Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Poor performance/High Disk Usage - Malware Related?


  • Please log in to reply

#1
dogstar21

dogstar21

    Member

  • Member
  • PipPipPip
  • 103 posts

About 3 days ago, the performance of my computer drastically changed.  Waiting for simple actions (basic screen navigation, registering mouse clicks or even keyboard input, as well as internet browsing) is now common.  The system will be fine for small periods (5-10 minutes), but then has sudden "stops".   The performance monitor shows regular Disk & CPU spikes (Disk 100%) that correlate to these stops.  I haven't been able to identify any process or processes that would be causing these issues.  

 

Back in October, after a weird pop-up, I found and removed a PUP with MBAM.  I'll post those results below as well.

 

Nothing has shown up in any subsequent scans of either MBAM or AdWareCleaner.

 

 

Here are the results of that MBAM scan:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/13/2016
Scan Time: 9:34 AM
Logfile: MBAM-2016-10-13.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.10.13.07
Rootkit Database: v2016.09.26.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Peter
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 343115
Time Elapsed: 9 min, 0 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Spigot, HKU\S-1-5-21-1655148389-21164826-1717179592-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4C051816-3D96-4645-B855-3AA59446F647}, Quarantined, [07b4a6f233678babb86cad09ae552dd3], 
 
Registry Values: 1
PUP.Optional.Spigot, HKU\S-1-5-21-1655148389-21164826-1717179592-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4C051816-3D96-4645-B855-3AA59446F647}|URL, https://search.yahoo...={searchTerms},Quarantined, [07b4a6f233678babb86cad09ae552dd3]
 
Registry Data: 1
PUP.Optional.Spigot, HKU\S-1-5-21-1655148389-21164826-1717179592-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://search.yahoo...r=spigot-yhp-ie, Good: (www.google.com), Bad: (https://search.yahoo.com/?type=830633&fr=spigot-yhp-ie),Replaced,[a51641576f2b48ee75b9d8a02bd9ab55]
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.BundleInstaller, C:\Users\Peter\Downloads\VipBoxSportsApp_setup_ch.exe, Quarantined, [c6f53266009afe3803e749752cd536ca], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Peter (administrator) on CRASH-AWPC (13-12-2016 10:12:45)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16102.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1612.3343.0_x64__8wekyb3d8bbwe\Time.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-13] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4593968 2013-11-15] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-08-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1a6367e8-bf6c-4acf-9fbf-0a2d2735d2c0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd3d142-7b80-499c-9271-e0a4556037e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
SearchScopes: HKU\S-1-5-21-1655148389-21164826-1717179592-1001 -> DefaultScope {C18F8930-20A0-4E49-8E05-9EFFCD2F767F} URL = 
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=830633&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxp://sports.yahoo.com/fantasy/"
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2016-12-13]
CHR Extension: (Google Slides) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Sheets) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-13 10:12 - 2016-12-13 10:14 - 00015232 _____ C:\Users\Peter\Desktop\FRST.txt
2016-12-13 10:12 - 2016-12-13 10:12 - 00000000 ____D C:\FRST
2016-12-13 10:08 - 2016-12-13 10:12 - 02420224 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2016-12-13 08:57 - 2016-12-13 09:00 - 03968464 _____ C:\Users\Peter\Downloads\adwcleaner_6.040.exe
2016-12-12 14:17 - 2016-12-12 14:17 - 00001013 _____ C:\Users\Peter\Documents\Post Fact Facebook.txt
2016-12-12 12:39 - 2016-12-12 12:39 - 00000000 ___HD C:\OneDriveTemp
2016-12-12 12:17 - 2016-12-12 15:46 - 00007629 _____ C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2016-12-10 12:22 - 2016-11-11 03:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 12:22 - 2016-11-11 03:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 12:22 - 2016-11-11 03:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 12:22 - 2016-11-11 03:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 12:22 - 2016-11-11 02:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 12:22 - 2016-11-11 02:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 12:22 - 2016-11-11 02:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 12:22 - 2016-11-11 02:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 12:22 - 2016-11-11 02:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 12:22 - 2016-11-11 02:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 12:22 - 2016-11-11 02:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 12:22 - 2016-11-11 02:26 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-10 12:22 - 2016-11-11 02:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 12:22 - 2016-11-11 02:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 12:22 - 2016-11-11 02:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 12:22 - 2016-11-11 02:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 12:22 - 2016-11-11 02:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:22 - 2016-11-11 02:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 12:22 - 2016-11-11 02:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 12:22 - 2016-11-11 02:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 12:22 - 2016-11-11 02:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 12:22 - 2016-11-11 02:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 12:22 - 2016-11-11 02:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 12:22 - 2016-11-11 02:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 12:22 - 2016-11-11 02:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 12:22 - 2016-11-11 02:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 12:22 - 2016-11-11 02:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 12:22 - 2016-11-11 02:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-10 12:22 - 2016-11-11 02:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 12:22 - 2016-11-11 02:16 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-10 12:22 - 2016-11-11 02:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:22 - 2016-11-11 02:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 12:22 - 2016-11-11 02:14 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-10 12:22 - 2016-11-11 02:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 12:22 - 2016-11-11 02:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-10 12:22 - 2016-11-11 02:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 12:22 - 2016-11-11 02:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-10 12:22 - 2016-11-11 02:10 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-10 12:22 - 2016-11-11 02:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 12:22 - 2016-11-11 02:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 12:22 - 2016-11-11 02:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 12:22 - 2016-11-11 02:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 12:22 - 2016-11-11 02:05 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-10 12:22 - 2016-11-11 02:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 12:22 - 2016-11-11 02:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 12:22 - 2016-11-11 02:01 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-10 12:21 - 2016-11-11 03:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 12:21 - 2016-11-11 02:56 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-10 12:21 - 2016-11-11 02:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 12:21 - 2016-11-11 02:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 12:21 - 2016-11-11 02:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 12:21 - 2016-11-11 02:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 12:21 - 2016-11-11 02:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-10 12:21 - 2016-11-11 02:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-10 12:21 - 2016-11-11 02:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-10 12:21 - 2016-11-11 02:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 12:21 - 2016-11-11 02:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 12:21 - 2016-11-11 02:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 12:21 - 2016-11-11 02:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 12:21 - 2016-11-11 02:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 12:21 - 2016-11-11 02:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 12:21 - 2016-11-11 02:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 12:21 - 2016-11-11 02:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 12:21 - 2016-11-11 02:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 12:21 - 2016-11-11 02:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 12:21 - 2016-11-11 02:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 12:21 - 2016-11-11 02:09 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-10 12:21 - 2016-11-11 02:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 12:21 - 2016-11-11 02:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 12:21 - 2016-11-11 02:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 12:21 - 2016-11-11 02:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 12:21 - 2016-11-11 02:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 12:21 - 2016-11-11 02:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-10 12:21 - 2016-11-11 01:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-10 12:14 - 2016-11-11 05:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 12:14 - 2016-11-11 05:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 12:14 - 2016-11-11 05:01 - 01738048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-10 12:14 - 2016-11-11 04:57 - 08170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-10 12:14 - 2016-11-11 04:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-10 12:14 - 2016-11-11 04:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 12:14 - 2016-11-11 04:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 12:14 - 2016-11-11 04:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 12:14 - 2016-11-11 04:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 12:14 - 2016-11-11 04:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 12:14 - 2016-11-11 04:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 12:14 - 2016-11-11 04:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 12:14 - 2016-11-11 04:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 12:14 - 2016-11-11 04:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 12:14 - 2016-11-11 04:03 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-10 12:14 - 2016-11-11 04:03 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-10 12:14 - 2016-11-11 04:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 12:14 - 2016-11-11 04:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 12:13 - 2016-11-11 05:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 12:13 - 2016-11-11 05:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 12:13 - 2016-11-11 05:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 12:13 - 2016-11-11 05:13 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-10 12:13 - 2016-11-11 05:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 12:13 - 2016-11-11 05:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 12:13 - 2016-11-11 05:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 12:13 - 2016-11-11 05:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 12:13 - 2016-11-11 05:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 12:13 - 2016-11-11 05:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 12:13 - 2016-11-11 05:01 - 02189152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-10 12:13 - 2016-11-11 05:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 12:13 - 2016-11-11 05:01 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-10 12:13 - 2016-11-11 05:01 - 00658264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-10 12:13 - 2016-11-11 05:01 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-10 12:13 - 2016-11-11 05:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 12:13 - 2016-11-11 04:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 12:13 - 2016-11-11 04:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 12:13 - 2016-11-11 04:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 12:13 - 2016-11-11 04:57 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-10 12:13 - 2016-11-11 04:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 12:13 - 2016-11-11 04:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 12:13 - 2016-11-11 04:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 12:13 - 2016-11-11 04:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 12:13 - 2016-11-11 04:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 12:13 - 2016-11-11 04:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 12:13 - 2016-11-11 04:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 12:13 - 2016-11-11 04:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 12:13 - 2016-11-11 04:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 12:13 - 2016-11-11 04:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:13 - 2016-11-11 04:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 12:13 - 2016-11-11 04:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:13 - 2016-11-11 04:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 12:13 - 2016-11-11 04:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 12:13 - 2016-11-11 04:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 12:13 - 2016-11-11 04:20 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-10 12:13 - 2016-11-11 04:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-10 12:13 - 2016-11-11 04:18 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-10 12:13 - 2016-11-11 04:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 12:13 - 2016-11-11 04:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 12:13 - 2016-11-11 04:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 12:13 - 2016-11-11 04:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 12:13 - 2016-11-11 04:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 12:13 - 2016-11-11 04:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 12:13 - 2016-11-11 04:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 12:13 - 2016-11-11 04:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 12:13 - 2016-11-11 04:14 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-10 12:13 - 2016-11-11 04:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 12:13 - 2016-11-11 04:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 12:13 - 2016-11-11 04:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 12:13 - 2016-11-11 04:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 12:13 - 2016-11-11 04:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 12:13 - 2016-11-11 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 12:13 - 2016-11-11 04:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 12:13 - 2016-11-11 04:10 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-10 12:13 - 2016-11-11 04:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 12:13 - 2016-11-11 04:08 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-10 12:13 - 2016-11-11 04:08 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-10 12:13 - 2016-11-11 04:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 12:13 - 2016-11-11 04:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 12:13 - 2016-11-11 04:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-10 12:13 - 2016-11-11 04:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 12:13 - 2016-11-11 04:04 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-10 12:13 - 2016-11-11 04:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 12:13 - 2016-11-11 04:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-10 12:13 - 2016-11-11 04:01 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-10 12:12 - 2016-11-11 05:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 12:12 - 2016-11-11 05:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 12:12 - 2016-11-11 05:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 12:12 - 2016-11-11 05:10 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 12:12 - 2016-11-11 05:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 12:12 - 2016-11-11 05:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 12:12 - 2016-11-11 05:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 12:12 - 2016-11-11 05:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 12:12 - 2016-11-11 04:59 - 02913136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-10 12:12 - 2016-11-11 04:59 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 12:12 - 2016-11-11 04:56 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 12:12 - 2016-11-11 04:31 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-10 12:12 - 2016-11-11 04:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 12:12 - 2016-11-11 04:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 12:12 - 2016-11-11 04:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 12:12 - 2016-11-11 04:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 12:12 - 2016-11-11 04:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 12:12 - 2016-11-11 04:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 12:12 - 2016-11-11 04:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 12:12 - 2016-11-11 04:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 12:12 - 2016-11-11 04:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 12:12 - 2016-11-11 04:23 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-10 12:12 - 2016-11-11 04:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 12:12 - 2016-11-11 04:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 12:12 - 2016-11-11 04:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 12:12 - 2016-11-11 04:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 12:12 - 2016-11-11 04:17 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-10 12:12 - 2016-11-11 04:17 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 12:12 - 2016-11-11 04:17 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-10 12:12 - 2016-11-11 04:14 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-10 12:12 - 2016-11-11 04:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 12:12 - 2016-11-11 04:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 12:12 - 2016-11-11 04:11 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-10 12:12 - 2016-11-11 04:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 12:12 - 2016-11-11 04:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 12:12 - 2016-11-11 04:10 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-10 12:12 - 2016-11-11 04:09 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-10 12:12 - 2016-11-11 04:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 12:12 - 2016-11-11 04:07 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-10 12:12 - 2016-11-11 04:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 12:12 - 2016-11-11 04:06 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-10 12:12 - 2016-11-11 04:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-10 12:12 - 2016-11-11 04:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 12:12 - 2016-11-11 04:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 12:12 - 2016-11-11 04:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 12:12 - 2016-11-11 04:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 12:11 - 2016-11-11 05:09 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-10 12:11 - 2016-11-11 05:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 12:11 - 2016-11-11 05:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 12:11 - 2016-11-11 04:51 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-10 12:11 - 2016-11-11 04:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 12:11 - 2016-11-11 04:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 12:11 - 2016-11-11 04:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 12:11 - 2016-11-11 04:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 12:11 - 2016-11-11 04:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 12:11 - 2016-11-11 04:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 12:11 - 2016-11-11 04:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 12:11 - 2016-11-11 04:18 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-10 12:11 - 2016-11-11 04:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 12:11 - 2016-11-11 04:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 12:11 - 2016-11-11 04:03 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-10 11:35 - 2016-12-10 11:35 - 00222711 _____ C:\Users\Peter\Downloads\161209145525_0001.pdf
2016-11-23 09:34 - 2016-11-23 09:34 - 00093396 _____ C:\Users\Peter\Downloads\ALISON 112316.pdf
2016-11-14 09:39 - 2016-11-14 09:39 - 00001420 _____ C:\Users\Peter\Documents\Facebook Musings.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-13 09:36 - 2016-09-29 03:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-13 09:04 - 2016-10-17 16:56 - 00000000 ____D C:\AdwCleaner
2016-12-13 09:04 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-13 09:04 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-13 08:53 - 2014-08-20 13:56 - 00000000 __RDO C:\Users\Peter\OneDrive
2016-12-13 08:52 - 2016-09-29 03:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-13 08:52 - 2014-08-20 13:39 - 00000000 __SHD C:\Users\Peter\IntelGraphicsProfiles
2016-12-12 23:02 - 2014-08-22 15:44 - 00000000 ____D C:\Users\Peter\Documents\12 Allen Addition
2016-12-12 19:29 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-12 19:29 - 2014-08-12 18:11 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2016-12-12 19:27 - 2016-09-29 03:41 - 00000000 ____D C:\Users\Peter
2016-12-12 19:26 - 2016-09-29 03:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-12 19:26 - 2016-09-29 03:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-12 16:57 - 2016-10-17 16:22 - 00000000 ____D C:\Users\Peter\Documents\Security
2016-12-12 16:38 - 2014-08-12 18:13 - 00000000 ____D C:\Temp
2016-12-12 14:07 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-12 12:37 - 2016-07-16 01:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-12 08:30 - 2016-10-13 08:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-11 11:32 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-11 11:03 - 2016-02-13 08:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 17:53 - 2016-05-17 22:55 - 01273282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-10 17:48 - 2016-09-29 03:31 - 00236704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 12:32 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-10 11:44 - 2016-07-16 06:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-06 14:36 - 2015-01-06 10:09 - 00000000 ____D C:\Users\Peter\Documents\Fantasy Sports
2016-12-02 09:34 - 2014-08-20 13:39 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2016-11-28 12:12 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-14 19:02 - 2016-01-11 09:42 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 19:02 - 2016-01-11 09:42 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2016-01-11 16:37 - 2016-10-17 16:19 - 0073728 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-12 12:17 - 2016-12-12 15:46 - 0007629 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2016-09-29 03:36 - 2016-09-29 03:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-12 18:05 - 2014-08-12 18:05 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-08-12 18:02 - 2014-08-12 18:03 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-08-12 18:03 - 2014-08-12 18:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-08-12 18:04 - 2014-08-12 18:05 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-08-12 18:02 - 2014-08-12 18:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-11 11:51
 
==================== End of FRST.txt ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Peter (13-12-2016 10:15:40)
Running from C:\Users\Peter\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-29 09:03:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1655148389-21164826-1717179592-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1655148389-21164826-1717179592-503 - Limited - Disabled)
Guest (S-1-5-21-1655148389-21164826-1717179592-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1655148389-21164826-1717179592-1003 - Limited - Enabled)
Peter (S-1-5-21-1655148389-21164826-1717179592-1001 - Administrator - Enabled) => C:\Users\Peter
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}) (Version: 3.5.14.0 - Alienware Corp.)
Alienware Command Center (Version: 3.5.14.0 - Alienware Corp.) Hidden
Alienware Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.11C - )
Alienware On-Screen Display (x32 Version: 0.33.0.11C - ) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{57d6e5ea-c77c-4697-a9bb-e6048883e7ae}) (Version: 17.0.1 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Driver 368.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{56BF70E8-EC59-4F68-BEE7-8B71432048C4}) (Version: 1.0.30.1052 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {018703AA-5A2D-44C6-B7F2-16E079EB01BF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {148CCBEC-E5FC-467C-9738-3E0C1F9E3C1F} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {170DCE5E-5B66-4424-8460-632F7F472132} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {22E8F2DF-91DD-4A5F-9017-95FF8DF0997F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {30496A2D-0270-4045-9605-E72943B11C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {330B45E3-0B80-4955-ABB7-0C9E977E7C41} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-13] (Synaptics Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36E7CCF4-1FC5-470E-A865-ECD8951974C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3E53F9D8-A68B-4A53-80AF-7DE5D9428AC3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {4AAAECF5-44DD-4687-9E0B-79C029E54742} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4BE013E6-D722-473E-94B0-7A6E0B9E1DF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5CC975EC-4763-4411-B1ED-0F51834A6EA6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {7E1016E8-9060-43D0-BD9F-2FB8107F3CD9} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7F03546D-E07C-4116-87DC-A03BCD21E3FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7F36627D-D05F-4EE1-A0FA-40F159356BA9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {95D3484C-241F-4861-9013-A0AD96096D60} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {97E406A0-D6C4-4B22-90C0-63211C5B5CDE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B2AE68E3-F180-4A7B-AD26-CA807FA0D3B9} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {BB872044-D195-43CF-AB8A-6511391BC798} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8AABA33-E646-4AF2-B38B-641519DD560B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D5409D09-2E9B-4746-A075-74CF4DBED07D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DD981AC3-E03B-4FAC-8397-1F36BFD4E342} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {DF680584-6695-4B65-9D88-3DD341C91527} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {EFCCC7A2-F19A-431F-AE2C-B8F900DFEF1D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 12:12 - 2016-11-11 05:10 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-29 03:37 - 2016-08-01 07:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-10 12:12 - 2016-11-11 05:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 12:12 - 2016-11-11 05:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-29 10:58 - 2016-09-29 10:58 - 01864384 _____ () C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-11-01 22:05 - 2016-11-01 22:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-29 07:24 - 2016-09-29 07:24 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 12:13 - 2016-11-11 04:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 13:14 - 2016-11-02 05:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:15 - 2016-11-02 05:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:14 - 2016-11-02 05:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 13:14 - 2016-11-02 05:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 13:14 - 2016-11-02 05:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:14 - 2016-11-02 05:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-17 09:23 - 2016-11-17 09:23 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 09:23 - 2016-11-17 09:23 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 09:23 - 2016-11-17 09:23 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2013-11-15 19:17 - 2013-11-15 19:17 - 04593968 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2016-12-13 08:59 - 2016-12-13 08:59 - 04876288 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1612.3343.0_x64__8wekyb3d8bbwe\Time.exe
2016-12-13 08:59 - 2016-12-13 08:59 - 01093120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1612.3343.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2014-08-12 17:55 - 2013-09-18 11:33 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-09-29 10:58 - 2016-09-29 10:58 - 01383616 _____ () C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-29 10:59 - 2016-09-29 10:59 - 00118976 _____ () C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2009-12-18 13:07 - 2009-12-18 13:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2014-08-12 18:02 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 13:41 - 2013-03-05 13:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Peter\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8042696F-3226-4914-91A2-6B25E9154019}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A03D280-1BB1-4465-B8D6-CAE787DDC160}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{317563CF-39BF-408B-8742-1E662089CCAD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4709963C-8C6B-4EDA-A006-13ED16A83A76}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{818A4ECC-2927-4E67-BC2F-B74ADD05AFF6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9F03EA2C-AA21-44FA-8F25-4CAC73E56392}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E0C2F573-673A-470C-AC41-432254364644}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9DD3965A-45ED-431C-8B4A-D6885C92EBE4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35D8FBFD-84BE-44D6-87EC-BCEADCA04FD6}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3EEFC1C6-5472-4D45-8B10-B8F8E5ADA5E9}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B16BB016-33E9-4765-AACF-FB7C8E96EB7F}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EC6A7A5-EB8E-4DC7-BCC1-C6F3C9AECDF9}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{831DB9FE-711A-4CD0-9177-04559897F42B}] => LPort=2869
FirewallRules: [{E78884FA-918D-4187-9C08-F0F50C74955C}] => LPort=1900
FirewallRules: [{FD81FCD9-C940-45AA-8325-C41B0FDCE69D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
26-11-2016 08:22:30 Scheduled Checkpoint
05-12-2016 08:36:40 Scheduled Checkpoint
10-12-2016 12:27:54 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/13/2016 09:53:38 AM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1556) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 23.048 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (12/13/2016 09:07:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/13/2016 09:00:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CRASH-AWPC)
Description: Package Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge was terminated because it took too long to suspend.
 
Error: (12/12/2016 11:04:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRASH-AWPC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/12/2016 11:04:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRASH-AWPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/12/2016 11:04:05 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1556) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 19.415 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (12/12/2016 11:03:22 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1556) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 38.943 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (12/12/2016 07:27:22 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (12/12/2016 07:27:22 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (12/12/2016 07:27:22 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
 
System errors:
=============
Error: (12/13/2016 10:16:31 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:27 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:23 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:19 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:11 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:07 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:16:03 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:15:31 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/13/2016 10:15:27 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-13 09:36:56.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-12 13:53:34.050
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-11 11:51:39.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-30 07:05:46.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-10 10:03:05.434
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-06 10:23:37.841
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-04 12:07:06.766
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-03 09:35:48.144
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-18 14:15:48.145
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-17 09:32:49.859
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 29%
Total physical RAM: 8073.02 MB
Available physical RAM: 5731.84 MB
Total Virtual: 9353.02 MB
Available Virtual: 7010.21 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.86 GB) (Free:801.76 GB) NTFS
Drive d: (DATA) (Fixed) (Total:10.5 GB) (Free:10.41 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 863469C5)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 10.5 GB) (Disk ID: 2A965524)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Looks like the hard drive has problems.

 

Error: (12/12/2016 11:03:22 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1556) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 38.943 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.

 

 

 

Error: (12/13/2016 10:16:31 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

 

 

Some times forcing it to do a disk check will help:
 
First clear the alarms:
 
Clear the logs:
 
Copy the next line:
for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
Open an elevated command prompt:
 
 
 
Right click in the elevated Command Window and  Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.
There will be a few errors but the prompt should return.
When the prompt returns,
 
 
Type:
chkdsk  C:  /f  /r  /x
 
and hit Enter.  It will tell you the drive is in use and ask if you would like to schedule the disk check at next reboot.  Tell it
 
Y
Enter 
 
and then reboot.
 
 
 
 
Then 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
We can look  at your hard drive with Speccy:
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 

  • 0

#3
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

Thanks for the quick response!

 

I executed the commands in the command prompt as requested and restarted my machine.  I haven't noticed the same lags/spikes since the reboot, but i'd prefer to be thorough.

 

FYI, i get prompted for an installation which is failing for Qualcomm Atheros Network Manager.

 

I had seen this before (and should have mentioned it), but this dialogue comes up when i restart:

 

Preparing to install...
 
Please wait while Windows configures Qualcomm Atheros Network Manager 
 
 
This clocks while prompting this message:
 
----------------------------------------------------
Qualcomm Atheros Network Manager
 
Accessing the feature...
 
Click OK to try again, or enter an alternate path to a folder containing the installation package 'Qualcomm Atheros Network Manager.msi' in the box below.
-----------------------------------------------------------------------------
 
Clicking OK gives this error message:
-----------------------------------------------------------------------------
Qualcomm Atheros Network Manager
 
The path
'C:\Users\ADMINI~1\AppData\Local\Temp\{57EB1864-8453-4039-AA5F-51B5B3E45E51}\Qualcomm Atheros Network Manager.msi' cannot be found.  Verify that you have access to this location and try again, or try to find the installation package 'Qualcomm Atheros Network Manager.msi' in a folder from whichyou can install the product Qualcomm Atheros Network Manager.
 
When i cancel, i get this:  
 
Error 1706.  No valid source could be found for product Qualcomm Atheros Network Manager.  The Windows Installer cannot continue.
----------------------------------------------------------------------------
 
 
 
Back to your instructions.
 
I ran Event viewer for both Directory and Application and got these results:
 
Log: 'System' Date/Time: 13/12/2016 6:46:15 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 6:46:11 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 6:46:07 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/12/2016 6:47:40 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthPan failed to load for the device BTH\MS_BTHPAN\7&5f341b9&0&2.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthEnum failed to load for the device BTH\MS_BTHBRB\7&5f341b9&0&1.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\RFCOMM failed to load for the device BTH\MS_RFCOMM\7&5f341b9&0&0.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthLEEnum failed to load for the device BTH\MS_BTHLE\7&5f341b9&0&0.
 
-----------------------------------
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 13/12/2016 2:17:19 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/12/2016 7:02:59 PM
Type: Error Category: 0
Event: 11706 Source: MsiInstaller
Product: Qualcomm Atheros Network Manager -- Error 1706. No valid source could be found for product Qualcomm Atheros Network Manager.  The Windows Installer cannot continue.
 
Log: 'Application' Date/Time: 13/12/2016 6:47:48 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: KillerService.exe, version: 1.0.30.1052, time stamp: 0x52029425 Faulting module name: KillerService.exe, version: 1.0.30.1052, time stamp: 0x52029425 Exception code: 0xc0000417 Fault offset: 0x000000000002b26c Faulting process id: 0xa9c Faulting application start time: 0x01d255715d4bc07f Faulting application path: C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe Faulting module path: C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe Report Id: 65258384-2e19-434a-b118-70cd81bef270 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 13/12/2016 6:46:25 PM
Type: Error Category: 0
Event: 1 Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
The event description cannot be found.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 13/12/2016 6:49:10 PM
Type: Warning Category: 0
Event: 1001 Source: MsiInstaller
Detection of product '{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}', feature 'Killer' failed during request for component ''
 
Log: 'Application' Date/Time: 13/12/2016 6:49:10 PM
Type: Warning Category: 0
Event: 1004 Source: MsiInstaller
Detection of product '{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}', feature 'Application', component '{EA13FC8F-F547-43CA-827C-1BE09EEC4189}' failed.  The resource 'C:\ProgramData\Qualcomm\' does not exist.
 
 
------------------------------
 
 
 

I've attached the Speccy Log


  • 0

#4
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

Note:  I have now seen some CPU/Disk spikes again.  Perhaps a little less frequent, but appears to still be an issue.  Only noting this because i had said i hadn't seen any since the reboot in my last post.


  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Do you know exactly when you rebooted?  Can't really tell if the errors have stopped for good or not.  The three you have may be from before the reboot.  

 

Can you run VEW again  - just for System?

 

 

Did you get a speccy log?

 

 

 

The error you are seeing is caused by your Qualcomm Atheros Killer Network Manager.  Uninstall it.  I'm not sure what it does or if you need it:

 

http://www.dell.com/.../4/SLN131119/en

 

Do you even have a Killer Network card?  

 

Is this a Dell?  If so they probably offer it on their support website for your PC.  Be a good idea to have a fresh download of the program before you uninstall it just in case it knocks you off line.

 

(You have Intel® PROSet/Wireless Software installed so that should handle your networking.)

 

 

 

 

 
  • 0

#6
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

I thought i had attached the Speccy Log before.  It's attached now.

 

 

 

My machine is a DELL, Alienware.  I believe it has a Killer Network Card.  I don't know if i use it (i thought it was more of an innate feature which was supposed to improve performance); i'm unfamiliar with how it works as well.

 

Here is the most recent VEW log:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 13/12/2016 6:45:15 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/12/2016 11:45:31 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:27 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:23 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:19 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:15 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:11 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:07 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:45:03 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:54 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:50 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:46 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:42 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:38 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:34 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:31 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:27 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:23 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:19 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:15 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:11 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/12/2016 9:42:14 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 13/12/2016 8:07:59 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name 5-edge-chat.facebook.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 13/12/2016 6:47:40 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthPan failed to load for the device BTH\MS_BTHPAN\7&5f341b9&0&2.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthEnum failed to load for the device BTH\MS_BTHBRB\7&5f341b9&0&1.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\RFCOMM failed to load for the device BTH\MS_RFCOMM\7&5f341b9&0&0.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthLEEnum failed to load for the device BTH\MS_BTHLE\7&5f341b9&0&0.
 

Edited by dogstar21, 13 December 2016 - 10:12 PM.

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Still no speccy log.  It's a two step process.  First select the file and Open then upload the file once you have selected it.

 

Looks like the bad block is still present.  I would try another diskcheck.  Sometimes it takes a couple of tries to fix the problem.


  • 0

#8
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

Speccy File Attached File  Speccy File.txt   145.46KB   56 downloads

 

Running diskcheck again now...


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Unfortunately you have a RAID setup which doesn't provide S.M.A.R.T. info so can't check the health of your hard drive with Speccy.

 

Temp is about normal for a laptop.

 

If diskcheck doesn't eventually get rid of the bad block error then you may need to replace the hard drive.  Never worked with a RAID setup before so not sure how hard that would be.

 

It probably wouldn't hurt to run dism & SFC:

 

Open an elevated command prompt:
 
 
 
If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:
 
Type(with an Enter after each line):
 
 DISM  /Online  /Cleanup-Image  /RestoreHealth

Hit Enter.

 
 (I use two spaces so you can be sure to see where one space goes.)
This will take a while to complete.  Once the prompt returns:
 
Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 
sfc  /scannow
 
 
 
This will also take a few minutes.  
Type:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
 
Hit Enter.  Then type::
 
 
notepad  \junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop: (If you don't already have it)
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#10
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

I followed all of your steps.

 

Contents of Junk.txt:

2016-12-15 12:49:12, Info                  CSI    00000006 [SR] Verifying 100 components
2016-12-15 12:49:12, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:15, Info                  CSI    0000006c [SR] Verify complete
2016-12-15 12:49:15, Info                  CSI    0000006d [SR] Verifying 100 components
2016-12-15 12:49:15, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:17, Info                  CSI    000000d3 [SR] Verify complete
2016-12-15 12:49:17, Info                  CSI    000000d4 [SR] Verifying 100 components
2016-12-15 12:49:17, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:20, Info                  CSI    0000013a [SR] Verify complete
2016-12-15 12:49:20, Info                  CSI    0000013b [SR] Verifying 100 components
2016-12-15 12:49:20, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:23, Info                  CSI    000001a1 [SR] Verify complete
2016-12-15 12:49:23, Info                  CSI    000001a2 [SR] Verifying 100 components
2016-12-15 12:49:23, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:25, Info                  CSI    00000208 [SR] Verify complete
2016-12-15 12:49:26, Info                  CSI    00000209 [SR] Verifying 100 components
2016-12-15 12:49:26, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:28, Info                  CSI    0000026f [SR] Verify complete
2016-12-15 12:49:28, Info                  CSI    00000270 [SR] Verifying 100 components
2016-12-15 12:49:28, Info                  CSI    00000271 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:31, Info                  CSI    000002d6 [SR] Verify complete
2016-12-15 12:49:31, Info                  CSI    000002d7 [SR] Verifying 100 components
2016-12-15 12:49:31, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:34, Info                  CSI    0000033d [SR] Verify complete
2016-12-15 12:49:34, Info                  CSI    0000033e [SR] Verifying 100 components
2016-12-15 12:49:34, Info                  CSI    0000033f [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:37, Info                  CSI    000003a4 [SR] Verify complete
2016-12-15 12:49:37, Info                  CSI    000003a5 [SR] Verifying 100 components
2016-12-15 12:49:37, Info                  CSI    000003a6 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:40, Info                  CSI    0000040b [SR] Verify complete
2016-12-15 12:49:40, Info                  CSI    0000040c [SR] Verifying 100 components
2016-12-15 12:49:40, Info                  CSI    0000040d [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:42, Info                  CSI    00000472 [SR] Verify complete
2016-12-15 12:49:42, Info                  CSI    00000473 [SR] Verifying 100 components
2016-12-15 12:49:42, Info                  CSI    00000474 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:45, Info                  CSI    000004d9 [SR] Verify complete
2016-12-15 12:49:45, Info                  CSI    000004da [SR] Verifying 100 components
2016-12-15 12:49:45, Info                  CSI    000004db [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:48, Info                  CSI    00000540 [SR] Verify complete
2016-12-15 12:49:48, Info                  CSI    00000541 [SR] Verifying 100 components
2016-12-15 12:49:48, Info                  CSI    00000542 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:50, Info                  CSI    000005a7 [SR] Verify complete
2016-12-15 12:49:50, Info                  CSI    000005a8 [SR] Verifying 100 components
2016-12-15 12:49:50, Info                  CSI    000005a9 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:54, Info                  CSI    00000611 [SR] Verify complete
2016-12-15 12:49:54, Info                  CSI    00000612 [SR] Verifying 100 components
2016-12-15 12:49:54, Info                  CSI    00000613 [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:56, Info                  CSI    00000678 [SR] Verify complete
2016-12-15 12:49:56, Info                  CSI    00000679 [SR] Verifying 100 components
2016-12-15 12:49:56, Info                  CSI    0000067a [SR] Beginning Verify and Repair transaction
2016-12-15 12:49:59, Info                  CSI    000006df [SR] Verify complete
2016-12-15 12:49:59, Info                  CSI    000006e0 [SR] Verifying 100 components
2016-12-15 12:49:59, Info                  CSI    000006e1 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:02, Info                  CSI    00000746 [SR] Verify complete
2016-12-15 12:50:02, Info                  CSI    00000747 [SR] Verifying 100 components
2016-12-15 12:50:02, Info                  CSI    00000748 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:05, Info                  CSI    000007ad [SR] Verify complete
2016-12-15 12:50:05, Info                  CSI    000007ae [SR] Verifying 100 components
2016-12-15 12:50:05, Info                  CSI    000007af [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:06, Info                  CSI    00000814 [SR] Verify complete
2016-12-15 12:50:06, Info                  CSI    00000815 [SR] Verifying 100 components
2016-12-15 12:50:06, Info                  CSI    00000816 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:08, Info                  CSI    0000087b [SR] Verify complete
2016-12-15 12:50:08, Info                  CSI    0000087c [SR] Verifying 100 components
2016-12-15 12:50:08, Info                  CSI    0000087d [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:11, Info                  CSI    000008e2 [SR] Verify complete
2016-12-15 12:50:11, Info                  CSI    000008e3 [SR] Verifying 100 components
2016-12-15 12:50:11, Info                  CSI    000008e4 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:14, Info                  CSI    00000949 [SR] Verify complete
2016-12-15 12:50:14, Info                  CSI    0000094a [SR] Verifying 100 components
2016-12-15 12:50:14, Info                  CSI    0000094b [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:19, Info                  CSI    000009b0 [SR] Verify complete
2016-12-15 12:50:19, Info                  CSI    000009b1 [SR] Verifying 100 components
2016-12-15 12:50:19, Info                  CSI    000009b2 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:22, Info                  CSI    00000a17 [SR] Verify complete
2016-12-15 12:50:22, Info                  CSI    00000a18 [SR] Verifying 100 components
2016-12-15 12:50:22, Info                  CSI    00000a19 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:24, Info                  CSI    00000a7e [SR] Verify complete
2016-12-15 12:50:24, Info                  CSI    00000a7f [SR] Verifying 100 components
2016-12-15 12:50:24, Info                  CSI    00000a80 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:27, Info                  CSI    00000ae5 [SR] Verify complete
2016-12-15 12:50:27, Info                  CSI    00000ae6 [SR] Verifying 100 components
2016-12-15 12:50:27, Info                  CSI    00000ae7 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:30, Info                  CSI    00000b4c [SR] Verify complete
2016-12-15 12:50:30, Info                  CSI    00000b4d [SR] Verifying 100 components
2016-12-15 12:50:30, Info                  CSI    00000b4e [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:33, Info                  CSI    00000bb3 [SR] Verify complete
2016-12-15 12:50:33, Info                  CSI    00000bb4 [SR] Verifying 100 components
2016-12-15 12:50:33, Info                  CSI    00000bb5 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:35, Info                  CSI    00000c1a [SR] Verify complete
2016-12-15 12:50:35, Info                  CSI    00000c1b [SR] Verifying 100 components
2016-12-15 12:50:35, Info                  CSI    00000c1c [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:38, Info                  CSI    00000c81 [SR] Verify complete
2016-12-15 12:50:38, Info                  CSI    00000c82 [SR] Verifying 100 components
2016-12-15 12:50:38, Info                  CSI    00000c83 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:40, Info                  CSI    00000ce9 [SR] Verify complete
2016-12-15 12:50:40, Info                  CSI    00000cea [SR] Verifying 100 components
2016-12-15 12:50:40, Info                  CSI    00000ceb [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:44, Info                  CSI    00000d56 [SR] Verify complete
2016-12-15 12:50:44, Info                  CSI    00000d57 [SR] Verifying 100 components
2016-12-15 12:50:44, Info                  CSI    00000d58 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:46, Info                  CSI    00000dbe [SR] Verify complete
2016-12-15 12:50:46, Info                  CSI    00000dbf [SR] Verifying 100 components
2016-12-15 12:50:46, Info                  CSI    00000dc0 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:48, Info                  CSI    00000e25 [SR] Verify complete
2016-12-15 12:50:48, Info                  CSI    00000e26 [SR] Verifying 100 components
2016-12-15 12:50:48, Info                  CSI    00000e27 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:50, Info                  CSI    00000e93 [SR] Verify complete
2016-12-15 12:50:50, Info                  CSI    00000e94 [SR] Verifying 100 components
2016-12-15 12:50:50, Info                  CSI    00000e95 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:52, Info                  CSI    00000efb [SR] Verify complete
2016-12-15 12:50:52, Info                  CSI    00000efc [SR] Verifying 100 components
2016-12-15 12:50:52, Info                  CSI    00000efd [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:53, Info                  CSI    00000f62 [SR] Verify complete
2016-12-15 12:50:53, Info                  CSI    00000f63 [SR] Verifying 100 components
2016-12-15 12:50:53, Info                  CSI    00000f64 [SR] Beginning Verify and Repair transaction
2016-12-15 12:50:58, Info                  CSI    00000fce [SR] Verify complete
2016-12-15 12:50:58, Info                  CSI    00000fcf [SR] Verifying 100 components
2016-12-15 12:50:58, Info                  CSI    00000fd0 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:06, Info                  CSI    00001051 [SR] Verify complete
2016-12-15 12:51:06, Info                  CSI    00001052 [SR] Verifying 100 components
2016-12-15 12:51:06, Info                  CSI    00001053 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:12, Info                  CSI    000010c3 [SR] Verify complete
2016-12-15 12:51:12, Info                  CSI    000010c4 [SR] Verifying 100 components
2016-12-15 12:51:12, Info                  CSI    000010c5 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:18, Info                  CSI    0000112f [SR] Verify complete
2016-12-15 12:51:18, Info                  CSI    00001130 [SR] Verifying 100 components
2016-12-15 12:51:18, Info                  CSI    00001131 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:22, Info                  CSI    0000119f [SR] Verify complete
2016-12-15 12:51:23, Info                  CSI    000011a0 [SR] Verifying 100 components
2016-12-15 12:51:23, Info                  CSI    000011a1 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:26, Info                  CSI    00001215 [SR] Verify complete
2016-12-15 12:51:26, Info                  CSI    00001216 [SR] Verifying 100 components
2016-12-15 12:51:26, Info                  CSI    00001217 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:29, Info                  CSI    000012df [SR] Verify complete
2016-12-15 12:51:29, Info                  CSI    000012e0 [SR] Verifying 100 components
2016-12-15 12:51:29, Info                  CSI    000012e1 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:37, Info                  CSI    0000134d [SR] Verify complete
2016-12-15 12:51:37, Info                  CSI    0000134e [SR] Verifying 100 components
2016-12-15 12:51:37, Info                  CSI    0000134f [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:44, Info                  CSI    000013b6 [SR] Verify complete
2016-12-15 12:51:44, Info                  CSI    000013b7 [SR] Verifying 100 components
2016-12-15 12:51:44, Info                  CSI    000013b8 [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:47, Info                  CSI    0000141d [SR] Verify complete
2016-12-15 12:51:47, Info                  CSI    0000141e [SR] Verifying 100 components
2016-12-15 12:51:47, Info                  CSI    0000141f [SR] Beginning Verify and Repair transaction
2016-12-15 12:51:52, Info                  CSI    00001484 [SR] Verify complete
2016-12-15 12:51:52, Info                  CSI    00001485 [SR] Verifying 100 components
2016-12-15 12:51:52, Info                  CSI    00001486 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:04, Info                  CSI    000014ef [SR] Verify complete
2016-12-15 12:52:04, Info                  CSI    000014f0 [SR] Verifying 100 components
2016-12-15 12:52:04, Info                  CSI    000014f1 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:11, Info                  CSI    00001573 [SR] Verify complete
2016-12-15 12:52:11, Info                  CSI    00001574 [SR] Verifying 100 components
2016-12-15 12:52:11, Info                  CSI    00001575 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:17, Info                  CSI    000015f7 [SR] Verify complete
2016-12-15 12:52:17, Info                  CSI    000015f8 [SR] Verifying 100 components
2016-12-15 12:52:17, Info                  CSI    000015f9 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:24, Info                  CSI    00001682 [SR] Verify complete
2016-12-15 12:52:24, Info                  CSI    00001683 [SR] Verifying 100 components
2016-12-15 12:52:24, Info                  CSI    00001684 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:31, Info                  CSI    000016f7 [SR] Verify complete
2016-12-15 12:52:31, Info                  CSI    000016f8 [SR] Verifying 100 components
2016-12-15 12:52:31, Info                  CSI    000016f9 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:36, Info                  CSI    00001766 [SR] Verify complete
2016-12-15 12:52:36, Info                  CSI    00001767 [SR] Verifying 100 components
2016-12-15 12:52:36, Info                  CSI    00001768 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:42, Info                  CSI    000017e4 [SR] Verify complete
2016-12-15 12:52:42, Info                  CSI    000017e5 [SR] Verifying 100 components
2016-12-15 12:52:42, Info                  CSI    000017e6 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:46, Info                  CSI    0000185a [SR] Verify complete
2016-12-15 12:52:46, Info                  CSI    0000185b [SR] Verifying 100 components
2016-12-15 12:52:46, Info                  CSI    0000185c [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:51, Info                  CSI    000018c3 [SR] Verify complete
2016-12-15 12:52:51, Info                  CSI    000018c4 [SR] Verifying 100 components
2016-12-15 12:52:51, Info                  CSI    000018c5 [SR] Beginning Verify and Repair transaction
2016-12-15 12:52:56, Info                  CSI    0000192b [SR] Verify complete
2016-12-15 12:52:56, Info                  CSI    0000192c [SR] Verifying 100 components
2016-12-15 12:52:56, Info                  CSI    0000192d [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:01, Info                  CSI    00001996 [SR] Verify complete
2016-12-15 12:53:01, Info                  CSI    00001997 [SR] Verifying 100 components
2016-12-15 12:53:01, Info                  CSI    00001998 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:06, Info                  CSI    00001a07 [SR] Verify complete
2016-12-15 12:53:06, Info                  CSI    00001a08 [SR] Verifying 100 components
2016-12-15 12:53:06, Info                  CSI    00001a09 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:15, Info                  CSI    00001a90 [SR] Verify complete
2016-12-15 12:53:15, Info                  CSI    00001a91 [SR] Verifying 100 components
2016-12-15 12:53:15, Info                  CSI    00001a92 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:23, Info                  CSI    00001b30 [SR] Verify complete
2016-12-15 12:53:23, Info                  CSI    00001b31 [SR] Verifying 100 components
2016-12-15 12:53:23, Info                  CSI    00001b32 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:34, Info                  CSI    00001bbe [SR] Verify complete
2016-12-15 12:53:34, Info                  CSI    00001bbf [SR] Verifying 100 components
2016-12-15 12:53:34, Info                  CSI    00001bc0 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:39, Info                  CSI    00001c30 [SR] Verify complete
2016-12-15 12:53:39, Info                  CSI    00001c31 [SR] Verifying 100 components
2016-12-15 12:53:39, Info                  CSI    00001c32 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:43, Info                  CSI    00001c9e [SR] Verify complete
2016-12-15 12:53:43, Info                  CSI    00001c9f [SR] Verifying 100 components
2016-12-15 12:53:43, Info                  CSI    00001ca0 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:51, Info                  CSI    00001d1a [SR] Verify complete
2016-12-15 12:53:51, Info                  CSI    00001d1b [SR] Verifying 100 components
2016-12-15 12:53:51, Info                  CSI    00001d1c [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:55, Info                  CSI    00001d86 [SR] Verify complete
2016-12-15 12:53:55, Info                  CSI    00001d87 [SR] Verifying 100 components
2016-12-15 12:53:55, Info                  CSI    00001d88 [SR] Beginning Verify and Repair transaction
2016-12-15 12:53:58, Info                  CSI    00001ded [SR] Verify complete
2016-12-15 12:53:58, Info                  CSI    00001dee [SR] Verifying 100 components
2016-12-15 12:53:58, Info                  CSI    00001def [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:02, Info                  CSI    00001e5f [SR] Verify complete
2016-12-15 12:54:02, Info                  CSI    00001e60 [SR] Verifying 100 components
2016-12-15 12:54:02, Info                  CSI    00001e61 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:10, Info                  CSI    00001ed6 [SR] Verify complete
2016-12-15 12:54:10, Info                  CSI    00001ed7 [SR] Verifying 100 components
2016-12-15 12:54:10, Info                  CSI    00001ed8 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:18, Info                  CSI    00001f57 [SR] Verify complete
2016-12-15 12:54:18, Info                  CSI    00001f58 [SR] Verifying 100 components
2016-12-15 12:54:18, Info                  CSI    00001f59 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:23, Info                  CSI    00001fc4 [SR] Verify complete
2016-12-15 12:54:23, Info                  CSI    00001fc5 [SR] Verifying 100 components
2016-12-15 12:54:23, Info                  CSI    00001fc6 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:27, Info                  CSI    00002034 [SR] Verify complete
2016-12-15 12:54:27, Info                  CSI    00002035 [SR] Verifying 100 components
2016-12-15 12:54:27, Info                  CSI    00002036 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:33, Info                  CSI    000020ba [SR] Verify complete
2016-12-15 12:54:33, Info                  CSI    000020bb [SR] Verifying 100 components
2016-12-15 12:54:33, Info                  CSI    000020bc [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:41, Info                  CSI    0000212d [SR] Verify complete
2016-12-15 12:54:41, Info                  CSI    0000212e [SR] Verifying 100 components
2016-12-15 12:54:41, Info                  CSI    0000212f [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:48, Info                  CSI    000021a7 [SR] Verify complete
2016-12-15 12:54:48, Info                  CSI    000021a8 [SR] Verifying 100 components
2016-12-15 12:54:48, Info                  CSI    000021a9 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:51, Info                  CSI    0000220f [SR] Verify complete
2016-12-15 12:54:51, Info                  CSI    00002210 [SR] Verifying 100 components
2016-12-15 12:54:51, Info                  CSI    00002211 [SR] Beginning Verify and Repair transaction
2016-12-15 12:54:57, Info                  CSI    0000227d [SR] Verify complete
2016-12-15 12:54:57, Info                  CSI    0000227e [SR] Verifying 100 components
2016-12-15 12:54:57, Info                  CSI    0000227f [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:09, Info                  CSI    000022ff [SR] Verify complete
2016-12-15 12:55:09, Info                  CSI    00002300 [SR] Verifying 100 components
2016-12-15 12:55:09, Info                  CSI    00002301 [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:14, Info                  CSI    00002379 [SR] Verify complete
2016-12-15 12:55:15, Info                  CSI    0000237a [SR] Verifying 100 components
2016-12-15 12:55:15, Info                  CSI    0000237b [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:19, Info                  CSI    000023ea [SR] Verify complete
2016-12-15 12:55:19, Info                  CSI    000023eb [SR] Verifying 100 components
2016-12-15 12:55:19, Info                  CSI    000023ec [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:21, Info                  CSI    00002454 [SR] Verify complete
2016-12-15 12:55:21, Info                  CSI    00002455 [SR] Verifying 100 components
2016-12-15 12:55:21, Info                  CSI    00002456 [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:26, Info                  CSI    000024cc [SR] Verify complete
2016-12-15 12:55:26, Info                  CSI    000024cd [SR] Verifying 100 components
2016-12-15 12:55:26, Info                  CSI    000024ce [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:33, Info                  CSI    00002566 [SR] Verify complete
2016-12-15 12:55:33, Info                  CSI    00002567 [SR] Verifying 100 components
2016-12-15 12:55:33, Info                  CSI    00002568 [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:36, Info                  CSI    000025cd [SR] Verify complete
2016-12-15 12:55:36, Info                  CSI    000025ce [SR] Verifying 100 components
2016-12-15 12:55:36, Info                  CSI    000025cf [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:40, Info                  CSI    0000263a [SR] Verify complete
2016-12-15 12:55:40, Info                  CSI    0000263b [SR] Verifying 100 components
2016-12-15 12:55:40, Info                  CSI    0000263c [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:45, Info                  CSI    000026b0 [SR] Verify complete
2016-12-15 12:55:45, Info                  CSI    000026b1 [SR] Verifying 100 components
2016-12-15 12:55:45, Info                  CSI    000026b2 [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:48, Info                  CSI    00002727 [SR] Verify complete
2016-12-15 12:55:48, Info                  CSI    00002728 [SR] Verifying 100 components
2016-12-15 12:55:48, Info                  CSI    00002729 [SR] Beginning Verify and Repair transaction
2016-12-15 12:55:53, Info                  CSI    00002796 [SR] Verify complete
2016-12-15 12:55:53, Info                  CSI    00002797 [SR] Verifying 100 components
2016-12-15 12:55:53, Info                  CSI    00002798 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:02, Info                  CSI    0000283c [SR] Verify complete
2016-12-15 12:56:02, Info                  CSI    0000283d [SR] Verifying 100 components
2016-12-15 12:56:02, Info                  CSI    0000283e [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:07, Info                  CSI    000028c0 [SR] Verify complete
2016-12-15 12:56:07, Info                  CSI    000028c1 [SR] Verifying 100 components
2016-12-15 12:56:07, Info                  CSI    000028c2 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:12, Info                  CSI    00002930 [SR] Verify complete
2016-12-15 12:56:12, Info                  CSI    00002931 [SR] Verifying 100 components
2016-12-15 12:56:12, Info                  CSI    00002932 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:17, Info                  CSI    0000299b [SR] Verify complete
2016-12-15 12:56:17, Info                  CSI    0000299c [SR] Verifying 100 components
2016-12-15 12:56:17, Info                  CSI    0000299d [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:20, Info                  CSI    00002a04 [SR] Verify complete
2016-12-15 12:56:20, Info                  CSI    00002a05 [SR] Verifying 100 components
2016-12-15 12:56:20, Info                  CSI    00002a06 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:25, Info                  CSI    00002a7a [SR] Verify complete
2016-12-15 12:56:25, Info                  CSI    00002a7b [SR] Verifying 100 components
2016-12-15 12:56:25, Info                  CSI    00002a7c [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:29, Info                  CSI    00002ae4 [SR] Verify complete
2016-12-15 12:56:30, Info                  CSI    00002ae5 [SR] Verifying 100 components
2016-12-15 12:56:30, Info                  CSI    00002ae6 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:33, Info                  CSI    00002b53 [SR] Verify complete
2016-12-15 12:56:33, Info                  CSI    00002b54 [SR] Verifying 100 components
2016-12-15 12:56:33, Info                  CSI    00002b55 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:38, Info                  CSI    00002bc1 [SR] Verify complete
2016-12-15 12:56:38, Info                  CSI    00002bc2 [SR] Verifying 100 components
2016-12-15 12:56:38, Info                  CSI    00002bc3 [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:46, Info                  CSI    00002c3b [SR] Verify complete
2016-12-15 12:56:46, Info                  CSI    00002c3c [SR] Verifying 100 components
2016-12-15 12:56:46, Info                  CSI    00002c3d [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:52, Info                  CSI    00002cab [SR] Verify complete
2016-12-15 12:56:52, Info                  CSI    00002cac [SR] Verifying 100 components
2016-12-15 12:56:52, Info                  CSI    00002cad [SR] Beginning Verify and Repair transaction
2016-12-15 12:56:58, Info                  CSI    00002d19 [SR] Verify complete
2016-12-15 12:56:58, Info                  CSI    00002d1a [SR] Verifying 100 components
2016-12-15 12:56:58, Info                  CSI    00002d1b [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:08, Info                  CSI    00002dc1 [SR] Verify complete
2016-12-15 12:57:08, Info                  CSI    00002dc2 [SR] Verifying 100 components
2016-12-15 12:57:08, Info                  CSI    00002dc3 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:18, Info                  CSI    00002e41 [SR] Verify complete
2016-12-15 12:57:18, Info                  CSI    00002e42 [SR] Verifying 100 components
2016-12-15 12:57:18, Info                  CSI    00002e43 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:24, Info                  CSI    00002eb1 [SR] Verify complete
2016-12-15 12:57:24, Info                  CSI    00002eb2 [SR] Verifying 100 components
2016-12-15 12:57:24, Info                  CSI    00002eb3 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:30, Info                  CSI    00002f2a [SR] Verify complete
2016-12-15 12:57:30, Info                  CSI    00002f2b [SR] Verifying 100 components
2016-12-15 12:57:30, Info                  CSI    00002f2c [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:38, Info                  CSI    00002f99 [SR] Verify complete
2016-12-15 12:57:38, Info                  CSI    00002f9a [SR] Verifying 100 components
2016-12-15 12:57:38, Info                  CSI    00002f9b [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:43, Info                  CSI    00003007 [SR] Verify complete
2016-12-15 12:57:43, Info                  CSI    00003008 [SR] Verifying 100 components
2016-12-15 12:57:43, Info                  CSI    00003009 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:48, Info                  CSI    00003072 [SR] Verify complete
2016-12-15 12:57:48, Info                  CSI    00003073 [SR] Verifying 100 components
2016-12-15 12:57:48, Info                  CSI    00003074 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:54, Info                  CSI    000030e5 [SR] Verify complete
2016-12-15 12:57:54, Info                  CSI    000030e6 [SR] Verifying 100 components
2016-12-15 12:57:54, Info                  CSI    000030e7 [SR] Beginning Verify and Repair transaction
2016-12-15 12:57:59, Info                  CSI    0000315c [SR] Verify complete
2016-12-15 12:57:59, Info                  CSI    0000315d [SR] Verifying 100 components
2016-12-15 12:57:59, Info                  CSI    0000315e [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:05, Info                  CSI    000031d1 [SR] Verify complete
2016-12-15 12:58:05, Info                  CSI    000031d2 [SR] Verifying 100 components
2016-12-15 12:58:05, Info                  CSI    000031d3 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:10, Info                  CSI    00003244 [SR] Verify complete
2016-12-15 12:58:10, Info                  CSI    00003245 [SR] Verifying 100 components
2016-12-15 12:58:10, Info                  CSI    00003246 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:13, Info                  CSI    000032b3 [SR] Verify complete
2016-12-15 12:58:13, Info                  CSI    000032b4 [SR] Verifying 100 components
2016-12-15 12:58:13, Info                  CSI    000032b5 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:18, Info                  CSI    00003329 [SR] Verify complete
2016-12-15 12:58:18, Info                  CSI    0000332a [SR] Verifying 100 components
2016-12-15 12:58:18, Info                  CSI    0000332b [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:24, Info                  CSI    00003393 [SR] Verify complete
2016-12-15 12:58:24, Info                  CSI    00003394 [SR] Verifying 100 components
2016-12-15 12:58:24, Info                  CSI    00003395 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:29, Info                  CSI    000033fa [SR] Verify complete
2016-12-15 12:58:29, Info                  CSI    000033fb [SR] Verifying 100 components
2016-12-15 12:58:29, Info                  CSI    000033fc [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:36, Info                  CSI    0000346f [SR] Verify complete
2016-12-15 12:58:36, Info                  CSI    00003470 [SR] Verifying 100 components
2016-12-15 12:58:36, Info                  CSI    00003471 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:48, Info                  CSI    00003574 [SR] Verify complete
2016-12-15 12:58:48, Info                  CSI    00003575 [SR] Verifying 100 components
2016-12-15 12:58:48, Info                  CSI    00003576 [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:53, Info                  CSI    000035f8 [SR] Verify complete
2016-12-15 12:58:53, Info                  CSI    000035f9 [SR] Verifying 100 components
2016-12-15 12:58:53, Info                  CSI    000035fa [SR] Beginning Verify and Repair transaction
2016-12-15 12:58:58, Info                  CSI    00003663 [SR] Verify complete
2016-12-15 12:58:58, Info                  CSI    00003664 [SR] Verifying 100 components
2016-12-15 12:58:58, Info                  CSI    00003665 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:02, Info                  CSI    000036ca [SR] Verify complete
2016-12-15 12:59:02, Info                  CSI    000036cb [SR] Verifying 100 components
2016-12-15 12:59:02, Info                  CSI    000036cc [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:06, Info                  CSI    00003732 [SR] Verify complete
2016-12-15 12:59:06, Info                  CSI    00003733 [SR] Verifying 100 components
2016-12-15 12:59:06, Info                  CSI    00003734 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:10, Info                  CSI    00003799 [SR] Verify complete
2016-12-15 12:59:10, Info                  CSI    0000379a [SR] Verifying 100 components
2016-12-15 12:59:10, Info                  CSI    0000379b [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:15, Info                  CSI    00003801 [SR] Verify complete
2016-12-15 12:59:15, Info                  CSI    00003802 [SR] Verifying 100 components
2016-12-15 12:59:15, Info                  CSI    00003803 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:21, Info                  CSI    00003868 [SR] Verify complete
2016-12-15 12:59:21, Info                  CSI    00003869 [SR] Verifying 100 components
2016-12-15 12:59:21, Info                  CSI    0000386a [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:24, Info                  CSI    000038d0 [SR] Verify complete
2016-12-15 12:59:24, Info                  CSI    000038d1 [SR] Verifying 100 components
2016-12-15 12:59:24, Info                  CSI    000038d2 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:27, Info                  CSI    00003937 [SR] Verify complete
2016-12-15 12:59:27, Info                  CSI    00003938 [SR] Verifying 100 components
2016-12-15 12:59:27, Info                  CSI    00003939 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:31, Info                  CSI    0000399e [SR] Verify complete
2016-12-15 12:59:31, Info                  CSI    0000399f [SR] Verifying 100 components
2016-12-15 12:59:31, Info                  CSI    000039a0 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:34, Info                  CSI    00003a05 [SR] Verify complete
2016-12-15 12:59:34, Info                  CSI    00003a06 [SR] Verifying 100 components
2016-12-15 12:59:34, Info                  CSI    00003a07 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:39, Info                  CSI    00003a6d [SR] Verify complete
2016-12-15 12:59:39, Info                  CSI    00003a6e [SR] Verifying 100 components
2016-12-15 12:59:39, Info                  CSI    00003a6f [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:42, Info                  CSI    00003af4 [SR] Verify complete
2016-12-15 12:59:42, Info                  CSI    00003af5 [SR] Verifying 100 components
2016-12-15 12:59:42, Info                  CSI    00003af6 [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:46, Info                  CSI    00003b5b [SR] Verify complete
2016-12-15 12:59:46, Info                  CSI    00003b5c [SR] Verifying 100 components
2016-12-15 12:59:46, Info                  CSI    00003b5d [SR] Beginning Verify and Repair transaction
2016-12-15 12:59:56, Info                  CSI    00003bc8 [SR] Verify complete
2016-12-15 12:59:56, Info                  CSI    00003bc9 [SR] Verifying 100 components
2016-12-15 12:59:56, Info                  CSI    00003bca [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:06, Info                  CSI    00003c2f [SR] Verify complete
2016-12-15 13:00:06, Info                  CSI    00003c30 [SR] Verifying 100 components
2016-12-15 13:00:06, Info                  CSI    00003c31 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:09, Info                  CSI    00003c96 [SR] Verify complete
2016-12-15 13:00:09, Info                  CSI    00003c97 [SR] Verifying 100 components
2016-12-15 13:00:09, Info                  CSI    00003c98 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:13, Info                  CSI    00003cfe [SR] Verify complete
2016-12-15 13:00:13, Info                  CSI    00003cff [SR] Verifying 100 components
2016-12-15 13:00:13, Info                  CSI    00003d00 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:16, Info                  CSI    00003d65 [SR] Verify complete
2016-12-15 13:00:16, Info                  CSI    00003d66 [SR] Verifying 100 components
2016-12-15 13:00:16, Info                  CSI    00003d67 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:25, Info                  CSI    00003dd1 [SR] Verify complete
2016-12-15 13:00:25, Info                  CSI    00003dd2 [SR] Verifying 100 components
2016-12-15 13:00:25, Info                  CSI    00003dd3 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:31, Info                  CSI    00003e3f [SR] Verify complete
2016-12-15 13:00:31, Info                  CSI    00003e40 [SR] Verifying 100 components
2016-12-15 13:00:31, Info                  CSI    00003e41 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:34, Info                  CSI    00003ea6 [SR] Verify complete
2016-12-15 13:00:34, Info                  CSI    00003ea7 [SR] Verifying 100 components
2016-12-15 13:00:34, Info                  CSI    00003ea8 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:37, Info                  CSI    00003f0d [SR] Verify complete
2016-12-15 13:00:37, Info                  CSI    00003f0e [SR] Verifying 100 components
2016-12-15 13:00:37, Info                  CSI    00003f0f [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:41, Info                  CSI    00003f83 [SR] Verify complete
2016-12-15 13:00:41, Info                  CSI    00003f84 [SR] Verifying 100 components
2016-12-15 13:00:41, Info                  CSI    00003f85 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:45, Info                  CSI    00003ff2 [SR] Verify complete
2016-12-15 13:00:45, Info                  CSI    00003ff3 [SR] Verifying 100 components
2016-12-15 13:00:45, Info                  CSI    00003ff4 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:48, Info                  CSI    0000405a [SR] Verify complete
2016-12-15 13:00:48, Info                  CSI    0000405b [SR] Verifying 100 components
2016-12-15 13:00:48, Info                  CSI    0000405c [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:51, Info                  CSI    000040c1 [SR] Verify complete
2016-12-15 13:00:51, Info                  CSI    000040c2 [SR] Verifying 100 components
2016-12-15 13:00:51, Info                  CSI    000040c3 [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:55, Info                  CSI    00004128 [SR] Verify complete
2016-12-15 13:00:55, Info                  CSI    00004129 [SR] Verifying 100 components
2016-12-15 13:00:55, Info                  CSI    0000412a [SR] Beginning Verify and Repair transaction
2016-12-15 13:00:58, Info                  CSI    0000418f [SR] Verify complete
2016-12-15 13:00:58, Info                  CSI    00004190 [SR] Verifying 100 components
2016-12-15 13:00:58, Info                  CSI    00004191 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:03, Info                  CSI    00004203 [SR] Verify complete
2016-12-15 13:01:03, Info                  CSI    00004204 [SR] Verifying 100 components
2016-12-15 13:01:03, Info                  CSI    00004205 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:07, Info                  CSI    00004271 [SR] Verify complete
2016-12-15 13:01:07, Info                  CSI    00004272 [SR] Verifying 100 components
2016-12-15 13:01:07, Info                  CSI    00004273 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:11, Info                  CSI    000042e6 [SR] Verify complete
2016-12-15 13:01:11, Info                  CSI    000042e7 [SR] Verifying 100 components
2016-12-15 13:01:11, Info                  CSI    000042e8 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:16, Info                  CSI    0000435f [SR] Verify complete
2016-12-15 13:01:16, Info                  CSI    00004360 [SR] Verifying 100 components
2016-12-15 13:01:16, Info                  CSI    00004361 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:20, Info                  CSI    000043c6 [SR] Verify complete
2016-12-15 13:01:20, Info                  CSI    000043c7 [SR] Verifying 100 components
2016-12-15 13:01:20, Info                  CSI    000043c8 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:25, Info                  CSI    00004442 [SR] Verify complete
2016-12-15 13:01:25, Info                  CSI    00004443 [SR] Verifying 100 components
2016-12-15 13:01:25, Info                  CSI    00004444 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:31, Info                  CSI    000044b8 [SR] Verify complete
2016-12-15 13:01:31, Info                  CSI    000044b9 [SR] Verifying 100 components
2016-12-15 13:01:31, Info                  CSI    000044ba [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:34, Info                  CSI    0000451f [SR] Verify complete
2016-12-15 13:01:34, Info                  CSI    00004520 [SR] Verifying 100 components
2016-12-15 13:01:34, Info                  CSI    00004521 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:37, Info                  CSI    00004586 [SR] Verify complete
2016-12-15 13:01:37, Info                  CSI    00004587 [SR] Verifying 100 components
2016-12-15 13:01:37, Info                  CSI    00004588 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:44, Info                  CSI    000045fe [SR] Verify complete
2016-12-15 13:01:44, Info                  CSI    000045ff [SR] Verifying 100 components
2016-12-15 13:01:44, Info                  CSI    00004600 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:49, Info                  CSI    0000467f [SR] Verify complete
2016-12-15 13:01:49, Info                  CSI    00004680 [SR] Verifying 100 components
2016-12-15 13:01:49, Info                  CSI    00004681 [SR] Beginning Verify and Repair transaction
2016-12-15 13:01:57, Info                  CSI    00004705 [SR] Verify complete
2016-12-15 13:01:57, Info                  CSI    00004706 [SR] Verifying 100 components
2016-12-15 13:01:57, Info                  CSI    00004707 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:02, Info                  CSI    00004774 [SR] Verify complete
2016-12-15 13:02:02, Info                  CSI    00004775 [SR] Verifying 100 components
2016-12-15 13:02:02, Info                  CSI    00004776 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:08, Info                  CSI    000047f6 [SR] Verify complete
2016-12-15 13:02:08, Info                  CSI    000047f7 [SR] Verifying 100 components
2016-12-15 13:02:08, Info                  CSI    000047f8 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:13, Info                  CSI    00004869 [SR] Verify complete
2016-12-15 13:02:13, Info                  CSI    0000486a [SR] Verifying 100 components
2016-12-15 13:02:13, Info                  CSI    0000486b [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:19, Info                  CSI    000048e1 [SR] Verify complete
2016-12-15 13:02:19, Info                  CSI    000048e2 [SR] Verifying 100 components
2016-12-15 13:02:19, Info                  CSI    000048e3 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:24, Info                  CSI    0000494c [SR] Verify complete
2016-12-15 13:02:24, Info                  CSI    0000494d [SR] Verifying 100 components
2016-12-15 13:02:24, Info                  CSI    0000494e [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:30, Info                  CSI    000049c9 [SR] Verify complete
2016-12-15 13:02:30, Info                  CSI    000049ca [SR] Verifying 100 components
2016-12-15 13:02:30, Info                  CSI    000049cb [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:36, Info                  CSI    00004a3f [SR] Verify complete
2016-12-15 13:02:36, Info                  CSI    00004a40 [SR] Verifying 100 components
2016-12-15 13:02:36, Info                  CSI    00004a41 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:41, Info                  CSI    00004abc [SR] Verify complete
2016-12-15 13:02:41, Info                  CSI    00004abd [SR] Verifying 100 components
2016-12-15 13:02:41, Info                  CSI    00004abe [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:46, Info                  CSI    00004b30 [SR] Verify complete
2016-12-15 13:02:46, Info                  CSI    00004b31 [SR] Verifying 100 components
2016-12-15 13:02:46, Info                  CSI    00004b32 [SR] Beginning Verify and Repair transaction
2016-12-15 13:02:54, Info                  CSI    00004bf4 [SR] Verify complete
2016-12-15 13:02:55, Info                  CSI    00004bf5 [SR] Verifying 100 components
2016-12-15 13:02:55, Info                  CSI    00004bf6 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:02, Info                  CSI    00004cce [SR] Verify complete
2016-12-15 13:03:03, Info                  CSI    00004ccf [SR] Verifying 100 components
2016-12-15 13:03:03, Info                  CSI    00004cd0 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:07, Info                  CSI    00004d36 [SR] Verify complete
2016-12-15 13:03:07, Info                  CSI    00004d37 [SR] Verifying 100 components
2016-12-15 13:03:07, Info                  CSI    00004d38 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:11, Info                  CSI    00004d9d [SR] Verify complete
2016-12-15 13:03:11, Info                  CSI    00004d9e [SR] Verifying 100 components
2016-12-15 13:03:11, Info                  CSI    00004d9f [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:16, Info                  CSI    00004e1b [SR] Verify complete
2016-12-15 13:03:16, Info                  CSI    00004e1c [SR] Verifying 100 components
2016-12-15 13:03:16, Info                  CSI    00004e1d [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:21, Info                  CSI    00004e9a [SR] Verify complete
2016-12-15 13:03:21, Info                  CSI    00004e9b [SR] Verifying 100 components
2016-12-15 13:03:21, Info                  CSI    00004e9c [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:30, Info                  CSI    00004f13 [SR] Verify complete
2016-12-15 13:03:30, Info                  CSI    00004f14 [SR] Verifying 100 components
2016-12-15 13:03:30, Info                  CSI    00004f15 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:34, Info                  CSI    00004f81 [SR] Verify complete
2016-12-15 13:03:34, Info                  CSI    00004f82 [SR] Verifying 100 components
2016-12-15 13:03:34, Info                  CSI    00004f83 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:38, Info                  CSI    00004fe9 [SR] Verify complete
2016-12-15 13:03:38, Info                  CSI    00004fea [SR] Verifying 100 components
2016-12-15 13:03:38, Info                  CSI    00004feb [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:45, Info                  CSI    0000507e [SR] Verify complete
2016-12-15 13:03:45, Info                  CSI    0000507f [SR] Verifying 100 components
2016-12-15 13:03:45, Info                  CSI    00005080 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:52, Info                  CSI    000050f5 [SR] Verify complete
2016-12-15 13:03:52, Info                  CSI    000050f6 [SR] Verifying 100 components
2016-12-15 13:03:52, Info                  CSI    000050f7 [SR] Beginning Verify and Repair transaction
2016-12-15 13:03:57, Info                  CSI    00005168 [SR] Verify complete
2016-12-15 13:03:57, Info                  CSI    00005169 [SR] Verifying 100 components
2016-12-15 13:03:57, Info                  CSI    0000516a [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:02, Info                  CSI    000051d5 [SR] Verify complete
2016-12-15 13:04:02, Info                  CSI    000051d6 [SR] Verifying 100 components
2016-12-15 13:04:02, Info                  CSI    000051d7 [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:06, Info                  CSI    0000523d [SR] Verify complete
2016-12-15 13:04:06, Info                  CSI    0000523e [SR] Verifying 100 components
2016-12-15 13:04:06, Info                  CSI    0000523f [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:11, Info                  CSI    000052a9 [SR] Verify complete
2016-12-15 13:04:12, Info                  CSI    000052aa [SR] Verifying 100 components
2016-12-15 13:04:12, Info                  CSI    000052ab [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:16, Info                  CSI    0000533c [SR] Verify complete
2016-12-15 13:04:16, Info                  CSI    0000533d [SR] Verifying 100 components
2016-12-15 13:04:16, Info                  CSI    0000533e [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:21, Info                  CSI    000053a7 [SR] Verify complete
2016-12-15 13:04:21, Info                  CSI    000053a8 [SR] Verifying 100 components
2016-12-15 13:04:21, Info                  CSI    000053a9 [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:25, Info                  CSI    00005410 [SR] Verify complete
2016-12-15 13:04:25, Info                  CSI    00005411 [SR] Verifying 100 components
2016-12-15 13:04:25, Info                  CSI    00005412 [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:29, Info                  CSI    0000547b [SR] Verify complete
2016-12-15 13:04:29, Info                  CSI    0000547c [SR] Verifying 100 components
2016-12-15 13:04:29, Info                  CSI    0000547d [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:34, Info                  CSI    000054e8 [SR] Verify complete
2016-12-15 13:04:34, Info                  CSI    000054e9 [SR] Verifying 100 components
2016-12-15 13:04:34, Info                  CSI    000054ea [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:38, Info                  CSI    00005554 [SR] Verify complete
2016-12-15 13:04:38, Info                  CSI    00005555 [SR] Verifying 100 components
2016-12-15 13:04:38, Info                  CSI    00005556 [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:42, Info                  CSI    000055bc [SR] Verify complete
2016-12-15 13:04:42, Info                  CSI    000055bd [SR] Verifying 100 components
2016-12-15 13:04:42, Info                  CSI    000055be [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:46, Info                  CSI    00005626 [SR] Verify complete
2016-12-15 13:04:46, Info                  CSI    00005627 [SR] Verifying 100 components
2016-12-15 13:04:46, Info                  CSI    00005628 [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:50, Info                  CSI    00005698 [SR] Verify complete
2016-12-15 13:04:50, Info                  CSI    00005699 [SR] Verifying 100 components
2016-12-15 13:04:50, Info                  CSI    0000569a [SR] Beginning Verify and Repair transaction
2016-12-15 13:04:55, Info                  CSI    00005706 [SR] Verify complete
2016-12-15 13:04:55, Info                  CSI    00005707 [SR] Verifying 100 components
2016-12-15 13:04:55, Info                  CSI    00005708 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:01, Info                  CSI    0000576e [SR] Verify complete
2016-12-15 13:05:01, Info                  CSI    0000576f [SR] Verifying 100 components
2016-12-15 13:05:01, Info                  CSI    00005770 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:05, Info                  CSI    000057d5 [SR] Verify complete
2016-12-15 13:05:05, Info                  CSI    000057d6 [SR] Verifying 100 components
2016-12-15 13:05:05, Info                  CSI    000057d7 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:10, Info                  CSI    0000583c [SR] Verify complete
2016-12-15 13:05:10, Info                  CSI    0000583d [SR] Verifying 100 components
2016-12-15 13:05:10, Info                  CSI    0000583e [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:14, Info                  CSI    000058a4 [SR] Verify complete
2016-12-15 13:05:14, Info                  CSI    000058a5 [SR] Verifying 100 components
2016-12-15 13:05:14, Info                  CSI    000058a6 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:17, Info                  CSI    0000590b [SR] Verify complete
2016-12-15 13:05:17, Info                  CSI    0000590c [SR] Verifying 100 components
2016-12-15 13:05:17, Info                  CSI    0000590d [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:23, Info                  CSI    00005972 [SR] Verify complete
2016-12-15 13:05:23, Info                  CSI    00005973 [SR] Verifying 62 components
2016-12-15 13:05:23, Info                  CSI    00005974 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:25, Info                  CSI    000059b3 [SR] Verify complete
2016-12-15 13:05:25, Info                  CSI    000059b4 [SR] Repairing 0 components
2016-12-15 13:05:25, Info                  CSI    000059b5 [SR] Beginning Verify and Repair transaction
2016-12-15 13:05:25, Info                  CSI    000059b6 [SR] Repair complete
 
 
 
Contents of the VEW System Scan:
 
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:15 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
Log: 'System' Date/Time: 13/12/2016 11:44:11 PM
Type: Error Category: 0
Event: 7 Source: disk
The device, \Device\Harddisk0\DR0, has a bad block.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 13/12/2016 9:42:14 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 13/12/2016 8:07:59 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name 5-edge-chat.facebook.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 13/12/2016 6:47:40 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthPan failed to load for the device BTH\MS_BTHPAN\7&5f341b9&0&2.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthEnum failed to load for the device BTH\MS_BTHBRB\7&5f341b9&0&1.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\RFCOMM failed to load for the device BTH\MS_RFCOMM\7&5f341b9&0&0.
 
Log: 'System' Date/Time: 13/12/2016 6:47:27 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BthLEEnum failed to load for the device BTH\MS_BTHLE\7&5f341b9&0&0.
 

 

-------------------------

 

I'm beginning to think i may need to replace the hard drive.  Ugh...


  • 0

#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Appears that the block errors have stopped.  The dates on the ones from the last VEW are from 2 days ago.  

 

Can you run a new FRST scan with Addition.txt checked and post both logs?  


  • 0

#12
dogstar21

dogstar21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts

Sorry for the delay.  The computer has been hard to use, and my free time to continue this has been limited.

 

I ran FRST again, with Addition.txt checked.  Here are the logs:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Peter (administrator) on CRASH-AWPC (09-01-2017 18:20:43)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-11-04] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-13] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4593968 2013-11-15] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-08-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{F9D8E17A-8670-4D39-AFBE-9B599BB85B1A}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1a6367e8-bf6c-4acf-9fbf-0a2d2735d2c0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd3d142-7b80-499c-9271-e0a4556037e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
SearchScopes: HKU\S-1-5-21-1655148389-21164826-1717179592-1001 -> DefaultScope {C18F8930-20A0-4E49-8E05-9EFFCD2F767F} URL = 
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=830633&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxp://sports.yahoo.com/fantasy/"
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Google Slides) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Sheets) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-07] (Qualcomm Atheros) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-18] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-09 18:20 - 2017-01-09 18:20 - 00000000 ____D C:\Users\Peter\Desktop\FRST-OlderVersion
2017-01-09 11:32 - 2017-01-09 11:32 - 00000000 ___HD C:\OneDriveTemp
2017-01-01 13:26 - 2014-01-10 03:41 - 00033616 _____ (Intel Corporation ) C:\WINDOWS\system32\Drivers\iqvw64e.sys
2016-12-15 13:50 - 2016-12-15 13:50 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-15 13:14 - 2016-12-15 13:14 - 00005355 _____ C:\Users\Peter\Desktop\VEW-System-2016-12-15.txt
2016-12-15 13:10 - 2016-12-15 13:10 - 00000000 __SHD C:\found.003
2016-12-15 13:10 - 2016-12-15 13:10 - 00000000 __SHD C:\found.002
2016-12-15 13:09 - 2016-12-15 13:09 - 00055749 _____ C:\junk.txt
2016-12-14 16:36 - 2016-12-14 16:36 - 00000000 ____D C:\ProgramData\PCDr
2016-12-14 10:44 - 2016-12-14 10:44 - 00000000 ____D C:\ProgramData\Qualcomm
2016-12-14 10:12 - 2016-12-14 10:12 - 00000000 __SHD C:\found.001
2016-12-13 14:20 - 2016-12-13 14:20 - 00148956 _____ C:\Users\Peter\Desktop\Speccy File.txt
2016-12-13 14:20 - 2016-12-09 05:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 14:20 - 2016-12-09 05:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 14:20 - 2016-12-09 05:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 14:20 - 2016-12-09 05:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 14:20 - 2016-12-09 05:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 14:20 - 2016-12-09 05:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 14:20 - 2016-12-09 05:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-13 14:20 - 2016-12-09 05:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 14:20 - 2016-12-09 05:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 14:20 - 2016-12-09 05:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 14:20 - 2016-12-09 05:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 14:20 - 2016-12-09 05:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 14:20 - 2016-12-09 05:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 14:20 - 2016-12-09 05:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 14:20 - 2016-12-09 05:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 14:20 - 2016-12-09 05:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 14:20 - 2016-12-09 05:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 14:20 - 2016-12-09 05:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 14:20 - 2016-12-09 05:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-13 14:20 - 2016-12-09 05:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 14:20 - 2016-12-09 05:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-13 14:20 - 2016-12-09 05:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 14:20 - 2016-12-09 05:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-13 14:20 - 2016-12-09 05:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 14:20 - 2016-12-09 05:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 14:20 - 2016-12-09 05:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-13 14:20 - 2016-12-09 05:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 14:20 - 2016-12-09 05:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 14:20 - 2016-12-09 05:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 14:20 - 2016-12-09 05:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 14:20 - 2016-12-09 04:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 14:20 - 2016-12-09 04:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 14:20 - 2016-12-09 04:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 14:20 - 2016-12-09 04:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-13 14:20 - 2016-12-09 04:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 14:20 - 2016-12-09 04:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 14:20 - 2016-12-09 04:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 14:20 - 2016-12-09 04:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-13 14:20 - 2016-12-09 04:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 14:20 - 2016-12-09 04:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 14:20 - 2016-12-09 04:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 14:20 - 2016-12-09 04:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-13 14:20 - 2016-12-09 04:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 14:20 - 2016-12-09 04:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 14:20 - 2016-12-09 04:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-13 14:20 - 2016-12-09 04:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-13 14:20 - 2016-12-09 04:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 14:20 - 2016-12-09 04:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-13 14:20 - 2016-12-09 04:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 14:20 - 2016-12-09 04:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-13 14:20 - 2016-12-09 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 14:20 - 2016-12-09 04:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 14:20 - 2016-12-09 04:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 14:20 - 2016-12-09 04:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 14:20 - 2016-12-09 04:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 14:20 - 2016-12-09 04:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 14:20 - 2016-12-09 04:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-13 14:20 - 2016-12-09 04:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-13 14:20 - 2016-12-09 04:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 14:20 - 2016-12-09 04:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 14:20 - 2016-12-09 04:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 14:20 - 2016-12-09 04:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 14:20 - 2016-12-09 04:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 14:20 - 2016-12-09 04:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 14:20 - 2016-12-09 04:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-13 14:20 - 2016-12-09 04:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 14:20 - 2016-12-09 04:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 14:20 - 2016-12-09 04:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 14:20 - 2016-12-09 04:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-13 14:20 - 2016-12-09 04:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-13 14:20 - 2016-12-09 04:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 14:20 - 2016-12-09 04:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 14:20 - 2016-12-09 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 14:20 - 2016-12-09 04:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 14:20 - 2016-12-09 04:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-13 14:20 - 2016-12-09 04:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 14:20 - 2016-12-09 04:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 14:20 - 2016-12-09 04:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 14:20 - 2016-12-09 04:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 14:20 - 2016-12-09 04:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 14:20 - 2016-12-09 04:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 14:20 - 2016-12-09 04:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 14:20 - 2016-12-09 04:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-13 14:20 - 2016-12-09 04:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 14:20 - 2016-12-09 04:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-13 14:20 - 2016-12-09 04:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-13 14:20 - 2016-12-09 04:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 14:20 - 2016-12-09 04:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 14:20 - 2016-12-09 04:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 14:20 - 2016-12-09 04:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 14:20 - 2016-12-09 03:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 14:20 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 14:20 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 14:19 - 2016-12-09 05:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 14:19 - 2016-12-09 05:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 14:19 - 2016-12-09 05:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 14:19 - 2016-12-09 05:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 14:19 - 2016-12-09 05:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 14:19 - 2016-12-09 05:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 14:19 - 2016-12-09 05:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 14:19 - 2016-12-09 04:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 14:19 - 2016-12-09 04:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-13 14:19 - 2016-12-09 04:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 14:19 - 2016-12-09 04:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-13 14:19 - 2016-12-09 04:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 14:19 - 2016-12-09 04:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-13 14:19 - 2016-12-09 04:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-13 14:19 - 2016-12-09 04:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-13 14:19 - 2016-12-09 04:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-13 14:19 - 2016-12-09 04:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-13 14:19 - 2016-12-09 04:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 14:19 - 2016-12-09 04:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 14:19 - 2016-12-09 04:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-13 14:19 - 2016-12-09 04:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-13 14:19 - 2016-12-09 04:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 14:19 - 2016-09-15 11:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-13 14:18 - 2016-12-13 14:18 - 00000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-12-13 14:18 - 2016-12-13 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-12-13 14:18 - 2016-12-13 14:18 - 00000000 ____D C:\Program Files\Speccy
2016-12-13 14:17 - 2016-12-13 14:17 - 00002254 _____ C:\Users\Peter\Desktop\VEW-Application-2016-12-13.txt
2016-12-13 14:16 - 2016-12-13 14:16 - 00006119 _____ C:\Users\Peter\Desktop\VEW-System-2016-12-13.txt
2016-12-13 14:15 - 2016-12-13 18:45 - 00005355 _____ C:\VEW.txt
2016-12-13 14:07 - 2016-12-13 14:18 - 06293184 _____ (Piriform Ltd) C:\Users\Peter\Desktop\spsetup130.exe
2016-12-13 14:07 - 2016-12-13 14:14 - 00061440 _____ ( ) C:\Users\Peter\Desktop\VEW.exe
2016-12-13 10:44 - 2016-12-13 10:44 - 00001892 _____ C:\Users\Peter\Desktop\MBAM-2016-10-13.txt
2016-12-13 10:15 - 2016-12-13 10:16 - 00029103 _____ C:\Users\Peter\Desktop\Addition.txt
2016-12-13 10:12 - 2017-01-09 18:20 - 00015694 _____ C:\Users\Peter\Desktop\FRST.txt
2016-12-13 10:12 - 2017-01-09 18:20 - 00000000 ____D C:\FRST
2016-12-13 10:08 - 2017-01-09 18:20 - 02419200 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2016-12-13 08:57 - 2016-12-13 09:00 - 03968464 _____ C:\Users\Peter\Downloads\adwcleaner_6.040.exe
2016-12-12 14:17 - 2016-12-12 14:17 - 00001013 _____ C:\Users\Peter\Documents\Post Fact Facebook.txt
2016-12-12 12:17 - 2016-12-30 08:47 - 00007630 _____ C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2016-12-11 11:07 - 2016-12-17 20:07 - 00000000 __SHD C:\Config.Msi
2016-12-10 12:22 - 2016-11-11 03:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 12:22 - 2016-11-11 03:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 12:22 - 2016-11-11 03:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 12:22 - 2016-11-11 03:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 12:22 - 2016-11-11 02:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 12:22 - 2016-11-11 02:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 12:22 - 2016-11-11 02:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 12:22 - 2016-11-11 02:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 12:22 - 2016-11-11 02:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 12:22 - 2016-11-11 02:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 12:22 - 2016-11-11 02:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 12:22 - 2016-11-11 02:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 12:22 - 2016-11-11 02:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 12:22 - 2016-11-11 02:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 12:22 - 2016-11-11 02:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 12:22 - 2016-11-11 02:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 12:22 - 2016-11-11 02:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 12:22 - 2016-11-11 02:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:22 - 2016-11-11 02:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 12:22 - 2016-11-11 02:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 12:22 - 2016-11-11 02:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 12:22 - 2016-11-11 02:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 12:22 - 2016-11-11 02:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 12:22 - 2016-11-11 02:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 12:22 - 2016-11-11 02:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 12:22 - 2016-11-11 02:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 12:22 - 2016-11-11 02:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 12:22 - 2016-11-11 02:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 12:22 - 2016-11-11 02:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 12:22 - 2016-11-11 02:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 12:22 - 2016-11-11 02:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 12:22 - 2016-11-11 02:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 12:22 - 2016-11-11 02:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 12:22 - 2016-11-11 02:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 12:22 - 2016-11-11 02:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 12:22 - 2016-11-11 02:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 12:22 - 2016-11-11 02:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 12:22 - 2016-11-11 02:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 12:22 - 2016-11-11 02:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 12:22 - 2016-11-11 02:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 12:22 - 2016-11-11 02:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 12:22 - 2016-11-11 02:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 12:22 - 2016-11-11 02:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 12:22 - 2016-11-11 02:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 12:21 - 2016-11-11 03:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 12:21 - 2016-11-11 02:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 12:21 - 2016-11-11 02:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 12:21 - 2016-11-11 02:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 12:21 - 2016-11-11 02:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 12:21 - 2016-11-11 02:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 12:21 - 2016-11-11 02:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 12:21 - 2016-11-11 02:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 12:21 - 2016-11-11 02:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 12:21 - 2016-11-11 02:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 12:21 - 2016-11-11 02:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 12:21 - 2016-11-11 02:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 12:21 - 2016-11-11 02:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 12:21 - 2016-11-11 02:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 12:21 - 2016-11-11 02:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 12:21 - 2016-11-11 02:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 12:21 - 2016-11-11 02:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 12:21 - 2016-11-11 02:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 12:21 - 2016-11-11 02:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 12:21 - 2016-11-11 02:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 12:21 - 2016-11-11 02:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 12:21 - 2016-11-11 02:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 12:14 - 2016-11-11 05:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 12:14 - 2016-11-11 05:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 12:14 - 2016-11-11 04:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 12:14 - 2016-11-11 04:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 12:14 - 2016-11-11 04:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 12:14 - 2016-11-11 04:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 12:14 - 2016-11-11 04:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 12:14 - 2016-11-11 04:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 12:14 - 2016-11-11 04:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 12:14 - 2016-11-11 04:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 12:14 - 2016-11-11 04:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 12:14 - 2016-11-11 04:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 12:14 - 2016-11-11 04:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 12:13 - 2016-11-11 05:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 12:13 - 2016-11-11 05:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 12:13 - 2016-11-11 05:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 12:13 - 2016-11-11 05:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 12:13 - 2016-11-11 05:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 12:13 - 2016-11-11 05:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 12:13 - 2016-11-11 05:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 12:13 - 2016-11-11 05:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 12:13 - 2016-11-11 05:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 12:13 - 2016-11-11 05:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 12:13 - 2016-11-11 05:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 12:13 - 2016-11-11 04:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 12:13 - 2016-11-11 04:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 12:13 - 2016-11-11 04:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 12:13 - 2016-11-11 04:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 12:13 - 2016-11-11 04:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 12:13 - 2016-11-11 04:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 12:13 - 2016-11-11 04:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 12:13 - 2016-11-11 04:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 12:13 - 2016-11-11 04:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 12:13 - 2016-11-11 04:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 12:13 - 2016-11-11 04:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 12:13 - 2016-11-11 04:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 12:13 - 2016-11-11 04:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 12:13 - 2016-11-11 04:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 12:13 - 2016-11-11 04:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 12:13 - 2016-11-11 04:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:13 - 2016-11-11 04:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 12:13 - 2016-11-11 04:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:13 - 2016-11-11 04:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 12:13 - 2016-11-11 04:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 12:13 - 2016-11-11 04:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 12:13 - 2016-11-11 04:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 12:13 - 2016-11-11 04:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 12:13 - 2016-11-11 04:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 12:13 - 2016-11-11 04:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:13 - 2016-11-11 04:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 12:13 - 2016-11-11 04:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 12:13 - 2016-11-11 04:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 12:13 - 2016-11-11 04:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 12:13 - 2016-11-11 04:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 12:13 - 2016-11-11 04:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 12:13 - 2016-11-11 04:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 12:13 - 2016-11-11 04:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 12:13 - 2016-11-11 04:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 12:13 - 2016-11-11 04:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 12:13 - 2016-11-11 04:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 12:13 - 2016-11-11 04:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 12:13 - 2016-11-11 04:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 12:13 - 2016-11-11 04:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 12:13 - 2016-11-11 04:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 12:13 - 2016-11-11 04:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 12:13 - 2016-11-11 04:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 12:13 - 2016-11-11 04:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 12:13 - 2016-11-11 04:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 12:13 - 2016-11-11 04:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 12:13 - 2016-11-11 04:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 12:13 - 2016-11-11 04:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 12:13 - 2016-11-11 04:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 12:13 - 2016-11-11 04:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 12:13 - 2016-11-11 04:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 12:13 - 2016-11-11 04:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 12:12 - 2016-11-11 05:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 12:12 - 2016-11-11 05:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 12:12 - 2016-11-11 05:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 12:12 - 2016-11-11 05:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 12:12 - 2016-11-11 05:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 12:12 - 2016-11-11 05:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 12:12 - 2016-11-11 05:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 12:12 - 2016-11-11 04:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 12:12 - 2016-11-11 04:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 12:12 - 2016-11-11 04:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 12:12 - 2016-11-11 04:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 12:12 - 2016-11-11 04:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 12:12 - 2016-11-11 04:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 12:12 - 2016-11-11 04:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 12:12 - 2016-11-11 04:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 12:12 - 2016-11-11 04:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 12:12 - 2016-11-11 04:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 12:12 - 2016-11-11 04:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 12:12 - 2016-11-11 04:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 12:12 - 2016-11-11 04:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 12:12 - 2016-11-11 04:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 12:12 - 2016-11-11 04:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 12:12 - 2016-11-11 04:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 12:12 - 2016-11-11 04:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 12:12 - 2016-11-11 04:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 12:12 - 2016-11-11 04:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 12:12 - 2016-11-11 04:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 12:12 - 2016-11-11 04:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 12:12 - 2016-11-11 04:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 12:12 - 2016-11-11 04:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 12:12 - 2016-11-11 04:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 12:12 - 2016-11-11 04:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 12:12 - 2016-11-11 04:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 12:12 - 2016-11-11 04:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 12:12 - 2016-11-11 04:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 12:12 - 2016-11-11 04:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 12:12 - 2016-11-11 04:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 12:11 - 2016-11-11 05:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 12:11 - 2016-11-11 05:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 12:11 - 2016-11-11 04:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 12:11 - 2016-11-11 04:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 12:11 - 2016-11-11 04:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 12:11 - 2016-11-11 04:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 12:11 - 2016-11-11 04:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 12:11 - 2016-11-11 04:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 12:11 - 2016-11-11 04:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 12:11 - 2016-11-11 04:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 12:11 - 2016-11-11 04:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 11:35 - 2016-12-10 11:35 - 00222711 _____ C:\Users\Peter\Downloads\161209145525_0001.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-09 18:05 - 2014-08-12 18:11 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2017-01-09 18:04 - 2016-10-13 08:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-09 18:03 - 2016-09-29 03:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-09 18:03 - 2016-09-29 03:37 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-09 18:03 - 2016-09-29 03:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-09 18:03 - 2014-08-20 13:56 - 00000000 __RDO C:\Users\Peter\OneDrive
2017-01-09 18:03 - 2014-08-20 13:39 - 00000000 __SHD C:\Users\Peter\IntelGraphicsProfiles
2017-01-09 18:02 - 2016-07-16 01:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-09 17:01 - 2016-09-29 03:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-09 12:58 - 2014-08-22 15:44 - 00000000 ____D C:\Users\Peter\Documents\12 Allen Addition
2017-01-07 11:28 - 2015-01-06 10:09 - 00000000 ____D C:\Users\Peter\Documents\Fantasy Sports
2017-01-06 09:58 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 16:03 - 2016-04-01 23:44 - 00000000 ____D C:\Users\Peter\Documents\Finley
2017-01-05 16:02 - 2016-02-26 14:30 - 00000000 ____D C:\Users\Peter\Documents\Taxes
2017-01-05 09:37 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 09:33 - 2014-08-12 18:13 - 00000000 ____D C:\Temp
2017-01-05 09:25 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-01 13:43 - 2016-05-17 22:55 - 01390558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-22 12:09 - 2016-09-29 03:41 - 00000000 ___SD C:\Users\Peter\AppData\Roaming\Microsoft
2016-12-22 12:09 - 2016-09-29 03:41 - 00000000 ____D C:\Users\Peter\AppData\Local\Microsoft
2016-12-22 11:50 - 2016-07-16 01:04 - 45613056 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-19 12:53 - 2016-11-03 08:21 - 00000034 _____ C:\Users\Peter\Documents\Linconl.txt
2016-12-18 12:54 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-17 20:07 - 2016-07-16 06:47 - 00000000 _SHDC C:\WINDOWS\Installer
2016-12-17 20:02 - 2016-09-29 03:59 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 20:02 - 2016-09-29 03:59 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 20:02 - 2016-07-16 01:04 - 00000000 ___RD C:\Program Files (x86)
2016-12-17 20:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-17 08:06 - 2016-10-18 13:55 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{b0a43389-94b5-11e6-8272-f81654753cca}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 08:06 - 2016-10-18 13:55 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{b0a43389-94b5-11e6-8272-f81654753cca}.TM.blf
2016-12-15 20:07 - 2016-01-11 09:42 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 20:07 - 2016-01-11 09:42 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-15 16:10 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-15 13:50 - 2016-09-29 03:41 - 00000000 ___RD C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-15 13:50 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-15 13:50 - 2016-05-18 08:14 - 00002365 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-15 13:13 - 2016-01-11 09:32 - 00000000 ____D C:\Users\Peter\AppData\Local\VirtualStore
2016-12-15 12:29 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-15 12:28 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 16:36 - 2016-07-16 06:47 - 00000000 ___HD C:\ProgramData
2016-12-14 14:49 - 2016-10-18 13:55 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{b0a43389-94b5-11e6-8272-f81654753cca}.TMContainer00000000000000000002.regtrans-ms
2016-12-14 14:13 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-14 11:09 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-13 16:45 - 2016-07-16 01:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-13 16:42 - 2016-09-29 03:31 - 00236704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-13 16:41 - 2016-09-29 03:31 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 16:41 - 2016-09-29 03:31 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-13 16:39 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-13 16:39 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-13 16:39 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-13 16:38 - 2016-07-16 06:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-13 14:44 - 2016-01-12 06:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-13 14:43 - 2016-01-12 06:38 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 14:18 - 2016-07-16 01:04 - 00000000 ___RD C:\Program Files
2016-12-13 14:18 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-13 14:03 - 2016-10-17 16:22 - 00000000 ____D C:\Users\Peter\Documents\Security
2016-12-13 10:15 - 2016-07-16 01:04 - 00000000 ____D C:\Windows
2016-12-13 09:06 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\Logs
2016-12-13 09:04 - 2016-10-17 16:56 - 00000000 ____D C:\AdwCleaner
2016-12-12 19:27 - 2016-09-29 03:41 - 00000000 ____D C:\Users\Peter
2016-12-11 19:38 - 2016-09-29 03:41 - 00524288 ___SH C:\Users\Peter\NTUSER.DAT{70286666-8627-11e6-bf7e-bb5de47a375a}.TMContainer00000000000000000002.regtrans-ms
2016-12-11 19:38 - 2016-09-29 03:41 - 00065536 ___SH C:\Users\Peter\NTUSER.DAT{70286666-8627-11e6-bf7e-bb5de47a375a}.TM.blf
2016-12-11 18:56 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 18:56 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 11:32 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-11 11:03 - 2016-09-29 10:54 - 00000174 ___SH C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-11 11:03 - 2016-02-13 08:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-11 11:03 - 2016-01-11 09:33 - 00000174 ___SH C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-11 11:03 - 2016-01-11 09:33 - 00000000 ___RD C:\Users\Peter\Searches
2016-12-11 11:03 - 2016-01-11 09:33 - 00000000 ___RD C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-11 11:03 - 2016-01-11 09:33 - 00000000 ___RD C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-11 11:03 - 2016-01-11 09:30 - 00000000 ___RD C:\Users\Peter\Favorites
2016-12-11 11:03 - 2014-08-20 13:39 - 00000402 ___SH C:\Users\Peter\Documents\desktop.ini
2016-12-11 11:03 - 2014-08-20 13:39 - 00000282 ___SH C:\Users\Peter\Downloads\desktop.ini
2016-12-11 11:03 - 2014-08-20 13:39 - 00000282 ___SH C:\Users\Peter\Desktop\desktop.ini
2016-12-11 11:03 - 2014-08-20 13:39 - 00000000 ___RD C:\Users\Peter\Contacts
2016-12-11 11:03 - 2014-08-20 13:37 - 00000000 ___RD C:\Users\Peter\Videos
2016-12-11 11:03 - 2014-08-20 13:37 - 00000000 ___RD C:\Users\Peter\Saved Games
2016-12-11 11:03 - 2014-08-20 13:37 - 00000000 ___RD C:\Users\Peter\Pictures
2016-12-11 11:03 - 2014-08-20 13:37 - 00000000 ___RD C:\Users\Peter\Music
2016-12-11 11:03 - 2014-08-20 13:37 - 00000000 ___RD C:\Users\Peter\Links
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-10 17:45 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 17:45 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 11:44 - 2016-07-16 06:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
 
==================== Files in the root of some directories =======
 
2016-01-11 16:37 - 2016-10-17 16:19 - 0073728 _____ () C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-12 12:17 - 2016-12-30 08:47 - 0007630 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2016-09-29 03:36 - 2016-09-29 03:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-12 18:05 - 2014-08-12 18:05 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-08-12 18:02 - 2014-08-12 18:03 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-08-12 18:03 - 2014-08-12 18:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-08-12 18:04 - 2014-08-12 18:05 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-08-12 18:02 - 2014-08-12 18:02 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-01-01 14:02
 
==================== End of FRST.txt ============================
 
 
 
Addition.TXT:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Peter (09-01-2017 18:21:36)
Running from C:\Users\Peter\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-29 09:03:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1655148389-21164826-1717179592-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1655148389-21164826-1717179592-503 - Limited - Disabled)
Guest (S-1-5-21-1655148389-21164826-1717179592-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1655148389-21164826-1717179592-1003 - Limited - Enabled)
Peter (S-1-5-21-1655148389-21164826-1717179592-1001 - Administrator - Enabled) => C:\Users\Peter
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{D4CE21D4-27E5-46DB-9FFE-553A90AD4B9F}) (Version: 3.5.14.0 - Alienware Corp.)
Alienware Command Center (Version: 3.5.14.0 - Alienware Corp.) Hidden
Alienware Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.11C - )
Alienware On-Screen Display (x32 Version: 0.33.0.11C - ) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{57d6e5ea-c77c-4697-a9bb-e6048883e7ae}) (Version: 17.0.1 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1655148389-21164826-1717179592-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Driver 368.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{56BF70E8-EC59-4F68-BEE7-8B71432048C4}) (Version: 1.0.30.1052 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1052 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {018703AA-5A2D-44C6-B7F2-16E079EB01BF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {12B624C1-A7CB-4BAE-9C01-2E8389AEEEF1} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {148CCBEC-E5FC-467C-9738-3E0C1F9E3C1F} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {170DCE5E-5B66-4424-8460-632F7F472132} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {22E8F2DF-91DD-4A5F-9017-95FF8DF0997F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {30496A2D-0270-4045-9605-E72943B11C3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {330B45E3-0B80-4955-ABB7-0C9E977E7C41} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-13] (Synaptics Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36E7CCF4-1FC5-470E-A865-ECD8951974C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3E53F9D8-A68B-4A53-80AF-7DE5D9428AC3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {4AAAECF5-44DD-4687-9E0B-79C029E54742} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4BE013E6-D722-473E-94B0-7A6E0B9E1DF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5CC975EC-4763-4411-B1ED-0F51834A6EA6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-13] (Microsoft Corporation)
Task: {7E1016E8-9060-43D0-BD9F-2FB8107F3CD9} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7F03546D-E07C-4116-87DC-A03BCD21E3FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7F36627D-D05F-4EE1-A0FA-40F159356BA9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {95D3484C-241F-4861-9013-A0AD96096D60} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {97E406A0-D6C4-4B22-90C0-63211C5B5CDE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B2AE68E3-F180-4A7B-AD26-CA807FA0D3B9} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {BB872044-D195-43CF-AB8A-6511391BC798} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8AABA33-E646-4AF2-B38B-641519DD560B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D5409D09-2E9B-4746-A075-74CF4DBED07D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DD981AC3-E03B-4FAC-8397-1F36BFD4E342} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {DF680584-6695-4B65-9D88-3DD341C91527} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {EFCCC7A2-F19A-431F-AE2C-B8F900DFEF1D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 14:20 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 03:37 - 2016-08-01 07:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 14:20 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-15 13:49 - 2016-12-15 13:49 - 01678560 _____ () C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-11-01 22:05 - 2016-11-01 22:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-29 07:24 - 2016-09-29 07:24 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 14:20 - 2016-12-09 04:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 13:14 - 2016-11-02 05:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 13:15 - 2016-11-02 05:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 13:14 - 2016-11-02 05:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 13:14 - 2016-11-02 05:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 13:14 - 2016-11-02 05:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 13:14 - 2016-11-02 05:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 09:07 - 2016-12-14 09:09 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 09:07 - 2016-12-14 09:09 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 09:07 - 2016-12-14 09:09 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 09:07 - 2016-12-14 09:09 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2013-08-07 15:38 - 2013-08-07 15:38 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2013-11-15 19:17 - 2013-11-15 19:17 - 04593968 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2016-12-15 13:49 - 2016-12-15 13:49 - 01244376 _____ () C:\Users\Peter\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2009-12-18 13:07 - 2009-12-18 13:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2014-08-12 18:02 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 13:41 - 2013-03-05 13:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-12 17:55 - 2013-09-18 11:33 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-12-15 20:07 - 2016-12-08 02:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 20:07 - 2016-12-08 02:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-12 17:05 - 2016-12-12 17:05 - 17833560 _____ () C:\Users\Peter\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1655148389-21164826-1717179592-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8042696F-3226-4914-91A2-6B25E9154019}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A03D280-1BB1-4465-B8D6-CAE787DDC160}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{317563CF-39BF-408B-8742-1E662089CCAD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4709963C-8C6B-4EDA-A006-13ED16A83A76}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{818A4ECC-2927-4E67-BC2F-B74ADD05AFF6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9F03EA2C-AA21-44FA-8F25-4CAC73E56392}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E0C2F573-673A-470C-AC41-432254364644}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9DD3965A-45ED-431C-8B4A-D6885C92EBE4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35D8FBFD-84BE-44D6-87EC-BCEADCA04FD6}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3EEFC1C6-5472-4D45-8B10-B8F8E5ADA5E9}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B16BB016-33E9-4765-AACF-FB7C8E96EB7F}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EC6A7A5-EB8E-4DC7-BCC1-C6F3C9AECDF9}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{831DB9FE-711A-4CD0-9177-04559897F42B}] => LPort=2869
FirewallRules: [{E78884FA-918D-4187-9C08-F0F50C74955C}] => LPort=1900
FirewallRules: [{0366BFEB-F249-4D76-8225-2C5F280DA801}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
23-12-2016 12:32:56 Scheduled Checkpoint
01-01-2017 14:10:46 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/09/2017 06:01:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1152) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 19.504 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (01/09/2017 06:01:12 PM) (Source: ESENT) (EventID: 902) (User: )
Description: svchost (4056) Unistore: The database engine detected multiple threads illegally using the same database session to perform database operations.
 
SessionId: 0x000001A15CFAE960
 
Session-context: 0x0000000000000000
 
Session-context ThreadId: 0x0000000000000000
 
Current ThreadId: 0x0000000000000DFC
 
Session-trace:
 
Error: (01/09/2017 06:01:12 PM) (Source: ESENT) (EventID: 902) (User: )
Description: svchost (4056) Unistore: The database engine detected multiple threads illegally using the same database session to perform database operations.
 
SessionId: 0x000001A15CFAE960
 
Session-context: 0x0000000000000000
 
Session-context ThreadId: 0x0000000000000000
 
Current ThreadId: 0x0000000000000DFC
 
Session-trace:
 
Error: (01/09/2017 06:01:12 PM) (Source: ESENT) (EventID: 902) (User: )
Description: svchost (4056) Unistore: The database engine detected multiple threads illegally using the same database session to perform database operations.
 
SessionId: 0x000001A15CFAE960
 
Session-context: 0x0000000000000000
 
Session-context ThreadId: 0x0000000000000000
 
Current ThreadId: 0x0000000000000DFC
 
Session-trace:
 
Error: (01/09/2017 06:01:08 PM) (Source: ESENT) (EventID: 902) (User: )
Description: svchost (4056) Unistore: The database engine detected multiple threads illegally using the same database session to perform database operations.
 
SessionId: 0x000001A15CFAE960
 
Session-context: 0x0000000000000000
 
Session-context ThreadId: 0x0000000000000000
 
Current ThreadId: 0x0000000000000DFC
 
Session-trace:
 
Error: (01/09/2017 05:59:08 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1152) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 19.975 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (01/09/2017 05:57:42 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1152) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 19.586 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (01/09/2017 05:56:42 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1152) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 19.492 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (01/09/2017 05:02:04 PM) (Source: ESENT) (EventID: 481) (User: )
Description: svchost (1152) SRUJet: An attempt to read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 14864384 (0x0000000000e2d000) for 4096 (0x00001000) bytes failed after 23.279 seconds with system error 23 (0x00000017): "Data error (cyclic redundancy check). ".  The read operation will fail with error -1021 (0xfffffc03).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
 
Error: (01/09/2017 04:18:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: appupdater.exe, version: 6.0.6426.22, time stamp: 0x52cfaf55
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x582588e6
Exception code: 0xe0434352
Fault offset: 0x0000000000017788
Faulting process id: 0x23d8
Faulting application start time: 0x01d26abdddc67638
Faulting application path: C:\Program Files\AlienAutopsy\updater\appupdater.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 93459a9f-80a2-4334-b2f9-eee4483fa450
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (01/09/2017 06:03:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/09/2017 06:03:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/09/2017 06:03:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/09/2017 06:02:42 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:38 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:34 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:31 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:20 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:16 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/09/2017 06:02:12 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
CodeIntegrity:
===================================
  Date: 2017-01-09 09:29:03.666
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-07 11:43:06.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-06 10:13:12.856
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-05 09:59:00.276
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-04 15:49:41.624
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-03 11:59:36.271
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-02 13:49:02.099
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-01 14:02:48.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-27 16:05:46.146
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-23 11:07:57.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 33%
Total physical RAM: 8073.02 MB
Available physical RAM: 5375.85 MB
Total Virtual: 9353.02 MB
Available Virtual: 6516.96 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.86 GB) (Free:782.7 GB) NTFS
Drive d: (DATA) (Fixed) (Total:10.5 GB) (Free:10.41 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 863469C5)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 10.5 GB) (Disk ID: 2A965524)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,999 posts
  • MVP

Still getting the block errors.  If running the disk check a few times doesn't stop them then I would try updating the Intel® Rapid Storage Technology.

 

https://downloadcent...logy-Intel-RST-

 

and if it still doesn't stop block errors you will need to cl;one the hard drive and replace it.

 

You might try saving the Qualcomm Atheros Killer Network Manager Suite to your desktop and run it from there.  Perhaps that will save it to a different part of the disk.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP