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 10:26:24.081
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 10:21:18.489
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 10:21:18.444
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 10:00:07.387
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 10:00:07.352
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 09:53:44.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-03-08 09:53:44.098
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\drivers\amdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: BCM2837 ARMv8
Percentage of memory in use: 62%
Total physical RAM: 938.3 MB
Available physical RAM: 352.27 MB
Total Virtual: 2730.3 MB
Available Virtual: 1362.34 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:28.84 GB) (Free:16.97 GB) NTFS
Drive d: (Verbatim) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive e: (goodsync portable) (Removable) (Total:57.64 GB) (Free:35.51 GB) NTFS
Drive f: () (Removable) (Total:29.71 GB) (Free:10.03 GB) FAT32

\\?\Volume{a09e77ce-0000-0000-0000-100000000000}\ (BOOT) (Fixed) (Total:0.12 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 29 GB) (Disk ID: A09E77CE)
Partition 1: (Active) - (Size=128 MB) - (Type=0C)
Partition 2: (Not Active) - (Size=28.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 57.6 GB) (Disk ID: CAED9793)
Partition 1: (Not Active) - (Size=57.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================