Power Supply is an ECO620C - 620 W
PC has become slow and mouse pointer stalls and freezes... pointer has
Started by
jimxx7
, Mar 04 2017 07:39 PM
#17
Posted 11 March 2017 - 04:04 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Power Supply is an NEO - ECO 620C - as l read it its a 620W supply
#18
Posted 11 March 2017 - 06:59 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Download save and then right click and Run As Admin
https://www.microsof...ang=en&id=26762
Let's try another fixlist:
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
The Power Supply should be enough to run both video cards so I wonder why we are getting so many
Log: 'System' Date/Time: 24/02/2017 9:31:13 PMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Do you get frequent power outages where you live? IF so I think you should invest in a UPS.
I think we should probably check the disk & file system since FRST scan hung the last time.
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check.
Reboot. The disk check will run and will probably take an hour or more to finish.
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc /scannow
(SPACE after sfc. This will check your critical system files. Does this finish without complaint? If no complaints then skip to VEW. IF it says it couldn't fix everything then:
Copy the next two lines:
findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator. Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply. Close notepad. Close the Command Window.
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
#19
Posted 11 March 2017 - 08:41 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
sfc /scannow found no errors
Find str logfile:
2017-03-12 01:26:46, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:46, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:47, Info CSI 0000000c [SR] Verify complete
2017-03-12 01:26:47, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:47, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:47, Info CSI 00000010 [SR] Verify complete
2017-03-12 01:26:47, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:47, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:47, Info CSI 00000014 [SR] Verify complete
2017-03-12 01:26:47, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:47, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:47, Info CSI 00000018 [SR] Verify complete
2017-03-12 01:26:47, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:47, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:48, Info CSI 0000001c [SR] Verify complete
2017-03-12 01:26:48, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:48, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:48, Info CSI 00000020 [SR] Verify complete
2017-03-12 01:26:48, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:48, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:48, Info CSI 00000024 [SR] Verify complete
2017-03-12 01:26:48, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:48, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:48, Info CSI 00000028 [SR] Verify complete
2017-03-12 01:26:48, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:48, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:49, Info CSI 0000002c [SR] Verify complete
2017-03-12 01:26:49, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:49, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:49, Info CSI 00000030 [SR] Verify complete
2017-03-12 01:26:49, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:49, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:49, Info CSI 00000034 [SR] Verify complete
2017-03-12 01:26:49, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:49, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:49, Info CSI 00000038 [SR] Verify complete
2017-03-12 01:26:49, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:49, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:50, Info CSI 0000003c [SR] Verify complete
2017-03-12 01:26:50, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:50, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:50, Info CSI 00000040 [SR] Verify complete
2017-03-12 01:26:50, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:50, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:50, Info CSI 00000044 [SR] Verify complete
2017-03-12 01:26:50, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:50, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:50, Info CSI 00000048 [SR] Verify complete
2017-03-12 01:26:50, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:50, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:50, Info CSI 0000004c [SR] Verify complete
2017-03-12 01:26:51, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:51, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:51, Info CSI 00000050 [SR] Verify complete
2017-03-12 01:26:51, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:51, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:52, Info CSI 00000054 [SR] Verify complete
2017-03-12 01:26:52, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:52, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:53, Info CSI 00000058 [SR] Verify complete
2017-03-12 01:26:53, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:53, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:53, Info CSI 0000005c [SR] Verify complete
2017-03-12 01:26:53, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:53, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:53, Info CSI 00000060 [SR] Verify complete
2017-03-12 01:26:54, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:54, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:54, Info CSI 00000064 [SR] Verify complete
2017-03-12 01:26:54, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:54, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:54, Info CSI 00000068 [SR] Verify complete
2017-03-12 01:26:54, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:54, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:55, Info CSI 0000006c [SR] Verify complete
2017-03-12 01:26:55, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:55, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:55, Info CSI 00000070 [SR] Verify complete
2017-03-12 01:26:55, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:55, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:55, Info CSI 00000074 [SR] Verify complete
2017-03-12 01:26:55, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:55, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:56, Info CSI 00000078 [SR] Verify complete
2017-03-12 01:26:57, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:57, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:58, Info CSI 0000007c [SR] Verify complete
2017-03-12 01:26:58, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:58, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2017-03-12 01:26:59, Info CSI 00000080 [SR] Verify complete
2017-03-12 01:26:59, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:26:59, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:00, Info CSI 00000084 [SR] Verify complete
2017-03-12 01:27:00, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:00, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:02, Info CSI 00000089 [SR] Verify complete
2017-03-12 01:27:02, Info CSI 0000008a [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:02, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:03, Info CSI 00000090 [SR] Verify complete
2017-03-12 01:27:03, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:03, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:04, Info CSI 00000095 [SR] Verify complete
2017-03-12 01:27:04, Info CSI 00000096 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:04, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:05, Info CSI 00000099 [SR] Verify complete
2017-03-12 01:27:05, Info CSI 0000009a [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:05, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:08, Info CSI 000000bd [SR] Verify complete
2017-03-12 01:27:08, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:08, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:09, Info CSI 000000c4 [SR] Verify complete
2017-03-12 01:27:10, Info CSI 000000c5 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:10, Info CSI 000000c6 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:11, Info CSI 000000c8 [SR] Verify complete
2017-03-12 01:27:11, Info CSI 000000c9 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:11, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:12, Info CSI 000000cc [SR] Verify complete
2017-03-12 01:27:12, Info CSI 000000cd [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:12, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:14, Info CSI 000000d0 [SR] Verify complete
2017-03-12 01:27:14, Info CSI 000000d1 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:14, Info CSI 000000d2 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:15, Info CSI 000000d4 [SR] Verify complete
2017-03-12 01:27:15, Info CSI 000000d5 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:15, Info CSI 000000d6 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:17, Info CSI 000000d8 [SR] Verify complete
2017-03-12 01:27:17, Info CSI 000000d9 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:17, Info CSI 000000da [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:20, Info CSI 000000fd [SR] Verify complete
2017-03-12 01:27:20, Info CSI 000000fe [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:20, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:22, Info CSI 00000101 [SR] Verify complete
2017-03-12 01:27:22, Info CSI 00000102 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:22, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:26, Info CSI 00000105 [SR] Verify complete
2017-03-12 01:27:26, Info CSI 00000106 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:26, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:28, Info CSI 0000010b [SR] Verify complete
2017-03-12 01:27:28, Info CSI 0000010c [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:28, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:28, Info CSI 0000010f [SR] Verify complete
2017-03-12 01:27:29, Info CSI 00000110 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:29, Info CSI 00000111 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:29, Info CSI 00000113 [SR] Verify complete
2017-03-12 01:27:29, Info CSI 00000114 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:29, Info CSI 00000115 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:31, Info CSI 00000119 [SR] Verify complete
2017-03-12 01:27:31, Info CSI 0000011a [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:31, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:33, Info CSI 0000012c [SR] Verify complete
2017-03-12 01:27:33, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:33, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:35, Info CSI 00000130 [SR] Verify complete
2017-03-12 01:27:35, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:35, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:36, Info CSI 00000134 [SR] Verify complete
2017-03-12 01:27:36, Info CSI 00000135 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:36, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:37, Info CSI 00000138 [SR] Verify complete
2017-03-12 01:27:37, Info CSI 00000139 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:37, Info CSI 0000013a [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:39, Info CSI 0000013d [SR] Verify complete
2017-03-12 01:27:39, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:39, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:41, Info CSI 00000142 [SR] Verify complete
2017-03-12 01:27:42, Info CSI 00000143 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:42, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:42, Info CSI 00000146 [SR] Verify complete
2017-03-12 01:27:42, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:42, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:43, Info CSI 0000014a [SR] Verify complete
2017-03-12 01:27:43, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:43, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:44, Info CSI 0000014e [SR] Verify complete
2017-03-12 01:27:44, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:44, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:46, Info CSI 00000152 [SR] Verify complete
2017-03-12 01:27:46, Info CSI 00000153 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:46, Info CSI 00000154 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:49, Info CSI 00000156 [SR] Verify complete
2017-03-12 01:27:49, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:49, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:52, Info CSI 00000170 [SR] Verify complete
2017-03-12 01:27:52, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:52, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2017-03-12 01:27:53, Info CSI 00000174 [SR] Verify complete
2017-03-12 01:27:54, Info CSI 00000175 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:27:54, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:00, Info CSI 00000178 [SR] Verify complete
2017-03-12 01:28:00, Info CSI 00000179 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:00, Info CSI 0000017a [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:02, Info CSI 0000017d [SR] Verify complete
2017-03-12 01:28:03, Info CSI 0000017e [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:03, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:05, Info CSI 00000181 [SR] Verify complete
2017-03-12 01:28:05, Info CSI 00000182 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:05, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:06, Info CSI 00000185 [SR] Verify complete
2017-03-12 01:28:06, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:06, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:07, Info CSI 00000189 [SR] Verify complete
2017-03-12 01:28:07, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:07, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:08, Info CSI 0000018f [SR] Verify complete
2017-03-12 01:28:09, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:09, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:10, Info CSI 00000193 [SR] Verify complete
2017-03-12 01:28:10, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:10, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:15, Info CSI 00000197 [SR] Verify complete
2017-03-12 01:28:15, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:15, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:18, Info CSI 0000019c [SR] Verify complete
2017-03-12 01:28:18, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:18, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:19, Info CSI 000001a1 [SR] Verify complete
2017-03-12 01:28:19, Info CSI 000001a2 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:19, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:21, Info CSI 000001a5 [SR] Verify complete
2017-03-12 01:28:21, Info CSI 000001a6 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:21, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:23, Info CSI 000001aa [SR] Verify complete
2017-03-12 01:28:24, Info CSI 000001ab [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:24, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:25, Info CSI 000001ae [SR] Verify complete
2017-03-12 01:28:26, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:26, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:27, Info CSI 000001b2 [SR] Verify complete
2017-03-12 01:28:27, Info CSI 000001b3 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:27, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:28, Info CSI 000001b6 [SR] Verify complete
2017-03-12 01:28:28, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:28, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:30, Info CSI 000001bb [SR] Verify complete
2017-03-12 01:28:30, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:30, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:31, Info CSI 000001c0 [SR] Verify complete
2017-03-12 01:28:31, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:31, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:32, Info CSI 000001c5 [SR] Verify complete
2017-03-12 01:28:32, Info CSI 000001c6 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:32, Info CSI 000001c7 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:34, Info CSI 000001c9 [SR] Verify complete
2017-03-12 01:28:34, Info CSI 000001ca [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:34, Info CSI 000001cb [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:36, Info CSI 000001cf [SR] Verify complete
2017-03-12 01:28:36, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:36, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:38, Info CSI 000001d3 [SR] Verify complete
2017-03-12 01:28:38, Info CSI 000001d4 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:38, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:40, Info CSI 000001d8 [SR] Verify complete
2017-03-12 01:28:40, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:40, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:42, Info CSI 000001dc [SR] Verify complete
2017-03-12 01:28:42, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:42, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:42, Info CSI 000001e0 [SR] Verify complete
2017-03-12 01:28:42, Info CSI 000001e1 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:42, Info CSI 000001e2 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:44, Info CSI 000001e4 [SR] Verify complete
2017-03-12 01:28:44, Info CSI 000001e5 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:44, Info CSI 000001e6 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:45, Info CSI 000001e8 [SR] Verify complete
2017-03-12 01:28:45, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:45, Info CSI 000001ea [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:48, Info CSI 000001ec [SR] Verify complete
2017-03-12 01:28:48, Info CSI 000001ed [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:48, Info CSI 000001ee [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:50, Info CSI 000001f0 [SR] Verify complete
2017-03-12 01:28:50, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:50, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:52, Info CSI 000001f4 [SR] Verify complete
2017-03-12 01:28:52, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:52, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2017-03-12 01:28:56, Info CSI 000001f8 [SR] Verify complete
2017-03-12 01:28:56, Info CSI 000001f9 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:28:56, Info CSI 000001fa [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:06, Info CSI 000001fc [SR] Verify complete
2017-03-12 01:29:06, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:06, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:08, Info CSI 00000200 [SR] Verify complete
2017-03-12 01:29:08, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:08, Info CSI 00000202 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:10, Info CSI 00000204 [SR] Verify complete
2017-03-12 01:29:10, Info CSI 00000205 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:10, Info CSI 00000206 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:10, Info CSI 00000208 [SR] Verify complete
2017-03-12 01:29:10, Info CSI 00000209 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:10, Info CSI 0000020a [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:12, Info CSI 0000020c [SR] Verify complete
2017-03-12 01:29:12, Info CSI 0000020d [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:12, Info CSI 0000020e [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:14, Info CSI 00000210 [SR] Verify complete
2017-03-12 01:29:14, Info CSI 00000211 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:14, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:15, Info CSI 00000214 [SR] Verify complete
2017-03-12 01:29:15, Info CSI 00000215 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:15, Info CSI 00000216 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:15, Info CSI 00000218 [SR] Verify complete
2017-03-12 01:29:15, Info CSI 00000219 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:15, Info CSI 0000021a [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:17, Info CSI 00000222 [SR] Verify complete
2017-03-12 01:29:17, Info CSI 00000223 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:17, Info CSI 00000224 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:19, Info CSI 00000226 [SR] Verify complete
2017-03-12 01:29:19, Info CSI 00000227 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:19, Info CSI 00000228 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:20, Info CSI 0000022a [SR] Verify complete
2017-03-12 01:29:20, Info CSI 0000022b [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:20, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:20, Info CSI 0000022e [SR] Verify complete
2017-03-12 01:29:21, Info CSI 0000022f [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:21, Info CSI 00000230 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:22, Info CSI 00000232 [SR] Verify complete
2017-03-12 01:29:22, Info CSI 00000233 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:22, Info CSI 00000234 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:24, Info CSI 00000237 [SR] Verify complete
2017-03-12 01:29:24, Info CSI 00000238 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:24, Info CSI 00000239 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:26, Info CSI 0000023b [SR] Verify complete
2017-03-12 01:29:26, Info CSI 0000023c [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:26, Info CSI 0000023d [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:26, Info CSI 0000023f [SR] Verify complete
2017-03-12 01:29:27, Info CSI 00000240 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:27, Info CSI 00000241 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:29, Info CSI 00000244 [SR] Verify complete
2017-03-12 01:29:30, Info CSI 00000245 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:30, Info CSI 00000246 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:33, Info CSI 0000024a [SR] Verify complete
2017-03-12 01:29:33, Info CSI 0000024b [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:33, Info CSI 0000024c [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:35, Info CSI 00000251 [SR] Verify complete
2017-03-12 01:29:35, Info CSI 00000252 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:35, Info CSI 00000253 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:37, Info CSI 0000025d [SR] Verify complete
2017-03-12 01:29:37, Info CSI 0000025e [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:37, Info CSI 0000025f [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:40, Info CSI 00000266 [SR] Verify complete
2017-03-12 01:29:40, Info CSI 00000267 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:40, Info CSI 00000268 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:42, Info CSI 0000026d [SR] Verify complete
2017-03-12 01:29:42, Info CSI 0000026e [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:42, Info CSI 0000026f [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:43, Info CSI 00000273 [SR] Verify complete
2017-03-12 01:29:43, Info CSI 00000274 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:43, Info CSI 00000275 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:44, Info CSI 00000277 [SR] Verify complete
2017-03-12 01:29:44, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:44, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:46, Info CSI 0000029e [SR] Verify complete
2017-03-12 01:29:46, Info CSI 0000029f [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:46, Info CSI 000002a0 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:47, Info CSI 000002a2 [SR] Verify complete
2017-03-12 01:29:47, Info CSI 000002a3 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:47, Info CSI 000002a4 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:49, Info CSI 000002a6 [SR] Verify complete
2017-03-12 01:29:49, Info CSI 000002a7 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:49, Info CSI 000002a8 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:50, Info CSI 000002aa [SR] Verify complete
2017-03-12 01:29:50, Info CSI 000002ab [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:50, Info CSI 000002ac [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:51, Info CSI 000002b9 [SR] Verify complete
2017-03-12 01:29:51, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:51, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:53, Info CSI 000002be [SR] Verify complete
2017-03-12 01:29:53, Info CSI 000002bf [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:53, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:55, Info CSI 000002c9 [SR] Verify complete
2017-03-12 01:29:55, Info CSI 000002ca [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:55, Info CSI 000002cb [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:56, Info CSI 000002d2 [SR] Verify complete
2017-03-12 01:29:56, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:56, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:56, Info CSI 000002d6 [SR] Verify complete
2017-03-12 01:29:57, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:57, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:58, Info CSI 000002db [SR] Verify complete
2017-03-12 01:29:59, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:59, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2017-03-12 01:29:59, Info CSI 000002df [SR] Verify complete
2017-03-12 01:29:59, Info CSI 000002e0 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:29:59, Info CSI 000002e1 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:00, Info CSI 000002e3 [SR] Verify complete
2017-03-12 01:30:00, Info CSI 000002e4 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:00, Info CSI 000002e5 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:02, Info CSI 000002e7 [SR] Verify complete
2017-03-12 01:30:02, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:02, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:04, Info CSI 000002eb [SR] Verify complete
2017-03-12 01:30:04, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:04, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:07, Info CSI 00000307 [SR] Verify complete
2017-03-12 01:30:07, Info CSI 00000308 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:07, Info CSI 00000309 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:13, Info CSI 0000030b [SR] Verify complete
2017-03-12 01:30:13, Info CSI 0000030c [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:13, Info CSI 0000030d [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:14, Info CSI 0000030f [SR] Verify complete
2017-03-12 01:30:14, Info CSI 00000310 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:14, Info CSI 00000311 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:16, Info CSI 00000313 [SR] Verify complete
2017-03-12 01:30:16, Info CSI 00000314 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:16, Info CSI 00000315 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:16, Info CSI 00000319 [SR] Verify complete
2017-03-12 01:30:17, Info CSI 0000031a [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:17, Info CSI 0000031b [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:18, Info CSI 0000031d [SR] Verify complete
2017-03-12 01:30:18, Info CSI 0000031e [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:18, Info CSI 0000031f [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:19, Info CSI 00000321 [SR] Verify complete
2017-03-12 01:30:19, Info CSI 00000322 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:19, Info CSI 00000323 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:20, Info CSI 00000325 [SR] Verify complete
2017-03-12 01:30:20, Info CSI 00000326 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:20, Info CSI 00000327 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:21, Info CSI 0000032a [SR] Verify complete
2017-03-12 01:30:22, Info CSI 0000032b [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:22, Info CSI 0000032c [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:23, Info CSI 0000032e [SR] Verify complete
2017-03-12 01:30:23, Info CSI 0000032f [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:23, Info CSI 00000330 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:24, Info CSI 00000332 [SR] Verify complete
2017-03-12 01:30:24, Info CSI 00000333 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:24, Info CSI 00000334 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:25, Info CSI 00000336 [SR] Verify complete
2017-03-12 01:30:26, Info CSI 00000337 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:26, Info CSI 00000338 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:28, Info CSI 0000033b [SR] Verify complete
2017-03-12 01:30:28, Info CSI 0000033c [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:28, Info CSI 0000033d [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:29, Info CSI 0000033f [SR] Verify complete
2017-03-12 01:30:29, Info CSI 00000340 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:29, Info CSI 00000341 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:31, Info CSI 00000343 [SR] Verify complete
2017-03-12 01:30:31, Info CSI 00000344 [SR] Verifying 100 (0x0000000000000064) components
2017-03-12 01:30:31, Info CSI 00000345 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:33, Info CSI 00000347 [SR] Verify complete
2017-03-12 01:30:33, Info CSI 00000348 [SR] Verifying 89 (0x0000000000000059) components
2017-03-12 01:30:33, Info CSI 00000349 [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:35, Info CSI 0000034b [SR] Verify complete
2017-03-12 01:30:35, Info CSI 0000034c [SR] Repairing 0 components
2017-03-12 01:30:35, Info CSI 0000034d [SR] Beginning Verify and Repair transaction
2017-03-12 01:30:35, Info CSI 0000034f [SR] Repair complete
#20
Posted 11 March 2017 - 08:41 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
VEM System log:
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/03/2017 1:40:35 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 9:16:21 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 2:24:22 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 2:24:18 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:24:12 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:08:00 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:07:56 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 11/03/2017 1:56:39 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2952664).
Log: 'System' Date/Time: 11/03/2017 1:53:52 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 1:53:47 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 1:53:41 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 1:52:29 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 1:52:21 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Log: 'System' Date/Time: 11/03/2017 1:45:40 PM
Type: Error Category: 0
Event: 24620 Source: Microsoft-Windows-BitLocker-Driver
Encrypted volume check: Volume information on cannot be read.
Log: 'System' Date/Time: 11/03/2017 1:44:52 PM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070103: NVIDIA - Display - 12/29/2016 12:00:00 AM - 21.21.13.7653.
Log: 'System' Date/Time: 11/03/2017 9:16:41 AM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 9:16:35 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 9:16:30 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 9:16:28 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:41:07 PM on ?11/?03/?2017 was unexpected.
Log: 'System' Date/Time: 11/03/2017 7:15:36 AM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 7:15:32 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 7:15:26 AM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 2:24:22 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&1C4905A4&0&058F63646476&1#.
Log: 'System' Date/Time: 11/03/2017 2:24:20 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Log: 'System' Date/Time: 11/03/2017 2:24:05 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 2:08:02 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 11/03/2017 1:53:52 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&1C4905A4&0&058F63646476&1#.
Log: 'System' Date/Time: 11/03/2017 1:53:49 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Log: 'System' Date/Time: 11/03/2017 1:53:40 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 1:52:31 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Log: 'System' Date/Time: 11/03/2017 1:45:33 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 1:44:04 PM
Type: Warning Category: 0
Event: 27 Source: e1cexpress
Intel® 82579V Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 11/03/2017 1:44:04 PM
Type: Warning Category: 0
Event: 27 Source: e1cexpress
Intel® 82579V Gigabit Network Connection Network link is disconnected.
Log: 'System' Date/Time: 11/03/2017 9:16:42 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&1C4905A4&0&058F63646476&1#.
Log: 'System' Date/Time: 11/03/2017 9:16:37 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Log: 'System' Date/Time: 11/03/2017 9:16:28 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 7:15:36 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#7&1C4905A4&0&058F63646476&1#.
Log: 'System' Date/Time: 11/03/2017 7:15:35 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Log: 'System' Date/Time: 11/03/2017 7:15:19 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 7:14:30 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
#21
Posted 11 March 2017 - 08:45 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
ino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/03/2017 1:44:17 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/03/2017 1:41:44 PM
Type: Error Category: 0
Event: 8193 Source: System Restore
Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x80070422).
Log: 'Application' Date/Time: 11/03/2017 1:41:37 PM
Type: Error Category: 0
Event: 8193 Source: System Restore
Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80070422).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/03/2017 1:52:23 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3716940813-2614047019-3014684930-1006:
Process 7008 (\Device\HarddiskVolume3\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3716940813-2614047019-3014684930-1006\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 7008 (\Device\HarddiskVolume3\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3716940813-2614047019-3014684930-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Log: 'Application' Date/Time: 11/03/2017 1:42:30 PM
Type: Warning Category: 1
Event: 1020 Source: ASP.NET 4.0.30319.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 11/03/2017 1:42:28 PM
Type: Warning Category: 1
Event: 1020 Source: ASP.NET 4.0.30319.0
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Log: 'Application' Date/Time: 11/03/2017 1:42:08 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\WinZip\WzPreloader.exe' (pid 5548) cannot be restarted - Application SID does not match Conductor SID..
#22
Posted 11 March 2017 - 08:51 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
FRST LOGFILE
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017
Ran by Jim (administrator) on OWNER-PC (12-03-2017 01:52:53)
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-04] (NVIDIA Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256 2008-10-17] (CyberLink Corporation.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-04-30] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-16] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-04-29] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2009-05-25] (CyberLink Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digimax Viewer 2.0.lnk [2013-03-31]
ShortcutTarget: Digimax Viewer 2.0.lnk -> C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-02-23]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-02-23]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
BootExecute: autocheck autochk /p \??\L:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 61.9.195.193 61.9.194.49
Tcpip\..\Interfaces\{BE7DBD9A-8CF5-45EE-BB99-67C2A1D540BB}: [DhcpNameServer] 61.9.195.193 61.9.194.49
Internet Explorer:
==================
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ninemsn.com.au/?ocid=iehp
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
FireFox:
========
FF HKU\S-1-5-21-3716940813-2614047019-3014684930-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\ReboundAlert\Firefox => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-09] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://isearch.avg.com?cid={420897B4-3090-4DA6-99C7-C4E35DF91734}&mid=cc1113bef9de47d091f4bd2b2bf863fe-10f8a1089b69b7ac31401cb1135c3307a3e569fa&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.9.799&pid=avg&sg=&sap=hp"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\gcswf32.dll => No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Jim\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Google Search) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-06] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-17] () [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-14] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1345664 2010-10-13] (NXP Semiconductors Germany GmbH)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2012-07-20] (Google Inc)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-02-17] (Microsoft Corporation) [File not signed]
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-10-14] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-10-14] (CyberLink Corporation.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-04-16] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 00:46 - 2017-03-12 01:48 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00002697 ____C C:\Users\Public\Desktop\Skype.lnk
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 __RDC C:\Program Files (x86)\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\Users\Jim\AppData\Local\Skype
2017-03-12 00:46 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-12 00:45 - 2017-03-12 00:46 - 00000000 ___DC C:\ProgramData\Skype
2017-03-12 00:45 - 2017-03-12 00:45 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-03-12 00:45 - 2017-03-12 00:45 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-03-12 00:45 - 2017-03-12 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-03-12 00:45 - 2017-03-12 00:45 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2017-03-12 00:45 - 2012-03-14 05:00 - 00385024 ____C (CANON INC.) C:\Windows\system32\CNMLMAD.DLL
2017-03-12 00:44 - 2017-03-12 00:44 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-03-12 00:44 - 2017-03-12 00:44 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-03-12 00:44 - 2017-03-12 00:44 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2017-03-12 00:44 - 2012-08-24 01:08 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-03-12 00:41 - 2017-03-12 00:45 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-03-12 00:40 - 2017-03-12 00:43 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-03-12 00:40 - 2017-03-12 00:41 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-12 00:40 - 2017-03-12 00:41 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-11 20:26 - 2017-03-11 20:26 - 00027846 ____C C:\Users\Jim\Desktop\Addition-2nd time.txt
2017-03-11 18:13 - 2017-03-12 01:47 - 00006493 ____C C:\Users\Jim\Desktop\Fixlog.txt
2017-03-11 18:13 - 2017-03-12 01:46 - 00000000 ___DC C:\Users\Jim\Desktop\FRST-OlderVersion
2017-03-09 21:56 - 2017-03-12 01:44 - 00002831 ____C C:\VEW.txt
2017-03-09 21:55 - 2017-03-09 21:54 - 00061440 ____C ( ) C:\Users\Jim\Desktop\VEW.exe
2017-03-09 21:54 - 2017-03-09 21:54 - 00000000 ___DC C:\Users\Jim\AppData\Local\VirtualStore
2017-03-09 21:23 - 2017-03-09 21:23 - 00000207 ____C C:\Windows\tweaking.com-regbackup-OWNER-PC-Windows-7-Home-Premium-(64-bit).dat
2017-03-09 21:23 - 2017-03-09 21:23 - 00000000 ___DC C:\RegBackup
2017-03-09 19:33 - 2017-03-09 19:33 - 00003650 ____C C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2017-03-09 19:33 - 2017-03-09 19:33 - 00002170 ____C C:\Users\Jim\Desktop\Tweaking.com - Windows Repair.lnk
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-03-09 19:33 - 2017-03-09 19:33 - 00000000 ___DC C:\Program Files (x86)\Tweaking.com
2017-03-09 19:31 - 2017-03-09 19:33 - 00190904 ____C C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2017-03-09 19:28 - 2017-03-09 19:27 - 32823032 ____C (Tweaking.com) C:\Users\Jim\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-03-09 19:16 - 2017-03-11 17:28 - 00000000 ___DC C:\Program Files (x86)\SpeedFan
2017-03-09 19:16 - 2017-03-09 19:16 - 00001018 ____C C:\Users\Jim\Desktop\SpeedFan.lnk
2017-03-09 19:16 - 2017-03-09 19:16 - 00000045 ____C C:\Windows\SysWOW64\initdebug.nfo
2017-03-09 19:16 - 2017-03-09 19:16 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-03-09 19:15 - 2017-03-09 19:13 - 03086696 ____C C:\Users\Jim\Desktop\instspeedfan452 (1).exe
2017-03-08 23:34 - 2017-03-11 20:44 - 00079091 ____C C:\Users\Jim\Desktop\OWNER-PC.txt
2017-03-08 23:32 - 2017-03-08 23:32 - 00000803 ____C C:\Users\Public\Desktop\Speccy.lnk
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-03-08 23:32 - 2017-03-08 23:32 - 00000000 ___DC C:\Program Files\Speccy
2017-03-08 23:31 - 2017-03-08 23:27 - 06293184 ____C (Piriform Ltd) C:\Users\Jim\Desktop\spsetup130.exe
2017-03-08 23:06 - 2017-03-08 23:06 - 00007616 ____C C:\junk.txt
2017-03-08 22:58 - 2017-03-08 22:58 - 00009213 ____C C:\Users\Jim\Desktop\System Idle Process.txt
2017-03-08 22:53 - 2017-03-08 22:52 - 02710688 ____C (Sysinternals - www.sysinternals.com) C:\Users\Jim\Desktop\procexp.exe
2017-03-08 18:54 - 2017-03-08 18:54 - 00000000 ___DC C:\Users\Jim\AppData\Local\AvgSetupLog
2017-03-05 11:58 - 2017-03-12 01:52 - 00016709 ____C C:\Users\Jim\Desktop\FRST.txt
2017-03-05 11:58 - 2017-03-05 12:16 - 00033895 ____C C:\Users\Jim\Desktop\Addition - 1st Time.txt
2017-03-05 11:57 - 2017-03-12 01:52 - 00000000 ___DC C:\FRST
2017-03-05 11:56 - 2017-03-12 01:46 - 02424832 ____C (Farbar) C:\Users\Jim\Desktop\FRST64.exe
2017-03-05 07:48 - 2017-03-05 07:48 - 00000000 __RDC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures - Shortcut
2017-03-05 07:35 - 2017-03-05 07:57 - 00000000 ___DC C:\Program Files (x86)\Adobe
2017-03-01 23:26 - 2017-03-01 23:26 - 00000000 ___DC C:\Windows\pss
2017-02-23 21:59 - 2017-02-23 22:17 - 00001941 ___HC C:\Windows\EPMBatch.ept
2017-02-23 21:35 - 2017-02-23 21:35 - 00003508 ____C C:\Windows\System32\Tasks\WinZipBackGroundToolsTask
2017-02-23 21:35 - 2017-02-23 21:35 - 00003396 ____C C:\Windows\System32\Tasks\WinZip Update Notifier
2017-02-23 21:35 - 2017-02-23 21:35 - 00002347 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002324 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002294 ____C C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00002288 ____C C:\Users\Public\Desktop\WinZip.lnk
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Users\Jim\AppData\Local\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\WinZip
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-02-23 21:35 - 2017-02-23 21:35 - 00000000 ___DC C:\Program Files\WinZip
2017-02-23 21:33 - 2017-02-23 21:33 - 00000000 ___DC C:\Program Files (x86)\EaseUS
2017-02-23 19:53 - 2017-02-23 19:53 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Acronis
2017-02-23 14:48 - 2017-02-23 21:44 - 00007627 ____C C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2017-02-22 13:39 - 2017-02-22 13:39 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-11 21:31 - 2017-02-11 21:31 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 21:31 - 2017-02-11 21:31 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-02-11 13:12 - 2017-02-11 21:31 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2017-02-11 13:12 - 2017-02-11 21:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-02-11 13:12 - 2017-02-11 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2017-02-11 13:11 - 2017-02-11 21:29 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-02-11 13:11 - 2017-02-11 21:28 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-02-11 13:11 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-02-11 13:11 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-02-11 13:11 - 2017-02-11 21:25 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-11 13:10 - 2017-02-11 21:28 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-02-11 13:10 - 2017-02-11 21:28 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-02-11 13:10 - 2017-02-11 21:28 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-02-11 13:10 - 2017-02-11 21:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00419648 _____ C:\Windows\system32\locale.nls
2017-02-11 13:10 - 2017-02-11 21:28 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-02-11 13:10 - 2017-02-11 21:28 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-02-11 13:10 - 2017-02-11 21:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-02-11 13:10 - 2017-02-11 21:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-02-11 13:10 - 2017-02-11 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-02-11 13:10 - 2017-02-11 21:25 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-02-11 13:09 - 2017-02-11 21:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-02-11 13:09 - 2017-02-11 21:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2017-02-11 13:09 - 2017-02-11 21:25 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2017-02-11 13:09 - 2017-02-11 21:25 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:25 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-02-11 13:09 - 2017-02-11 21:24 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 01393152 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-02-11 13:09 - 2015-12-09 06:07 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-02-11 13:09 - 2015-12-09 05:54 - 00116736 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-02-11 13:09 - 2015-12-09 05:12 - 00230400 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-02-11 13:09 - 2015-12-09 05:11 - 00005632 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-02-11 11:22 - 2017-02-11 21:25 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2017-02-10 18:07 - 2017-02-11 01:12 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-02-10 18:07 - 2017-02-11 01:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-02-10 18:07 - 2017-02-11 01:05 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-02-10 18:07 - 2017-02-11 01:05 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-02-10 18:07 - 2017-02-11 01:03 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-02-10 18:07 - 2017-02-11 01:03 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-02-10 18:07 - 2017-02-11 01:02 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-02-10 18:07 - 2017-02-11 01:02 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-02-10 18:02 - 2017-02-11 01:12 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-02-10 18:02 - 2017-02-11 01:12 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-02-10 18:02 - 2017-02-11 01:12 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-02-10 18:02 - 2017-02-11 01:12 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-02-10 18:02 - 2017-02-11 01:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-02-10 18:02 - 2017-02-11 01:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-02-10 18:02 - 2017-02-11 01:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-02-10 18:02 - 2017-02-11 01:12 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-02-10 18:02 - 2017-02-11 01:04 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-02-10 18:02 - 2017-02-11 01:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-02-10 18:02 - 2017-02-11 01:04 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-02-10 18:02 - 2017-02-11 01:04 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-02-10 18:02 - 2017-02-11 01:03 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-02-10 18:02 - 2017-02-11 01:03 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-02-10 18:02 - 2017-02-11 01:03 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-02-10 18:02 - 2017-02-11 01:03 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-02-10 18:02 - 2017-02-11 01:03 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2017-02-10 18:02 - 2017-02-11 01:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-02-10 18:02 - 2017-02-11 01:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2017-02-10 18:02 - 2017-02-11 01:02 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-02-10 18:02 - 2017-02-11 01:02 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2017-02-10 18:02 - 2017-02-11 01:02 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-02-10 18:02 - 2017-02-11 01:02 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-02-10 18:02 - 2017-02-11 01:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2017-02-10 18:02 - 2017-02-11 01:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-02-10 18:02 - 2016-08-17 07:40 - 00343552 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-02-10 18:02 - 2016-08-17 07:40 - 00327168 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-02-10 18:02 - 2016-08-17 07:40 - 00099840 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-02-10 18:02 - 2016-08-17 07:40 - 00030720 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-02-10 18:02 - 2016-08-17 07:40 - 00025600 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-02-10 18:02 - 2016-08-17 07:40 - 00007808 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-02-10 18:02 - 2016-01-21 11:51 - 00073664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-02-10 18:01 - 2017-02-11 01:01 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-02-10 18:01 - 2017-02-11 01:01 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-02-10 18:01 - 2017-02-11 01:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-02-10 18:01 - 2017-02-11 01:01 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-02-10 18:01 - 2017-02-11 01:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-02-10 18:01 - 2017-02-11 01:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-12 01:52 - 2009-07-14 16:13 - 00781298 ____C C:\Windows\system32\PerfStringBackup.INI
2017-03-12 01:52 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\inf
2017-03-12 01:48 - 2012-07-09 19:55 - 00000000 ___DC C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2017-03-12 01:48 - 2012-07-07 10:37 - 00000000 ___DC C:\ProgramData\MFAData
2017-03-12 01:48 - 2012-07-03 17:18 - 00000000 ___DC C:\ProgramData\NVIDIA
2017-03-12 01:48 - 2009-07-14 16:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2017-03-12 01:32 - 2009-07-14 15:45 - 00028720 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-12 01:32 - 2009-07-14 15:45 - 00028720 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-12 01:24 - 2009-07-14 15:45 - 00352528 ____C C:\Windows\system32\FNTCACHE.DAT
2017-03-12 00:52 - 2014-12-12 21:44 - 00000000 ___DC C:\Windows\system32\appraiser
2017-03-12 00:52 - 2014-05-07 04:00 - 00000000 __SDC C:\Windows\system32\CompatTel
2017-03-12 00:52 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\PolicyDefinitions
2017-03-12 00:42 - 2013-05-24 23:34 - 00748810 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2017-03-11 18:13 - 2013-07-03 22:18 - 00000000 ___DC C:\Windows\System32\Tasks\Games
2017-03-11 18:06 - 2013-07-03 23:05 - 00000000 ___DC C:\Program Files (x86)\Java
2017-03-11 17:13 - 2012-07-10 20:12 - 00091256 ____C C:\Users\Jim\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-11 12:54 - 2017-02-09 00:34 - 00003600 ____C C:\Windows\System32\Tasks\AVG EUpdate Task
2017-03-09 21:35 - 2009-07-14 13:34 - 00000439 ____C C:\Windows\win.ini
2017-03-09 20:59 - 2012-07-09 19:55 - 00000000 __RDC C:\Users\Jim
2017-03-08 23:02 - 2012-05-31 17:28 - 00001294 ____C C:\Users\Public\Desktop\Windows Recovery Activation.lnk
2017-03-06 18:17 - 2009-07-14 16:09 - 00000000 ___DC C:\Windows\System32\Tasks\WPD
2017-03-06 01:01 - 2009-07-14 15:57 - 00001547 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-05 11:21 - 2013-07-19 22:57 - 00000000 ___DC C:\ProgramData\CanonIJPLM
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\SysWOW64\Macromed
2017-03-05 07:58 - 2012-07-03 14:49 - 00000000 ___DC C:\Windows\system32\Macromed
2017-03-05 07:35 - 2012-09-08 21:46 - 00000000 ___DC C:\ProgramData\Adobe
2017-03-01 23:31 - 2012-07-07 10:29 - 00000000 ___DC C:\ProgramData\Yahoo!
2017-03-01 23:31 - 2012-07-07 10:28 - 00000000 ___DC C:\Program Files (x86)\Yahoo!
2017-03-01 23:30 - 2009-07-14 13:34 - 00000826 ____C C:\Windows\system32\Drivers\etc\hosts_bak_521
2017-03-01 23:26 - 2012-12-29 21:09 - 00000000 ___DC C:\Users\Jim\AppData\Local\ElevatedDiagnostics
2017-02-28 16:27 - 2012-06-01 11:13 - 00000000 ___DC C:\Windows\Panther
2017-02-25 01:49 - 2013-08-16 02:04 - 00000000 ___DC C:\Windows\system32\MRT
2017-02-25 01:48 - 2012-07-10 01:06 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 23:27 - 2012-07-10 20:33 - 00000000 ___DC C:\Users\Jim\AppData\Local\Microsoft Games
2017-02-23 19:53 - 2012-07-08 23:53 - 00001222 ____C C:\Users\Public\Desktop\Acronis True Image Home 2010.lnk
2017-02-22 13:39 - 2014-12-13 20:36 - 00002151 ____C C:\Users\Public\Desktop\Google Earth.lnk
2017-02-22 13:39 - 2014-12-13 20:35 - 00000000 ___DC C:\Program Files (x86)\Google
2017-02-22 07:28 - 2012-07-09 20:04 - 00000000 ___DC C:\Users\Jim\AppData\Local\Google
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\SysWOW64\Dism
2017-02-12 08:42 - 2009-07-14 14:20 - 00000000 ___DC C:\Windows\system32\Dism
2017-02-11 21:28 - 2015-05-15 19:55 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-02-11 21:28 - 2015-01-14 19:02 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-02-11 21:25 - 2017-02-09 01:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2017-02-11 11:15 - 2012-08-04 11:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Silverlight
2017-02-11 01:13 - 2017-02-09 18:52 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-02-11 01:13 - 2017-02-09 18:52 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-02-11 01:07 - 2017-02-09 01:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-02-11 01:06 - 2017-02-09 18:52 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-02-11 01:06 - 2017-02-09 18:52 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-02-11 01:06 - 2017-02-09 01:18 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-02-11 01:05 - 2017-02-09 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-02-11 01:05 - 2017-02-09 01:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2017-02-11 01:04 - 2017-02-09 01:17 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-02-11 01:04 - 2017-02-09 01:17 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-02-11 01:03 - 2012-08-04 11:28 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-11 01:01 - 2017-02-09 20:25 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-02-11 01:01 - 2017-02-09 20:25 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-02-11 01:01 - 2017-02-09 20:25 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-02-11 01:00 - 2017-02-09 20:25 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-02-10 17:55 - 2017-02-09 20:25 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-02-10 17:55 - 2017-02-09 20:25 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
==================== Files in the root of some directories =======
2012-07-22 15:59 - 2012-07-22 15:59 - 0027520 ____C () C:\Users\Jim\AppData\Local\dt.dat
2017-02-23 14:48 - 2017-02-23 21:44 - 0007627 ____C () C:\Users\Jim\AppData\Local\Resmon.ResmonCfg
2012-05-31 17:33 - 2012-05-31 17:33 - 0000109 ____C () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-31 17:32 - 2012-05-31 17:33 - 0000106 ____C () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2012-05-31 17:31 - 2012-05-31 17:32 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-31 17:29 - 2012-05-31 17:31 - 0000106 ____C () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-31 17:33 - 2012-05-31 17:33 - 0000110 ____C () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2012-05-31 17:28 - 2012-05-31 17:29 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2012-07-03 15:55
==================== End of FRST.txt ============================
Edited by jimxx7, 11 March 2017 - 08:54 AM.
#23
Posted 11 March 2017 - 08:59 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Did you not get a fixlog?
What happened here:
Log: 'System' Date/Time: 11/03/2017 9:16:21 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
(Time may be off a few hours as the event log doesn't bother with the time zone offset.) Did you lose power, have to force a shutdown or did it just crash?)
#24
Posted 11 March 2017 - 09:02 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2017
Ran by Jim (12-03-2017 01:53:09)
Running from C:\Users\Jim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-03 03:17:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3716940813-2614047019-3014684930-500 - Administrator - Disabled)
Guest (S-1-5-21-3716940813-2614047019-3014684930-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3716940813-2614047019-3014684930-1008 - Limited - Enabled)
Jim (S-1-5-21-3716940813-2614047019-3014684930-1006 - Administrator - Enabled) => C:\Users\Jim
Owner (S-1-5-21-3716940813-2614047019-3014684930-1002 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-3716940813-2614047019-3014684930-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acronis True Image Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7154 - Acronis)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.141.7998 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4756 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7998 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2604 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.4617 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3117 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2918 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1111 - CyberLink Corp.)
Digimax V (HKLM-x32\...\{FC483A2D-E281-4282-94F8-A4C2E7CCD687}) (Version: - )
Digimax Viewer 2.0 (HKLM-x32\...\{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}) (Version: - )
Etron USB3.0 Host Controller (x32 Version: 0.105 - Etron Technology) Hidden
Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version: - FlashPlayerPro.com)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
G3 Manager (HKLM-x32\...\{8D9E93D2-049D-4E9D-B263-13216E20EF1F}) (Version: 1.00.0000 - )
G3 Manager (x32 Version: 1.00.0000 - DECA System) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
LightScribe System Software (HKLM-x32\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NavDesk 2009 (HKLM-x32\...\{F5F1B66A-F117-427C-98C7-D4732F49BEBF}) (Version: 6.20.211 - Navman Technologies NZ Ltd)
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0E}) (Version: 3.1.4.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.26 - Tweaking.com)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinFast Multimedia Driver Installation (HKLM-x32\...\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}) (Version: - Multimedia)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3716940813-2614047019-3014684930-1006_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05E55333-2A96-4E22-8524-98635A13FD93} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {49BAD779-C313-4870-8B91-DDDF58FD2628} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {711EB444-D5AF-41FB-861C-608E26CC732F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {763CBF87-73CE-4B75-AF12-26C10BA5D7E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
Task: {9BDC1E02-C8CC-4911-AC9B-CAB731431538} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-09] (Google Inc.)
Task: {E12638C1-0E7A-4791-A9E4-C87A251E85BA} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-13] (WinZip)
Task: {F6FF76A7-C9C3-4BE0-B6EB-DCF21C2E49DD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-13] (WinZip Computing, S.L.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Public\Desktop\Windows Recovery Activation.lnk -> C:\Windows\oem\boottore.bat ()
==================== Loaded Modules (Whitelisted) ==============
2012-07-03 17:18 - 2013-06-21 21:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-19 23:03 - 2010-04-06 06:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-31 17:31 - 2009-07-17 18:13 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-03-31 01:52 - 2003-03-20 11:53 - 00626688 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
2017-02-08 23:13 - 2017-02-01 20:47 - 02459992 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 23:13 - 2017-02-01 20:47 - 00099672 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 02023424 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 07331840 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-01-27 22:37 - 2009-01-27 22:37 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-31 01:52 - 1998-11-20 18:44 - 00051712 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwa.dll
2013-03-31 01:52 - 2003-01-22 21:21 - 00253952 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\impexp97.dll
2013-03-31 01:52 - 1999-07-05 19:07 - 00223232 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stwablt.dll
2013-03-31 01:52 - 1996-11-14 11:26 - 00079872 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\STXFORM.dll
2013-03-31 01:52 - 1999-04-27 11:22 - 00107520 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stfrg.dll
2013-03-31 01:52 - 1999-09-20 21:12 - 00133632 _____ () C:\Program Files (x86)\Samsung\Digimax Viewer 2.0\Stapi.dll
2012-05-31 17:28 - 2007-04-10 16:01 - 08357424 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-04-30 12:05 - 2009-04-30 12:05 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-04-30 12:08 - 2009-04-30 12:08 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2017-02-09 00:34 - 2017-02-09 00:34 - 48920064 ____C () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 13:34 - 2017-03-09 21:35 - 00000855 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Jim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 61.9.195.193 - 61.9.194.49
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: EaseUS Cleanup => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\CleanUpUI.exe" 10 300
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.10\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3FDD206B-70EF-42DC-BF05-FB68BEE467F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{83AD98D0-C0DC-4526-B4E8-E36788D6C101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8C8D588B-631E-406C-9C69-613C726A3280}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{FFBFFE18-2552-4021-B8E7-C106E254F5D2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{853F05DD-CB0A-40A9-BB68-9B597D2AC73C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{0BFC4093-7021-451F-8547-EFB9AD1F072E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{A209B7FF-CF96-4491-AB6F-9B877B8C41F3}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1C0DFD0E-26A3-48F0-B7B6-0A3126836062}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{19D29B2A-4450-4591-B92A-BA100A7E6778}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{AAF34BC1-5095-47F0-8BD4-C0DCB3B4A812}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{9CB0DF80-9AB7-4FF6-B7CC-A878B4098F9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0AE3CED2-1BD4-4CD5-8940-B5A265D1D94E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7B4AD209-9201-4C9E-8035-5BF515C45DF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B8ADDFB-8329-4925-B55D-C7BE94BC5607}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B878C2F8-4675-4661-94C7-19816DA19034}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{995AB49C-B5EC-4BC8-BEE0-14E6FC800291}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B1DFFE23-5147-42CF-AA8C-3E640C013FB2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4BAE81ED-4DCE-4ADC-AA1C-9A053EAA3D05}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E8A878EE-6577-48AF-BAF1-37D0F6FE0E8C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8760E483-EBE7-433B-8759-C6218D8575D8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{63CA2404-B5ED-448A-A7F8-9331422BF559}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{3390EE9C-8F76-424A-9C03-19FB867EF1D1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6D158F5B-B6D7-4E12-A558-5568EE41AF18}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{538B1B5B-46C8-48A8-AA62-F8EA4D1872DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DDCE4C52-5116-47C2-8F2C-A817D288B509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (03/12/2017 01:48:34 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/12/2017 01:48:30 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (03/12/2017 01:48:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (03/12/2017 01:47:20 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (03/12/2017 01:47:16 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2017-03-12 01:48:17.360
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bthport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-12 01:48:17.313
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\bthport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16365.53 MB
Available physical RAM: 13585.74 MB
Total Virtual: 32729.24 MB
Available Virtual: 29830.45 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:219.86 GB) (Free:155.01 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1353.66 GB) NTFS
Drive e: (WinRE) (Fixed) (Total:7.81 GB) (Free:3.05 GB) NTFS
Drive l: (Elements) (Fixed) (Total:931.48 GB) (Free:188.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B8B5477E)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 15415647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=219.9 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 93486964)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
#25
Posted 11 March 2017 - 09:05 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Did you not get a fixlog?
What happened here:
Log: 'System' Date/Time: 11/03/2017 9:16:21 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.(Time may be off a few hours as the event log doesn't bother with the time zone offset.) Did you lose power, have to force a shutdown or did it just crash?)
This may be the hard boot that I did after the scan - it hung again while trying to copy the addition log on FRST scan
#26
Posted 11 March 2017 - 09:06 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Did you not get a fixlog?
What happened here:
Log: 'System' Date/Time: 11/03/2017 9:16:21 AMType: Critical Category: 63Event: 41 Source: Microsoft-Windows-Kernel-PowerThe system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.(Time may be off a few hours as the event log doesn't bother with the time zone offset.) Did you lose power, have to force a shutdown or did it just crash?)
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-03-2017
Ran by Jim (12-03-2017 01:46:58) Run:2
Running from C:\Users\Jim\Desktop
Loaded Profiles: UpdatusUser & Jim (Available Profiles: Owner & UpdatusUser & Jim)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
CMD: netsh winsock reset catalog
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\gcswf32.dll => No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Users\Jim\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR HKLM-x32\...\Chrome\Extension: [afbcibndhffhhbokgpbpecjmejjcgcej] - C:\Users\Jim\AppData\Local\CRE\afbcibndhffhhbokgpbpecjmejjcgcej.crx <not found>
2017-03-11 17:12 - 2017-03-11 17:29 - 0192512 ____C () C:\Users\Jim\AppData\Local\Temp\sfamcc00001.dll
2012-07-07 10:41 - 2012-07-07 10:41 - 0247808 ____C (AVG Technologies CZ, s.r.o.) C:\Users\Owner\AppData\Local\Temp\avguidx.dll
2012-07-07 10:41 - 2012-07-07 10:41 - 2740320 ____C () C:\Users\Owner\AppData\Local\Temp\CommonInstaller.exe
2012-07-03 14:48 - 2010-02-26 11:45 - 0080896 ____C (Microsoft Corporation) C:\Users\Owner\AppData\Local\Temp\devcon.exe
2012-07-07 10:41 - 2012-07-07 10:41 - 0692224 ____C () C:\Users\Owner\AppData\Local\Temp\iGearedHelper.dll
2012-07-07 10:41 - 2012-07-07 10:41 - 0163936 ____C () C:\Users\Owner\AppData\Local\Temp\MachineIdCreator.exe
2012-07-07 10:41 - 2012-07-07 10:41 - 10249824 ____C () C:\Users\Owner\AppData\Local\Temp\oi_{A21D0A24-CBD5-44CA-9A4A-76DCD9FA8314}.exe
2012-07-07 10:41 - 2012-07-07 10:41 - 7112288 ____C () C:\Users\Owner\AppData\Local\Temp\ToolbarInstaller.exe
CMD: sc config WMPNetworkSvc' start= disabled
CMD: sc config wudfsvc start= auto
REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 0 /f
CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"
reboot:
*****************
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009 => key removed successfully
========= netsh winsock reset catalog =========
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-3716940813-2614047019-3014684930-1006\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKCR\PROTOCOLS\Handler\linkscanner => key not found.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found.
C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\gcswf32.dll => not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll => not found.
C:\Users\Jim\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej => key removed successfully
C:\Users\Jim\AppData\Local\Temp\sfamcc00001.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\avguidx.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\CommonInstaller.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\devcon.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\iGearedHelper.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\MachineIdCreator.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\oi_{A21D0A24-CBD5-44CA-9A4A-76DCD9FA8314}.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\ToolbarInstaller.exe => moved successfully
========= sc config WMPNetworkSvc' start= disabled =========
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
========= End of CMD: =========
========= sc config wudfsvc start= auto =========
[SC] ChangeServiceConfig SUCCESS
========= End of CMD: =========
========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v LoadAppInit_DLLs /t REG_DWORD /d 0 /f =========
The operation completed successfully.
========= End of Reg: =========
========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" =========
========= End of CMD: =========
The system needed a reboot.
==== End of Fixlog 01:47:05 ====
#27
Posted 11 March 2017 - 09:14 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
When l tried to load KB2532531 it reported:
the upgrade is not applicable to your computer
#28
Posted 11 March 2017 - 09:16 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Can you run VEW again?
Search for:
services.msc
hit Enter
Scroll down to Windows Media Player Network Sharing Service
Rigth click on it and select Properties. Change the Startup Type: to disabled. OK. Close the services window.
Let's try WhoCrashed and see if it has a different opinion on what is causing your crashes:
See if you can get Who Crashed to work:
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
Right click on the downloaded files and Run As Admin. Once you agree to the terms and Install it then Finish it should open Who Crashed. Click
on Analyze. Once it finishes scroll down to the bottom and copy the report and paste it into a reply.
#29
Posted 11 March 2017 - 09:36 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Can you run VEW again?
Search for:
services.msc
hit Enter
Scroll down to Windows Media Player Network Sharing Service
Rigth click on it and select Properties. Change the Startup Type: to disabled. OK. Close the services window.
Let's try WhoCrashed and see if it has a different opinion on what is causing your crashes:
See if you can get Who Crashed to work:Then click on Download free home editionwhere it says:WhoCrashed 5.51Comprehensible crash dump analysis toolfor Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)Right click on the downloaded files and Run As Admin. Once you agree to the terms and Install it then Finish it should open Who Crashed. Clickon Analyze. Once it finishes scroll down to the bottom and copy the report and paste it into a reply.
l am not sure this is right:
here is the report
Welcome to WhoCrashed (HOME EDITION) v 5.53
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue (or black) screen of death, suddenly rebooted or shut down then this program might help you find the root cause of the problem and a solution.
Whenever a computer suddenly reboots without displaying any notice or blue (or black) screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue or black screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report ...
Home Edition Notice
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which allows you to perform more thorough and detailed analysis. It also offers a range of additional features such as remote analysis on remote directories and remote computers on the network.
Please note that this version of WhoCrashed is not licensed for use by professional support engineers.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
System Information (local)
Computer name: OWNER-PC
Windows version: Windows 7 Service Pack 1, 6.1, build: 7601
Windows dir: C:\Windows
Hardware: INTEL_, Intel Corporation, DP67BG
CPU: GenuineIntel Intel® Core™ i7-2600 CPU @ 3.40GHz Intel586, level: 6
8 logical processors, active mask: 255
RAM: 17160499200 bytes total
Crash Dump Analysis
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
No valid crash dumps have been found on your computer
Conclusion
Crash dumps are enabled but no valid crash dumps have been found. In case you are experiencing system crashes, it may be that crash dumps are prevented from being written out. Check out the following article for possible causes: If crash dumps are not written out.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
#30
Posted 11 March 2017 - 09:39 AM
jimxx7
- Topic Starter
-
- Member
-
- 79 posts
Member
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/03/2017 2:39:04 AM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 2:59:52 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 3:00:36 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 3:00:29 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 3:00:23 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 3:00:21 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 1:54:05 AM on ?12/?03/?2017 was unexpected.
Log: 'System' Date/Time: 11/03/2017 2:54:47 PM
Type: Error Category: 0
Event: 14 Source: nvlddmkm
The event description cannot be found.
Log: 'System' Date/Time: 11/03/2017 2:48:34 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Log: 'System' Date/Time: 11/03/2017 2:48:30 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:48:24 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:47:20 PM
Type: Error Category: 0
Event: 7006 Source: Service Control Manager
The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
Log: 'System' Date/Time: 11/03/2017 2:47:16 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/03/2017 3:00:23 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 2:48:17 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\BTHUSB failed to load for the device USB\VID_0DB0&PID_A871\6&788acb3&0&2.
Log: 'System' Date/Time: 11/03/2017 2:47:26 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
