Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Desktop has slowed down dramatically


  • Please log in to reply

#1
RedSuedePump

RedSuedePump

    Member

  • Member
  • PipPipPip
  • 172 posts

Hi,

 

My desktop computer has slowed down dramatically today and I can't explain why. I haven't installed any new software for quite a while, but I do recall there being a Firefox update recently.

 

If I go into Task Manager, the disc column is red at the top at 99 or 100%. In the memory column, Firefox sticks out at 1,600 MB, nothing else comes near.

 

If I was feeling brave, I'd uninstall and reinstall Firefox, but I'm worried about downloading it from a bad source.

 

Anyway, I've run FRST and got the following two logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by Owner (administrator) on TOWER (31-10-2017 19:52:58)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 10 Pro Version 1703 15063.674 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BsSentry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe
(© 2015 Microsoft Corporation) C:\Users\Owner\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Creative Technology Ltd.) C:\Windows\V0700Mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BgGameMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe [139544 2017-10-23] (BullGuard Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [V0700Mon.exe] => C:\WINDOWS\V0700Mon.exe [28672 2011-08-22] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [124536 2015-06-04] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-857570284-1745001965-2900836374-1001\...\Run: [BingSvc] => C:\Users\Owner\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-857570284-1745001965-2900836374-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Play Wireless USB Adapter Utility.lnk [2017-03-16]
ShortcutTarget: Play Wireless USB Adapter Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-01-25]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7766d0ef-76a6-4320-993a-8cebc629504c}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-857570284-1745001965-2900836374-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\S-1-5-21-857570284-1745001965-2900836374-1001 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-857570284-1745001965-2900836374-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-29] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-05] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-29] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-05] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-10-29] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: i7pmux01.default
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7pmux01.default [2017-10-31]
FF NewTab: Mozilla\Firefox\Profiles\i7pmux01.default -> hxxp://www.anglianinternet.co.uk/launch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\i7pmux01.default -> Bing
FF Extension: (ADB Helper) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7pmux01.default\Extensions\[email protected] [2017-09-26]
FF Extension: (Bing Search) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7pmux01.default\Extensions\[email protected] [2016-08-25]
FF Extension: (Valence) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7pmux01.default\Extensions\[email protected] [2017-08-03]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7pmux01.default\searchplugins\bing-.xml [2016-08-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [1580312 2017-10-23] (BullGuard Ltd.)
R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [275224 2017-10-23] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [510744 2017-10-23] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [6029592 2017-10-23] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [856344 2017-10-23] (BullGuard Ltd.)
R2 BsNet; C:\Program Files\BullGuard Ltd\BullGuard\BsNet.dll [696088 2017-10-23] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [324376 2017-10-23] (BullGuard Ltd.)
R2 BsSentry; C:\Program Files\BullGuard Ltd\BullGuard\BsSentry.exe [437528 2017-10-29] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [402712 2017-10-23] (BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120032 2017-09-25] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3000168 2017-09-25] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\bcmwlhigh564.sys [765952 2009-11-06] (Broadcom Corporation)
R1 BdAgent; C:\WINDOWS\System32\DRIVERS\BdAgent.sys [174744 2016-09-20] (BullGuard Ltd.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [155568 2017-06-28] (BullGuard Ltd.)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [84376 2017-10-23] (BullGuard Ltd.)
R1 BdSpy; C:\WINDOWS\System32\drivers\BdSpy.sys [94952 2015-11-25] (BullGuard Ltd.)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-04-14] (BitDefender S.R.L.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
R3 V0700Vid; C:\WINDOWS\system32\DRIVERS\V0700Vid.sys [393920 2011-09-06] (Creative Technology Ltd.)
S1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\WINDOWS\system32\DRIVERS\virtualnet.sys [17408 2013-06-30] (Shrew Soft Inc) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 19:52 - 2017-10-31 19:56 - 000017305 _____ C:\Users\Owner\Desktop\FRST.txt
2017-10-31 19:52 - 2017-10-31 19:52 - 000000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion
2017-10-31 19:51 - 2017-10-31 19:52 - 000000000 ____D C:\FRST
2017-10-31 19:47 - 2017-10-31 19:49 - 002403328 _____ (Farbar) C:\Users\Owner\Downloads\FRST64(1).exe
2017-10-31 06:44 - 2017-10-31 06:44 - 000000000 ___HD C:\OneDriveTemp
2017-10-30 20:49 - 2017-10-30 20:49 - 000126779 _____ C:\Users\Owner\Downloads\Re__Keyboard_Lessons_-_Autumn_Term_2.zip
2017-10-29 18:21 - 2017-10-29 18:21 - 000064079 _____ C:\Users\Owner\Downloads\Timetable - Sophia.pdf
2017-10-25 11:25 - 2017-10-25 11:25 - 000131651 _____ C:\Users\Owner\Downloads\Gyproc-cove-127-Mitre-template.pdf
2017-10-25 11:19 - 2017-10-25 11:19 - 000328535 _____ C:\Users\Owner\Downloads\DS-Gyproc-Cove-Cornice.pdf
2017-10-24 05:17 - 2017-10-24 05:17 - 000571360 _____ C:\WINDOWS\system32\.tmp
2017-10-23 18:01 - 2017-10-23 18:01 - 000171192 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BgGamingMonitor.dll
2017-10-23 18:01 - 2017-10-23 18:01 - 000152640 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BgGamingMonitor.dll
2017-10-23 18:01 - 2017-10-23 18:01 - 000084376 _____ (BullGuard Ltd.) C:\WINDOWS\system32\Drivers\BdSentry.sys
2017-10-23 18:01 - 2017-10-23 18:01 - 000076568 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BGLsp.dll
2017-10-23 18:01 - 2017-10-23 18:01 - 000061720 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BGLsp.dll
2017-10-22 19:05 - 2017-10-31 19:35 - 000147456 _____ C:\Users\Owner\Desktop\AHLTD310717.xls
2017-10-22 11:12 - 2017-10-22 11:12 - 014705377 _____ C:\Users\Owner\Downloads\combinepdf(2).pdf
2017-10-21 14:35 - 2017-10-21 14:35 - 000009657 _____ C:\Users\Owner\Downloads\Quote_555636_EdwardYork_21-10-17-11-28.pdf
2017-10-21 14:35 - 2017-10-21 14:35 - 000009656 _____ C:\Users\Owner\Downloads\Quote_555635_EdwardYork_21-10-17-11-28.pdf
2017-10-21 14:35 - 2017-10-21 14:35 - 000009651 _____ C:\Users\Owner\Downloads\Quote_555637_EdwardYork_21-10-17-11-28.pdf
2017-10-21 14:35 - 2017-10-21 14:35 - 000009650 _____ C:\Users\Owner\Downloads\Quote_555638_EdwardYork_21-10-17-11-29.pdf
2017-10-19 05:29 - 2017-10-19 05:29 - 000102899 _____ C:\Users\Owner\Downloads\KS2_Maths_-_Reasoning_Paper_1_Part_1_-_Corrected.pdf
2017-10-16 20:36 - 2017-10-16 20:36 - 000577100 _____ C:\Users\Owner\Downloads\vehicle(2).pdf
2017-10-13 19:50 - 2017-10-13 19:50 - 000259681 _____ C:\Users\Owner\Downloads\Computing overview.87660530.pdf
2017-10-13 05:27 - 2017-10-13 05:27 - 005929727 _____ C:\Users\Owner\Downloads\fe-prospectus_0.pdf
2017-10-13 05:26 - 2017-10-13 05:26 - 002079795 _____ C:\Users\Owner\Downloads\supported_learning_prospectus_aug_2017_low_res.pdf
2017-10-12 08:19 - 2017-10-12 08:19 - 000333371 _____ C:\Users\Owner\Downloads\RV5 Final 452502.87660113.pdf
2017-10-11 08:18 - 2017-10-11 08:18 - 000303655 _____ C:\Users\Owner\Downloads\norwich_city_college_of_further_and_higher_education_10022603_pdf_final.pdf
2017-10-11 06:24 - 2017-10-11 06:24 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 06:16 - 2017-09-30 05:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 06:16 - 2017-09-30 05:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 06:16 - 2017-09-30 05:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 06:16 - 2017-09-30 05:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 06:16 - 2017-09-30 02:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 06:16 - 2017-09-30 02:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 06:16 - 2017-09-30 02:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 06:16 - 2017-09-30 02:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 06:16 - 2017-09-30 02:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 06:16 - 2017-09-30 02:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 06:16 - 2017-09-30 02:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 06:16 - 2017-09-30 02:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 06:16 - 2017-09-30 02:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 06:16 - 2017-09-30 02:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 06:16 - 2017-09-30 02:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 06:16 - 2017-09-30 02:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 06:16 - 2017-09-30 02:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 06:16 - 2017-09-30 02:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 06:16 - 2017-09-30 02:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 06:16 - 2017-09-30 02:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 06:16 - 2017-09-30 02:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 06:16 - 2017-09-30 02:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 06:16 - 2017-09-30 02:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 06:16 - 2017-09-30 02:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 06:16 - 2017-09-30 02:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 06:16 - 2017-09-30 02:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 06:16 - 2017-09-30 02:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 06:16 - 2017-09-30 02:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 06:16 - 2017-09-30 02:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 06:16 - 2017-09-30 02:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-10-11 06:16 - 2017-09-30 02:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-10-11 06:16 - 2017-09-30 02:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 06:16 - 2017-09-30 02:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 06:16 - 2017-09-29 07:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 06:16 - 2017-09-29 07:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 06:16 - 2017-09-29 07:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 06:16 - 2017-09-29 07:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 06:16 - 2017-09-29 07:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 06:16 - 2017-09-29 07:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 06:16 - 2017-09-29 07:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 06:16 - 2017-09-29 07:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 06:16 - 2017-09-29 07:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 06:16 - 2017-09-29 07:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 06:16 - 2017-09-29 07:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 06:16 - 2017-09-29 07:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 06:16 - 2017-09-29 07:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 06:16 - 2017-09-29 07:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 06:16 - 2017-09-29 07:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 06:16 - 2017-09-29 07:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 06:16 - 2017-09-29 07:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 06:16 - 2017-09-29 07:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 06:16 - 2017-09-29 07:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 06:16 - 2017-09-29 07:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 06:16 - 2017-09-29 07:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 06:16 - 2017-09-29 07:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 06:16 - 2017-09-29 07:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 06:16 - 2017-09-29 07:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 06:16 - 2017-09-29 07:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 06:16 - 2017-09-29 07:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 06:16 - 2017-09-29 07:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 06:16 - 2017-09-29 07:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 06:16 - 2017-09-29 07:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 06:16 - 2017-09-29 07:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 06:16 - 2017-09-29 07:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 06:16 - 2017-09-29 07:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 06:16 - 2017-09-29 07:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 06:16 - 2017-09-29 07:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 06:16 - 2017-09-29 07:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 06:16 - 2017-09-29 05:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 06:16 - 2017-09-29 05:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 06:16 - 2017-09-20 15:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 06:16 - 2017-09-20 15:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 06:16 - 2017-09-20 15:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 06:16 - 2017-09-18 23:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 06:16 - 2017-09-18 22:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 06:16 - 2017-09-18 22:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-11 06:15 - 2017-09-30 05:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 06:15 - 2017-09-30 05:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 06:15 - 2017-09-30 05:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 06:15 - 2017-09-30 05:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 06:15 - 2017-09-30 05:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 06:15 - 2017-09-30 05:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 06:15 - 2017-09-30 05:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 06:15 - 2017-09-30 05:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 06:15 - 2017-09-30 05:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 06:15 - 2017-09-30 05:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 06:15 - 2017-09-30 05:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 06:15 - 2017-09-30 05:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 06:15 - 2017-09-30 05:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 06:15 - 2017-09-30 05:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 06:15 - 2017-09-30 05:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 06:15 - 2017-09-30 05:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 06:15 - 2017-09-30 05:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 06:15 - 2017-09-30 05:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 06:15 - 2017-09-30 05:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 06:15 - 2017-09-30 05:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 06:15 - 2017-09-30 05:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 06:15 - 2017-09-30 05:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 06:15 - 2017-09-30 05:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 06:15 - 2017-09-30 05:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 06:15 - 2017-09-30 05:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 06:15 - 2017-09-30 05:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 06:15 - 2017-09-30 05:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-10-11 06:15 - 2017-09-30 05:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 06:15 - 2017-09-30 05:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-10-11 06:15 - 2017-09-30 05:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 06:15 - 2017-09-30 05:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 06:15 - 2017-09-30 05:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 06:15 - 2017-09-30 05:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 06:15 - 2017-09-30 05:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 06:15 - 2017-09-30 05:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 06:15 - 2017-09-30 05:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-10-11 06:15 - 2017-09-30 05:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 06:15 - 2017-09-30 05:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 06:15 - 2017-09-30 05:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 06:15 - 2017-09-30 05:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-10-11 06:15 - 2017-09-30 05:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2017-10-11 06:15 - 2017-09-30 05:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-10-11 06:15 - 2017-09-30 05:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-10-11 06:15 - 2017-09-30 05:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 06:15 - 2017-09-30 05:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-10-11 06:15 - 2017-09-30 05:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-10-11 06:15 - 2017-09-30 05:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 06:15 - 2017-09-30 02:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 06:15 - 2017-09-29 07:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 06:15 - 2017-09-29 07:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 06:15 - 2017-09-29 07:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 06:15 - 2017-09-29 07:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 06:15 - 2017-09-29 07:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 06:15 - 2017-09-29 07:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 06:15 - 2017-09-29 07:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 06:15 - 2017-09-29 07:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 06:15 - 2017-09-29 07:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 06:15 - 2017-09-29 07:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 06:15 - 2017-09-29 07:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 06:15 - 2017-09-29 07:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 06:15 - 2017-09-29 07:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 06:15 - 2017-09-29 07:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 06:15 - 2017-09-29 07:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 06:15 - 2017-09-29 07:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 06:15 - 2017-09-29 07:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 06:15 - 2017-09-29 07:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 06:15 - 2017-09-29 07:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 06:15 - 2017-09-29 07:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 06:15 - 2017-09-29 07:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 06:15 - 2017-09-29 07:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 06:15 - 2017-09-29 07:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 06:15 - 2017-09-29 07:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 06:15 - 2017-09-29 07:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 06:15 - 2017-09-29 07:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 06:15 - 2017-09-29 07:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2017-10-11 06:15 - 2017-09-29 07:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 06:15 - 2017-09-29 07:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 06:15 - 2017-09-29 07:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 06:15 - 2017-09-29 07:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 06:15 - 2017-09-29 07:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 06:15 - 2017-09-29 07:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 06:15 - 2017-09-29 07:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2017-10-11 06:15 - 2017-09-29 07:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 06:15 - 2017-09-29 07:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 06:15 - 2017-09-29 07:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 06:15 - 2017-09-29 07:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 06:15 - 2017-09-29 07:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 06:15 - 2017-09-29 07:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 06:15 - 2017-09-29 07:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 06:15 - 2017-09-29 07:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 06:15 - 2017-09-29 07:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 06:15 - 2017-09-29 07:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 06:15 - 2017-09-29 07:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 06:15 - 2017-09-29 07:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 06:15 - 2017-09-29 07:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 06:15 - 2017-09-29 07:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 06:15 - 2017-09-29 07:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 06:15 - 2017-09-29 07:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 06:15 - 2017-09-29 07:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 06:15 - 2017-09-29 07:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 06:15 - 2017-09-29 07:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 06:15 - 2017-09-29 07:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 06:15 - 2017-09-29 07:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 06:15 - 2017-09-29 07:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 06:15 - 2017-09-29 07:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 06:15 - 2017-09-29 07:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 06:15 - 2017-09-29 07:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 06:15 - 2017-09-29 07:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 06:15 - 2017-09-29 07:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-10-11 06:15 - 2017-09-29 07:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 06:15 - 2017-09-29 07:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 06:15 - 2017-09-18 23:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 06:15 - 2017-09-18 23:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 06:15 - 2017-09-18 23:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 06:15 - 2017-09-18 23:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 06:15 - 2017-09-18 23:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 06:15 - 2017-09-18 23:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 06:15 - 2017-09-18 23:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 06:15 - 2017-09-18 22:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 06:15 - 2017-09-18 22:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-11 06:14 - 2017-09-29 07:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 06:14 - 2017-09-29 07:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 06:14 - 2017-09-29 07:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 06:14 - 2017-09-29 07:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 06:14 - 2017-09-29 07:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 06:14 - 2017-09-29 07:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 06:14 - 2017-09-29 07:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 06:14 - 2017-09-29 07:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 06:14 - 2017-09-29 07:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 06:14 - 2017-09-29 07:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 06:14 - 2017-09-29 07:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 06:14 - 2017-09-29 07:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 06:14 - 2017-09-29 07:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 06:14 - 2017-09-29 07:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 06:14 - 2017-09-29 07:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 06:14 - 2017-09-18 22:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 06:14 - 2017-09-18 22:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-09 12:31 - 2017-10-09 12:31 - 000207582 _____ C:\Users\Owner\Downloads\List_of_Staff-_6th-form-2017.pdf
2017-10-08 18:44 - 2017-10-08 18:44 - 000385348 _____ C:\Users\Owner\Downloads\vehicle(1).pdf
2017-10-08 15:06 - 2017-10-08 15:06 - 000118322 _____ C:\Users\Owner\Downloads\Konectbus_4_17092017_ii(1).pdf
2017-10-05 16:32 - 2017-10-05 18:01 - 000014370 _____ C:\Users\Owner\Documents\EA17TUV Finance calculations.xlsx
2017-10-03 20:09 - 2017-10-03 20:09 - 001594541 _____ C:\Users\Owner\Downloads\FRS-102-WEB-Ready-2015.pdf
2017-10-03 20:05 - 2017-10-03 20:05 - 000153409 _____ C:\Users\Owner\Downloads\application-pdf(2)
2017-10-03 12:13 - 2017-10-03 12:13 - 000629797 _____ C:\Users\Owner\Downloads\15.9.17-newsletter.pdf
2017-10-03 12:12 - 2017-10-03 12:12 - 000554416 _____ C:\Users\Owner\Downloads\29.9.17-newsletter.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 19:56 - 2015-07-20 16:16 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2017-10-31 19:56 - 2015-03-09 13:00 - 000000000 ____D C:\ProgramData\BullGuard
2017-10-31 19:52 - 2017-06-17 12:38 - 002403328 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2017-10-31 18:06 - 2017-07-14 06:22 - 000000426 _____ C:\WINDOWS\BRWMARK.INI
2017-10-31 17:44 - 2017-07-14 06:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-31 16:59 - 2017-03-18 21:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-31 16:59 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-31 07:58 - 2015-09-20 07:51 - 000000000 ____D C:\Users\Owner\Documents\Sophia School
2017-10-31 07:17 - 2016-11-16 06:33 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
2017-10-31 06:50 - 2017-07-14 06:38 - 001699382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-31 06:44 - 2017-07-14 06:24 - 000000000 ____D C:\Users\Owner
2017-10-31 06:44 - 2015-03-10 16:49 - 000000000 ___RD C:\Users\Owner\OneDrive
2017-10-31 06:43 - 2017-07-14 06:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-31 06:43 - 2017-07-14 06:22 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-31 06:43 - 2016-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-31 06:43 - 2015-03-10 17:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-30 22:43 - 2017-03-18 11:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-10-30 19:47 - 2015-03-06 09:14 - 000000000 ____D C:\Users\Owner\AppData\Local\Packages
2017-10-30 06:23 - 2017-03-18 21:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-30 06:21 - 2017-03-18 21:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-30 06:20 - 2015-03-06 11:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-30 06:19 - 2017-07-14 06:18 - 000389096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-29 16:36 - 2017-07-26 19:28 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-857570284-1745001965-2900836374-1001
2017-10-29 16:35 - 2016-07-25 17:42 - 000002398 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-25 18:41 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 18:41 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-25 14:13 - 2015-03-10 18:57 - 000000000 ____D C:\Users\Owner\Documents\Refurb files
2017-10-25 06:35 - 2016-07-22 10:10 - 000001464 _____ C:\Users\Owner\Desktop\Roblox Player.lnk
2017-10-25 06:35 - 2016-07-22 10:09 - 000001279 _____ C:\Users\Owner\Desktop\Roblox Studio.lnk
2017-10-25 06:35 - 2016-07-22 10:09 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-24 05:20 - 2015-03-09 13:02 - 000000000 ____D C:\Users\Owner\AppData\Roaming\BullGuard
2017-10-23 20:46 - 2015-03-10 17:15 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2017-10-18 06:22 - 2016-08-25 18:13 - 000000000 ____D C:\ProgramData\Origin
2017-10-18 06:12 - 2016-08-25 18:15 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Origin
2017-10-18 06:11 - 2016-08-25 18:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-10-18 06:11 - 2015-03-06 11:32 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-18 04:24 - 2017-03-18 20:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-15 12:13 - 2017-09-12 19:23 - 000000000 ____D C:\Users\Owner\Documents\Sophia Piano
2017-10-13 00:21 - 2017-03-18 21:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 00:21 - 2017-03-18 21:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 20:37 - 2017-02-04 20:59 - 000000000 ____D C:\Users\Owner\AppData\Roaming\dvdcss
2017-10-12 07:04 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-11 20:20 - 2016-04-27 05:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-11 20:16 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-10-11 20:16 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-10-11 20:16 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-11 20:16 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-11 20:16 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-10-11 20:15 - 2017-03-18 21:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-11 20:15 - 2017-03-18 21:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-11 06:27 - 2015-03-06 09:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 06:23 - 2015-03-06 09:46 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2017-07-14 06:21 - 2017-07-14 06:21 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-22 08:07

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Owner (31-10-2017 19:58:29)
Running from C:\Users\Owner\Desktop
Windows 10 Pro Version 1703 15063.674 (X64) (2017-07-14 06:50:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-857570284-1745001965-2900836374-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-857570284-1745001965-2900836374-503 - Limited - Disabled)
Guest (S-1-5-21-857570284-1745001965-2900836374-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-857570284-1745001965-2900836374-1003 - Limited - Enabled)
Owner (S-1-5-21-857570284-1745001965-2900836374-1001 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: BullGuard Antivirus (Enabled - Up to date) {13E9CAA5-762A-794E-2DA9-245D5622A105}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: BullGuard Antispyware (Enabled - Up to date) {A8882B41-5010-76C0-1719-1F2F2DA5EBB8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall (Enabled) {2BD24B80-3C45-7816-06F6-8D68A8F1E67E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

[email protected] ISO Burner 4 (HKLM-x32\...\{3B756F35-2504-429A-B36C-EA0961B6A2C0}_is1) (Version: 4 - LSoft Technologies Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 18.0 - BullGuard Ltd.)
Creative Live! Cam Chat HD (VF0700) (1.00.06.00) (HKLM\...\Creative VF0700) (Version:  - Creative Technology Ltd.)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.06 - NCH Software)
Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{08B90A20-95D3-4725-84B9-AF6553E06C4F}) (Version: 5.0.10.2850 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LeapFrog Connect (HKLM-x32\...\{5B0F473D-7E18-477F-99DC-3745D5A711E9}) (Version: 7.0.6.19846 - LeapFrog) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 7.0.6.19846 - LeapFrog)
LeapFrog LeapPad Explorer Plugin (HKLM-x32\...\{50B93E1B-EBA1-46AE-909F-10F6F97E1505}) (Version: 7.0.6.19846 - LeapFrog) Hidden
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.8528.2147 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-857570284-1745001965-2900836374-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-GB)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.59240 - Electronic Arts, Inc.)
Play Wireless USB Adapter (HKLM-x32\...\{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin) Hidden
Play Wireless USB Adapter (HKLM-x32\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Roblox Player for Owner (HKU\S-1-5-21-857570284-1745001965-2900836374-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
ROBLOX Studio for Owner (HKU\S-1-5-21-857570284-1745001965-2900836374-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-10-23] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-10-23] (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2017-10-23] (BullGuard Ltd.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2017-10-23] (BullGuard Ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB88190-F1AE-43FE-95BF-F9F788F590C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-29] (Microsoft Corporation)
Task: {1734B589-5D00-4861-A3F6-0488B25B4A71} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E2B7BB2-C168-4A91-8058-0BDF1A75C439} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {52B40B26-B342-4B4E-9E2A-2DEEA059F114} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
Task: {88E0D73D-1DDB-48A7-9C65-25A9D004F281} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {8A3F5800-61D4-4460-A208-610C37EEE00C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-23] (Microsoft Corporation)
Task: {9A65ABC5-64E1-4E33-9D37-E157DB2B7BC5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {A85152E4-2EA6-4A3D-80E1-DB0100F041B0} - System32\Tasks\BullGuard\BullGuardUpdate2 => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2017-10-23] (BullGuard Ltd.)
Task: {B44ABFB8-412B-4849-ACFE-F7228D8BA57F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {CE7A89D7-F170-4734-A17E-A302773EA778} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {EEE81D54-C24A-4B5B-B390-AB974428562B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-10-11] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Owner\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

==================== Loaded Modules (Whitelisted) ==============

2017-07-14 06:22 - 2016-11-14 11:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-23 18:01 - 2017-10-23 18:00 - 000727320 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll
2017-10-23 18:01 - 2017-10-23 18:01 - 000084248 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll
2017-10-23 18:01 - 2017-10-23 18:00 - 000644888 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-23 18:01 - 2017-10-23 18:01 - 000064792 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll
2009-12-28 17:25 - 2009-12-28 17:25 - 000036864 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2017-03-18 20:58 - 2017-03-18 20:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-05-08 08:05 - 2017-10-20 05:35 - 008929464 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-03-18 20:59 - 2017-03-20 03:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2009-11-25 18:45 - 2009-11-25 18:45 - 000110592 _____ () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2017-09-14 05:20 - 2017-09-14 05:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000021504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-10-05 04:57 - 2017-10-05 04:59 - 048839168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000164352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000352256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 002836480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 020559872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 002705408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-10-05 04:57 - 2017-10-05 04:57 - 003128320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 06:05 - 2017-08-29 06:05 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000118784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-10-05 04:57 - 2017-10-05 04:59 - 001380864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-10-05 04:57 - 2017-10-05 04:57 - 000367616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AnimatedGIF.dll
2017-10-26 06:09 - 2017-10-26 06:10 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-26 06:09 - 2017-10-26 06:10 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-26 06:09 - 2017-10-26 06:10 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-26 06:09 - 2017-10-26 06:10 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-10-26 06:09 - 2017-10-26 06:10 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2009-09-15 19:17 - 2009-09-15 19:17 - 000200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2016-05-08 08:00 - 2017-10-20 05:33 - 001010856 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2016-05-08 08:05 - 2017-10-20 05:34 - 000538288 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2017-03-24 13:59 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-857570284-1745001965-2900836374-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Monitor"
HKU\S-1-5-21-857570284-1745001965-2900836374-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B2AF49E-02E0-4EBC-95A5-EA09900B1F61}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83389FC9-376D-414D-B08E-9519C6328BA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3A1E627C-6786-4C94-B280-13B4E97FAFBD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7211F9DF-0FE1-4257-B8E7-7F062A03C833}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1ADF47F1-FCAC-4E1E-8970-228B5D6075EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8EC8CBC9-6EEA-4D5F-98B3-FA0FC4C2490B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{491C3300-C523-42C2-96A5-432B7656EE9F}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3A0818A1-7686-4A53-9D6B-2A0B1141ECCB}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F8A90493-3A75-4392-BFB8-6E3979BD19B1}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{ECD7C2C3-7859-4993-AC0D-7025C513B3F4}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F6B71108-5961-4A8E-A3EF-1B3F6FDBF423}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C4C30DB3-76BA-4A0C-824F-9E2538AD2088}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8730179A-2BEC-4EE7-BDF7-D36C5120D1CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Restore Points =========================

09-10-2017 07:28:38 Scheduled Checkpoint
18-10-2017 04:23:46 Windows Update
30-10-2017 06:33:23 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2017 08:01:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: TOWER)
Description: Package Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (10/31/2017 07:29:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/31/2017 06:49:06 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/30/2017 06:24:38 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/30/2017 06:22:42 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x80070005).

Error: (10/30/2017 06:22:42 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x80070005.

Error: (10/29/2017 06:09:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/29/2017 04:41:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/26/2017 06:12:07 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (10/26/2017 06:05:06 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {605BE43D-2871-451F-8B8E-9129F2CCAB3B}


System errors:
=============
Error: (10/31/2017 06:55:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/31/2017 07:19:52 AM) (Source: DCOM) (EventID: 10016) (User: TOWER)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 to the user Tower\Owner SID (S-1-5-21-857570284-1745001965-2900836374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/31/2017 06:47:06 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (10/31/2017 06:44:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/31/2017 06:44:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (10/31/2017 06:43:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (10/30/2017 10:43:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BsFileScan service.

Error: (10/30/2017 10:42:28 PM) (Source: DCOM) (EventID: 10010) (User: TOWER)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (10/30/2017 07:44:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/30/2017 06:22:57 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2017-10-31 06:43:22.734
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-30 06:18:50.631
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-29 16:30:42.940
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-26 09:47:54.911
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-26 07:02:35.776
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-25 06:33:19.978
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-24 06:17:08.962
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-23 06:38:04.510
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-22 08:42:21.816
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-10-21 07:41:46.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 75%
Total physical RAM: 4031.83 MB
Available physical RAM: 984.68 MB
Total Virtual: 8904.55 MB
Available Virtual: 2022.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.98 GB) (Free:416.43 GB) NTFS
Drive d: (MONEY) (Removable) (Total:14.43 GB) (Free:14.14 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DF632CCF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 14.4 GB) (Disk ID: 5D405CD7)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

==================== End of Addition.txt ============================

 

I'd be grateful for any help offered.

 

Regards

 

RSP


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

Try starting Firefox in Safe Mode:

 

https://www.wikihow....ox-in-Safe-Mode

 

If that makes a difference it's one of your extensions.

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#3
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

Sorry for being so slow in replying, I keep getting sidetracked.

 

Anyway, a while ago I ran task manager and switched off the process that was using a lot of resource (it was a Firefox file) and performance has improved, but the computer's still nowhere near as fast as when I first bought it.

 

Here's the process explorer file:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    92.46    52 K    8 K    0            
procexp64.exe    2.64    36,044 K    70,848 K    3468    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    0.84    74,264 K    55,448 K    1044    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.61    185,448 K    302,592 K    5348    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Interrupts    0.54    0 K    0 K    n/a    Hardware Interrupts and DPCs        
firefox.exe    0.49    61,224 K    158,244 K    6512    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
BsSentry.exe    0.36    6,832 K    11,152 K    2392    BullGuard Sentry service    BullGuard Ltd.    (Verified) BullGuard Ltd
System    0.35    168 K    9,772 K    4            
svchost.exe    0.34    19,160 K    14,812 K    2880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    0.32    192,716 K    242,064 K    7648    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Skype.exe    0.17    117,324 K    101,472 K    11392    Skype     Skype Technologies S.A.    (Verified) Skype Software Sarl
explorer.exe    0.16    75,332 K    110,244 K    6916    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
wlansrv.exe    0.10    2,024 K    5,892 K    3420            (No signature was present in the subject)
firefox.exe    0.09    96,488 K    141,004 K    2268    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SkypeBrowserHost.exe    0.09    43,772 K    59,820 K    8800    Skype Browser Host    Skype Technologies    (Verified) Skype Software Sarl
svchost.exe    0.08    2,744 K    8,672 K    4832    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
csrss.exe    0.07    2,276 K    4,704 K    680    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nvstreamsvc.exe    0.04    4,140 K    10,892 K    5384    NVIDIA Streamer Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
firefox.exe    0.04    200,236 K    244,096 K    2908    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
nvstreamsvc.exe    0.03    6,348 K    14,680 K    2172    NVIDIA Streamer Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
V0700Mon.exe    0.03    1,752 K    8,708 K    11508    Event Monitoring Applet    Creative Technology Ltd.    (Verified) Microsoft Windows Hardware Compatibility Publisher
BullGuardScanner.exe    0.03    544,228 K    134,264 K    2640    BullGuard Scanner    BullGuard Ltd.    (Verified) BullGuard Ltd
BullGuard.exe    0.03    14,956 K    28,520 K    5720    BullGuard    BullGuard Ltd.    (Verified) BullGuard Ltd
nvstreamsvc.exe    0.02    4,568 K    13,156 K    3160    NVIDIA Streamer Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
services.exe    0.02    4,744 K    7,740 K    756    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe    0.01    3,600 K    12,016 K    3372    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    6,636 K    12,152 K    508    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    11,220 K    12,284 K    2284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    101,408 K    26,244 K    2212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
PBN.exe    0.01    1,608 K    7,856 K    11352    VistaBroadcomPBN Module        (No signature was present in the subject)
AppleMobileDeviceService.exe    < 0.01    3,436 K    8,672 K    2192    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
taskhostw.exe    < 0.01    21,936 K    34,488 K    5708    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
NvBackend.exe    < 0.01    6,952 K    15,084 K    9760    NVIDIA Backend    NVIDIA Corporation    (Verified) NVIDIA Corporation
BullGuardTray.exe    < 0.01    2,988 K    9,204 K    10420    BullGuard Tray    BullGuard Ltd.    (Verified) BullGuard Ltd
svchost.exe    < 0.01    3,412 K    11,404 K    3628    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    4,724 K    9,452 K    3356    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    4,280 K    17,448 K    5676    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
fontdrvhost.exe    < 0.01    5,188 K    12,576 K    988    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    8,436 K    14,336 K    3620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    59,004 K    64,140 K    3364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nvvsvc.exe    < 0.01    4,280 K    12,280 K    2020    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvNetworkService.exe    < 0.01    1,672 K    6,340 K    3152    NVIDIA Network Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
BullGuardUpdate.exe    < 0.01    3,948 K    8,692 K    2528    BullGuard Update    BullGuard Ltd.    (Verified) BullGuard Ltd
BgGameMon.exe    < 0.01    2,504 K    10,324 K    9220    BgGameMon    BullGuard Ltd.    (Verified) BullGuard Ltd
csrss.exe    < 0.01    1,656 K    4,536 K    588    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WUDFHost.exe        1,932 K    6,888 K    1872    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,352 K    8,644 K    5668    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WinStore.App.exe    Suspended    28,696 K    55,984 K    7292    Store    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
winlogon.exe        2,512 K    7,832 K    828    Windows Log-on Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,276 K    5,796 K    704    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,796 K    24,300 K    964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,508 K    16,184 K    3248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,312 K    9,048 K    1656    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,728 K    20,512 K    700    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,972 K    8,616 K    1848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,472 K    11,404 K    1436    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,204 K    7,144 K    1532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,888 K    18,036 K    2960    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,988 K    10,496 K    1604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        13,296 K    19,896 K    2492    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,204 K    13,064 K    8756    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,076 K    6,084 K    540    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,320 K    24,020 K    3144    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,188 K    11,556 K    2724    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,296 K    11,628 K    2472    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,060 K    12,996 K    4072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,920 K    7,636 K    2860    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,880 K    10,428 K    4016    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,080 K    15,500 K    3104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,456 K    9,308 K    4856    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,000 K    20,680 K    5600    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,552 K    15,456 K    6364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,604 K    10,876 K    11528    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,152 K    8,592 K    2232    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,832 K    7,124 K    2076    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,444 K    11,404 K    6284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,812 K    7,968 K    3320    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,060 K    25,880 K    6712    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,540 K    19,456 K    7416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,900 K    7,688 K    2240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,652 K    6,892 K    5896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,880 K    17,904 K    3428    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,604 K    5,828 K    7544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,280 K    5,228 K    3932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,860 K    6,600 K    2612    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,512 K    5,976 K    2604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,596 K    10,168 K    2336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,740 K    6,444 K    2948    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,456 K    6,588 K    2940    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,232 K    13,208 K    3208    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,240 K    5,340 K    3404    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,520 K    6,016 K    3284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,280 K    10,752 K    2652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,328 K    10,172 K    1596    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,772 K    7,808 K    2304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,272 K    5,796 K    2224    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,188 K    7,712 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,208 K    8,320 K    1952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,664 K    6,228 K    1144    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,984 K    10,852 K    1220    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,432 K    6,708 K    1484    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    8,936 K    1212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,180 K    13,244 K    1772    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,568 K    5,708 K    1312    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,408 K    5,280 K    1720    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        932 K    3,668 K    940    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,360 K    6,180 K    1480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,544 K    8,856 K    4752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,004 K    12,608 K    1628    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        6,300 K    13,720 K    2768    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        448 K    960 K    404    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SkypeHost.exe    Suspended    19,704 K    916 K    2924    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        7,200 K    29,044 K    6552    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    45,868 K    61,656 K    6656    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SettingSyncHost.exe        16,500 K    4,280 K    9656    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
SearchUI.exe    Suspended    51,320 K    60,400 K    6964    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe        37,648 K    32,684 K    5620    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        27,920 K    57,568 K    7248    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RtkNGUI64.exe        4,440 K    11,628 K    10972    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
RemindersServer.exe    Suspended    9,496 K    18,564 K    7568    Reminders WinRT OOP Server    Microsoft Corporation    (Verified) Microsoft Windows
procexp.exe        5,148 K    11,528 K    972    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
OUTLOOK.EXE        109,648 K    109,392 K    11236    Microsoft Outlook    Microsoft Corporation    (Verified) Microsoft Corporation
ONENOTEM.EXE        2,332 K    2,444 K    11460    Send to OneNote Tool    Microsoft Corporation    (Verified) Microsoft Corporation
OneDrive.exe        14,576 K    38,092 K    10740    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
OfficeClickToRun.exe        34,468 K    29,224 K    3088    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
nvxdsync.exe        6,248 K    17,876 K    2012    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,272 K    9,004 K    1728    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        3,804 K    12,988 K    9684    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvSCPAPISvr.exe        2,908 K    6,148 K    1736    Stereo Vision Control Panel API Server    NVIDIA Corporation    (Verified) NVIDIA Corporation
MSASCuiL.exe        1,944 K    8,952 K    10764    Windows Defender notification icon    Microsoft Corporation    (Verified) Microsoft Windows
Microsoft.Photos.exe    Suspended    185,944 K    75,248 K    4780            (No signature was present in the subject)
Memory Compression        1,560 K    92,120 K    3748            
mDNSResponder.exe        1,624 K    5,728 K    2180    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
lsass.exe        7,416 K    14,320 K    772    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
jusched.exe        3,756 K    17,228 K    11696    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America
jucheck.exe        3,640 K    13,608 K    10228    Java Update Checker    Oracle Corporation    (Verified) Oracle America
iexplore.exe        20,164 K    32,644 K    9888    Internet Explorer    Microsoft Corporation    (Verified) Microsoft Corporation
iexplore.exe        10,964 K    28,588 K    608    Internet Explorer    Microsoft Corporation    (Verified) Microsoft Corporation
IAStorIcon.exe        22,404 K    27,120 K    11500    IAStorIcon    Intel Corporation    (Verified) Intel Corporation - Intel® Rapid Storage Technology
IAStorDataMgrSvc.exe        33,852 K    41,828 K    4656    IAStorDataSvc    Intel Corporation    (Verified) Intel Corporation - Intel® Rapid Storage Technology
GfExperienceService.exe        2,152 K    6,760 K    1032    NVIDIA GeForce Experience Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
fontdrvhost.exe        1,620 K    3,784 K    992    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        24,172 K    54,936 K    8020    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dllhost.exe        1,804 K    9,200 K    9944    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        4,512 K    11,936 K    4136    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        1,704 K    7,056 K    1964    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,388 K    6,132 K    5396    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
CommandService.exe        1,536 K    6,388 K    3080    CommandService Application    LeapFrog Enterprises, Inc.    (Verified) LeapFrog Enterprises
BingSvc.exe        4,200 K    15,820 K    11144    Microsoft Bing Service    © 2015 Microsoft Corporation    (Verified) Microsoft Corporation
armsvc.exe        1,336 K    6,148 K    2156    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems
ApplicationFrameHost.exe        13,136 K    29,484 K    11400    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

 

I tried to perform the task in the elevated command, but it seems access was denied (or so it said in the cmd box) and the notepad file was empty.

 

Also, the link you gave for speccy says the page I requested couldn't be found - could you check the URL please?

 

Regards

 

RSP


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

If you have an elevated Command Prompt the prompt will be C:\Windows\System32>

If it says anything else it's not an elevated one.

 

The forum software added some garbage at the end of the speccy link.

 

It should just be:

https://filehippo.com/download_speccy/

You may need to copy and paste it into your browser.


  • 0

#5
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I've attached a screen print of the elevated command prompt and the access denied result. I think I did it right, would appreciate your advice.

 

Will get to work with speccy and report back to you.

 

Regards

 

RSP

Attached Thumbnails

  • Junk.png

  • 0

#6
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I've successfully installed and run speccy, results attached as a text file.

 

Regards

 

RSP

Attached Files


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

In my win 10 when I run an elevated command prompt the line at the top says: Administrator: C:\Windows\System32\cmd.exe.  Yours just says C:\Windows\System32\cmd.exe

so it doesn't look like it's a real elevated command prompt. 

 

elevated.JPG

 

See if you can run MBAR

 

https://www.malwareb...om/antirootkit/

 

Does it find anything?

 

Try:  Why So Slow:

 

http://www.resplendence.com/whysoslow

 

Click on Downloads, Free Downloads then find WhySoSlow under System Utilities.

 

click on Download free home edition

 

Install it then right click on the desktop shortcut and Run As Admin.

 

Analyze, Analyze, then Report and Save.  By default it saves to Documents but you can change it.

 

Unfortunately it saves as ,htm which the forum doesn't allow.  Either rename it to .txt or zip it up then attach it.

 

 

 

 


  • 0

#8
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I managed to get the command prompt as administrator and it worked this time.

 

Here's the text from the notepad file:

 

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       400 N/A                                         
csrss.exe                      564 N/A                                         
wininit.exe                    668 N/A                                         
csrss.exe                      684 N/A                                         
services.exe                   744 N/A                                         
lsass.exe                      752 KeyIso, SamSs, VaultSvc                     
winlogon.exe                   840 N/A                                         
svchost.exe                    944 PlugPlay                                    
fontdrvhost.exe                968 N/A                                         
fontdrvhost.exe                976 N/A                                         
svchost.exe                    368 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
svchost.exe                    592 RpcEptMapper, RpcSs                         
svchost.exe                    912 LSM                                         
dwm.exe                       1064 N/A                                         
svchost.exe                   1152 lmhosts                                     
svchost.exe                   1224 NcbService                                  
svchost.exe                   1236 TimeBrokerSvc                               
svchost.exe                   1264 Schedule                                    
svchost.exe                   1356 hidserv                                     
svchost.exe                   1364 ProfSvc                                     
svchost.exe                   1452 EventLog                                    
svchost.exe                   1552 UserManager                                 
svchost.exe                   1592 nsi                                         
nvvsvc.exe                    1628 nvsvc                                       
nvSCPAPISvr.exe               1640 Stereo Service                              
svchost.exe                   1660 wudfsvc                                     
svchost.exe                   1704 Dhcp                                        
nvxdsync.exe                  1768 N/A                                         
nvvsvc.exe                    1780 N/A                                         
svchost.exe                   1876 NlaSvc                                      
WUDFHost.exe                  1900 N/A                                         
svchost.exe                   1948 CscService                                  
svchost.exe                   1956 EventSystem                                 
svchost.exe                   1968 Dnscache                                    
svchost.exe                   1980 Themes                                      
svchost.exe                   2024 StateRepository                             
svchost.exe                   2072 SENS                                        
svchost.exe                   2124 AudioEndpointBuilder                        
svchost.exe                   2132 FontCache                                   
svchost.exe                   2260 netprofm                                    
svchost.exe                   2360 Audiosrv                                    
svchost.exe                   2508 WinHttpAutoProxySvc                         
svchost.exe                   2564 DusmSvc                                     
svchost.exe                   2572 Wcmsvc                                      
svchost.exe                   2616 ShellHWDetection                            
spoolsv.exe                   2724 Spooler                                     
svchost.exe                   2764 BFE, CoreMessagingRegistrar, MpsSvc         
svchost.exe                   2788 LanmanWorkstation                           
svchost.exe                   2940 IKEEXT                                      
svchost.exe                   2948 PolicyAgent                                 
svchost.exe                   3040 BsMain                                      
armsvc.exe                    3048 AdobeARMservice                             
svchost.exe                   3056 BsCache                                     
svchost.exe                   3068 BsMailProxy                                 
AppleMobileDeviceService.     2164 Apple Mobile Device Service                 
mDNSResponder.exe             2284 Bonjour Service                             
BullGuardUpdate.exe           2348 BsUpdate                                    
BullGuardScanner.exe          1832 BsScanner                                   
BsSentry.exe                  1520 BsSentry                                    
OfficeClickToRun.exe          2384 ClickToRunSvc                               
svchost.exe                   2604 CryptSvc                                    
GfExperienceService.exe       2932 GfExperienceService                         
svchost.exe                   3084 DeviceAssociationService                    
svchost.exe                   3120 DiagTrack                                   
svchost.exe                   3152 DPS                                         
CommandService.exe            3164 LeapFrog Connect Device Service             
svchost.exe                   3176 Winmgmt                                     
svchost.exe                   3200 LanmanServer                                
NvNetworkService.exe          3220 NvNetworkService                            
nvstreamsvc.exe               3240 NvStreamSvc                                 
svchost.exe                   3264 PcaSvc                                      
svchost.exe                   3304 stisvc                                      
svchost.exe                   3328 SysMain                                     
SecurityHealthService.exe     3340 SecurityHealthService                       
svchost.exe                   3384 TrkWks                                      
wlansrv.exe                   3392 WLANBelkinService                           
svchost.exe                   3416 WpnService                                  
dasHost.exe                   3712 N/A                                         
svchost.exe                   3784 SSDPSRV                                     
Memory Compression            3728 N/A                                         
svchost.exe                   4344 BsNet                                       
svchost.exe                   4696 Browser                                     
svchost.exe                   4664 iphlpsvc                                    
svchost.exe                   4680 BsFileScan                                  
svchost.exe                   4740 WdiServiceHost                              
nvstreamsvc.exe               5360 N/A                                         
conhost.exe                   5368 N/A                                         
svchost.exe                   5504 tiledatamodelsvc                            
svchost.exe                   5944 CDPSvc                                      
nvstreamsvc.exe               6576 N/A                                         
conhost.exe                   6588 N/A                                         
sihost.exe                    6676 N/A                                         
svchost.exe                   6708 CDPUserSvc_4fc54                            
svchost.exe                   6772 WpnUserService_4fc54                        
svchost.exe                   6964 TokenBroker                                 
taskhostw.exe                 1344 N/A                                         
explorer.exe                  6448 N/A                                         
SearchIndexer.exe             3272 WSearch                                     
ShellExperienceHost.exe       7220 N/A                                         
SearchUI.exe                  7252 N/A                                         
RuntimeBroker.exe             7680 N/A                                         
svchost.exe                   7744 LicenseManager                              
RemindersServer.exe           7824 N/A                                         
nvtray.exe                    8488 N/A                                         
svchost.exe                   8764 lfsvc                                       
NvBackend.exe                 8788 N/A                                         
svchost.exe                   6180 OneSyncSvc_4fc54,                           
                                   PimIndexMaintenanceSvc_4fc54,               
                                   UnistoreSvc_4fc54, UserDataSvc_4fc54        
MSASCuiL.exe                  9492 N/A                                         
RtkNGUI64.exe                 9648 N/A                                         
SettingSyncHost.exe           9868 N/A                                         
BullGuardTray.exe             9980 N/A                                         
OneDrive.exe                 10104 N/A                                         
BingSvc.exe                  10168 N/A                                         
PBN.exe                       9768 N/A                                         
ONENOTEM.EXE                  9236 N/A                                         
V0700Mon.exe                  2960 N/A                                         
jusched.exe                   3080 N/A                                         
IAStorIcon.exe                6684 N/A                                         
IAStorDataMgrSvc.exe         11384 IAStorDataMgrSvc                            
svchost.exe                  11592 wscsvc                                      
BullGuard.exe                11972 N/A                                         
BgGameMon.exe                 9112 N/A                                         
OUTLOOK.EXE                   5756 N/A                                         
iexplore.exe                  3552 N/A                                         
iexplore.exe                 10236 N/A                                         
svchost.exe                  11020 StorSvc                                     
jucheck.exe                  11420 N/A                                         
Skype.exe                     1580 N/A                                         
SkypeHost.exe                10404 N/A                                         
SkypeBrowserHost.exe          5540 N/A                                         
firefox.exe                   4084 N/A                                         
firefox.exe                  11084 N/A                                         
firefox.exe                   9432 N/A                                         
firefox.exe                   9996 N/A                                         
ApplicationFrameHost.exe      6252 N/A                                         
WinStore.App.exe              8408 N/A                                         
svchost.exe                  10464 DsSvc                                       
firefox.exe                   7632 N/A                                         
firefox.exe                   5612 N/A                                         
svchost.exe                   8652 Appinfo                                     
svchost.exe                   6572 p2pimsvc                                    
svchost.exe                  11960 PNRPsvc                                     
Microsoft.Photos.exe         10856 N/A                                         
svchost.exe                   5832 UsoSvc                                      
firefox.exe                   6452 N/A                                         
audiodg.exe                   1144 N/A                                         
WmiPrvSE.exe                   760 N/A                                         
cmd.exe                      10092 N/A                                         
conhost.exe                   6892 N/A                                         
taskhostw.exe                 2064 N/A                                         
dllhost.exe                  11268 N/A                                         
tasklist.exe                  3592 N/A                                         
 

Will get on with the other bits now.


  • 0

#9
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I ran MBAR and it found nothing.

 

I've attached the results of the WhySoSlow scan as a zip file.

 

Regards

 

RSP

Attached Files


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

Why So slow is happy with your system.  Let's check your Internet connection.  Perhaps it has gotten slow.

 

http://beta.speedtest.net/

 

After the test finishes, right click on the blue number after Result ID:  and copy Link Location and then move to a reply and paste the link into a reply.  Is that about what you are paying for?

 

 

Are you paying for Office 16 Click-to-Run?  If not uninstall it as it is causing errors.

 

 

We can check your system files:

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

If you open an elevated command prompt it will by default open in c:\Windows\system32

Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

Which does it say?

 

type:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt

Hit Enter.  Then type::


notepad  \junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

Advertisements


#11
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

This is the speedtest result:

 

http://beta.speedtes...sult/6928657401

 

To be honest, I'm not sure what I'm paying for, will check and get back to you.

 

I pay a monthly amount for Microsoft Office, but I don't know if that includes Click-to run - I've never heard of that before. Shall I just uninstall it anyway? Are there any serious consequences?

 

 

The scannow procedure didn’t reveal any integrity violations, so I guess that’s a good thing.

 

Here’s the junk.txt file:

 

2018-01-02 09:42:50, Info                  CSI    00000006 [SR] Verifying 100 components
2018-01-02 09:42:50, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2018-01-02 09:42:53, Info                  CSI    0000006c [SR] Verify complete
2018-01-02 09:42:54, Info                  CSI    0000006d [SR] Verifying 100 components
2018-01-02 09:42:54, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2018-01-02 09:42:57, Info                  CSI    000000d3 [SR] Verify complete
2018-01-02 09:42:57, Info                  CSI    000000d4 [SR] Verifying 100 components
2018-01-02 09:42:57, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2018-01-02 09:42:59, Info                  CSI    0000013a [SR] Verify complete
2018-01-02 09:42:59, Info                  CSI    0000013b [SR] Verifying 100 components
2018-01-02 09:42:59, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:02, Info                  CSI    000001a1 [SR] Verify complete
2018-01-02 09:43:02, Info                  CSI    000001a2 [SR] Verifying 100 components
2018-01-02 09:43:02, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:06, Info                  CSI    00000208 [SR] Verify complete
2018-01-02 09:43:07, Info                  CSI    00000209 [SR] Verifying 100 components
2018-01-02 09:43:07, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:10, Info                  CSI    0000026f [SR] Verify complete
2018-01-02 09:43:10, Info                  CSI    00000270 [SR] Verifying 100 components
2018-01-02 09:43:10, Info                  CSI    00000271 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:15, Info                  CSI    000002d6 [SR] Verify complete
2018-01-02 09:43:15, Info                  CSI    000002d7 [SR] Verifying 100 components
2018-01-02 09:43:15, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:19, Info                  CSI    0000033d [SR] Verify complete
2018-01-02 09:43:19, Info                  CSI    0000033e [SR] Verifying 100 components
2018-01-02 09:43:19, Info                  CSI    0000033f [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:22, Info                  CSI    000003a4 [SR] Verify complete
2018-01-02 09:43:22, Info                  CSI    000003a5 [SR] Verifying 100 components
2018-01-02 09:43:22, Info                  CSI    000003a6 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:25, Info                  CSI    0000040b [SR] Verify complete
2018-01-02 09:43:25, Info                  CSI    0000040c [SR] Verifying 100 components
2018-01-02 09:43:25, Info                  CSI    0000040d [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:27, Info                  CSI    00000472 [SR] Verify complete
2018-01-02 09:43:28, Info                  CSI    00000473 [SR] Verifying 100 components
2018-01-02 09:43:28, Info                  CSI    00000474 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:30, Info                  CSI    000004d9 [SR] Verify complete
2018-01-02 09:43:30, Info                  CSI    000004da [SR] Verifying 100 components
2018-01-02 09:43:30, Info                  CSI    000004db [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:34, Info                  CSI    00000540 [SR] Verify complete
2018-01-02 09:43:34, Info                  CSI    00000541 [SR] Verifying 100 components
2018-01-02 09:43:34, Info                  CSI    00000542 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:39, Info                  CSI    000005aa [SR] Verify complete
2018-01-02 09:43:39, Info                  CSI    000005ab [SR] Verifying 100 components
2018-01-02 09:43:39, Info                  CSI    000005ac [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:42, Info                  CSI    00000611 [SR] Verify complete
2018-01-02 09:43:42, Info                  CSI    00000612 [SR] Verifying 100 components
2018-01-02 09:43:42, Info                  CSI    00000613 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:46, Info                  CSI    00000678 [SR] Verify complete
2018-01-02 09:43:47, Info                  CSI    00000679 [SR] Verifying 100 components
2018-01-02 09:43:47, Info                  CSI    0000067a [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:51, Info                  CSI    000006df [SR] Verify complete
2018-01-02 09:43:51, Info                  CSI    000006e0 [SR] Verifying 100 components
2018-01-02 09:43:51, Info                  CSI    000006e1 [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:56, Info                  CSI    0000074b [SR] Verify complete
2018-01-02 09:43:56, Info                  CSI    0000074c [SR] Verifying 100 components
2018-01-02 09:43:56, Info                  CSI    0000074d [SR] Beginning Verify and Repair transaction
2018-01-02 09:43:58, Info                  CSI    000007b2 [SR] Verify complete
2018-01-02 09:43:58, Info                  CSI    000007b3 [SR] Verifying 100 components
2018-01-02 09:43:58, Info                  CSI    000007b4 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:00, Info                  CSI    00000819 [SR] Verify complete
2018-01-02 09:44:00, Info                  CSI    0000081a [SR] Verifying 100 components
2018-01-02 09:44:00, Info                  CSI    0000081b [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:06, Info                  CSI    00000880 [SR] Verify complete
2018-01-02 09:44:06, Info                  CSI    00000881 [SR] Verifying 100 components
2018-01-02 09:44:06, Info                  CSI    00000882 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:12, Info                  CSI    000008e7 [SR] Verify complete
2018-01-02 09:44:12, Info                  CSI    000008e8 [SR] Verifying 100 components
2018-01-02 09:44:12, Info                  CSI    000008e9 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:19, Info                  CSI    0000094e [SR] Verify complete
2018-01-02 09:44:19, Info                  CSI    0000094f [SR] Verifying 100 components
2018-01-02 09:44:19, Info                  CSI    00000950 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:23, Info                  CSI    000009b6 [SR] Verify complete
2018-01-02 09:44:23, Info                  CSI    000009b7 [SR] Verifying 100 components
2018-01-02 09:44:23, Info                  CSI    000009b8 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:27, Info                  CSI    00000a23 [SR] Verify complete
2018-01-02 09:44:27, Info                  CSI    00000a24 [SR] Verifying 100 components
2018-01-02 09:44:27, Info                  CSI    00000a25 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:31, Info                  CSI    00000a8a [SR] Verify complete
2018-01-02 09:44:31, Info                  CSI    00000a8b [SR] Verifying 100 components
2018-01-02 09:44:31, Info                  CSI    00000a8c [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:35, Info                  CSI    00000af1 [SR] Verify complete
2018-01-02 09:44:35, Info                  CSI    00000af2 [SR] Verifying 100 components
2018-01-02 09:44:35, Info                  CSI    00000af3 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:39, Info                  CSI    00000b58 [SR] Verify complete
2018-01-02 09:44:39, Info                  CSI    00000b59 [SR] Verifying 100 components
2018-01-02 09:44:39, Info                  CSI    00000b5a [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:42, Info                  CSI    00000bbf [SR] Verify complete
2018-01-02 09:44:43, Info                  CSI    00000bc0 [SR] Verifying 100 components
2018-01-02 09:44:43, Info                  CSI    00000bc1 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:46, Info                  CSI    00000c26 [SR] Verify complete
2018-01-02 09:44:46, Info                  CSI    00000c27 [SR] Verifying 100 components
2018-01-02 09:44:46, Info                  CSI    00000c28 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:51, Info                  CSI    00000c95 [SR] Verify complete
2018-01-02 09:44:51, Info                  CSI    00000c96 [SR] Verifying 100 components
2018-01-02 09:44:51, Info                  CSI    00000c97 [SR] Beginning Verify and Repair transaction
2018-01-02 09:44:58, Info                  CSI    00000d06 [SR] Verify complete
2018-01-02 09:44:58, Info                  CSI    00000d07 [SR] Verifying 100 components
2018-01-02 09:44:58, Info                  CSI    00000d08 [SR] Beginning Verify and Repair transaction
2018-01-02 09:45:01, Info                  CSI    00000d6f [SR] Verify complete
2018-01-02 09:45:01, Info                  CSI    00000d70 [SR] Verifying 100 components
2018-01-02 09:45:01, Info                  CSI    00000d71 [SR] Beginning Verify and Repair transaction
2018-01-02 09:45:05, Info                  CSI    00000de5 [SR] Verify complete
2018-01-02 09:45:05, Info                  CSI    00000de6 [SR] Verifying 100 components
2018-01-02 09:45:05, Info                  CSI    00000de7 [SR] Beginning Verify and Repair transaction
2018-01-02 09:45:12, Info                  CSI    00000e55 [SR] Verify complete
2018-01-02 09:45:12, Info                  CSI    00000e56 [SR] Verifying 100 components
2018-01-02 09:45:12, Info                  CSI    00000e57 [SR] Beginning Verify and Repair transaction
2018-01-02 09:45:28, Info                  CSI    00000ee9 [SR] Verify complete
2018-01-02 09:45:28, Info                  CSI    00000eea [SR] Verifying 100 components
2018-01-02 09:45:28, Info                  CSI    00000eeb [SR] Beginning Verify and Repair transaction
2018-01-02 09:45:41, Info                  CSI    00000f60 [SR] Verify complete
2018-01-02 09:45:41, Info                  CSI    00000f61 [SR] Verifying 100 components
2018-01-02 09:45:41, Info                  CSI    00000f62 [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:01, Info                  CSI    00000fd4 [SR] Verify complete
2018-01-02 09:46:01, Info                  CSI    00000fd5 [SR] Verifying 100 components
2018-01-02 09:46:01, Info                  CSI    00000fd6 [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:10, Info                  CSI    00001046 [SR] Verify complete
2018-01-02 09:46:10, Info                  CSI    00001047 [SR] Verifying 100 components
2018-01-02 09:46:10, Info                  CSI    00001048 [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:18, Info                  CSI    000010b8 [SR] Verify complete
2018-01-02 09:46:18, Info                  CSI    000010b9 [SR] Verifying 100 components
2018-01-02 09:46:18, Info                  CSI    000010ba [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:24, Info                  CSI    00001186 [SR] Verify complete
2018-01-02 09:46:24, Info                  CSI    00001187 [SR] Verifying 100 components
2018-01-02 09:46:24, Info                  CSI    00001188 [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:35, Info                  CSI    00001269 [SR] Verify complete
2018-01-02 09:46:35, Info                  CSI    0000126a [SR] Verifying 100 components
2018-01-02 09:46:35, Info                  CSI    0000126b [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:45, Info                  CSI    000012d5 [SR] Verify complete
2018-01-02 09:46:45, Info                  CSI    000012d6 [SR] Verifying 100 components
2018-01-02 09:46:45, Info                  CSI    000012d7 [SR] Beginning Verify and Repair transaction
2018-01-02 09:46:49, Info                  CSI    0000133d [SR] Verify complete
2018-01-02 09:46:49, Info                  CSI    0000133e [SR] Verifying 100 components
2018-01-02 09:46:49, Info                  CSI    0000133f [SR] Beginning Verify and Repair transaction
2018-01-02 09:47:20, Info                  CSI    000013af [SR] Verify complete
2018-01-02 09:47:20, Info                  CSI    000013b0 [SR] Verifying 100 components
2018-01-02 09:47:20, Info                  CSI    000013b1 [SR] Beginning Verify and Repair transaction
2018-01-02 09:47:30, Info                  CSI    0000145b [SR] Verify complete
2018-01-02 09:47:30, Info                  CSI    0000145c [SR] Verifying 100 components
2018-01-02 09:47:30, Info                  CSI    0000145d [SR] Beginning Verify and Repair transaction
2018-01-02 09:47:39, Info                  CSI    000014de [SR] Verify complete
2018-01-02 09:47:39, Info                  CSI    000014df [SR] Verifying 100 components
2018-01-02 09:47:39, Info                  CSI    000014e0 [SR] Beginning Verify and Repair transaction
2018-01-02 09:47:50, Info                  CSI    00001593 [SR] Verify complete
2018-01-02 09:47:50, Info                  CSI    00001594 [SR] Verifying 100 components
2018-01-02 09:47:50, Info                  CSI    00001595 [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:01, Info                  CSI    0000160a [SR] Verify complete
2018-01-02 09:48:01, Info                  CSI    0000160b [SR] Verifying 100 components
2018-01-02 09:48:01, Info                  CSI    0000160c [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:09, Info                  CSI    00001679 [SR] Verify complete
2018-01-02 09:48:09, Info                  CSI    0000167a [SR] Verifying 100 components
2018-01-02 09:48:09, Info                  CSI    0000167b [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:18, Info                  CSI    000016f9 [SR] Verify complete
2018-01-02 09:48:18, Info                  CSI    000016fa [SR] Verifying 100 components
2018-01-02 09:48:18, Info                  CSI    000016fb [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:25, Info                  CSI    0000177e [SR] Verify complete
2018-01-02 09:48:25, Info                  CSI    0000177f [SR] Verifying 100 components
2018-01-02 09:48:25, Info                  CSI    00001780 [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:33, Info                  CSI    000017e7 [SR] Verify complete
2018-01-02 09:48:33, Info                  CSI    000017e8 [SR] Verifying 100 components
2018-01-02 09:48:33, Info                  CSI    000017e9 [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:41, Info                  CSI    00001856 [SR] Verify complete
2018-01-02 09:48:41, Info                  CSI    00001857 [SR] Verifying 100 components
2018-01-02 09:48:41, Info                  CSI    00001858 [SR] Beginning Verify and Repair transaction
2018-01-02 09:48:50, Info                  CSI    000018be [SR] Verify complete
2018-01-02 09:48:50, Info                  CSI    000018bf [SR] Verifying 100 components
2018-01-02 09:48:50, Info                  CSI    000018c0 [SR] Beginning Verify and Repair transaction
2018-01-02 09:49:00, Info                  CSI    00001930 [SR] Verify complete
2018-01-02 09:49:00, Info                  CSI    00001931 [SR] Verifying 100 components
2018-01-02 09:49:00, Info                  CSI    00001932 [SR] Beginning Verify and Repair transaction
2018-01-02 09:49:09, Info                  CSI    000019a8 [SR] Verify complete
2018-01-02 09:49:09, Info                  CSI    000019a9 [SR] Verifying 100 components
2018-01-02 09:49:09, Info                  CSI    000019aa [SR] Beginning Verify and Repair transaction
2018-01-02 09:49:20, Info                  CSI    00001a31 [SR] Verify complete
2018-01-02 09:49:20, Info                  CSI    00001a32 [SR] Verifying 100 components
2018-01-02 09:49:20, Info                  CSI    00001a33 [SR] Beginning Verify and Repair transaction
2018-01-02 09:49:32, Info                  CSI    00001ad9 [SR] Verify complete
2018-01-02 09:49:32, Info                  CSI    00001ada [SR] Verifying 100 components
2018-01-02 09:49:32, Info                  CSI    00001adb [SR] Beginning Verify and Repair transaction
2018-01-02 09:49:50, Info                  CSI    00001b9b [SR] Verify complete
2018-01-02 09:49:50, Info                  CSI    00001b9c [SR] Verifying 100 components
2018-01-02 09:49:50, Info                  CSI    00001b9d [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:00, Info                  CSI    00001c03 [SR] Verify complete
2018-01-02 09:50:01, Info                  CSI    00001c04 [SR] Verifying 100 components
2018-01-02 09:50:01, Info                  CSI    00001c05 [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:09, Info                  CSI    00001c78 [SR] Verify complete
2018-01-02 09:50:09, Info                  CSI    00001c79 [SR] Verifying 100 components
2018-01-02 09:50:09, Info                  CSI    00001c7a [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:15, Info                  CSI    00001cea [SR] Verify complete
2018-01-02 09:50:15, Info                  CSI    00001ceb [SR] Verifying 100 components
2018-01-02 09:50:15, Info                  CSI    00001cec [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:28, Info                  CSI    00001d79 [SR] Verify complete
2018-01-02 09:50:28, Info                  CSI    00001d7a [SR] Verifying 100 components
2018-01-02 09:50:28, Info                  CSI    00001d7b [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:35, Info                  CSI    00001de8 [SR] Verify complete
2018-01-02 09:50:35, Info                  CSI    00001de9 [SR] Verifying 100 components
2018-01-02 09:50:35, Info                  CSI    00001dea [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:40, Info                  CSI    00001e4f [SR] Verify complete
2018-01-02 09:50:40, Info                  CSI    00001e50 [SR] Verifying 100 components
2018-01-02 09:50:40, Info                  CSI    00001e51 [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:47, Info                  CSI    00001ec6 [SR] Verify complete
2018-01-02 09:50:47, Info                  CSI    00001ec7 [SR] Verifying 100 components
2018-01-02 09:50:47, Info                  CSI    00001ec8 [SR] Beginning Verify and Repair transaction
2018-01-02 09:50:59, Info                  CSI    00001f45 [SR] Verify complete
2018-01-02 09:50:59, Info                  CSI    00001f46 [SR] Verifying 100 components
2018-01-02 09:50:59, Info                  CSI    00001f47 [SR] Beginning Verify and Repair transaction
2018-01-02 09:51:11, Info                  CSI    00001fc8 [SR] Verify complete
2018-01-02 09:51:11, Info                  CSI    00001fc9 [SR] Verifying 100 components
2018-01-02 09:51:11, Info                  CSI    00001fca [SR] Beginning Verify and Repair transaction
2018-01-02 09:51:19, Info                  CSI    00002033 [SR] Verify complete
2018-01-02 09:51:20, Info                  CSI    00002034 [SR] Verifying 100 components
2018-01-02 09:51:20, Info                  CSI    00002035 [SR] Beginning Verify and Repair transaction
2018-01-02 09:51:27, Info                  CSI    000020a1 [SR] Verify complete
2018-01-02 09:51:27, Info                  CSI    000020a2 [SR] Verifying 100 components
2018-01-02 09:51:27, Info                  CSI    000020a3 [SR] Beginning Verify and Repair transaction
2018-01-02 09:51:34, Info                  CSI    00002153 [SR] Verify complete
2018-01-02 09:51:34, Info                  CSI    00002154 [SR] Verifying 100 components
2018-01-02 09:51:34, Info                  CSI    00002155 [SR] Beginning Verify and Repair transaction
2018-01-02 09:51:45, Info                  CSI    000021c4 [SR] Verify complete
2018-01-02 09:51:45, Info                  CSI    000021c5 [SR] Verifying 100 components
2018-01-02 09:51:45, Info                  CSI    000021c6 [SR] Beginning Verify and Repair transaction
2018-01-02 09:52:01, Info                  CSI    00002247 [SR] Verify complete
2018-01-02 09:52:01, Info                  CSI    00002248 [SR] Verifying 100 components
2018-01-02 09:52:01, Info                  CSI    00002249 [SR] Beginning Verify and Repair transaction
2018-01-02 09:52:08, Info                  CSI    000022b6 [SR] Verify complete
2018-01-02 09:52:08, Info                  CSI    000022b7 [SR] Verifying 100 components
2018-01-02 09:52:08, Info                  CSI    000022b8 [SR] Beginning Verify and Repair transaction
2018-01-02 09:52:23, Info                  CSI    00002326 [SR] Verify complete
2018-01-02 09:52:23, Info                  CSI    00002327 [SR] Verifying 100 components
2018-01-02 09:52:23, Info                  CSI    00002328 [SR] Beginning Verify and Repair transaction
2018-01-02 09:52:47, Info                  CSI    000023fa [SR] Verify complete
2018-01-02 09:52:47, Info                  CSI    000023fb [SR] Verifying 100 components
2018-01-02 09:52:47, Info                  CSI    000023fc [SR] Beginning Verify and Repair transaction
2018-01-02 09:52:55, Info                  CSI    0000246d [SR] Verify complete
2018-01-02 09:52:55, Info                  CSI    0000246e [SR] Verifying 100 components
2018-01-02 09:52:55, Info                  CSI    0000246f [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:04, Info                  CSI    000024dd [SR] Verify complete
2018-01-02 09:53:04, Info                  CSI    000024de [SR] Verifying 100 components
2018-01-02 09:53:04, Info                  CSI    000024df [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:13, Info                  CSI    0000254b [SR] Verify complete
2018-01-02 09:53:13, Info                  CSI    0000254c [SR] Verifying 100 components
2018-01-02 09:53:13, Info                  CSI    0000254d [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:24, Info                  CSI    000025c2 [SR] Verify complete
2018-01-02 09:53:24, Info                  CSI    000025c3 [SR] Verifying 100 components
2018-01-02 09:53:24, Info                  CSI    000025c4 [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:33, Info                  CSI    0000262e [SR] Verify complete
2018-01-02 09:53:33, Info                  CSI    0000262f [SR] Verifying 100 components
2018-01-02 09:53:33, Info                  CSI    00002630 [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:47, Info                  CSI    000026a2 [SR] Verify complete
2018-01-02 09:53:47, Info                  CSI    000026a3 [SR] Verifying 100 components
2018-01-02 09:53:47, Info                  CSI    000026a4 [SR] Beginning Verify and Repair transaction
2018-01-02 09:53:56, Info                  CSI    00002722 [SR] Verify complete
2018-01-02 09:53:56, Info                  CSI    00002723 [SR] Verifying 100 components
2018-01-02 09:53:56, Info                  CSI    00002724 [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:03, Info                  CSI    0000279c [SR] Verify complete
2018-01-02 09:54:03, Info                  CSI    0000279d [SR] Verifying 100 components
2018-01-02 09:54:03, Info                  CSI    0000279e [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:13, Info                  CSI    0000280e [SR] Verify complete
2018-01-02 09:54:13, Info                  CSI    0000280f [SR] Verifying 100 components
2018-01-02 09:54:13, Info                  CSI    00002810 [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:25, Info                  CSI    0000289c [SR] Verify complete
2018-01-02 09:54:26, Info                  CSI    0000289d [SR] Verifying 100 components
2018-01-02 09:54:26, Info                  CSI    0000289e [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:35, Info                  CSI    0000296d [SR] Verify complete
2018-01-02 09:54:35, Info                  CSI    0000296e [SR] Verifying 100 components
2018-01-02 09:54:35, Info                  CSI    0000296f [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:45, Info                  CSI    000029e2 [SR] Verify complete
2018-01-02 09:54:46, Info                  CSI    000029e3 [SR] Verifying 100 components
2018-01-02 09:54:46, Info                  CSI    000029e4 [SR] Beginning Verify and Repair transaction
2018-01-02 09:54:52, Info                  CSI    00002a49 [SR] Verify complete
2018-01-02 09:54:52, Info                  CSI    00002a4a [SR] Verifying 100 components
2018-01-02 09:54:52, Info                  CSI    00002a4b [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:04, Info                  CSI    00002abc [SR] Verify complete
2018-01-02 09:55:04, Info                  CSI    00002abd [SR] Verifying 100 components
2018-01-02 09:55:04, Info                  CSI    00002abe [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:15, Info                  CSI    00002b38 [SR] Verify complete
2018-01-02 09:55:15, Info                  CSI    00002b39 [SR] Verifying 100 components
2018-01-02 09:55:15, Info                  CSI    00002b3a [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:22, Info                  CSI    00002bae [SR] Verify complete
2018-01-02 09:55:22, Info                  CSI    00002baf [SR] Verifying 100 components
2018-01-02 09:55:22, Info                  CSI    00002bb0 [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:31, Info                  CSI    00002c21 [SR] Verify complete
2018-01-02 09:55:32, Info                  CSI    00002c22 [SR] Verifying 100 components
2018-01-02 09:55:32, Info                  CSI    00002c23 [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:46, Info                  CSI    00002c9b [SR] Verify complete
2018-01-02 09:55:46, Info                  CSI    00002c9c [SR] Verifying 100 components
2018-01-02 09:55:46, Info                  CSI    00002c9d [SR] Beginning Verify and Repair transaction
2018-01-02 09:55:56, Info                  CSI    00002d15 [SR] Verify complete
2018-01-02 09:55:56, Info                  CSI    00002d16 [SR] Verifying 100 components
2018-01-02 09:55:56, Info                  CSI    00002d17 [SR] Beginning Verify and Repair transaction
2018-01-02 09:56:08, Info                  CSI    00002d7e [SR] Verify complete
2018-01-02 09:56:08, Info                  CSI    00002d7f [SR] Verifying 100 components
2018-01-02 09:56:08, Info                  CSI    00002d80 [SR] Beginning Verify and Repair transaction
2018-01-02 09:56:19, Info                  CSI    00002de9 [SR] Verify complete
2018-01-02 09:56:19, Info                  CSI    00002dea [SR] Verifying 100 components
2018-01-02 09:56:19, Info                  CSI    00002deb [SR] Beginning Verify and Repair transaction
2018-01-02 09:56:36, Info                  CSI    00002e9b [SR] Verify complete
2018-01-02 09:56:36, Info                  CSI    00002e9c [SR] Verifying 100 components
2018-01-02 09:56:36, Info                  CSI    00002e9d [SR] Beginning Verify and Repair transaction
2018-01-02 09:56:50, Info                  CSI    00002f18 [SR] Verify complete
2018-01-02 09:56:50, Info                  CSI    00002f19 [SR] Verifying 100 components
2018-01-02 09:56:50, Info                  CSI    00002f1a [SR] Beginning Verify and Repair transaction
2018-01-02 09:56:59, Info                  CSI    00002f87 [SR] Verify complete
2018-01-02 09:56:59, Info                  CSI    00002f88 [SR] Verifying 100 components
2018-01-02 09:56:59, Info                  CSI    00002f89 [SR] Beginning Verify and Repair transaction
2018-01-02 09:57:08, Info                  CSI    00002fff [SR] Verify complete
2018-01-02 09:57:08, Info                  CSI    00003000 [SR] Verifying 100 components
2018-01-02 09:57:08, Info                  CSI    00003001 [SR] Beginning Verify and Repair transaction
2018-01-02 09:57:20, Info                  CSI    00003074 [SR] Verify complete
2018-01-02 09:57:20, Info                  CSI    00003075 [SR] Verifying 100 components
2018-01-02 09:57:20, Info                  CSI    00003076 [SR] Beginning Verify and Repair transaction
2018-01-02 09:57:30, Info                  CSI    000030e9 [SR] Verify complete
2018-01-02 09:57:30, Info                  CSI    000030ea [SR] Verifying 100 components
2018-01-02 09:57:30, Info                  CSI    000030eb [SR] Beginning Verify and Repair transaction
2018-01-02 09:57:38, Info                  CSI    00003154 [SR] Verify complete
2018-01-02 09:57:38, Info                  CSI    00003155 [SR] Verifying 100 components
2018-01-02 09:57:38, Info                  CSI    00003156 [SR] Beginning Verify and Repair transaction
2018-01-02 09:57:52, Info                  CSI    000031cc [SR] Verify complete
2018-01-02 09:57:52, Info                  CSI    000031cd [SR] Verifying 100 components
2018-01-02 09:57:52, Info                  CSI    000031ce [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:01, Info                  CSI    00003248 [SR] Verify complete
2018-01-02 09:58:01, Info                  CSI    00003249 [SR] Verifying 100 components
2018-01-02 09:58:01, Info                  CSI    0000324a [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:10, Info                  CSI    000032bf [SR] Verify complete
2018-01-02 09:58:10, Info                  CSI    000032c0 [SR] Verifying 100 components
2018-01-02 09:58:10, Info                  CSI    000032c1 [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:18, Info                  CSI    00003337 [SR] Verify complete
2018-01-02 09:58:18, Info                  CSI    00003338 [SR] Verifying 100 components
2018-01-02 09:58:18, Info                  CSI    00003339 [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:26, Info                  CSI    000033a5 [SR] Verify complete
2018-01-02 09:58:26, Info                  CSI    000033a6 [SR] Verifying 100 components
2018-01-02 09:58:26, Info                  CSI    000033a7 [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:35, Info                  CSI    0000340e [SR] Verify complete
2018-01-02 09:58:36, Info                  CSI    0000340f [SR] Verifying 100 components
2018-01-02 09:58:36, Info                  CSI    00003410 [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:46, Info                  CSI    00003477 [SR] Verify complete
2018-01-02 09:58:46, Info                  CSI    00003478 [SR] Verifying 100 components
2018-01-02 09:58:46, Info                  CSI    00003479 [SR] Beginning Verify and Repair transaction
2018-01-02 09:58:58, Info                  CSI    000034e0 [SR] Verify complete
2018-01-02 09:58:58, Info                  CSI    000034e1 [SR] Verifying 100 components
2018-01-02 09:58:58, Info                  CSI    000034e2 [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:12, Info                  CSI    00003568 [SR] Verify complete
2018-01-02 09:59:12, Info                  CSI    00003569 [SR] Verifying 100 components
2018-01-02 09:59:12, Info                  CSI    0000356a [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:26, Info                  CSI    00003666 [SR] Verify complete
2018-01-02 09:59:26, Info                  CSI    00003667 [SR] Verifying 100 components
2018-01-02 09:59:26, Info                  CSI    00003668 [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:36, Info                  CSI    000036ee [SR] Verify complete
2018-01-02 09:59:36, Info                  CSI    000036ef [SR] Verifying 100 components
2018-01-02 09:59:36, Info                  CSI    000036f0 [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:42, Info                  CSI    00003755 [SR] Verify complete
2018-01-02 09:59:42, Info                  CSI    00003756 [SR] Verifying 100 components
2018-01-02 09:59:42, Info                  CSI    00003757 [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:50, Info                  CSI    000037bc [SR] Verify complete
2018-01-02 09:59:50, Info                  CSI    000037bd [SR] Verifying 100 components
2018-01-02 09:59:50, Info                  CSI    000037be [SR] Beginning Verify and Repair transaction
2018-01-02 09:59:58, Info                  CSI    00003823 [SR] Verify complete
2018-01-02 09:59:58, Info                  CSI    00003824 [SR] Verifying 100 components
2018-01-02 09:59:58, Info                  CSI    00003825 [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:05, Info                  CSI    0000388b [SR] Verify complete
2018-01-02 10:00:05, Info                  CSI    0000388c [SR] Verifying 100 components
2018-01-02 10:00:05, Info                  CSI    0000388d [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:13, Info                  CSI    000038f2 [SR] Verify complete
2018-01-02 10:00:13, Info                  CSI    000038f3 [SR] Verifying 100 components
2018-01-02 10:00:13, Info                  CSI    000038f4 [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:21, Info                  CSI    00003959 [SR] Verify complete
2018-01-02 10:00:21, Info                  CSI    0000395a [SR] Verifying 100 components
2018-01-02 10:00:21, Info                  CSI    0000395b [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:29, Info                  CSI    000039c0 [SR] Verify complete
2018-01-02 10:00:29, Info                  CSI    000039c1 [SR] Verifying 100 components
2018-01-02 10:00:29, Info                  CSI    000039c2 [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:36, Info                  CSI    00003a27 [SR] Verify complete
2018-01-02 10:00:36, Info                  CSI    00003a28 [SR] Verifying 100 components
2018-01-02 10:00:36, Info                  CSI    00003a29 [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:42, Info                  CSI    00003aaf [SR] Verify complete
2018-01-02 10:00:42, Info                  CSI    00003ab0 [SR] Verifying 100 components
2018-01-02 10:00:42, Info                  CSI    00003ab1 [SR] Beginning Verify and Repair transaction
2018-01-02 10:00:50, Info                  CSI    00003b1c [SR] Verify complete
2018-01-02 10:00:50, Info                  CSI    00003b1d [SR] Verifying 100 components
2018-01-02 10:00:50, Info                  CSI    00003b1e [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:07, Info                  CSI    00003b83 [SR] Verify complete
2018-01-02 10:01:07, Info                  CSI    00003b84 [SR] Verifying 100 components
2018-01-02 10:01:07, Info                  CSI    00003b85 [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:21, Info                  CSI    00003bea [SR] Verify complete
2018-01-02 10:01:21, Info                  CSI    00003beb [SR] Verifying 100 components
2018-01-02 10:01:21, Info                  CSI    00003bec [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:26, Info                  CSI    00003c51 [SR] Verify complete
2018-01-02 10:01:26, Info                  CSI    00003c52 [SR] Verifying 100 components
2018-01-02 10:01:26, Info                  CSI    00003c53 [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:32, Info                  CSI    00003cb9 [SR] Verify complete
2018-01-02 10:01:32, Info                  CSI    00003cba [SR] Verifying 100 components
2018-01-02 10:01:32, Info                  CSI    00003cbb [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:40, Info                  CSI    00003d20 [SR] Verify complete
2018-01-02 10:01:40, Info                  CSI    00003d21 [SR] Verifying 100 components
2018-01-02 10:01:40, Info                  CSI    00003d22 [SR] Beginning Verify and Repair transaction
2018-01-02 10:01:54, Info                  CSI    00003d8e [SR] Verify complete
2018-01-02 10:01:54, Info                  CSI    00003d8f [SR] Verifying 100 components
2018-01-02 10:01:54, Info                  CSI    00003d90 [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:04, Info                  CSI    00003df9 [SR] Verify complete
2018-01-02 10:02:04, Info                  CSI    00003dfa [SR] Verifying 100 components
2018-01-02 10:02:04, Info                  CSI    00003dfb [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:09, Info                  CSI    00003e60 [SR] Verify complete
2018-01-02 10:02:09, Info                  CSI    00003e61 [SR] Verifying 100 components
2018-01-02 10:02:09, Info                  CSI    00003e62 [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:19, Info                  CSI    00003ed7 [SR] Verify complete
2018-01-02 10:02:19, Info                  CSI    00003ed8 [SR] Verifying 100 components
2018-01-02 10:02:19, Info                  CSI    00003ed9 [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:26, Info                  CSI    00003f44 [SR] Verify complete
2018-01-02 10:02:26, Info                  CSI    00003f45 [SR] Verifying 100 components
2018-01-02 10:02:26, Info                  CSI    00003f46 [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:32, Info                  CSI    00003fab [SR] Verify complete
2018-01-02 10:02:32, Info                  CSI    00003fac [SR] Verifying 100 components
2018-01-02 10:02:32, Info                  CSI    00003fad [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:37, Info                  CSI    00004012 [SR] Verify complete
2018-01-02 10:02:37, Info                  CSI    00004013 [SR] Verifying 100 components
2018-01-02 10:02:37, Info                  CSI    00004014 [SR] Beginning Verify and Repair transaction
2018-01-02 10:02:53, Info                  CSI    0000407c [SR] Verify complete
2018-01-02 10:02:53, Info                  CSI    0000407d [SR] Verifying 100 components
2018-01-02 10:02:53, Info                  CSI    0000407e [SR] Beginning Verify and Repair transaction
2018-01-02 10:03:10, Info                  CSI    000040ff [SR] Verify complete
2018-01-02 10:03:10, Info                  CSI    00004100 [SR] Verifying 100 components
2018-01-02 10:03:10, Info                  CSI    00004101 [SR] Beginning Verify and Repair transaction
2018-01-02 10:03:19, Info                  CSI    0000416a [SR] Verify complete
2018-01-02 10:03:19, Info                  CSI    0000416b [SR] Verifying 100 components
2018-01-02 10:03:19, Info                  CSI    0000416c [SR] Beginning Verify and Repair transaction
2018-01-02 10:03:28, Info                  CSI    000041e3 [SR] Verify complete
2018-01-02 10:03:28, Info                  CSI    000041e4 [SR] Verifying 100 components
2018-01-02 10:03:28, Info                  CSI    000041e5 [SR] Beginning Verify and Repair transaction
2018-01-02 10:03:38, Info                  CSI    0000425f [SR] Verify complete
2018-01-02 10:03:38, Info                  CSI    00004260 [SR] Verifying 100 components
2018-01-02 10:03:38, Info                  CSI    00004261 [SR] Beginning Verify and Repair transaction
2018-01-02 10:03:49, Info                  CSI    000042ca [SR] Verify complete
2018-01-02 10:03:49, Info                  CSI    000042cb [SR] Verifying 100 components
2018-01-02 10:03:49, Info                  CSI    000042cc [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:02, Info                  CSI    00004343 [SR] Verify complete
2018-01-02 10:04:02, Info                  CSI    00004344 [SR] Verifying 100 components
2018-01-02 10:04:02, Info                  CSI    00004345 [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:15, Info                  CSI    000043ae [SR] Verify complete
2018-01-02 10:04:15, Info                  CSI    000043af [SR] Verifying 100 components
2018-01-02 10:04:15, Info                  CSI    000043b0 [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:19, Info                  CSI    00004415 [SR] Verify complete
2018-01-02 10:04:19, Info                  CSI    00004416 [SR] Verifying 100 components
2018-01-02 10:04:19, Info                  CSI    00004417 [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:23, Info                  CSI    0000447c [SR] Verify complete
2018-01-02 10:04:23, Info                  CSI    0000447d [SR] Verifying 100 components
2018-01-02 10:04:23, Info                  CSI    0000447e [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:36, Info                  CSI    000044f7 [SR] Verify complete
2018-01-02 10:04:36, Info                  CSI    000044f8 [SR] Verifying 100 components
2018-01-02 10:04:36, Info                  CSI    000044f9 [SR] Beginning Verify and Repair transaction
2018-01-02 10:04:46, Info                  CSI    00004561 [SR] Verify complete
2018-01-02 10:04:46, Info                  CSI    00004562 [SR] Verifying 100 components
2018-01-02 10:04:46, Info                  CSI    00004563 [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:01, Info                  CSI    00004618 [SR] Verify complete
2018-01-02 10:05:01, Info                  CSI    00004619 [SR] Verifying 100 components
2018-01-02 10:05:01, Info                  CSI    0000461a [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:12, Info                  CSI    00004684 [SR] Verify complete
2018-01-02 10:05:12, Info                  CSI    00004685 [SR] Verifying 100 components
2018-01-02 10:05:12, Info                  CSI    00004686 [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:25, Info                  CSI    000046f7 [SR] Verify complete
2018-01-02 10:05:25, Info                  CSI    000046f8 [SR] Verifying 100 components
2018-01-02 10:05:25, Info                  CSI    000046f9 [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:36, Info                  CSI    0000476d [SR] Verify complete
2018-01-02 10:05:36, Info                  CSI    0000476e [SR] Verifying 100 components
2018-01-02 10:05:36, Info                  CSI    0000476f [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:48, Info                  CSI    0000482b [SR] Verify complete
2018-01-02 10:05:48, Info                  CSI    0000482c [SR] Verifying 100 components
2018-01-02 10:05:48, Info                  CSI    0000482d [SR] Beginning Verify and Repair transaction
2018-01-02 10:05:58, Info                  CSI    0000489a [SR] Verify complete
2018-01-02 10:05:58, Info                  CSI    0000489b [SR] Verifying 100 components
2018-01-02 10:05:58, Info                  CSI    0000489c [SR] Beginning Verify and Repair transaction
2018-01-02 10:06:13, Info                  CSI    00004913 [SR] Verify complete
2018-01-02 10:06:13, Info                  CSI    00004914 [SR] Verifying 100 components
2018-01-02 10:06:13, Info                  CSI    00004915 [SR] Beginning Verify and Repair transaction
2018-01-02 10:06:25, Info                  CSI    0000498e [SR] Verify complete
2018-01-02 10:06:25, Info                  CSI    0000498f [SR] Verifying 100 components
2018-01-02 10:06:25, Info                  CSI    00004990 [SR] Beginning Verify and Repair transaction
2018-01-02 10:06:40, Info                  CSI    00004a00 [SR] Verify complete
2018-01-02 10:06:40, Info                  CSI    00004a01 [SR] Verifying 100 components
2018-01-02 10:06:40, Info                  CSI    00004a02 [SR] Beginning Verify and Repair transaction
2018-01-02 10:06:52, Info                  CSI    00004a78 [SR] Verify complete
2018-01-02 10:06:52, Info                  CSI    00004a79 [SR] Verifying 100 components
2018-01-02 10:06:52, Info                  CSI    00004a7a [SR] Beginning Verify and Repair transaction
2018-01-02 10:07:05, Info                  CSI    00004ae2 [SR] Verify complete
2018-01-02 10:07:05, Info                  CSI    00004ae3 [SR] Verifying 100 components
2018-01-02 10:07:05, Info                  CSI    00004ae4 [SR] Beginning Verify and Repair transaction
2018-01-02 10:07:25, Info                  CSI    00004c3b [SR] Verify complete
2018-01-02 10:07:25, Info                  CSI    00004c3c [SR] Verifying 100 components
2018-01-02 10:07:25, Info                  CSI    00004c3d [SR] Beginning Verify and Repair transaction
2018-01-02 10:07:38, Info                  CSI    00004ca3 [SR] Verify complete
2018-01-02 10:07:38, Info                  CSI    00004ca4 [SR] Verifying 100 components
2018-01-02 10:07:38, Info                  CSI    00004ca5 [SR] Beginning Verify and Repair transaction
2018-01-02 10:07:46, Info                  CSI    00004d0a [SR] Verify complete
2018-01-02 10:07:47, Info                  CSI    00004d0b [SR] Verifying 100 components
2018-01-02 10:07:47, Info                  CSI    00004d0c [SR] Beginning Verify and Repair transaction
2018-01-02 10:07:54, Info                  CSI    00004d78 [SR] Verify complete
2018-01-02 10:07:55, Info                  CSI    00004d79 [SR] Verifying 100 components
2018-01-02 10:07:55, Info                  CSI    00004d7a [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:03, Info                  CSI    00004e17 [SR] Verify complete
2018-01-02 10:08:03, Info                  CSI    00004e18 [SR] Verifying 100 components
2018-01-02 10:08:03, Info                  CSI    00004e19 [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:12, Info                  CSI    00004ec1 [SR] Verify complete
2018-01-02 10:08:12, Info                  CSI    00004ec2 [SR] Verifying 100 components
2018-01-02 10:08:12, Info                  CSI    00004ec3 [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:23, Info                  CSI    00004f36 [SR] Verify complete
2018-01-02 10:08:23, Info                  CSI    00004f37 [SR] Verifying 100 components
2018-01-02 10:08:23, Info                  CSI    00004f38 [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:31, Info                  CSI    00004f9e [SR] Verify complete
2018-01-02 10:08:31, Info                  CSI    00004f9f [SR] Verifying 100 components
2018-01-02 10:08:31, Info                  CSI    00004fa0 [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:42, Info                  CSI    00005057 [SR] Verify complete
2018-01-02 10:08:42, Info                  CSI    00005058 [SR] Verifying 100 components
2018-01-02 10:08:42, Info                  CSI    00005059 [SR] Beginning Verify and Repair transaction
2018-01-02 10:08:51, Info                  CSI    000050e8 [SR] Verify complete
2018-01-02 10:08:51, Info                  CSI    000050e9 [SR] Verifying 100 components
2018-01-02 10:08:51, Info                  CSI    000050ea [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:00, Info                  CSI    00005159 [SR] Verify complete
2018-01-02 10:09:00, Info                  CSI    0000515a [SR] Verifying 100 components
2018-01-02 10:09:00, Info                  CSI    0000515b [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:10, Info                  CSI    000051cd [SR] Verify complete
2018-01-02 10:09:10, Info                  CSI    000051ce [SR] Verifying 100 components
2018-01-02 10:09:10, Info                  CSI    000051cf [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:20, Info                  CSI    00005237 [SR] Verify complete
2018-01-02 10:09:20, Info                  CSI    00005238 [SR] Verifying 100 components
2018-01-02 10:09:20, Info                  CSI    00005239 [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:29, Info                  CSI    000052a6 [SR] Verify complete
2018-01-02 10:09:29, Info                  CSI    000052a7 [SR] Verifying 100 components
2018-01-02 10:09:29, Info                  CSI    000052a8 [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:38, Info                  CSI    0000530f [SR] Verify complete
2018-01-02 10:09:38, Info                  CSI    00005310 [SR] Verifying 100 components
2018-01-02 10:09:38, Info                  CSI    00005311 [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:46, Info                  CSI    00005379 [SR] Verify complete
2018-01-02 10:09:46, Info                  CSI    0000537a [SR] Verifying 100 components
2018-01-02 10:09:46, Info                  CSI    0000537b [SR] Beginning Verify and Repair transaction
2018-01-02 10:09:52, Info                  CSI    000053e0 [SR] Verify complete
2018-01-02 10:09:52, Info                  CSI    000053e1 [SR] Verifying 100 components
2018-01-02 10:09:52, Info                  CSI    000053e2 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:04, Info                  CSI    00005455 [SR] Verify complete
2018-01-02 10:10:04, Info                  CSI    00005456 [SR] Verifying 100 components
2018-01-02 10:10:04, Info                  CSI    00005457 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:12, Info                  CSI    000054c7 [SR] Verify complete
2018-01-02 10:10:12, Info                  CSI    000054c8 [SR] Verifying 100 components
2018-01-02 10:10:12, Info                  CSI    000054c9 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:23, Info                  CSI    00005535 [SR] Verify complete
2018-01-02 10:10:23, Info                  CSI    00005536 [SR] Verifying 100 components
2018-01-02 10:10:23, Info                  CSI    00005537 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:30, Info                  CSI    0000559d [SR] Verify complete
2018-01-02 10:10:30, Info                  CSI    0000559e [SR] Verifying 100 components
2018-01-02 10:10:30, Info                  CSI    0000559f [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:38, Info                  CSI    00005607 [SR] Verify complete
2018-01-02 10:10:39, Info                  CSI    00005608 [SR] Verifying 100 components
2018-01-02 10:10:39, Info                  CSI    00005609 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:47, Info                  CSI    00005671 [SR] Verify complete
2018-01-02 10:10:47, Info                  CSI    00005672 [SR] Verifying 100 components
2018-01-02 10:10:47, Info                  CSI    00005673 [SR] Beginning Verify and Repair transaction
2018-01-02 10:10:57, Info                  CSI    000056dc [SR] Verify complete
2018-01-02 10:10:57, Info                  CSI    000056dd [SR] Verifying 100 components
2018-01-02 10:10:57, Info                  CSI    000056de [SR] Beginning Verify and Repair transaction
2018-01-02 10:11:08, Info                  CSI    00005745 [SR] Verify complete
2018-01-02 10:11:09, Info                  CSI    00005746 [SR] Verifying 100 components
2018-01-02 10:11:09, Info                  CSI    00005747 [SR] Beginning Verify and Repair transaction
2018-01-02 10:11:15, Info                  CSI    000057ad [SR] Verify complete
2018-01-02 10:11:15, Info                  CSI    000057ae [SR] Verifying 100 components
2018-01-02 10:11:15, Info                  CSI    000057af [SR] Beginning Verify and Repair transaction
2018-01-02 10:11:20, Info                  CSI    00005814 [SR] Verify complete
2018-01-02 10:11:20, Info                  CSI    00005815 [SR] Verifying 79 components
2018-01-02 10:11:20, Info                  CSI    00005816 [SR] Beginning Verify and Repair transaction
2018-01-02 10:11:28, Info                  CSI    00005866 [SR] Verify complete
2018-01-02 10:11:28, Info                  CSI    00005867 [SR] Repairing 0 components
2018-01-02 10:11:28, Info                  CSI    00005868 [SR] Beginning Verify and Repair transaction
2018-01-02 10:11:28, Info                  CSI    00005869 [SR] Repair complete
 

 

Here's the first VEW file:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 02/01/2018 10:24:06

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/01/2018 16:31:49
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 12/12/2017 11:33:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 23/09/2017 20:31:58
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 16/09/2017 07:57:56
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 31/08/2017 11:01:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 19/08/2017 15:06:24
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 16/08/2017 11:29:56
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 27/07/2017 08:17:38
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/01/2018 09:43:25
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 02/01/2018 09:43:13
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Tower\Owner SID (S-1-5-21-857570284-1745001965-2900836374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 02/01/2018 09:33:40
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 02/01/2018 09:33:40
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Log: 'System' Date/Time: 02/01/2018 09:33:09
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.

Log: 'System' Date/Time: 02/01/2018 08:35:46
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 02/01/2018 08:33:52
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Tower\Owner SID (S-1-5-21-857570284-1745001965-2900836374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 02/01/2018 08:25:38
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 02/01/2018 08:25:38
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Log: 'System' Date/Time: 02/01/2018 08:25:03
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.

Log: 'System' Date/Time: 01/01/2018 16:38:38
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Tower\Owner SID (S-1-5-21-857570284-1745001965-2900836374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 01/01/2018 16:37:26
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 01/01/2018 16:34:43
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 01/01/2018 16:33:33
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 01/01/2018 16:33:33
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Log: 'System' Date/Time: 01/01/2018 16:32:44
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The CldFlt service failed to start due to the following error:  The request is not supported.

Log: 'System' Date/Time: 01/01/2018 16:32:50
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 15:52:15 on ?01/?01/?2018 was unexpected.

Log: 'System' Date/Time: 01/01/2018 16:28:17
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 01/01/2018 11:15:53
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 01/01/2018 11:14:11
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  and APPID  {9BA05972-F6A8-11CF-A442-00A0C90A8F39}  to the user Tower\Owner SID (S-1-5-21-857570284-1745001965-2900836374-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 02/01/2018 09:33:09
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic&Prod_Storage_Device&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 02/01/2018 09:33:09
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Kingston&Prod_DataTraveler_2.0&Rev_1.00#C860008861F9CE10BA0724DF&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 02/01/2018 08:25:28
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/01/2018 08:25:03
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic&Prod_Storage_Device&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 02/01/2018 08:25:03
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Kingston&Prod_DataTraveler_2.0&Rev_1.00#C860008861F9CE10BA0724DF&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 17:10:36
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name fd-geoycpi-uno.gycpi.b.yahoodns.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 01/01/2018 16:32:41
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic&Prod_Storage_Device&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 16:32:41
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Kingston&Prod_DataTraveler_2.0&Rev_1.00#C860008861F9CE10BA0724DF&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 16:27:21
Type: Warning Category: 0
Event: 4101 Source: Display
Display driver nvlddmkm stopped responding and has successfully recovered.

Log: 'System' Date/Time: 01/01/2018 16:27:19
Type: Warning Category: 0
Event: 4101 Source: Display
Display driver nvlddmkm stopped responding and has successfully recovered.

Log: 'System' Date/Time: 01/01/2018 13:40:22
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name sb.scorecardresearch.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 01/01/2018 11:12:17
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Generic&Prod_Storage_Device&Rev_0.00#00000000000006&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 11:12:17
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Kingston&Prod_DataTraveler_2.0&Rev_1.00#C860008861F9CE10BA0724DF&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 11:12:17
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_Kingston&Prod_DataTraveler_2.0&Rev_1.00#C8600088637DCE10BA0824E0&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.

Log: 'System' Date/Time: 01/01/2018 11:12:07
Type: Warning Category: 0
Event: 158 Source: Disk
Disk 2 has the same disk identifiers as one or more disks connected to the system. Go to Microsoft's support website (http://support.microsoft.com) and search for KB2983588 to resolve the issue.

Log: 'System' Date/Time: 31/12/2017 17:37:56
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.facebook.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/12/2017 09:22:45
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name 55-trouter-neu-a.drip.trouter.io timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/12/2017 09:14:07
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/12/2017 08:27:20
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pr.comet.yahoo.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 31/12/2017 07:39:06
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

and here's the second:

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 02/01/2018 10:25:57

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 01/01/2018 16:29:44
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 6282

Log: 'Application' Date/Time: 01/01/2018 16:29:44
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 16:29:43
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 5282

Log: 'Application' Date/Time: 01/01/2018 16:29:43
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 5282

Log: 'Application' Date/Time: 01/01/2018 16:29:43
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 16:29:42
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 4266

Log: 'Application' Date/Time: 01/01/2018 16:29:42
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 4266

Log: 'Application' Date/Time: 01/01/2018 16:29:42
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 16:29:41
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 3250

Log: 'Application' Date/Time: 01/01/2018 16:29:41
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 3250

Log: 'Application' Date/Time: 01/01/2018 16:29:41
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 16:29:40
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 2235

Log: 'Application' Date/Time: 01/01/2018 16:29:40
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 2235

Log: 'Application' Date/Time: 01/01/2018 16:29:40
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 16:29:39
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 1032

Log: 'Application' Date/Time: 01/01/2018 16:29:39
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 1032

Log: 'Application' Date/Time: 01/01/2018 16:29:39
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 01/01/2018 11:34:36
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 29/12/2017 09:30:13
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 27/12/2017 14:51:48
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 02/01/2018 09:33:14
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 02/01/2018 08:25:14
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 01/01/2018 16:33:13
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 01/01/2018 11:12:25
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 31/12/2017 05:03:28
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 30/12/2017 22:08:04
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 30/12/2017 22:08:03
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 30/12/2017 09:09:30
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 29/12/2017 23:52:25
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 29/12/2017 09:05:14
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (5488) WebCacheLocal: The shadow header page of file C:\Users\Owner\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat was damaged. The primary header page (32768 bytes) was used instead.

Log: 'Application' Date/Time: 29/12/2017 09:04:27
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 28/12/2017 06:42:19
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 27/12/2017 13:59:53
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 26/12/2017 10:03:16
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 26/12/2017 10:02:41
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 26/12/2017 08:33:07
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 25/12/2017 23:14:23
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 25/12/2017 15:28:35
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Log: 'Application' Date/Time: 25/12/2017 15:27:06
Type: Warning Category: 0
Event: 2002 Source: NvStreamSvc
The event description cannot be found.

Log: 'Application' Date/Time: 25/12/2017 08:25:59
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

Regards

 

RSP

 

PS Apologies for the delay in replying, had a lot on my plate lately


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

Delays are no problem.  I do not keep track and I don't close inactive posts.

 

Open the services Manager:

See the following if you don't know how:

https://www.tenforum...ndows-10-a.html

 

Find:

 

Origin Client Service

 

Right click and select Properties.

 

STOP the service if it is running.

 

Change Startup Type:  to Manual

 

OK

 

Repeat for:
Origin Web Helper Service

 

Reboot. 

 

Is it any better?

 

Also let's see if we can figure out what is causing these errors:

 

Log: 'Application' Date/Time: 26/12/2017 10:02:41
Type: Warning Category: 0
Event: 0 Source: L
The event description cannot be found.

 

 

Download and save EventLogSource from :

 

https://www.nirsoft....cesview-x64.zip

 

This is a direct download so the page won't change.  Right click on the file and Extract All then right click on EventLogSourcesView.exe (which will be the third EventLogSourcesView file) and select Run As Admin.  Once it finishes looking for sources the screen will fill with a long list.  Click on Edit then Select All then File and Save Selected Items.  Save it to your desktop as ELS.txt and then attach it to your next reply.

Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

I see a problem with your nvidia driver.  You need to find the latest version.  It's possible your PC maker has one on his support site but most likely you will need to go to

 

http://www.nvidia.co...aspx?lang=en-us

 

If you don't know what you have then you can use option 2 which will download a program to check your system for nvidia products and recommend updates.


  • 0

#13
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I did services manager and Origin Client Service wasn't running and it was already on manual. Origin web helper Service neeed to be changed to manual though. I've restarted and things seems to be working nicely.

 

I think I've successfully attached the ELS file, we'll see what happens when I click on 'add reply'.

 

I did the second option on NVIDIA, which only required that I update Java, so I did, but apparently that might now be a problem with my Firefox (apparently they've withdrawn support after a certain date or version) - let's see what happens.

 

Regards

 

RSP

 

 

Attached Files

  • Attached File  ELS.txt   541.32KB   8 downloads

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,129 posts
  • MVP

Forgot to tell you:  Your version of Bonjour is not working on Win 10.  You need to uninstall it.

 

The Origin files are some sort of copy protection for some of your games.  There is a lot of chatter on the Internet about Origin slowing the PC to a crawl so perhaps that was the source of your problem. 

 

The ELS shows only that
    :

 

Event Source Name : LocationNotifications
Event Type        : Application
Messages Filename 1: C:\WINDOWS\System32\LocationNotifications.exe
Messages Filename 2:
Messages Filename 3:
Registry Modified Time: 14/07/2017 06:19:08
Missing Files     : Yes
Product Name      :
Company           :
File Description  :
File Version  

 

as missing files and starting with an L so I expect that's what the message was from.  It appears to be a mistake in Windows.  There is no

C:\WINDOWS\System32\LocationNotifications.exe

file on my Win 10 either.  There is a C:\WINDOWS\System32\LocationNotificationWindows.exe which does not show up in ELS so I expect they meant to point to it and typed it wrong and haven't noticed.  I went in and made a copy of C:\WINDOWS\System32\LocationNotificationWindows.exe and called it C:\WINDOWS\System32\LocationNotifications.exe and ELS is happy but I don't know if that would stop your L events or if it's worth playing with since it sounds like you are happy with the system now.

 

I haven't tried the Nvidia option 2 recently but last time I ran it you could force Firefox to let Java run.  Perhaps it would work with a different browser.  Have you tried IE?


  • 0

#15
RedSuedePump

RedSuedePump

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts

Hi,

 

I have binned Bonjour (whatever that was). I only have Origin because my daughter wanted to play SimCity, so I downloaded and installed. She doesn't seem that interested in it any more, so I might bin that as well.

 

Overall, I think things are much better now, I don't yet appear to have any problems with Firefox, but if I do, I might switch to IE. For some reason, I prefer Firefox (maybe I'm just used to it), are there other good reasons to switch to IE?

 

Regards

 

RSP


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP