Hello,
Thanks for the help.
Here you have the log files:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-03-2017
Ran by tony (administrator) on DESKTOP-FMJ3GQ8 (07-03-2017 22:49:23)
Running from C:\Users\tony\Downloads
Loaded Profiles: tony (Available Profiles: tony)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(© 2015 Microsoft Corporation) C:\Users\tony\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-06] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKU\S-1-5-21-3964616016-1854025121-3180756067-1001\...\Run: [BingSvc] => C:\Users\tony\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3964616016-1854025121-3180756067-1001\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-03-06] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4
Tcpip\..\Interfaces\{14161d88-2bd2-4edd-96df-a1a0212f97fc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c5033248-9df8-434d-b094-4296bbbe6893}: [DhcpNameServer] 195.130.131.4 195.130.130.4
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\tony\AppData\Roaming\TomTom\HOME\Profiles\siphddh6.default [2016-11-09]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-11]
FF Plugin:
@tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin:
@tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=nl-nl
CHR DefaultSearchURL: Default ->
hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default ->
hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}CHR Profile: C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default [2017-03-07]
CHR Extension: (Google Presentaties) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-08]
CHR Extension: (Chrome Note) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\adjgkicnjpdidejieampegajjjgjccea [2016-08-23]
CHR Extension: (Google Documenten) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-08]
CHR Extension: (Google Drive) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-08]
CHR Extension: (YouTube) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-08]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-03-05]
CHR Extension: (Avast SafePrice) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-20]
CHR Extension: (Google Spreadsheets) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-08]
CHR Extension: (Offline Documenten) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-08]
CHR Extension: (Avast Online Security) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-07]
CHR Extension: (Fonter) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\kppnpdgkgichdbnjkjjlbjfefopfjned [2016-08-13]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Gmail) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-08]
CHR Extension: (Chrome Media Router) - C:\Users\tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] -
hxxps://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] -
hxxps://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] -
hxxps://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] -
hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-3964616016-1854025121-3180756067-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] -
hxxps://clients2.google.com/service/update2/crx==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-03-06] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-06] (AVAST Software)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [46736 2016-08-08] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [257288 2017-03-06] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148720 2017-03-06] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [267016 2017-03-06] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41176 2017-03-06] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-03-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-03-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [106392 2017-03-06] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [355752 2017-03-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-03-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-03-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [756200 2017-03-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [463936 2017-03-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118288 2017-03-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [278776 2017-03-06] (AVAST Software)
S3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2016-07-16] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2016-08-23] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2016-08-23] (Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [161216 2017-03-06] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1824256 2016-07-16] (MediaTek Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [573560 2016-08-08] (VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-07 22:49 - 2017-03-07 22:49 - 01765888 _____ (Farbar) C:\Users\tony\Downloads\FRST.exe
2017-03-07 22:49 - 2017-03-07 22:49 - 00012192 _____ C:\Users\tony\Downloads\FRST.txt
2017-03-07 22:49 - 2017-03-07 22:49 - 00000000 ____D C:\FRST
2017-03-07 22:48 - 2017-03-07 22:48 - 00604928 _____ (Reimage) C:\Users\tony\Downloads\ReimageRepair.exe
2017-03-07 13:51 - 2017-03-07 13:54 - 00278820 _____ C:\WINDOWS\Minidump\030717-71843-01.dmp
2017-03-07 13:45 - 2017-03-07 13:47 - 00278940 _____ C:\WINDOWS\Minidump\030717-78609-01.dmp
2017-03-07 13:38 - 2017-03-07 13:39 - 00278876 _____ C:\WINDOWS\Minidump\030717-25140-01.dmp
2017-03-07 13:05 - 2017-03-07 13:05 - 00000000 ___HD C:\OneDriveTemp
2017-03-07 07:51 - 2017-03-07 07:54 - 00278988 _____ C:\WINDOWS\Minidump\030717-23546-01.dmp
2017-03-07 07:46 - 2017-03-07 07:46 - 00050800 _____ C:\Users\tony\Documents\Onkosten kerkstr. .pdf
2017-03-07 07:20 - 2017-03-04 22:33 - 00040870 ____T C:\Users\tony\Documents\Offerte afloop Gar.Const. 3-0201.pdf
2017-03-07 07:19 - 2017-03-04 22:33 - 00040870 ____T C:\Users\tony\Documents\AV 2017 Gar. Const..pdf
2017-03-07 07:09 - 2017-03-07 07:12 - 00278804 _____ C:\WINDOWS\Minidump\030717-18140-01.dmp
2017-03-07 00:37 - 2017-03-07 00:37 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-06 23:16 - 2017-03-06 23:16 - 00000000 ___HD C:\$AV_ASW
2017-03-06 22:47 - 2017-03-06 22:44 - 00267016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswblogx.sys
2017-03-06 22:47 - 2017-03-06 22:44 - 00257288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2017-03-06 22:47 - 2017-03-06 22:44 - 00148720 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2017-03-06 22:47 - 2017-03-06 22:44 - 00041176 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2017-03-06 22:47 - 2016-11-11 12:03 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswEC0E.tmp
2017-03-06 22:47 - 2016-11-11 12:03 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF412.tmp
2017-03-06 22:47 - 2016-11-11 12:03 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF4A0.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF637.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF1ED.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswEF5B.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF2F8.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswEA67.tmp
2017-03-06 22:47 - 2016-08-22 10:17 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswF0E3.tmp
2017-03-06 22:47 - 2016-08-22 10:16 - 00338936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswDBB1.tmp
2017-03-06 22:46 - 2017-03-06 22:45 - 00328208 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-06 22:37 - 2017-03-06 22:38 - 00279012 _____ C:\WINDOWS\Minidump\030617-42937-01.dmp
2017-03-06 22:34 - 2017-03-06 22:36 - 00278852 _____ C:\WINDOWS\Minidump\030617-37046-01.dmp
2017-03-06 22:29 - 2017-03-06 22:29 - 00219584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1EB86044.sys
2017-03-06 07:40 - 2017-03-06 07:42 - 00278924 _____ C:\WINDOWS\Minidump\030617-55671-01.dmp
2017-03-06 07:06 - 2017-03-06 07:06 - 00219584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1DA11E46.sys
2017-03-06 00:55 - 2017-03-06 00:56 - 00278772 _____ C:\WINDOWS\Minidump\030617-21031-01.dmp
2017-03-06 00:36 - 2017-03-06 00:36 - 00219584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\042D73B7.sys
2017-03-05 22:40 - 2017-03-05 22:41 - 00279020 _____ C:\WINDOWS\Minidump\030517-33015-01.dmp
2017-03-05 22:21 - 2017-03-06 22:35 - 00161216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-05 22:20 - 2017-03-05 22:20 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-05 22:18 - 2017-03-05 22:20 - 57131432 _____ (Malwarebytes ) C:\Users\tony\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-05 22:05 - 2017-03-05 22:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\tony\Downloads\HijackThis.exe
2017-03-05 22:04 - 2017-03-05 22:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\tony\Downloads\Niet bevestigd 269074.crdownload
2017-02-27 12:07 - 2017-02-27 12:07 - 00347635 _____ C:\Users\tony\Documents\attachment[2818]Daglig ker. vuur.pdf
2017-02-18 11:49 - 2017-02-18 11:49 - 00559815 _____ C:\Users\tony\Downloads\2017000287727.pdf
2017-02-09 07:53 - 2017-02-09 07:53 - 00000918 _____ C:\Users\tony\Desktop\My business - Shortcut.lnk
2017-02-08 16:05 - 2017-02-08 16:05 - 00084876 _____ C:\Users\tony\Downloads\bijles1.pdf
2017-02-08 16:05 - 2017-02-08 16:05 - 00084876 _____ C:\Users\tony\Downloads\bijles1 (1).pdf
2017-02-05 19:59 - 2017-02-05 19:59 - 00000000 ____D C:\Program Files\Common Files\Skype
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-07 22:47 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 22:47 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-07 22:37 - 2015-07-09 19:22 - 00000000 ___RD C:\Users\tony\OneDrive
2017-03-07 22:35 - 2016-09-24 14:55 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2017-03-07 14:09 - 2016-09-24 14:58 - 00000000 ____D C:\Users\tony
2017-03-07 14:09 - 2016-09-24 14:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-07 13:51 - 2016-12-18 07:58 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-07 13:51 - 2016-09-24 15:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-07 13:51 - 2016-08-27 13:12 - 333750837 _____ C:\WINDOWS\MEMORY.DMP
2017-03-07 13:05 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-07 07:17 - 2016-09-25 00:43 - 00899958 _____ C:\WINDOWS\system32\perfh013.dat
2017-03-07 07:17 - 2016-09-25 00:43 - 00216714 _____ C:\WINDOWS\system32\perfc013.dat
2017-03-07 07:17 - 2015-07-09 19:15 - 02321842 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-07 00:35 - 2016-08-13 05:52 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-07 00:34 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-06 23:59 - 2015-07-09 19:13 - 00000000 ____D C:\Program Files\KMSpico
2017-03-06 23:02 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\registration
2017-03-06 22:49 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-03-06 22:47 - 2016-08-13 05:48 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-06 22:45 - 2016-08-13 05:52 - 00031064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00756200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00463936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00278776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00118288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00106392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00090336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00062152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-06 22:45 - 2016-08-13 05:50 - 00034136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-06 22:44 - 2016-08-13 05:50 - 00355752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-06 22:40 - 2016-07-16 03:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-05 22:06 - 2015-07-09 19:20 - 00000000 ____D C:\Users\tony\AppData\Local\VirtualStore
2017-03-04 22:12 - 2015-07-09 19:22 - 00002364 _____ C:\Users\tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-26 07:37 - 2017-01-19 17:08 - 00000000 ____D C:\Users\tony\Documents\tony foto
2017-02-24 12:32 - 2016-11-09 15:50 - 00000000 ____D C:\ProgramData\Skype
2017-02-24 01:58 - 2016-11-23 08:35 - 00000000 ____D C:\Users\tony\Documents\BOETES
2017-02-24 01:57 - 2016-12-07 19:21 - 00000000 ____D C:\Users\tony\Documents\Groene Swaen
2017-02-24 01:57 - 2016-11-23 09:18 - 00000000 ____D C:\Users\tony\Documents\Lamy
2017-02-24 00:51 - 2016-08-08 16:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 00:48 - 2016-08-08 16:37 - 135086848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 03:05 - 2016-12-07 20:13 - 00000000 ____D C:\Users\tony\Documents\OZ
2017-02-22 22:23 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 22:13 - 2015-07-09 19:20 - 00000000 ____D C:\Users\tony\AppData\Local\Packages
2017-02-21 20:55 - 2015-07-09 19:24 - 00000000 ____D C:\Users\tony\Desktop\tony foto
2017-02-06 23:38 - 2016-08-08 17:21 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 23:38 - 2016-08-08 17:21 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 20:48 - 2016-10-30 12:07 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-10-30 12:07 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-02-06 18:53 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-05 19:59 - 2016-11-09 15:50 - 00000000 ___RD C:\Program Files\Skype
Some files in TEMP:
====================
2016-11-09 16:00 - 2016-11-09 16:00 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\tony\AppData\Local\Temp\BSvcProcessor.exe
2016-11-09 16:00 - 2016-11-09 16:00 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\tony\AppData\Local\Temp\BSvcUpdater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-03 01:28
==================== End of FRST.txt ============================
additional note pad:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-03-2017
Ran by tony (07-03-2017 22:50:28)
Running from C:\Users\tony\Downloads
Microsoft Windows 10 Home Version 1607 (X86) (2016-09-24 14:18:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3964616016-1854025121-3180756067-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3964616016-1854025121-3180756067-503 - Limited - Disabled)
Guest (S-1-5-21-3964616016-1854025121-3180756067-501 - Limited - Disabled)
tony (S-1-5-21-3964616016-1854025121-3180756067-1001 - Administrator - Enabled) => C:\Users\tony
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Premier (HKLM\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.4518.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3964616016-1854025121-3180756067-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
PIXresizer (HKLM\...\PIXresizer_is1) (Version: 2.0.5 - Bluefive software)
SafeZone Stable 3.55.2393.561 (Version: 3.55.2393.561 - Avast Software) Hidden
Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
UpdateAssistant (Version: 1.1.0.0 - Microsoft Corporation) Hidden
Windows 10 Upgrade Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17353 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04895472-8F27-45C7-ADDE-A32A108596B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-08] (Google Inc.)
Task: {28AD8E2A-D7BE-4437-95F3-A5CFC8C20CB6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-06] (AVAST Software)
Task: {4C415D58-B3F2-4398-9C87-513B085C2ACD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2016-06-21] (Microsoft Corporation)
Task: {A1D8F1B3-E2A8-4FE3-9D28-0BCF6F813894} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\tony\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\OneDriveStandaloneUpdater.exe
Task: {A48CD685-99E5-46F1-9535-39DF347FDB8A} - System32\Tasks\SafeZone scheduled Autoupdate 1471063943 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {AC585335-51DC-45B3-B6BB-DFAC16BFD4EF} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {C36A24B7-33B3-4E59-BEC5-03634A10B1A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-08] (Google Inc.)
Task: {D3A155D8-32C0-4491-8037-7E39E83E0EE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 22:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 22:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 22:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 13:20 - 2016-12-21 05:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 13:21 - 2016-12-21 05:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 13:21 - 2016-12-21 05:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-25 00:47 - 2016-09-25 00:47 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 13:21 - 2016-12-21 05:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 13:21 - 2016-12-21 05:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 22:03 - 2017-02-22 22:03 - 00064512 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 22:03 - 2017-02-22 22:03 - 00153088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 22:03 - 2017-02-22 22:03 - 30889472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 20:43 - 2017-02-06 20:43 - 01733120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\roottools.dll
2017-03-06 22:45 - 2017-03-06 22:45 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-13 05:50 - 2016-08-13 05:50 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-06 22:44 - 2017-03-06 22:44 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-06 22:45 - 2017-03-06 22:45 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-03 00:15 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\tony\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-01-03 00:15 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\tony\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 09:28 - 2015-07-10 09:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3964616016-1854025121-3180756067-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tony\Pictures\My family\IMG_0218 (2).JPG
DNS Servers: 195.130.131.4 - 195.130.130.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8D276563-40D2-4F44-9374-8F6F49BE0DB2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BF08F375-05D1-41D7-8E58-0C06363BAC9C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{336B23B8-52C9-4F14-BA7A-EF65A92E8C4B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{C36B02C2-075B-4134-A424-A79CC222972E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
==================== Restore Points =========================
19-02-2017 00:04:24 Scheduled Checkpoint
22-02-2017 22:22:12 Windows Update
04-03-2017 23:09:52 Scheduled Checkpoint
06-03-2017 22:46:25 Restore Operation
==================== Faulty Device Manager Devices =============
Name: HP 802.11b|g Wireless Network Adapter
Description: HP 802.11b|g Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2017 08:58:23 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 08:58:23 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:53:14 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:53:14 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:53:14 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:53:14 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:53:14 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:47:57 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-FMJ3GQ8)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
Error: (03/07/2017 07:11:11 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (03/07/2017 07:11:11 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
System errors:
=============
Error: (03/07/2017 10:36:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/07/2017 02:09:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/07/2017 01:54:40 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x00000020, 0xadb649b0, 0xadb649c8, 0x08030019). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: d76e6370-469b-42ec-8004-16502768ea25.
Error: (03/07/2017 01:52:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/07/2017 01:52:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/07/2017 01:52:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/07/2017 01:51:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/07/2017 01:51:35 PM) (Source: athr) (EventID: 5003) (User: )
Description: HP 802.11b|g Wireless Network Adapter : Could not find a network adapter.
Error: (03/07/2017 01:51:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:45:40 PM on 3/7/2017 was unexpected.
Error: (03/07/2017 01:40:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2016-12-07 23:30:07.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-07 23:30:07.684
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X3 460 Processor
Percentage of memory in use: 44%
Total physical RAM: 3327.3 MB
Available physical RAM: 1833.84 MB
Total Virtual: 3903.3 MB
Available Virtual: 2372.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.27 GB) (Free:294.48 GB) NTFS
Drive d: () (Fixed) (Total:149.05 GB) (Free:144.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA93E015)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: F486F486)
Partition 1: (Active) - (Size=149 GB) - (Type=42)
Partition 2: (Not Active) - (Size=1849 KB) - (Type=42)
==================== End of Addition.txt ============================