Hello, I am visiting my dad and his home computer has the Chromium browser on it. I noticed this problem when I came upon websites that I never typed the URL or searched for, and I kept getting some pop-up ads on the banner.
First off, thank you guys for always volunteering your time. It's been a while since I have posted a problem, but I am always grateful! Below is the information.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-06-2017
Ran by Teacher (administrator) on MININT-CSRN707 (10-06-2017 22:10:41)
Running from C:\Users\Teacher\Desktop
Loaded Profiles: Teacher (Available Profiles: Teacher)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [1667164 2012-10-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-25] (Synaptics Incorporated)
HKLM\...\Run: [WorksFUD] => C:\Program Files\Microsoft Works\wkfud.exe [24576 2001-10-05] (Microsoft® Corporation)
HKLM\...\Run: [Microsoft Works Portfolio] => C:\Program Files\Microsoft Works\WksSb.exe [331830 2001-08-23] (Microsoft® Corporation)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [28738 2001-08-16] (Microsoft® Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2183752 2017-05-04] ()
HKLM\...\Run: [OrderReminder] => C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\...\Run: [Itibiti.exe] => C:\Program Files\Itibiti Soft Phone\Itibiti.exe [7342080 2013-06-26] () <===== ATTENTION
HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\...\Run: [MoneyAgent] => "C:\Program Files\Microsoft Money\System\Money Express.exe"
HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\...\Run: [GOOGLECHROMEAUTOLAUNCH_56D513A1911079B147124FB0B59A739C] => C:\Users\Teacher\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-03] (The Chromium Authors)
HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\...\MountPoints2: {14bf7dde-fa49-11e4-bfbc-806e6f6e6963} - D:\SMS\bin\i386\TSMBAutorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-05-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-08-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2015-08-28]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite 2.0.lnk [2015-08-20]
ShortcutTarget: VideoCam Suite 2.0.lnk -> C:\Program Files\Panasonic\VideoCam Suite 2\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{22ADEB53-C2C8-47A0-912B-5FF1E588605A}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_otbrw8_15_35&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FzzyDyC0CzyyByDzytByBtN0D0Tzu0StCtAtAyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S0E0FyC0AyDzzyD0DtGtA0BtB0AtGyE0EtD0EtGzzyE0CzytGzyyB0CtAtA0D0EyByD0A0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyE0FtDtByCtB0BtG0A0EyBtBtGyEyCtCzytG0B0D0B0CtGyB0A0BtB0AyD0B0FyD0FyEtB2QtN0A0LzuyE&cr=1996962322&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_otbrw8_15_35&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FzzyDyC0CzyyByDzytByBtN0D0Tzu0StCtAtAyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S0E0FyC0AyDzzyD0DtGtA0BtB0AtGyE0EtD0EtGzzyE0CzytGzyyB0CtAtA0D0EyByD0A0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyE0FtDtByCtB0BtG0A0EyBtBtGyEyCtCzytG0B0D0B0CtGyB0A0BtB0AyD0B0FyD0FyEtB2QtN0A0LzuyE&cr=1996962322&ir=
SearchScopes: HKU\S-1-5-21-3157478879-3267821037-2198957907-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_otbrw8_15_35&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FzzyDyC0CzyyByDzytByBtN0D0Tzu0StCtAtAyDtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S0E0FyC0AyDzzyD0DtGtA0BtB0AtGyE0EtD0EtGzzyE0CzytGzyyB0CtAtA0D0EyByD0A0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AyE0FtDtByCtB0BtG0A0EyBtBtGyEyCtCzytG0B0D0B0CtGyB0A0BtB0AyD0B0FyD0FyEtB2QtN0A0LzuyE&cr=1996962322&ir=
SearchScopes: HKU\S-1-5-21-3157478879-3267821037-2198957907-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={DCD43075-5B47-4BC8-8BEB-5C2D75C7AA45}&mid=dba20ab3439347cd8f9e1d1be9618564-6236eefa95dcad2db71f733b5949e0647767db60&lang=en&ds=AVG&coid=avgtbavg&cmpid=0217tb&pr=fr&d=2015-08-29 08:33:08&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-05-04] (AVG)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: ifnqvwrb.default-1493848962235
FF ProfilePath: C:\Users\Teacher\AppData\Roaming\Mozilla\Firefox\Profiles\ifnqvwrb.default-1493848962235 [2017-06-10]
FF Homepage: Mozilla\Firefox\Profiles\ifnqvwrb.default-1493848962235 -> hxxps://mg.mail.yahoo.com/neo/launch?.partner=sbc&.rand=0mlf2r9rtg41o
FF Extension: (AVG Web TuneUp) - C:\Users\Teacher\AppData\Roaming\Mozilla\Firefox\Profiles\ifnqvwrb.default-1493848962235\Extensions\[email protected] [2017-05-04]
FF SearchPlugin: C:\Users\Teacher\AppData\Roaming\Mozilla\Firefox\Profiles\ifnqvwrb.default-1493848962235\searchplugins\avg-secure-search.xml [2017-05-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-26] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AESTFilters; C:\Program Files\IDT\WDM\aestsrv.exe [81920 2009-03-03] (Andrea Electronics Corporation) [File not signed]
S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509448 2012-03-15] (Intel Corporation)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153408 2017-04-11] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-04-11] (AVG Technologies CZ, s.r.o.)
S2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
S2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104208 2012-04-23] (Intel® Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [279024 2013-12-04] (Intel Corporation)
S2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [307282 2012-10-24] (IDT, Inc.) [File not signed]
S2 uArcCapture; C:\Windows\system32\ArcVCapRender\uArcCapture.exe [498352 2012-04-05] (ArcSoft, Inc.)
S2 vToolbarUpdater40.3.7; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-05-04] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-05-04] ()
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AMPPAL; C:\WINDOWS\System32\DRIVERS\AMPPAL.sys [143360 2012-03-15] (Windows ® Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\System32\DRIVERS\amppal.sys [143360 2012-03-15] (Windows ® Win 7 DDK provider)
S3 ARCVCAM; C:\WINDOWS\System32\DRIVERS\ArcSoftVCapture.sys [37952 2012-02-03] (ArcSoft, Inc.)
S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [259328 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.)
S0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.)
S1 cdrbsdrv; C:\WINDOWS\system32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation) [File not signed]
R3 e1cexpress; C:\WINDOWS\System32\DRIVERS\e1c6232.sys [358224 2012-11-28] (Intel Corporation)
R3 johci; C:\WINDOWS\System32\DRIVERS\johci.sys [23136 2012-07-16] (JMicron Technology Corp.)
R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 NETwNs32; C:\WINDOWS\System32\DRIVERS\Netwsn00.sys [10364416 2012-06-03] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver_AMDASF.sys [25328 2013-10-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\system32\drivers\Smb_driver_Intel.sys [27888 2013-10-25] (Synaptics Incorporated)
S3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1825288 2012-10-03] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-10 22:10 - 2017-06-10 22:11 - 00012396 _____ C:\Users\Teacher\Desktop\FRST.txt
2017-06-10 22:10 - 2017-06-10 22:10 - 00000000 ____D C:\FRST
2017-06-10 22:09 - 2017-06-10 22:09 - 01776640 _____ (Farbar) C:\Users\Teacher\Desktop\FRST.exe
2017-06-10 22:07 - 2017-06-10 22:07 - 00000000 ____D C:\Users\Teacher\Desktop\Anti-virus files
2017-06-10 21:35 - 2017-06-10 21:35 - 00160724 _____ C:\WINDOWS\ntbtlog.txt
2017-05-14 15:33 - 2017-05-14 15:33 - 00000000 ___RD C:\Users\Teacher\Documents\Scanned Documents
2017-05-14 15:33 - 2017-05-14 15:33 - 00000000 ____D C:\Users\Teacher\Documents\Fax
2017-05-14 15:30 - 2017-05-14 15:31 - 00089478 _____ C:\Users\Teacher\Downloads\Esp 3 - Presente Perfecto - Más Práctica #1 - side 1 of 2.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-10 21:40 - 2016-11-19 14:26 - 00000000 ____D C:\Users\Teacher\AppData\LocalLow\Mozilla
2017-06-10 21:40 - 2015-05-08 11:44 - 00781790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-10 21:40 - 2009-07-13 21:37 - 00000000 ____D C:\WINDOWS\inf
2017-06-10 21:34 - 2009-07-13 23:34 - 00009712 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-10 21:34 - 2009-07-13 23:34 - 00009712 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-10 21:28 - 2016-11-18 08:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-10 21:28 - 2015-08-29 08:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-10 21:28 - 2009-07-13 23:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-10 20:26 - 2015-05-08 12:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-10 20:23 - 2015-08-28 09:24 - 00000000 ____D C:\ProgramData\MFAData
2017-06-10 20:18 - 2015-05-08 12:30 - 129479984 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2015-08-28 09:11 - 2015-08-28 09:11 - 0000064 _____ () C:\Users\Teacher\AppData\Local\716bd5b580c5a4184827032546c5461a
Files to move or delete:
====================
C:\Program Files\Itibiti Soft Phone\Itibiti.exe
Some files in TEMP:
====================
2016-08-22 21:39 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_081180295016.exe
2016-02-24 07:24 - 2016-01-12 17:23 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_081231433982.exe
2015-10-20 04:59 - 2015-09-22 13:13 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_081342165611.exe
2016-04-07 17:02 - 2016-02-18 13:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_081519775753.exe
2016-04-18 07:05 - 2016-03-23 16:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08197182896.exe
2015-11-19 06:01 - 2015-10-16 13:30 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08207674018.exe
2016-05-31 09:51 - 2016-04-22 10:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08250089337.exe
2016-05-13 09:18 - 2016-04-14 17:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08379082520.exe
2016-07-27 06:11 - 2016-06-21 18:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08412740535.exe
2016-01-15 22:13 - 2015-12-08 08:23 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08451895395.exe
2016-07-06 18:36 - 2016-05-18 13:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08452730589.exe
2016-01-05 12:13 - 2015-11-12 17:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08550626776.exe
2015-10-12 05:24 - 2015-09-10 10:54 - 0091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Teacher\AppData\Local\Temp\avguirn_08825530461.exe
2007-04-05 02:09 - 2007-04-05 02:09 - 0455600 ____R (Macrovision Corporation) C:\Users\Teacher\AppData\Local\Temp\_is5EE1.exe
2007-04-05 02:09 - 2007-04-05 02:09 - 0455600 ____R (Macrovision Corporation) C:\Users\Teacher\AppData\Local\Temp\_is781B.exe
2007-04-05 02:09 - 2007-04-05 02:09 - 0455600 ____R (Macrovision Corporation) C:\Users\Teacher\AppData\Local\Temp\_is95D8.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-28 07:03
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-06-2017
Ran by Teacher (10-06-2017 22:11:42)
Running from C:\Users\Teacher\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-07-27 12:40:48)
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3157478879-3267821037-2198957907-500 - Administrator - Disabled)
Guest (S-1-5-21-3157478879-3267821037-2198957907-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3157478879-3267821037-2198957907-1002 - Limited - Enabled)
Teacher (S-1-5-21-3157478879-3267821037-2198957907-1000 - Administrator - Enabled) => C:\Users\Teacher
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
ArcSoft Webcam Sharing Manager (HKLM\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.39 - ArcSoft)
AVG (Version: 16.151.8013 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4776 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8013 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Bridge Baron 22 (HKLM\...\{B0C3F9C3-225A-4AA0-8A6E-28C7C116599E}) (Version: 22.00.00 - Great Game Products, Inc.)
Bridge Baron Teacher: Learn and Practice Bidding Conventions - Volume 2 (HKLM\...\{2C31CC47-74D7-43A8-B7AF-0B9C5C6FACB1}) (Version: 2.00.0001 - Great Game Products)
Bridge Baron Teacher: Learn and Practice Bidding Conventions - Volume 3 (HKLM\...\{70999647-34A9-413B-8974-74F21EEDA815}) (Version: 3.00.0001 - Great Game Products)
Chromium (HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\...\Chromium) (Version: 45.0.2422.0 - Chromium)
Counting at Bridge (HKLM\...\Counting at Bridge) (Version: - Bridge Base Inc.)
Defense (HKLM\...\Defense) (Version: - Bridge Base Inc.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
GeniusBox 2.0 (HKLM\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
GWX Control Panel (HKLM\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
Hoyle Card Games 4 (HKLM\...\Hoyle Card Games 4) (Version: - )
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM\...\{801EAD7A-7202-4BE4-84A1-299202AD17C0}) (Version: 2.0.7.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION
JMicron 1394 Filter Driver (HKLM\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
KNCTR (HKLM\...\Itibiti_is1) (Version: - Itibiti Inc.)
LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - )
Learn to Play Bridge 2 (HKLM\...\Learn_to_Play_Bridge_2) (Version: - )
Marty Sez (HKLM\...\Marty_Sez) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Word 2002 (HKLM\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft Works 2002 Setup Launcher (HKLM\...\Works2002Setup) (Version: - )
Microsoft Works 6.0 (HKLM\...\{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft Corporation)
Microsoft Works Suite Add-in for Microsoft Word (HKLM\...\{C3A439E4-7303-491F-A678-CEA36A87D517}) (Version: 2.0.0.0000 - Microsoft Corporation)
Mike's Advice (HKLM\...\{FF115D5C-D288-4242-B1DE-C86E0DE1D846}_is1) (Version: 1.0 - Michael Lawrence)
Mozilla Firefox 53.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
OrderReminder HP LaserJet 1020 (HKLM\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - )
Points Schmoints! (HKLM\...\Points_Schmoints!) (Version: - )
Pro PC Cleaner (HKLM\...\Pro PC Cleaner) (Version: 2.9.6 - Pro PC Cleaner) <==== ATTENTION
Shockwave (HKLM\...\Shockwave) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
VideoCam Suite 2.0 (HKLM\...\{9EDF1A5D-D8E0-413E-9782-75DD4A8C831B}) (Version: 2.00.043.1033 - Panasonic Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Works Suite OS Pack (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (Version: 1.0.0.0000 - Your Company Name) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3157478879-3267821037-2198957907-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Teacher\AppData\Local\Chromium\Application\45.0.2422.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C9D8522-14CA-4497-8B27-DF007D159BAD} - System32\Tasks\Check Updates => C:\Program Files\user extensions\updater.exe <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {5A6C6202-3AB5-469C-AA0F-B1A500B600D5} - System32\Tasks\{E2EC6324-6576-4BCF-9E97-E04E6B060BD3} => pcalua.exe -a D:\setup.exe -d D:\
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {60E3E79F-7B70-43DC-9F02-33882F4CFCF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-26] (Adobe Systems Incorporated)
Task: {762917E6-DE6E-4F3A-B0AD-1CF140F5838A} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {7CC22976-7FB5-441D-A353-117307BB363D} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {AF73B4E3-0AB1-46CD-8472-1769E85D5FC1} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B643DEE6-FFEC-4379-AC76-BA17D464C5DD} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Program Files\user extensions\client.exe" <==== ATTENTION
Task: {B75248BF-3C26-4245-A778-52CDAEC06130} - System32\Tasks\Tny_Cassiopesa => C:\Users\Teacher\AppData\Local\{2B181~1\UNINST~1.EXE
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {DC400010-E530-4274-BED2-D22581E2E228} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {EADFF62A-0CFC-40F0-93BE-E0E6D49C69F2} - System32\Tasks\Validate Installation => C:\Program Files\user extensions\updater.exe <==== ATTENTION
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Tny_Cassiopesa.job => C:\Users\Teacher\AppData\Local\{2B181~1\UNINST~1.EXE
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
e"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3157478879-3267821037-2198957907-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Teacher\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{089831F4-D22C-441F-BB1B-B0CB17C523FC}] => (Allow) C:\Program Files\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{E3684E0C-D172-4729-AF2F-BB7FEE55CA4C}] => (Allow) C:\Program Files\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{F8BDCA35-21B9-41F7-B3EB-4D32342F1D1D}] => (Allow) C:\Users\Teacher\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{A2B05995-59CE-4726-90DA-B71B9026FA27}C:\program files\itibiti soft phone\itibiti.exe] => (Block) C:\program files\itibiti soft phone\itibiti.exe
FirewallRules: [UDP Query User{26141F11-18E4-4EC2-8673-9F2148EAC412}C:\program files\itibiti soft phone\itibiti.exe] => (Block) C:\program files\itibiti soft phone\itibiti.exe
FirewallRules: [{C38C8740-302F-4170-86D5-59E98DC6141A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C4DB7918-4855-4858-A3E1-C397AEDEACD2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1C921281-B9F5-41EC-BDC6-3392ADF965CE}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{1BAE0EAB-56E0-43D4-9245-A8E18D80F4AF}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{C817ED63-3151-4432-B264-A002FAFBABBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B097DD0D-7C50-42FF-A0B6-F56DF3A5A6D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BC704BCB-77BF-4C3D-8770-CDA633B29C65}] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{39041D88-E549-43AE-81F4-F92473CE0969}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{46778BBC-AA63-4A87-A513-AF758E82E8B0}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{900005F2-CC3F-46E8-AE1F-125EDBE619DB}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{4E3FE453-6149-4990-BE91-1281ACDD0229}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2017 04:19:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hpqWmiEx.exe, version: 4.6.10.1, time stamp: 0x5048beb6
Faulting module name: hpqWmiEx.exe, version: 4.6.10.1, time stamp: 0x5048beb6
Exception code: 0xc0000005
Fault offset: 0x00044dba
Faulting process id: 0xdc8
Faulting application start time: 0x01d2c9957cb266ab
Faulting application path: C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
Faulting module path: C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
Report Id: 23dd362c-3e6b-11e7-a74b-cc52af856c97
Error: (05/13/2017 02:59:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (05/05/2017 09:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 53.0.0.6312, time stamp: 0x58f0428a
Faulting module name: xul.dll, version: 53.0.0.6312, time stamp: 0x58f046bd
Exception code: 0x80000003
Fault offset: 0x00886df8
Faulting process id: 0x113c
Faulting application start time: 0x01d2c509499cb449
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files\Mozilla Firefox\xul.dll
Report Id: 121942c7-3204-11e7-8ce5-cc52af856c97
Error: (03/27/2017 03:21:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 7a0
Start Time: 01d2a737928e8ade
Termination Time: 0
Application Path: C:\WINDOWS\Explorer.EXE
Report Id: e7c9c235-132a-11e7-ba2d-cc52af856c97
Error: (03/18/2017 04:08:25 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (01/13/2017 07:36:59 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (12/14/2016 02:41:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
Error: (12/07/2016 09:02:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 50.0.0.6152 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c444
Start Time: 01d248ee5d97ba23
Termination Time: 295
Application Path: C:\Program Files\Mozilla Firefox\firefox.exe
Report Id: 6281363d-bcea-11e6-a032-cc52af856c97
Error: (11/28/2016 02:04:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18523 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 84dc
Start Time: 01d2480727574220
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
Error: (11/28/2016 06:34:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\Temp\AvgSetup\9c16837e-eb65-47cf-8388-1d1be9618564\install\fmw\avgrdsttestx.exe".
Dependent Assembly AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:42:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (06/10/2017 09:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
CodeIntegrity:
===================================
Date: 2017-06-10 21:34:18.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 21:31:30.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:41:03.884
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:36:22.065
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:36:21.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestacap.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:32:50.337
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:32:46.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-10 20:17:50.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-23 21:08:12.280
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-23 14:10:34.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 2996.04 MB
Available physical RAM: 2218.89 MB
Total Virtual: 5990.39 MB
Available Virtual: 5244.11 MB
==================== Drives ================================
Drive c: (Default) (Fixed) (Total:232.88 GB) (Free:198.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B08384BF)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================