Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
Ran by Barb (administrator) on BARB-PC (16-02-2017 18:43:54)
Running from C:\Users\Barb\Desktop
Loaded Profiles: Barb (Available Profiles: Barb)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\CxUtilSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Conexant) C:\Windows\System32\MicTray64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-4070142805-2248021825-1571207387-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-12-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-12-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-12-27] (Microsoft Corporation)
Startup: C:\Users\Barb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Funny.exe [2016-12-11] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C27814A-EDAF-44EB-9A93-BF72FBD7C0A7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-4070142805-2248021825-1571207387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-07-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-12-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-12-27] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-12] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-12-27] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-12-27] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-07-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-27] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-12-27] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4070142805-2248021825-1571207387-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Barb\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-02-08] (Citrix Online)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default [2017-02-15]
CHR Extension: (Google Slides) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-09]
CHR Extension: (Google Docs) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-09]
CHR Extension: (Google Drive) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]
CHR Extension: (YouTube) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]
CHR Extension: (Google Sheets) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-15]
CHR Extension: (Gmail) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Barb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\HP-NB-AIO\CxUtilSvc.exe [135288 2015-08-08] (Conexant Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-12-03] (ESET)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [150632 2015-10-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-05-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [155088 2016-12-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2015-11-18] (Synaptics Incorporated)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-17] () [File not signed]
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76296 2015-11-17] (Synaptics Incorporated)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-07-28] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1445688 2014-11-20] (Motorola Solutions, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [502256 2015-09-29] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-12-03] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-12-03] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153216 2016-12-03] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208520 2016-12-03] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61568 2016-12-03] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84616 2016-12-03] (ESET)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [77408 2016-12-14] ()
R3 iaLPSS2_GPIO2; C:\Windows\System32\DRIVERS\iaLPSS2_GPIO2.sys [91944 2015-06-02] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\DRIVERS\iaLPSS2_I2C.sys [166184 2015-06-02] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [96496 2015-09-10] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2015-12-24] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3422472 2016-01-01] (Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2016-07-09] ()
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3092224 2015-12-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-11-18] (Synaptics Incorporated)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-16 18:43 - 2017-02-16 18:44 - 00013882 _____ C:\Users\Barb\Desktop\FRST.txt
2017-02-15 19:37 - 2017-02-15 19:41 - 00618138 _____ C:\TDSSKiller.3.1.0.12_15.02.2017_19.37.11_log.txt
2017-02-14 19:37 - 2017-02-14 19:37 - 06771840 _____ (ESET spol. s r.o.) C:\Users\Barb\Downloads\esetonlinescanner_enu.exe
2017-02-14 19:02 - 2017-02-14 19:02 - 00020867 _____ C:\Windows\system32\0
2017-02-14 18:45 - 2017-02-14 18:45 - 00087396 _____ C:\Users\Barb\Desktop\Startup Programs (BARB-PC) 2017-02-14 18.45.23.txt
2017-02-14 18:42 - 2017-02-14 18:42 - 00121623 _____ C:\Users\Barb\Downloads\Silent Runners.zip
2017-02-13 18:53 - 2017-02-13 18:53 - 00000954 _____ C:\Users\Barb\Desktop\Emisoft scan_170213-185218.txt
2017-02-13 18:48 - 2017-02-15 19:45 - 00000000 ____D C:\Users\Barb\Desktop\EEK
2017-02-13 18:46 - 2017-02-13 18:47 - 285741008 _____ C:\Users\Barb\Desktop\EmsisoftEmergencyKit.exe
2017-02-13 18:22 - 2017-02-16 18:43 - 00000000 ____D C:\Users\Barb\Desktop\FRST-OlderVersion
2017-02-12 18:54 - 2017-02-16 18:43 - 00000000 ____D C:\FRST
2017-02-12 18:52 - 2017-02-16 18:43 - 02422272 _____ (Farbar) C:\Users\Barb\Desktop\FRST64.exe
2017-02-08 20:03 - 2017-02-14 19:33 - 00859428 _____ C:\Windows\ntbtlog.txt
2017-02-08 13:48 - 2017-02-15 19:45 - 00000000 ____D C:\Windows\pss
2017-02-08 13:04 - 2017-02-15 19:45 - 00000000 ____D C:\Users\Barb\AppData\Local\Citrix
2017-02-08 13:04 - 2017-02-08 13:04 - 00000000 ____D C:\Program Files (x86)\Citrix
2017-02-04 13:41 - 2017-02-04 13:41 - 00000000 __RHD C:\MSOCache
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-16 18:42 - 2016-07-09 16:43 - 00000000 ____D C:\ProgramData\Synaptics
2017-02-16 18:42 - 2016-07-09 15:23 - 00000000 __SHD C:\Users\Barb\IntelGraphicsProfiles
2017-02-16 18:42 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-15 19:53 - 2009-07-13 20:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-15 19:53 - 2009-07-13 20:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-15 19:51 - 2009-07-13 21:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-15 19:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-02-15 19:50 - 2016-07-09 13:58 - 00000000 ____D C:\Users\Barb
2017-02-15 19:46 - 2016-07-10 11:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2017-02-15 19:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2017-02-15 19:45 - 2016-12-27 17:41 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-02-15 19:45 - 2016-12-27 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-02-15 19:45 - 2016-07-26 19:16 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-15 19:45 - 2016-07-10 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2017-02-15 19:45 - 2016-07-09 15:51 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2017-02-15 19:45 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2017-02-15 19:44 - 2016-12-27 17:36 - 00000000 ____D C:\Users\Barb\AppData\Local\LogMeIn Rescue Applet
2017-02-15 19:44 - 2016-07-26 19:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 19:44 - 2016-07-17 12:33 - 00000000 ____D C:\Users\Barb\AppData\Roaming\VERIZON
2017-02-15 19:44 - 2016-07-10 17:25 - 00000000 ____D C:\ProgramData\Adobe
2017-02-15 19:44 - 2016-07-09 16:05 - 00000000 ____D C:\Users\Barb\AppData\Local\Google
2017-02-15 19:44 - 2016-07-09 15:59 - 00000000 ____D C:\Users\Barb\AppData\Local\ESET
2017-02-15 19:44 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2017-02-15 19:44 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-15 19:43 - 2016-12-27 17:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-15 19:43 - 2016-07-10 17:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-15 19:43 - 2016-07-10 14:40 - 00000000 ____D C:\Barbs Documents
2017-02-14 19:05 - 2016-08-10 21:58 - 00000000 ____D C:\Windows\system32\MRT
2017-02-14 19:04 - 2016-08-10 21:58 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-14 18:45 - 2013-04-26 08:23 - 00513136 _____ C:\Users\Barb\Desktop\Silent Runners.vbs
2017-02-13 19:45 - 2016-07-10 11:25 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-02-12 20:23 - 2016-07-10 11:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-08 18:30 - 2016-07-26 19:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-02 09:30 - 2016-07-19 12:34 - 00000000 ____D C:\Users\Barb\AppData\Local\CrashDumps
2017-02-02 09:10 - 2016-07-09 16:07 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-02 09:10 - 2016-07-09 16:07 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-23 18:27 - 2016-12-27 17:41 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-23 18:26 - 2016-12-27 17:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-23 17:56 - 2017-01-04 11:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2016-07-09 16:47 - 2016-07-09 16:47 - 0000000 _____ () C:\Users\Barb\AppData\Local\AtStart.txt
2016-07-09 16:47 - 2016-07-09 16:47 - 0000000 _____ () C:\Users\Barb\AppData\Local\DSwitch.txt
2016-07-09 16:47 - 2016-07-09 16:47 - 0000000 _____ () C:\Users\Barb\AppData\Local\QSwitch.txt
2016-07-10 16:31 - 2016-07-10 16:31 - 0000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-08 14:10
==================== End of FRST.txt ============================
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
Ran by Barb (16-02-2017 18:44:12)
Running from C:\Users\Barb\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-07-09 21:58:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4070142805-2248021825-1571207387-500 - Administrator - Disabled)
Barb (S-1-5-21-4070142805-2248021825-1571207387-1000 - Administrator - Enabled) => C:\Users\Barb
Guest (S-1-5-21-4070142805-2248021825-1571207387-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4070142805-2248021825-1571207387-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.44.0 - Alcor Micro Corp.) Hidden
Atmel I2C-HID maXTouch driver (HKLM-x32\...\InstallShield_{D38217B4-7002-471C-9B23-BB206429370A}) (Version: 1.0.0.2 - Atmel Corp.)
Atmel I2C-HID maXTouch driver (Version: 1.0.0.2 - Atmel Corp.) Hidden
Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.148.0 - Conexant Systems)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
ESET Smart Security (HKLM\...\{BA1050B5-E274-4693-8A67-CAF5576A07F1}) (Version: 9.0.381.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{3E261474-8DF2-463B-984E-0B6396F58D1C}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{9469285B-AB76-434A-8533-2EE643318F2E}) (Version: 36.0.39.57346 - HP)
HP OfficeJet Pro 8720 Basic Device Software (HKLM\...\{98A7C54D-74EB-461C-8124-E78BF938401F}) (Version: 38.1.1881.57490 - HP Inc.)
HP OfficeJet Pro 8720 Help (HKLM-x32\...\{18E5A98E-E857-4087-AF73-4E6B9AB0A140}) (Version: 38.0.0 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.17.1 - Hewlett-Packard Company)
HP Universal Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11156 - Realtek Semiconductor Corp.)
I.R.I.S. OCR (HKLM-x32\...\{093C645A-294E-41E4-904C-DDF13DC47A27}) (Version: 12.3.6.12 - HP)
Intel® Chipset Device Software (x32 Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4457 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.61.1519.7 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.4.51 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 18.1.1536.2042) (HKLM\...\{302600C1-6BDF-4FD1-1508-148929CC1385}) (Version: 18.1.1508.0538 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f6a1d9e5-6ef0-4bdb-8637-4241ffee4179}) (Version: 18.32.1 - Intel Corporation)
Malwarebytes Anti-Exploit version 1.9.1.1291 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1291 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 3.10020.10439.40 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.119 - Realtek Semiconduct Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Snagit 11 (HKLM-x32\...\{90D0FC4B-D653-4F49-BB97-A48C74A52E71}) (Version: 11.4.3 - TechSmith Corporation)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.18 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{0A3B3699-C474-4173-B105-C3B9464F61C0}) (Version: 4.5.324.0 - Synaptics)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
ThumbsPlus 10 (HKLM-x32\...\ThumbsPlus 10) (Version: - Cerious Software)
ThumbsPlus 10 (x32 Version: 10.1.0.4011 - Cerious Software Inc.) Hidden
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{D549825F-FB85-49F6-8075-79847871C246}) (Version: 2.16.1101 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{EDB7BFB3-9B55-4A70-920F-35226A4E4A12}) (Version: 2.16.0504 - Samsung Electronics Co., Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B251480-BCE2-487D-B310-52D9887444E6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {329F6AA2-80A7-4680-98C0-3CA086F9269C} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {34D2B29D-8B51-4700-97A3-450A76EDEFF2} - System32\Tasks\{C3921B5B-160A-4419-8B2F-D47A88C31E39} => pcalua.exe -a "C:\EliteBook 850 G3\850 G3 Drivers\Networking\HP It4120 Snapdragon X5 LTE Drivers v1.0.1.53 Rev.A.exe" -d "C:\EliteBook 850 G3\850 G3 Drivers\Networking"
Task: {801A6E1D-2C47-48BD-BCFB-BFE03BA606F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-12] (Adobe Systems Incorporated)
Task: {84CC1865-774C-422C-A065-8D1B0393F5B6} - System32\Tasks\{1346ADC4-9572-4089-A8A4-B0EE90368685} => pcalua.exe -a "C:\EliteBook 850 G3\850 G3 Drivers\Firmware\HP Ultraslim Docking Station Displayport Hub.exe" -d "C:\EliteBook 850 G3\850 G3 Drivers\Firmware"
Task: {9041B7BE-A5F4-4A2E-96B5-BC0D80EE71A2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-12-27] (Microsoft Corporation)
Task: {9A05A1EE-9390-42AF-A554-E3193A7E22A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {9AFCD27A-8420-4984-B521-9A7021E978DD} - System32\Tasks\{6B35F718-257C-418D-A944-03E0917F6AB4} => pcalua.exe -a "C:\EliteBook 850 G3\850 G3 Drivers\Networking\HP hs3110hs3114 Mobile Broadband Drivers.exe" -d "C:\EliteBook 850 G3\850 G3 Drivers\Networking"
Task: {A5C05730-98A6-4AB4-95D3-63BE60FF32B7} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2015-12-24] (Conexant)
Task: {BC6A1B5D-AF46-4E91-890B-00DD552F793E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-12-27] (Microsoft Corporation)
Task: {CD9EBDDB-0E0D-4F10-88F3-449FF45886C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {D577B661-52EC-42C7-821A-6730A098807E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {F0C4053A-0DCE-4EED-B463-2B71D475078E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-12-27 17:39 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-27 17:41 - 2016-12-27 17:41 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-03-17 21:41 - 2016-03-17 21:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2016-05-15 19:13 - 2016-05-15 19:13 - 00384496 _____ () C:\Windows\system32\igfxTray.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:34 - 2017-02-12 19:57 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4070142805-2248021825-1571207387-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Barb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
MSCONFIG\startupreg: HP OfficeJet Pro 8720 (NET) => "C:\Program Files\HP\HP OfficeJet Pro 8720\Bin\ScanToPCActivationApp.exe" -deviceID "CN63OAK0NB:NW" -scfn "HP OfficeJet Pro 8720 (NET)" -AutoStart 1
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe" 60
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: RtsCM => RTSCM64.EXE
MSCONFIG\startupreg: SmartAudio => C:\Program Files\Conexant\SA3\HP-NB-AIO\SACpl.exe /sa3 /nv:3.0+ /uid:HP-NB-AIO /s /dne
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
==================== Restore Points =========================
13-12-2016 22:39:26 Windows Update
08-02-2017 14:17:37 Scheduled Checkpoint
12-02-2017 19:57:20 Restore Point Created by FRST
13-02-2017 18:22:38 Restore Point Created by FRST
14-02-2017 19:04:16 Windows Update
15-02-2017 18:27:20 Restore Operation
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/16/2017 06:42:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/16/2017 06:42:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/16/2017 06:42:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:47:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:42:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/15/2017 07:42:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/15/2017 07:42:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/15/2017 07:42:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:34:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:33:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
System errors:
=============
Error: (02/16/2017 06:42:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (02/15/2017 07:47:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (02/15/2017 07:42:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (02/15/2017 07:41:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6600U CPU @ 2.60GHz
Percentage of memory in use: 18%
Total physical RAM: 8072.59 MB
Available physical RAM: 6568.52 MB
Total Virtual: 16143.37 MB
Available Virtual: 14589.99 MB
==================== Drives ================================
Drive c: (DRIVE_C) (Fixed) (Total:698.54 GB) (Free:567.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: FF382DB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================