Hi
I recently deleted several programs from my computer that weren't being used and a lot of files, pictures and documents. Now the computer is slow at shutting down and on restarting. When turning on computer it sits there then goes to blank screen then to welcome screen and circle just keeps spinning and then finally to desktop and takes a while to load desktop. I don't know if I have a virus or what happened. It ran fine before I did this. It was slow but now really slow. I ran malwarebytes and nothing shows. Any advice would be greatly appreciated. Thank you Becky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-10-2016
Ran by jim (administrator) on ANN-PC (10-10-2016 17:18:45)
Running from C:\Users\jim\Desktop
Loaded Profiles: jim (Available Profiles: jim)
Platform: Microsoft Windows 8.1 Pro (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-08-01] (AVAST Software)
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-06-06] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{586A7A0F-C41F-44F1-92DC-65D8FD042321}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-06] (AVAST Software)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-06]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default [2016-10-10]
CHR Extension: (Google Docs) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-04]
CHR Extension: (Gmail) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-06] (AVAST Software)
S4 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S4 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-06-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-06-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-06-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-06-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-06-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [815792 2016-06-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449640 2016-06-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [124808 2016-06-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224616 2016-08-12] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
S3 netr28u; C:\WINDOWS\system32\DRIVERS\netr28u.sys [1696528 2013-06-18] (Ralink Technology Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38928 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [233304 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-28] (Microsoft Corporation)
S1 MpKsl3e3d4e73; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A4E22EC1-B5BA-4EB9-81D2-146C6D02A629}\MpKsl3e3d4e73.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-10 17:18 - 2016-10-10 17:19 - 00008029 _____ C:\Users\jim\Desktop\FRST.txt
2016-10-10 17:18 - 2016-10-10 17:18 - 00000000 ____D C:\FRST
2016-10-10 17:14 - 2016-10-10 17:14 - 01757184 _____ (Farbar) C:\Users\jim\Desktop\FRST.exe
2016-10-10 01:55 - 2016-10-10 01:56 - 00000000 ____D C:\Users\jim\Themes
2016-10-09 17:21 - 2016-10-09 17:21 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-10-09 13:42 - 2016-09-06 21:11 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-09 13:42 - 2016-09-06 21:11 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-10-09 13:22 - 2016-08-31 23:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-09 13:22 - 2016-08-31 22:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-09 13:22 - 2016-08-31 22:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-10-09 13:22 - 2016-08-31 21:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-09 13:22 - 2016-08-31 21:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-09 13:22 - 2016-08-31 20:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-09 13:22 - 2016-08-31 20:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-09 13:22 - 2016-08-26 00:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-09 13:21 - 2016-08-31 21:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-09 13:21 - 2016-08-31 21:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-09 13:21 - 2016-08-31 20:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-09 13:21 - 2016-08-26 00:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-10-09 13:21 - 2016-08-20 19:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-10-09 13:21 - 2016-08-20 18:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-09 13:21 - 2016-08-14 14:14 - 01403320 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-09 13:21 - 2016-08-14 13:22 - 03475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-09 13:21 - 2016-08-13 03:45 - 05761880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-09 13:21 - 2016-08-13 03:44 - 01471544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-09 13:21 - 2016-08-13 03:44 - 01395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-09 13:21 - 2016-08-13 03:44 - 01284576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-09 13:21 - 2016-08-13 03:44 - 01271152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-09 13:21 - 2016-08-13 03:44 - 01173016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-09 13:21 - 2016-08-12 18:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-10-09 13:21 - 2016-08-09 18:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-09 13:21 - 2016-08-02 01:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-09 13:21 - 2016-08-02 01:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-09 13:21 - 2016-08-02 01:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-09 13:20 - 2016-09-08 17:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-09 13:20 - 2016-08-22 12:09 - 00136872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-10-09 13:20 - 2016-08-22 12:09 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-10-09 13:20 - 2016-08-20 20:01 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-09 13:20 - 2016-08-20 20:00 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-10-09 13:20 - 2016-08-20 19:59 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-10-09 13:20 - 2016-08-20 18:51 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-09 13:20 - 2016-08-20 18:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-10-09 13:20 - 2016-08-11 11:52 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-10-09 13:20 - 2016-08-11 11:48 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-10-09 13:20 - 2016-08-11 11:47 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-10-09 13:20 - 2016-08-04 10:17 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-10-09 13:20 - 2016-08-03 13:07 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-09 13:20 - 2016-08-03 13:07 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-10-09 13:20 - 2016-07-12 10:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-09 13:20 - 2016-07-09 11:55 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-10-09 13:20 - 2016-07-08 18:39 - 00082776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-10-09 13:20 - 2016-07-08 10:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-09 13:20 - 2016-07-08 10:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-10-09 13:20 - 2016-07-08 10:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-09 13:20 - 2016-07-07 16:34 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-10-09 13:20 - 2016-07-07 16:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-10-09 13:20 - 2016-07-07 16:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-09 13:20 - 2016-07-07 16:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-09 13:20 - 2016-07-07 16:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-10-09 13:20 - 2016-07-07 15:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-10-09 13:20 - 2016-07-07 15:29 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-10-09 13:20 - 2016-07-07 15:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-10-09 13:20 - 2016-07-07 15:22 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-09 13:20 - 2016-07-07 15:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-09 13:20 - 2016-07-07 15:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-10-09 13:20 - 2016-07-04 00:11 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-09 13:20 - 2016-07-03 23:10 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-10-09 13:20 - 2016-07-03 23:04 - 02539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-09 13:20 - 2016-07-03 23:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-09 13:20 - 2016-07-03 23:02 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-10-09 13:20 - 2016-07-03 22:16 - 02976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-10-09 13:20 - 2016-07-01 16:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-10 16:49 - 2016-08-04 12:38 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-10 15:35 - 2016-08-04 12:38 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-10 15:34 - 2016-08-03 21:40 - 00144470 _____ C:\WINDOWS\ntbtlog.txt
2016-10-10 03:00 - 2013-08-22 03:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-10 02:24 - 2013-08-22 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-10-10 01:56 - 2014-10-03 17:38 - 00000000 ____D C:\Users\jim
2016-10-09 19:50 - 2014-10-22 18:25 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2016-10-09 19:43 - 2011-10-12 19:42 - 00000000 ___RD C:\Users\jim\Desktop\program downloads
2016-10-09 17:38 - 2014-10-13 20:25 - 00000000 ____D C:\Users\jim\Documents\My Data Files
2016-10-09 17:36 - 2012-05-17 23:48 - 00000000 ____D C:\Users\jim\Desktop\shortcut icons
2016-10-09 16:52 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\rescache
2016-10-09 15:22 - 2013-12-11 01:10 - 00000000 ____D C:\Users\jim\AppData\Local\VirtualStore
2016-10-09 14:44 - 2014-03-18 04:00 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-09 14:44 - 2013-08-22 02:21 - 00000000 ____D C:\WINDOWS\inf
2016-10-09 14:23 - 2016-08-04 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-09 14:02 - 2014-01-06 17:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-09 13:54 - 2014-01-06 17:03 - 141747376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-09 13:54 - 2013-08-22 04:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-09 13:54 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-09 13:40 - 2013-08-22 03:22 - 00335400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-09 13:35 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-09 13:35 - 2013-08-22 04:17 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-10-09 13:35 - 2012-07-26 02:43 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-09 13:15 - 2016-08-02 02:15 - 00479312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-09 13:15 - 2016-08-02 02:15 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-10-09 13:15 - 2016-08-02 02:15 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-10-09 13:06 - 2016-08-04 12:52 - 00002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2016-08-04 16:24 - 2016-08-04 16:26 - 0004608 _____ () C:\Users\jim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-11 00:17 - 2014-10-11 00:17 - 0000017 _____ () C:\Users\jim\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-10 15:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-10-2016
Ran by jim (10-10-2016 17:19:48)
Running from C:\Users\jim\Desktop
Microsoft Windows 8.1 Pro (Update) (X86) (2014-10-03 22:00:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2591139470-2079622777-1480923985-500 - Administrator - Disabled)
Guest (S-1-5-21-2591139470-2079622777-1480923985-501 - Limited - Enabled)
jim (S-1-5-21-2591139470-2079622777-1480923985-1000 - Administrator - Enabled) => C:\Users\jim
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.2 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iSkysoft Data Recovery(Build 1.2.0.6) (HKLM\...\{656DB838-DB63-4acd-82E3-BB363ED99116}_is1) (Version: 1.2.0.6 - iSkysoft Software Co.,Ltd.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.24.0 - Ralink)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
RICOH R5U8xx Media Driver ver.3.62.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH)
SafeZone Stable 1.48.2066.101 (Version: 1.48.2066.101 - Avast Software) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1309F641-D96C-4266-8FCC-08BC2AB0851B} - System32\Tasks\SafeZone scheduled Autoupdate 1455255454 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {1ACDF313-BAD2-44D1-93CD-43CC89F90530} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {44D0DE3F-26D5-4499-8159-A6F3ECDA9E48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {8B601E6D-E433-41B4-9F02-A4911D8FA191} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-06] (AVAST Software)
Task: {ABAF52CF-61F1-4100-9E0C-C596F79EB59C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {B8E94945-76E8-42BA-9004-2B863616FC8B} - System32\Tasks\{0B45C01B-7366-4336-AEAD-4BC23257ED91} => pcalua.exe -a "C:\Program Files\Windows Live\Installer\wlarp.exe"
Task: {D699F0B9-23B7-492F-8BD0-74A6A33D2050} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-06 22:28 - 2016-06-06 22:28 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-09 13:01 - 2016-10-09 13:01 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16100900\algo.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-06 22:28 - 2016-06-06 22:28 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-10 15:35 - 2016-10-10 15:35 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16101003\algo.dll
2016-02-12 01:26 - 2016-02-12 01:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 02:13 - 2013-08-22 02:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2591139470-2079622777-1480923985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jim\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RaMediaServer => 3
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A019A72D-48D7-422C-8A04-F78D7D3B3DD6}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FEB0DBB1-1928-4BDF-B97F-C3A0108BA4CE}] => (Allow) LPort=1900
FirewallRules: [{F1823DAF-174B-43F9-96FA-72F51905C26C}] => (Allow) LPort=2869
FirewallRules: [{D10736D3-DB84-4A1C-96B6-2DC7F3721E92}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FC1F58F8-871E-4303-97E5-01B6EABF1701}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{9D6464D8-E782-46AC-8E2F-6AED3A8BB4BB}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{470805FF-04C8-4DB7-9C41-131E6371B973}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{A3A6B5CA-7B45-4EED-BB2A-749342EAB0A0}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{7E04CEFB-1852-4C6B-8AAD-797177470729}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{9F89C310-50B6-4841-8A77-954E292D9F01}] => (Allow) C:\Program Files\Ralink\Common\RaMediaServer.exe
FirewallRules: [{19516769-816F-4367-9101-E5C0F771C41E}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{7DEB0DD5-73D1-4226-823B-7CA9535B44E1}] => (Allow) C:\Program Files\Ralink\Common\RaUI.exe
FirewallRules: [{435E26D9-18C9-4276-9CBE-BC34BF46C58B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
02-09-2016 11:19:10 Scheduled Checkpoint
09-10-2016 13:22:40 Windows Update
09-10-2016 15:18:54 Revo Uninstaller's restore point - Hardwood Euchre
09-10-2016 15:22:34 Revo Uninstaller's restore point - Mozilla Thunderbird 45.1.1 (x86 en-US)
09-10-2016 15:23:52 Revo Uninstaller's restore point - Mozilla Maintenance Service
09-10-2016 16:11:59 JRT Pre-Junkware Removal
09-10-2016 17:20:57 Removed Windows 7 USB/DVD Download Tool
09-10-2016 17:26:33 Revo Uninstaller's restore point - Speccy
09-10-2016 17:28:48 Revo Uninstaller's restore point - RuneScape Launcher 1.2.7
09-10-2016 17:29:08 Removed RuneScape Launcher 1.2.7
==================== Faulty Device Manager Devices =============
Name: Broadcom 440x 10/100 Integrated Controller
Description: Broadcom 440x 10/100 Integrated Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: bcm4sbxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2016 08:21:46 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (10/09/2016 05:29:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 05:29:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 05:28:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 05:28:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {56f6582b-7004-4b1c-8a9b-57cbf0ce161b}
Error: (10/09/2016 05:26:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 05:26:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {56f6582b-7004-4b1c-8a9b-57cbf0ce161b}
Error: (10/09/2016 05:20:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 05:20:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
Error: (10/09/2016 04:12:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
The parameter is incorrect.
.
System errors:
=============
Error: (10/10/2016 03:56:41 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/10/2016 03:56:11 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/10/2016 03:50:48 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/10/2016 03:50:18 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/09/2016 10:28:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (10/09/2016 10:28:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The AppXSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
The request is not supported.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (10/09/2016 10:27:50 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (10/09/2016 08:26:26 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (10/09/2016 06:20:08 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (10/09/2016 04:44:34 PM) (Source: DCOM) (EventID: 10010) (User: ANN-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
==================== Memory info ===========================
Processor: Mobile AMD Sempron Processor 3500+
Percentage of memory in use: 40%
Total physical RAM: 1918.04 MB
Available physical RAM: 1146.45 MB
Total Virtual: 4734.04 MB
Available Virtual: 3879.47 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:64.45 GB) (Free:35.02 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 18000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=64.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================