Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01 Ran by PC450 (21-06-2017 20:25:17) Running from C:\Users\brian\Downloads Windows 10 Home Version 1703 (X64) (2017-05-08 12:11:30) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2642145739-2891074446-3828257678-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2642145739-2891074446-3828257678-503 - Limited - Disabled) Guest (S-1-5-21-2642145739-2891074446-3828257678-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2642145739-2891074446-3828257678-1003 - Limited - Enabled) PC450 (S-1-5-21-2642145739-2891074446-3828257678-1001 - Administrator - Enabled) => C:\Users\brian ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.04 - aerosoft) American Truck Simulator (HKLM\...\Steam App 270880) (Version: - SCS Software) ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.12 - ASUSTeK Computer Inc.) ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.10 - ASUSTeK Computer Inc.) ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.02 - ASUSTeK Computer Inc.) ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.04 - ASUSTeK Computer Inc.) ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.00 - ASUSTeK Computer Inc.) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) Belgische Overwegen (HKLM-x32\...\Belgische Overwegen) (Version: v1_0 - Coha.nl) CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform) Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine) ChrisTrains Jet Train v2.2 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains Jet Train v2.2) (Version: - ) ChrisTrains NS DD-AR v3.1 (HKLM-x32\...\ChrisTrains NS DD-AR v3.1) (Version: - ) ChrisTrains NS DDZ v3.1 (HKLM-x32\...\ChrisTrains NS DDZ v3.1) (Version: - ) ChrisTrains NS DH1 DH2 v1.1 (HKLM-x32\...\ChrisTrains NS DH1 DH2 v1.1) (Version: - ) ChrisTrains NS DM90 v1.1 (HKLM-x32\...\ChrisTrains NS DM90 v1.1) (Version: - ) ChrisTrains NS Gbs Freight Wagon v1.4 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains NS Gbs Freight Wagon v1.4) (Version: - ) ChrisTrains NS ICMm Paint Pack v2.01 (HKLM-x32\...\ChrisTrains NS ICMm Paint Pack v2.01) (Version: - ) ChrisTrains NS ICMm v2.0 (HKLM-x32\...\ChrisTrains NS ICMm v2.0) (Version: - ) ChrisTrains NS IRM v2.0 (HKLM-x32\...\ChrisTrains NS IRM v2.0) (Version: - ) ChrisTrains NS Mat64 v2.1 (HKLM-x32\...\ChrisTrains NS Mat64 v2.1) (Version: - ) ChrisTrains NS SGM v2.1 (HKLM-x32\...\ChrisTrains NS SGM v2.1) (Version: - ) ChrisTrains NS SLT v2.1 (HKLM-x32\...\ChrisTrains NS SLT v2.1) (Version: - ) ChrisTrains NS Station Objects & Scenery Pack v3.62 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains NS Station Objects & Scenery Pack v3.62) (Version: - ) ChrisTrains NS Station Objects & Scenery Pack v3.7 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains NS Station Objects & Scenery Pack v3.7) (Version: - ) ChrisTrains NS Track Pack v0.5 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains NS Track Pack v0.5) (Version: - ) ChrisTrains Scenery Mat54 v1.2 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\ChrisTrains Scenery Mat54 v1.2) (Version: - ) ChrisTrains Stadler Flirt 3 v2.0 (HKLM-x32\...\ChrisTrains Stadler Flirt 3 v2.0) (Version: - ) ChrisTrains Stadler GTW v1.2 (HKLM-x32\...\ChrisTrains Stadler GTW v1.2) (Version: - ) Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.) Coha NL Seinen (HKLM-x32\...\Coha NL Seinen) (Version: v1_3a - Coha.nl) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden De Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.27.80.1020 - Electronic Arts Inc.) DRIFT O.Z. (HKLM-x32\...\{A3F4E5E5-A302-48E9-948B-2773FEAB2869}) (Version: V4.40a - SPEEDLINK) eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Facebook Gameroom 1.4.1.0 (HKLM-x32\...\{BF83FC65-8072-4850-A4CE-969A5F3570DA}) (Version: 1.4.1.0 - Facebook) FileZilla Client 3.25.1 (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse) FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Frison Objects & Scenery Pack (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\Frison Objects & Scenery Pack) (Version: - ) Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Gert Meering Objects & Scenery Pack (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\Gert Meering Objects & Scenery Pack) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.109 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Indeo® Software (HKLM-x32\...\Indeo® Software) (Version: - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden Microsoft OneDrive (HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Noordwest Nederland route (HKLM-x32\...\Noordwest Nederland route) (Version: v5 - Xander (aka Joopiejj)) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.4.5.25153 - Electronic Arts, Inc.) Planet Coaster (HKLM\...\Steam App 493340) (Version: - Frontier Developments) PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.) Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Railtraction BR 648 Coradia Lint41 (HKLM-x32\...\{03947395-439B-46E0-AB62-0613504EB86E}) (Version: 1.0.2 - Railtraction) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - ) SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics) Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Train Simulator (HKLM\...\Steam App 24010) (Version: - Dovetail Games) Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version: - Dovetail Games) UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden UKTS Freeware Pack - Blocks-Lofts-Bridges #1 (HKLM-x32\...\{07BB63A6-188D-4447-A0B6-8ED8B2075B81}) (Version: 1.0.9 - UKTrainSim) UKTS Freeware Pack - Clutter #1 (HKLM-x32\...\{F355333F-795E-4593-ACAA-5C0F9D719D49}) (Version: 1.0.6 - UKTrainSim) UKTS Freeware Pack - Housing #1 (HKLM-x32\...\{AAEA1063-229A-406B-9962-864AEFBBD82F}) (Version: 1.1.1 - UKTrainSim) UKTS Freeware Pack - Industrial #1 (HKLM-x32\...\{B19E2B7A-745D-4B67-B21B-C97F727F3923}) (Version: 1.0.3 - UKTrainSim) UKTS Freeware Pack - Railway Buildings #1 (HKLM-x32\...\{13969A12-BC34-42DB-906D-D55FA9675EC2}) (Version: 1.0.4 - UKTrainSim) Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden 影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden 照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {105A0A76-E5B0-4609-A064-67E28134DE30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.) Task: {13F10D68-32A7-4583-B72D-0A59C8F7C988} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-11-27] (ASUSTeK Computer Inc.) Task: {145FC396-38B3-48BC-AC43-E76451883931} - \WPD\SqmUpload_S-1-5-21-2642145739-2891074446-3828257678-1001 -> No File <==== ATTENTION Task: {17ADD2DC-AB55-49A5-A79E-CD3BA4237D27} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.) Task: {1EB4A81C-70B8-4F01-90DE-DE60259DAB7F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2627443F-BA18-4422-B7D5-583D795C8B2F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {2B5A07CD-94E7-4016-ABAB-6C5DB3B8BCA8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-04] (AVAST Software) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {425C801B-CF95-41BF-AC75-A40466CF1ED2} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: {52E7B186-18D5-4B58-A841-4C89BD5158EA} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] () Task: {5369FA00-025F-489E-B8A3-2A46F3559F8E} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2013-11-29] () Task: {63BA0A59-B6F5-41C5-9089-4C7146EE7E54} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: {672BDCCD-B0F0-46A8-BF72-05BB61EF63BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {6A710290-A46A-4164-87B0-E226B5057453} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {7F8083DB-E016-4D64-915B-AB4B9243EFBD} - System32\Tasks\SafeZone scheduled Autoupdate 1450217474 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software) Task: {829747EC-1F1F-42CB-89EC-5AB25D07689B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {84B0AD30-AC78-478B-8AAC-DB0DD766ED97} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {87C6DFC4-5328-46EF-8E35-4AD49D2E3658} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {89502368-9A3C-435A-8C98-61EE2C3B03F5} - System32\Tasks\{CBCCAB8D-52E0-40B3-891E-D0C2C5F38111} => pcalua.exe -a F:\setup.exe -d F:\ Task: {995BB6B4-A26C-4B23-9E58-650453E8C00F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {A0EC3C50-8A6E-478A-92D5-14D4AEC813F0} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-02-21] (ASUSTeK) Task: {A32BB35D-4124-44A4-BAB1-F2F24B121082} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {A516FDDE-9FCE-4F6E-88D8-34F36ECF95AE} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {B0C560CA-3A03-45A9-9F30-EEBF22C5CBF4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {B0C9485F-0996-4886-9A1D-71EA74EF859C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.) Task: {B491AF9F-B389-4479-85A5-F9695977379E} - System32\Tasks\update-S-1-5-21-2642145739-2891074446-3828257678-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {C1EE6D1C-7B11-412E-A3BF-10A5BD899BAD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {CFBF9B32-EEB2-42E4-9D32-23986AD77615} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {D9B49BC6-993C-4365-AB11-7E5DA99B5AA4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-16] (AVAST Software) Task: {E8DC88CA-34DC-41AF-A1C8-75DDBF95B157} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd) Task: {F5DB0112-0D99-4068-8448-DA92581083C9} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-11-28] () Task: {F73924E7-69C3-426C-8F55-2F99AC3C6A31} - System32\Tasks\{E307A6CA-C268-4ADF-B23E-F0F91A78A56F} => pcalua.exe -a "C:\Program Files (x86)\ParetoLogic\PCHA\uninstall.exe" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\update-S-1-5-21-2642145739-2891074446-3828257678-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-07-17 13:41 - 2013-11-06 12:58 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-18 22:59 - 2017-03-19 04:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-05-08 14:53 - 2017-05-08 14:53 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll 2017-05-08 14:53 - 2017-05-08 14:53 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-05-08 14:53 - 2017-05-08 14:53 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-06-20 14:21 - 2017-06-20 14:22 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-06-20 14:21 - 2017-06-20 14:22 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-06-06 11:57 - 2017-06-06 11:58 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-06-06 11:57 - 2017-06-06 11:58 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-05-23 17:20 - 2017-05-23 17:20 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-06 11:57 - 2017-06-06 11:58 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2016-10-14 15:25 - 2016-10-14 15:25 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2017-06-06 11:57 - 2017-06-06 11:58 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-05-05 13:23 - 2017-05-05 13:25 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2017-03-19 04:33 - 2017-03-19 04:33 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2017-04-07 09:41 - 2017-04-07 09:41 - 00054488 _____ () C:\Program Files\CCleaner\branding.dll 2017-06-13 15:08 - 2017-06-13 15:08 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-06-13 12:45 - 2017-06-13 12:45 - 04323840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.1602.0_x64__8wekyb3d8bbwe\Calculator.exe 2017-06-13 12:45 - 2017-06-13 12:45 - 03500456 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.1602.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-21 14:35 - 2017-06-20 08:21 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.109\swiftshader\libglesv2.dll 2017-06-21 14:35 - 2017-06-20 08:21 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.109\swiftshader\libegl.dll 2016-09-29 16:14 - 2017-03-12 21:29 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2014-07-17 13:41 - 2017-06-20 14:18 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2014-07-17 13:41 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2014-07-17 13:38 - 2013-09-16 22:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-05-04 18:12 - 2017-05-04 18:12 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-05-31 11:41 - 2017-05-31 11:41 - 01982976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll 2017-05-02 18:50 - 2017-05-02 18:50 - 01162752 _____ () C:\Users\brian\AppData\Local\Facebook\Games\CefSharp.Core.dll 2017-05-02 18:50 - 2017-05-02 18:50 - 67197440 _____ () C:\Users\brian\AppData\Local\Facebook\Games\libcef.dll 2017-05-02 18:50 - 2017-05-02 18:50 - 00752640 _____ () C:\Users\brian\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll 2017-05-02 18:50 - 2017-05-02 18:50 - 01886208 _____ () C:\Users\brian\AppData\Local\Facebook\Games\libglesv2.dll 2017-05-02 18:50 - 2017-05-02 18:50 - 00078848 _____ () C:\Users\brian\AppData\Local\Facebook\Games\libegl.dll 2015-05-31 20:44 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-05-31 20:44 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-05-31 20:44 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll 2015-05-31 20:44 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-05-31 20:44 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-05-31 20:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-05-31 20:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-05-31 20:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-05-31 20:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-05-31 20:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-05-31 20:44 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 23:35 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-12-14 17:33 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-06-09 16:41 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2015-05-31 20:44 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\msn.com -> g.msn.com IE restricted site: HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\skype.com -> apps.skype.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-12-05 20:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\brian\Documents\CtwAgFOXgAAtJyS.jpg DNS Servers: 84.116.46.20 - 84.116.46.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "AvgUi" HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\StartupApproved\Run: => "Gyazo" HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2642145739-2891074446-3828257678-1001\...\StartupApproved\Run: => "Uninstall C:\Users\brian\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{45DF4E3B-A6F5-4DC6-B83E-A02375C15E36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe FirewallRules: [{3EA6D15B-1C5A-4844-8C5C-5628A9786FF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe FirewallRules: [{3C5AC03A-7C2A-489D-9265-A1B9F263F840}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe FirewallRules: [{EB86B794-B574-498E-89DC-4E7C6D44F134}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{EEC691F8-9494-4237-ABF0-B19813B335FF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{B43347B2-DB02-42C4-BB5C-802798D9020D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{6BE435BD-44D9-4889-B112-7B8DC94E9343}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{7F452CBB-645D-4149-A38D-3295BB1B9000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe FirewallRules: [{AE799244-F5DE-486C-8B9A-485203979308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe FirewallRules: [{A9068DC7-76D9-4626-AC7E-7CBE56614E88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe FirewallRules: [{D4EFA88C-5196-4A08-86B5-5E5C9EFE3D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe FirewallRules: [{8A2B526D-D751-45B9-ABCE-76AE79FBDEFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EDB7235C-46B9-44AA-A37D-CADDD3B4131E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8CBA0353-CD4B-4E68-93D6-F601C06E0C59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe FirewallRules: [{F9CB8F4A-6080-4D08-A4DD-D2B1021BEB49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe FirewallRules: [{8615C530-7BE7-472E-AC2F-4F74B3BD5C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{A861AA77-DD2A-4EFE-9E2F-0ABB61C38CA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{0FE01E0F-B921-48AF-A7B3-791B1CB74EF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{934E0197-A0BC-4BF8-83C6-8E0111583F6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{5497F36A-E0FD-46DB-9085-5F942C801B0E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{34DF4E0C-CCDC-4827-AC25-6843815ECF14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{23C9B612-C98C-4DC6-B68E-1C743EC9FD09}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{22E38FF4-9382-4766-AA43-0FACC97940B4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{17D77C9E-C1B6-4328-883C-4FFAF2F93997}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{A326D0B6-4E5D-4F42-8288-E22AAB0ED105}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{C6A92B68-A332-40AB-B6E1-B4F025503DB6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{66BD3E7D-45E9-4AA9-B784-1F7AAB742D9E}] => (Allow) LPort=2869 FirewallRules: [{ACC642D0-E1A2-416F-AAFF-A26AF80140B3}] => (Allow) LPort=1900 FirewallRules: [{6E5C0462-74A8-467A-A659-4A5B19D10CC5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{13807368-B19E-4FDA-A3E2-6E9B6E8B6E3F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{5DBFBE19-FFAD-4A64-AB1F-84BDA28D637F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B5133246-6C09-4C38-BB70-2109E6BBB112}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4BDF0846-5485-4C6A-A3E6-C8153B4FA9C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{563BCDC8-3E2E-450F-9F01-F634F42A69E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{78807F27-0B64-43EF-AC4F-6CCF3ECE9704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [{6F7FCC15-F4EA-4B67-B2EF-EAA40367F3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [UDP Query User{C500C0DB-F4D9-414B-AEE4-83D1606869A9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{84726018-1BE8-431C-9845-43F2200C126F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E9A6C290-307F-4C3F-9A6C-69D9A74FBB9D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{FCDE08E0-B7D4-44E9-9870-D1EA6D53BF63}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{20EC2980-950D-4FEE-9751-7E5B9AEDB763}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [{9C794736-38F5-412C-9AE2-6B268E9A55E0}] => (Block) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [{4211EA88-0D8A-47FE-82E3-C33E66EC503D}] => (Block) C:\program files (x86)\origin games\fifa 15\fifa15.exe FirewallRules: [{3F6C12EE-B892-4729-89ED-F862578BD431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{2352785E-553E-4441-8C06-47C9279A380F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{D5CFBE11-E46D-434B-9812-7D9761F597C6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{5DE028E3-E5ED-49E5-BB0C-F80CEEE9AED3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{71169C64-68FC-40D2-99C8-1CF44FC072C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{8637E2DB-CF9B-4B0C-B013-086209A8AB91}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe FirewallRules: [{C7343850-7E89-4CFE-8CD7-84AD308F22AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{6227256E-F98B-408A-A6FC-A3F4AEE8AD53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{D972CE32-8E67-4736-BB47-C1F429BA3AE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{57A598F2-BC7E-4834-BF33-9FCB33983C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{1488EC58-1430-4D7A-ACD7-D37EAA17ADFA}] => (Allow) C:\Program Files\FlightGear 2017.2.1\bin\fgfs.exe FirewallRules: [{18CC8300-B114-4372-AB4E-0E2AD21780D5}] => (Allow) C:\Program Files\FlightGear 2017.2.1\bin\fgcom.exe FirewallRules: [{2458E92A-2328-46F2-B197-CBD28BA884C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe FirewallRules: [{0A2E6073-5C3F-48D7-8747-ED264F2B37ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe FirewallRules: [{4F9624F7-5E13-4C32-8B17-6DD89215AF8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 20-06-2017 19:03:17 Removed Adobe Acrobat Reader DC - Nederlands. ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/21/2017 08:07:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.15063.332, tijdstempel: 0x591fd994 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc0000409 Foutmarge: 0x0000000000000079 Id van proces met fout: 0x1e7c Starttijd van toepassing met fout: 0x01d2eab8b330a001 Pad naar toepassing met fout: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Pad naar module met fout: unknown Rapport-id: 69f03036-2ebb-4565-9412-9ce55d82038e Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: BCHost Error: (06/21/2017 02:38:13 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\CyberLink\PowerDVD10\Activate.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (06/20/2017 02:23:08 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\CyberLink\PowerDVD10\Activate.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (06/19/2017 06:31:23 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\CyberLink\PowerDVD10\Activate.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (06/19/2017 06:28:41 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\CyberLink\PowerDVD10\Activate.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (06/19/2017 06:19:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.15063.332, tijdstempel: 0x591fd994 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc0000409 Foutmarge: 0x0000000000000079 Id van proces met fout: 0x279c Starttijd van toepassing met fout: 0x01d2e9178be5739f Pad naar toepassing met fout: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Pad naar module met fout: unknown Rapport-id: 04331a55-525c-4d3c-84a8-72155bc8f242 Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: BCHost Error: (06/19/2017 02:51:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FlashPlayerApp.exe, versie: 26.0.0.120, tijdstempel: 0x59277f90 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc0000409 Foutmarge: 0x85d1a030 Id van proces met fout: 0x1f60 Starttijd van toepassing met fout: 0x01d2e8fac25f6803 Pad naar toepassing met fout: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe Pad naar module met fout: unknown Rapport-id: 9c4843b8-4910-4a7d-970d-797ff3c05a99 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/19/2017 02:50:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FlashPlayerApp.exe, versie: 26.0.0.120, tijdstempel: 0x59277f90 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc0000409 Foutmarge: 0x85d1a030 Id van proces met fout: 0x7a0 Starttijd van toepassing met fout: 0x01d2e8faaf294121 Pad naar toepassing met fout: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe Pad naar module met fout: unknown Rapport-id: a107e6f7-3777-4cb0-ad0e-83f3865e3837 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/19/2017 11:51:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC50) Description: Het pakket Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy+App is beëindigd omdat het onderbreken te lang duurde. Error: (06/19/2017 11:17:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\CyberLink\PowerDVD10\Activate.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. System errors: ============= Error: (06/21/2017 07:56:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/21/2017 06:58:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/21/2017 06:15:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/21/2017 03:49:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/21/2017 03:15:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/20/2017 10:33:24 PM) (Source: DCOM) (EventID: 10010) (User: PC50) Description: De server Windows.Media.Capture.Internal.AppCaptureShell heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/20/2017 08:52:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/20/2017 08:00:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/20/2017 06:37:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/20/2017 05:04:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU G3240 @ 3.10GHz Percentage of memory in use: 83% Total physical RAM: 3969.2 MB Available physical RAM: 662.88 MB Total Virtual: 6785.2 MB Available Virtual: 2327.37 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:231.28 GB) (Free:121.07 GB) NTFS Drive g: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 432964B1) Partition: GPT. ======================================================== Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================