Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2017 01 Ran by Daddy (28-02-2017 18:37:53) Running from C:\Users\Daddy\Desktop Windows 10 Pro Version 1607 (X64) (2016-09-29 23:37:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4165892814-1024816220-1682150976-500 - Administrator - Disabled) Daddy (S-1-5-21-4165892814-1024816220-1682150976-1001 - Administrator - Enabled) => C:\Users\Daddy DefaultAccount (S-1-5-21-4165892814-1024816220-1682150976-503 - Limited - Disabled) Guest (S-1-5-21-4165892814-1024816220-1682150976-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) Amazon Kindle (HKU\S-1-5-21-4165892814-1024816220-1682150976-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon) American Greetings CreataCard (HKLM-x32\...\{9B58AA53-6EB9-405E-AB6B-6B83C16235F1}) (Version: - Broderbund LLC) American Greetings Spiritual Expressions 6 (HKLM-x32\...\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}) (Version: - ) aMule (HKLM-x32\...\aMule) (Version: - ) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.0.2030043512.37561384 - Audible, Inc.) Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk) Autodesk Pixlr (x32 Version: 1.1.1.0 - Autodesk) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Brother MFL-Pro Suite MFC-J435W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform) Cisco VideoGuard Player (HKLM-x32\...\{28145961-299d-4f61-88d6-ff9ea46bd919}) (Version: 6.7 - Cisco Systems, Inc) Corel AfterShot 2 (Version: 2.00.0000 - Corel Corporation) Hidden Corel AfterShot 2(64-bit) (HKLM-x32\...\InstallShield_{BAA5BA4A-6F64-4592-BF53-298FB063A73D}) (Version: 2.2.0.29 - Corel Corporation) Corel AfterShot HDR (HKLM\...\{E871EA56-F403-4B5C-A90C-9A133F31E3AE}) (Version: 1.00.0000 - Corel Corporation) Corel PaintShop Pro X8 (HKLM-x32\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.2.0.61 - Corel Corporation) Corel PaintShop Pro X8 (x32 Version: 18.0.0.124 - Corel Corporation) Hidden DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version: - DT Soft Ltd.) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.10.5 - Haiyu Dongxiang Co.,Ltd.) EditPad Lite 7.4.1 (HKLM\...\EditPad Lite) (Version: 7.4.1 - Just Great Software) Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - ) FastStone Capture 8.4 (HKLM-x32\...\FastStone Capture) (Version: 8.4 - FastStone Soft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Grammarly (HKU\S-1-5-21-4165892814-1024816220-1682150976-1001\...\GrammarlyForWindows) (Version: 1.4.23 - Grammarly) HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.54 - SunplusIT) hubiC - x64 (Version: 2.1.1.145 - OVH) Hidden hubiC (HKLM-x32\...\{51fea8cc-5bb6-4312-86f5-1802a10e030d}) (Version: 2.1.1.145 - OVH) ICA (x32 Version: 18.0.0.124 - Corel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation) IPM_PSP_COM (x32 Version: 18.0.0.124 - Corel Corporation) Hidden IPM_PSP_COM64 (Version: 18.0.0.124 - Corel Corporation) Hidden iSEEK AnswerWorks English Runtime (HKLM-x32\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 009.000.0002 - Vantage Linguistics) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) O&O Defrag Professional (HKLM\...\{B30EBF12-4268-45F5-8948-99C983025151}) (Version: 20.0.457 - O&O Software GmbH) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) PSPPContent (x32 Version: 18.0.0.124 - Corel Corporation) Hidden PSPPHelp (x32 Version: 18.0.0.124 - Corel Corporation) Hidden PSPPro64 (Version: 18.0.0.124 - Corel Corporation) Hidden Setup (x32 Version: 18.0.0.124 - Corel Corporation) Hidden Shockwave (HKLM-x32\...\Shockwave) (Version: - ) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.54 - Synaptics Incorporated) TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version: - Intuit, Inc) TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc) TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc) TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17361 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WordPress.com (HKLM-x32\...\WordPress.com) (Version: - Automattic, Inc.) X-COM: UFO Defense (HKLM\...\Steam App 7760) (Version: - MicroProse Software, Inc) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4165892814-1024816220-1682150976-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1D7E96C9-C848-48F0-9A8D-35B07F35456F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {2431F3FD-3063-4053-8DE4-0D1BEA0897F0} - System32\Tasks\Uninstaller_Install_Daddy => C:\Program Files (x86)\IObit\Advanced SystemCare\IObitUninstaller.exe Task: {307E229D-08D4-4712-BB6A-232E962D31E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.) Task: {5F319BA5-B781-4A1B-80B9-5828464B754B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-02-05] (AVAST Software) Task: {7BCA6AD2-4BF0-49C2-A04F-47675B3B1688} - System32\Tasks\Driver Booster SkipUAC (Daddy) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe Task: {85250373-2524-4ED2-A552-CADE6DD2B929} - System32\Tasks\{5E74C86F-F012-4AA9-93EF-5E5BCDBC79F0} => pcalua.exe -a "C:\Program Files (x86)\Audible\Bin\Manager.exe" -d "C:\Program Files (x86)\Audible\BIN\" Task: {8CE07CC0-C3FF-4DC3-BD5B-FC1CEFDD8AC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-27] (Google Inc.) Task: {A22A8016-8A78-409A-B29B-AAF0DB075030} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd) Task: {B95E3517-AB94-4203-902E-BB6F061614B0} - System32\Tasks\SafeZone scheduled Autoupdate 1486344878 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software) Task: {C5F9344B-2091-4770-83A5-814310E254BB} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {D14DA41D-32CE-4663-97B4-2B49C0E9C41E} - System32\Tasks\{B0B86571-D149-4C40-9D85-817D6AB6E961} => pcalua.exe -a C:\Users\Daddy\AppData\Local\{2F66193A-0BCE-7582-6656-506A423EACF2}\uninst.exe -c -FN="C:\Users\Daddy\AppData\Local\{2F3B1980-0A69-74F6-615F-5324BD8DAE1A}\helper.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {DC17DB4C-8C3D-49AB-9399-12DCA4DDDE36} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Daddy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {DF60D439-0826-46B7-B33F-0A0FC1917C4B} - System32\Tasks\{BC5E6584-77A5-45C5-8EE9-24A319AF62FA} => pcalua.exe -a I:\splash.exe -d I:\ Task: {E8D5013C-46D1-4E45-AB69-4E559A474A79} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-05] (AVAST Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Uninstaller_Install_Daddy.job => C:\Program Files (x86)\IObit\Advanced SystemCare\IObitUninstaller.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Daddy\Google Drive\Fire Explorers Stuff\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.htm ==================== Loaded Modules (Whitelisted) ============== 2017-02-05 19:34 - 2017-02-05 19:34 - 00013824 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe 2016-06-12 23:19 - 2016-06-12 23:19 - 00279552 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe 2016-08-27 22:35 - 2005-04-21 20:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 00:50 - 2016-12-09 02:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-12-14 00:50 - 2016-12-09 02:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 00:50 - 2016-12-09 02:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-29 16:00 - 2016-09-29 16:00 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-10 17:46 - 2016-12-20 23:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-10 17:46 - 2016-12-20 22:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-10 17:46 - 2016-12-20 22:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-10 17:46 - 2016-12-20 22:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-10 17:46 - 2016-12-20 22:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-10 17:46 - 2016-12-20 22:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-10 17:46 - 2016-12-20 22:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-28 14:30 - 2014-11-23 11:44 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll 2017-02-13 19:21 - 2017-02-01 01:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-13 19:21 - 2017-02-01 01:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-02-15 07:02 - 2017-02-15 07:02 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe 2015-03-25 02:18 - 2015-03-25 02:18 - 00798576 _____ () C:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\PsiClient.dll 2015-07-09 21:30 - 2016-04-16 03:05 - 06635456 _____ () C:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\uipp.dll 2017-02-19 01:15 - 2014-08-05 17:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe 2017-02-05 17:31 - 2017-02-05 17:31 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-02-05 17:31 - 2017-02-05 17:31 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-02-28 11:13 - 2017-02-28 11:13 - 05990096 _____ () C:\Program Files\AVAST Software\Avast\defs\17022802\algo.dll 2016-08-27 22:35 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2017-02-15 13:35 - 2017-02-15 13:35 - 00854016 _____ () C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll 2017-02-15 13:35 - 2017-02-15 13:35 - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2017-02-15 14:46 - 2017-02-15 14:46 - 00476520 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2017-02-15 14:46 - 2017-02-15 14:46 - 00206184 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core.XmlSerializers\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.XmlSerializers.dll 2017-02-15 13:35 - 2017-02-15 13:35 - 00206112 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core.XmlSerializers\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.XmlSerializers.dll 2017-02-15 13:35 - 2017-02-15 13:35 - 00208896 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.QuickBaseClient.XmlSerializers\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.QuickBaseClient.XmlSerializers.dll 2017-02-28 14:23 - 2017-02-28 14:23 - 00098816 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32api.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00110080 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\pywintypes27.dll 2017-02-28 14:23 - 2017-02-28 14:23 - 00364544 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\pythoncom27.dll 2017-02-28 14:23 - 2017-02-28 14:23 - 00320512 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32com.shell.shell.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00914432 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_hashlib.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 01176576 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._core_.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00806400 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._gdi_.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00816128 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._windows_.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 01067008 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._controls_.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00733184 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._misc_.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00682496 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\pysqlite2._sqlite.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00088064 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_ctypes.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00686080 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\unicodedata.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00119808 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32file.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00108544 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32security.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00007168 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\hashobjs_ext.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00017920 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\thumbnails_ext.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00088064 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\usb_ext.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00012800 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\common.time34.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00018432 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32event.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00167936 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32gui.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00046080 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_socket.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 01303552 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_ssl.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00128512 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_elementtree.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00127488 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\pyexpat.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00038912 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32inet.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00036864 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_psutil_windows.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00524248 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\windows._lib_cacheinvalidation.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00011264 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32crypt.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00123392 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._wizard.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00077312 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._html2.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00027648 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_multiprocessing.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00020480 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\_yappi.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00035840 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32process.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00078848 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\wx._animate.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00024064 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32pipe.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00010240 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\select.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00025600 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32pdh.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00017408 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32profile.pyd 2017-02-28 14:23 - 2017-02-28 14:23 - 00022528 ____R () C:\Users\Daddy\AppData\Local\Temp\_MEI85282\win32ts.pyd 2017-02-05 17:31 - 2017-02-05 17:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-10-21 14:50 - 2015-10-21 14:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2015-10-21 14:49 - 2015-10-21 14:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-08-22 09:58 - 2017-02-22 19:40 - 00000867 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 telemetry.malwarebytes.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4165892814-1024816220-1682150976-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daddy\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKU\S-1-5-21-4165892814-1024816220-1682150976-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{CDB14E95-BEFB-423B-9C28-588CE5B024A1}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe FirewallRules: [{78835703-349C-4F1F-A17B-64408B12D0D1}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe FirewallRules: [{E5EBC44B-10F0-44DC-B8E9-E174B3D022CB}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe FirewallRules: [{53C39B87-3877-44DF-A9A6-DEFC2FFA232C}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe FirewallRules: [{3DCA5C4B-947D-48A1-998B-A73CB2838100}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{8B3F23D3-C3A0-4BD2-977B-26E5508D8714}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{95B21CA4-2CEE-427E-8CB8-E98140A5B4B0}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{79898560-F1A6-4D3B-BF89-17A1A7ECFD07}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{5F4F3DA3-019C-4A52-B7A3-61BAC01BC9B3}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{3A0012E2-09CF-4026-ABC6-781DAF241C98}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{9591EEEF-BBBF-4D9D-B171-DFABB38827F7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{070165FA-4716-4A49-B305-18D655B0C4AE}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [UDP Query User{E6E6DC51-69A6-4412-9F57-3D47A20B8ED4}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe FirewallRules: [TCP Query User{DE1EA192-D544-459F-9069-7D9BEF93D53F}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe FirewallRules: [{7D7C8ADD-5648-4D07-AB78-25C0C851D6E2}] => (Allow) LPort=54925 FirewallRules: [{1813BBA0-95DC-49B3-AE04-B3EF115A2D3E}] => (Block) C:\program files (x86)\amule\amule.exe FirewallRules: [{000E757D-0268-40C9-B738-1B909EB76FB9}] => (Block) C:\program files (x86)\amule\amule.exe FirewallRules: [UDP Query User{9D4B21DE-51C9-4144-8690-A14771A5E1FD}C:\program files (x86)\amule\amule.exe] => (Allow) C:\program files (x86)\amule\amule.exe FirewallRules: [TCP Query User{F40DB5A2-913C-4F92-9D6C-B431880C9622}C:\program files (x86)\amule\amule.exe] => (Allow) C:\program files (x86)\amule\amule.exe FirewallRules: [{5678D6F2-AC30-41E9-83D1-EF90D425E61B}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe FirewallRules: [{0F64D91D-04D0-403B-B314-02AD25928057}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe FirewallRules: [{C2FD4279-01D4-43AE-8301-0AEFE6467FAC}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Mail Verifier\AtomicMailVerifier.exe FirewallRules: [{CD5D7F52-E631-461B-97B4-5A3E07C79686}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Mail Verifier\AtomicMailVerifier.exe FirewallRules: [TCP Query User{318C4313-F3C6-4C3C-A246-8B5C6248ACA2}C:\users\daddy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\daddy\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [{C473983B-049E-4737-99D4-2D8BBBE7849E}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe FirewallRules: [{DFFE8D15-DA67-40E0-B386-5CB11DC11D1E}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe FirewallRules: [{B6824FE9-1F3F-4342-A849-3AF8F21A0C7F}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe FirewallRules: [{9BF4C85E-8AEE-4A69-AF24-8CACF45347FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F07CBDB4-124B-4193-9C64-752FA48A9A97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{331A12F0-08FE-4C0F-A92C-215ED38C9D4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{BFF1BDBD-A253-4D13-831E-86F17A46B71C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{94299BF7-B923-4EDB-B145-B62C7E817300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe FirewallRules: [{D17C9250-D457-4DBF-9FB8-518526BDE1AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\dosbox.exe FirewallRules: [{0D2DD1FA-C7B3-4B5C-A67F-A4D44B914C8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe FirewallRules: [{AFBB459A-4FDA-4966-92A6-3CB7BF7BD22B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom UFO Defense\XCOM\UFO Defense_Patched.exe FirewallRules: [{EA76A070-0B0B-4E8F-B813-836364D98C34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9D9CF9D7-816B-4808-AF0A-3D778EC7238E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe FirewallRules: [{8F3843BC-8D49-483B-9F23-CAF70D1325EC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe FirewallRules: [{4AF3B9BD-10AA-4F56-9A47-A1516CD2BD42}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe FirewallRules: [{61B4580D-C635-4C68-ABF1-8054B7AB9BEC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe FirewallRules: [{ADC0BC8D-7B6D-470D-8538-7838F1E5BC4D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe FirewallRules: [{A49A5729-E754-4F8D-8C2A-CFCE16267C36}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe FirewallRules: [{46EC93B0-AA2D-4F36-8458-EBAE32D6D508}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{EE024DC7-6643-420B-8E4F-F82DD3808885}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{54AE7C9B-325B-401C-BF87-6CA24547D10C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{EACE88EF-11A1-4CCD-83BA-645CFC73E114}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{BD66B67B-DA8E-4685-A13A-8E8A3391C2C0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{04909D43-40E6-4FFB-9FA6-F252FD2613AF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe ==================== Restore Points ========================= 15-02-2017 13:32:20 Installed TurboTax 2009 wrapper 15-02-2017 13:33:46 Installed TurboTax 2009 WinPerReleaseEngine 15-02-2017 13:35:28 Installed TurboTax 2009 WinPerFedFormset 15-02-2017 13:37:11 Installed TurboTax 2009 WinPerTaxSupport 15-02-2017 13:38:01 Installed iSEEK AnswerWorks English Runtime 15-02-2017 14:41:55 Installed TurboTax 2015 wrapper 15-02-2017 14:45:41 Installed TurboTax 2010 wrapper 15-02-2017 14:59:35 Installed TurboTax 2015 wcaiper 15-02-2017 15:06:00 Installed TurboTax 2009 wcaiper 15-02-2017 15:07:45 Installed TurboTax 2011 wrapper 21-02-2017 22:58:53 Windows Update 22-02-2017 03:36:11 Installed O&O Defrag Professional 23-02-2017 20:28:12 WinThruster (64-bit) Backup ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/28/2017 02:23:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: CC4BT BrtCC4BT: [2017/02/28 14:23:59.795]: [00009480]: Failed to launch Main Process. Error: (02/28/2017 02:23:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe". Dependent Assembly Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/28/2017 12:00:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.14393.479 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 10c4 Start Time: 01d2918cfd247b0b Termination Time: 1387 Application Path: C:\Windows\explorer.exe Report Id: 9753b4f0-fdf0-11e6-885b-a01d48b9cc19 Faulting package full name: Faulting package-relative application ID: Error: (02/28/2017 09:18:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Microsoft.Photos.exe version 1.0.1702.14001 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1cc8 Start Time: 01d291e6680e9294 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Report Id: f0d88f47-fdd9-11e6-885b-a01d48b9cc19 Faulting package full name: Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (02/28/2017 09:18:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-GTCAE22) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/27/2017 10:37:26 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: CC4BT BrtCC4BT: [2017/02/27 22:37:26.522]: [00005748]: Failed to launch Main Process. Error: (02/27/2017 10:37:26 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe". Dependent Assembly Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/27/2017 09:59:34 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/27/2017 07:04:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: CC4BT BrtCC4BT: [2017/02/27 19:04:13.109]: [00006052]: Failed to launch Main Process. Error: (02/27/2017 07:04:13 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe". Dependent Assembly Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/28/2017 05:14:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 02:22:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 02:19:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 01:51:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GTCAE22) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (02/28/2017 12:00:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 09:55:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 09:18:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GTCAE22) Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout. Error: (02/28/2017 09:16:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 09:16:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/28/2017 04:12:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 19% Total physical RAM: 8071.48 MB Available physical RAM: 6506.68 MB Total Virtual: 21506.57 MB Available Virtual: 17758.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.78 GB) (Free:140.97 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 214885FC) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=506 MB) - (Type=27) ==================== End of Addition.txt ============================