Win 8 corrupt DISM/CBS- i think...

someguy · Dec 4, 2014

Howdy!
so I have been having trouble updating through windows update and also with updating windows defender on my win 8 laptop. also my screen flickers pretty often too- although am thinking that is probably a different, non-relative problem. So, what I've done so far is sfc /scannow and I have attached the CBS log, see attached file please. I also ran the DISM scanhealth and recoverhealth. I think this DISM log (see attached DISM log) is the correct log from that scanhealth because it didn't fix the 3 corrupt (payload corrupt) errors that I recall the scan found. Here are the corrupt files shown in that DISM log (payloads I guess- what are payloads in pc terms? btw):

Checking System Update Readiness.

(p) CSI Payload Corrupt amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16384_none_fd9c01be8b864efc\Amd64\CNBJ2530.DPB
(p) CSI Payload Corrupt amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB
(p) CSI Payload Corrupt amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.20531_none_fe58af2da47e1433\Amd64\CNBJ2530.DPB

Summary:
Operation: Detect only
Operation result: 0x0
Last Successful Step: CSI store detection completes.
Total Detected Corruption: 3
CBS Manifest Corruption: 0
CBS Metadata Corruption: 0
CSI Manifest Corruption: 0
CSI Metadata Corruption: 0
CSI Payload Corruption: 3
Total Repaired Corruption: 0
CBS Manifest Repaired: 0
CSI Manifest Repaired: 0
CSI Payload Repaired: 0
CSI Store Metadata refreshed: True

I ran the sfcfix and the results are pasted below
View attachment CBS (2).zip
SFCFix log:

SFCFix version 2.4.1.0 by niemiro.
Start time: 2014-12-04 07:29:15.853
Not using a script file.

AutoAnalysis::
FIXED: Performed DISM repair on file Amd64\CNBJ2530.DPB of version 6.2.9200.16430.

SUMMARY: All detected corruptions were successfully repaired.
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.
SFCFix version 2.4.1.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2014-12-04 08:03:55.702
----------------------EOF-----------------------

I am thinking to run the DISM scanhealth / recoverhealth again but not sure - the sfcfix said to post my results as I may need a manual script or something to fix it; some human help :)

Thank you in advance for your time and assistance! Greatly appreciated!!

someguy · Dec 4, 2014

I just tried running the following: (log file attached- btw is it easier for you guys if I insert the log files inline as opposed to attaching the file?)

Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to f
of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.lo
example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently
supported in offline servicing scenarios.

C:\Windows\system32>DISM /Online /Cleanup-Image /RestoreHealth

Deployment Image Servicing and Management tool
Version: 6.2.9200.16384

Image Version: 6.2.9200.16384

[==========================100.0%==========================]

Error: 0x80240021

DISM failed. No operation was performed.
For more information, review the log file.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32>

Go The Power · Dec 6, 2014

Hello and welcome.

Can you please upload the new copy of the CBS log?

Alex

someguy · Dec 6, 2014

Hello. Here is current cbs.log. From my research it seems maybe a ms update is to blame for my issue. The log lists quite a few KB's so my thought is to go through and remove each one by one and restart after each and see if it makes a difference. Thinking and hoping there's maybe a better way or a way to better diagnose.

Thank you.View attachment CBS.log

someguy · Dec 6, 2014

btw- i just read on one blog that it may be nothing but I don't think it is nothing because I am still unable to install ms updates. thank you so much for your time and assistance!

Go The Power · Dec 7, 2014

This one file has caused some issue's.

Code:

2014-12-03 09:03:07, Info                  CSI    000006d3 Hashes for file member \SystemRoot\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB do not match actual file [l:36{18}]"Amd64\CNBJ2530.DPB" :
  Found: {l:32 b:YOMVEPLtSqTR0va0cTTzu5mwyatQQRNBrOPwY43dF98=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=}
2014-12-03 09:03:07, Info                  CSI    000006d4 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.2.9200.16430, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-03 09:03:09, Info                  CSI    000006d5 Hashes for file member \SystemRoot\WinSxS\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB do not match actual file [l:36{18}]"Amd64\CNBJ2530.DPB" :
  Found: {l:32 b:YOMVEPLtSqTR0va0cTTzu5mwyatQQRNBrOPwY43dF98=} Expected: {l:32 b:n520k714Uu3utHa5JGQ6HQYbZphKhlMWq5pEmfnCDuw=}

Lets get it fixed up.

SFCFix Script

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

Download SFCFix.exe (by niemiro) and save this to your Desktop.
Download SFCFix.zip, and save this to your Desktop. Ensure that this file is named SFCFix.zip - do not rename it.
Save any open documents and close all open windows.
On your Desktop, you should see two files: SFCFix.exe and SFCFix.zip.
Drag the file SFCFix.zip onto the file SFCFix.exe and release it.
SFCFix will now process the script.
Upon completion, a file should be created on your Desktop: SFCFix.txt.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this file into your next post for me to analyse please - put [CODE][/CODE] tags around the log to break up the text.

SFC /SCANNOW

Right click on the

button
Click on Command prompt (Admin) => Press Yes on the prompt
Inside the Command Prompt windows copy and paste the following command SFC /SCANNOW
Please wait for this to Finish before continuing with rest of the steps.

Convert CBS.log to CBS.txt

Right click on the

button
Click on Run => Inside the run box copy and paste the following command:
Code:
```
cmd /c copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
```
Press Enter
Once this has completed please go to your Desktop and you will find CBS.txt => Please upload CBS.txt to this thread

Please Note:: if the file is too big to upload to you next post please upload via Dropbox or One Drive

someguy · Dec 7, 2014

Thank you! Ok, ran the SFCfix. here is log...

Code:

 SFCFix version 2.4.1.0 by niemiro.Start time: 2014-12-07 09:06:07.246
Using .zip script file at C:\Users\roger_000\Desktop\SFCFix.zip [0]








PowerCopy::
Successfully took permissions for file or folder C:\Windows\winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB


Line blocked (SFCFix.txt): "C:\Users\roger_000\AppData\Local\niemiro\Archive\SFCFix.txt" C:\Windows\SFCFix.txt.
Successfully copied file C:\Users\roger_000\AppData\Local\niemiro\Archive\winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB to C:\Windows\winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB.


Successfully restored ownership for C:\Windows\winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB
Successfully restored permissions on C:\Windows\winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.2.9200.16430_none_fdce12188b615b12\Amd64\CNBJ2530.DPB
PowerCopy:: directive completed successfully.








Successfully processed all directives.
SFCFix version 2.4.1.0 by niemiro has completed.
Currently storing 1 datablocks.
Finish time: 2014-12-07 09:06:09.109
Script hash: jhPpwM2oDtJwmw99ejphi3PN4pdFjqQOXy0sIsjeE6Q=
----------------------EOF-----------------------

someguy · Dec 7, 2014

Here is cbs log

Ran sfc /scannow - results= good! But am still having problems updating ms!!!

C:\Windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

Go The Power · Dec 8, 2014

Whats the error code you are getting?

Windows Update Log

Right click on the

button
Click on Run Inside the Run box copy and paste the following command
cmd /c copy %windir%\WindowsUpdate.log "%userprofile%\Desktop\WindowsUpdate.txt"
Please go to your desktop and attach WindowsUpdate.txt to your next post

someguy · Dec 8, 2014

Thank you! Here is windows update log. I've continually been trying to download and install win updates - currently have been running update all morning and it is still hanging on download. It's showing it is thinking/working through the GUI but not actually downloading- stuck @ 0% with 0 mb downloaded.

Go The Power · Dec 9, 2014

Please try this:

Software Distribution rename

Click Start -> Type in CMD in the search -> Right click on cmd.exe and choose Run as Administrator
Entre in the following commands:
net stop wuauserv
ren %SystemRoot%\SoftwareDistribution\Download DL.bak
ren %SystemRoot%\SoftwareDistribution\DataStore DS.bak
net start wuauserv

Once completed please try and run windows update again.

someguy · Dec 9, 2014

Ran ms update again and upon first opening update through control panel it showed green- no updates. I clicked "check for updates" and it froze. Closed it and reopened updates and clicked check for updates. This time found 80 updates ( as it did before ) and I clicked "install" and it's frozen again. I can't even go to the update window. I can alt+tab to it but it immediately minimizes the window and goes to another open window. Weird! I'm wondering now if I have a bug/virus/malware...
no new windows update log yet. will post it later tho...

Go The Power · Dec 10, 2014

Thank you, this is strange, Let me know once you have the WIndows Update log.

Can you also please post a copy of the Event log?

Event Log Viewer

Please download VEW.exe from Here and save it to your desktop.
Go to your desktop and right click on VEW.exe and choose Run as Administrator
Once open set the following settings
- 'Select log to query'
  1. Tick Application
  2. Tick System
- 'Select Type to list'
  1. Tick Critical
  2. Tick Error
  3. Tick Information
  4. Tick Warning
- 'Number or date events'
  1. Tick Number of Events and set it to 20
Click on Run
Once completed a notepad file will open. Please copy and paste the contents of VEW.txt back into this thread.

someguy · Dec 10, 2014

Thank you for your help thus far! I've attached the vew.log file.

someguy · Dec 10, 2014

Oh, and the current windows update log is here TY! Btw- how/where did you learn to be able to diagnose these logs??? I thought by looking up individual errors over time I would eventually learn and get better at diagnosing the logs and event viewer errors, etc. but I don't feel like I'm getting any better at it. Your thoughts/experience greatly appreciated!!!

Go The Power · Dec 13, 2014

Thank you.

The WIndows update log doesnt appear to have uploaded correctly it is listing the path as a location on the C drive.

Can you please upload it via Dropbox?

Btw- how/where did you learn to be able to diagnose these logs??? I thought by looking up individual errors over time I would eventually learn and get better at diagnosing the logs and event viewer errors, etc. but I don't feel like I'm getting any better at it. Your thoughts/experience greatly appreciated!!!

The event log (The one generated from vew.exe) I have learned by reading up on the errors. A lot of the error messages that appear inside this logs can be found on Technet or MSDN. But the information in these logs can often just be an overview as to what is going on, pinning down the issue can take some more work.

For example you need to have a look at the category, Event number and the source:

Code:

Log: 'System' Date/Time: 10/12/2014 1:32:11 PM
Type: Information Category: 33
Event: 131 Source: Microsoft-Windows-Kernel-Power
Firmware S3 times. ResumeCount: 2, FullResume: 175, AverageResume: 175

Then it is a case of researching what these mean.

With the errors inside the EventLog it is not always the case of looking at each of one to work out what is going on, most I will ignore unless an issue is present.

someguy · Dec 13, 2014

[FONT=arial, sans-serif]link to windows update log file here

thank you very much for sharing your experience and your tips/advice for reading logs. Much appreciated and helpful insight! Thanks!!![/FONT]

Go The Power · Dec 15, 2014

This seems to be the error that keeps on appearing

Code:

2014-12-13	07:23:06:419	1016	f08	DnldMgr	WARNING: Failed to get expected download size limit, hr:8007042c
2014-12-13	07:23:06:419	1016	f08	DnldMgr	***********  DnldMgr: New download job [UpdateId = {2CDD41F9-7E56-4FBB-9145-7E57F706E501}.1]  ***********
2014-12-13	07:23:06:419	1016	f08	Service	WARNING: CNetworkListManagerHelper | IsInternetConnectionAvailable | GetConnectivity failed, hr = 8007042c.
2014-12-13	07:23:06:419	1016	f08	Service	WARNING: CNetworkListManagerHelper | IsInternetConnectionAvailable | GetConnectivity failed, hr = 8007042c.
2014-12-13	07:29:06:514	1016	f08	DnldMgr	FATAL: BITS service was not fixed up and thus CCI was not reattempted. (hr = 80080005)
2014-12-13	07:29:06:514	1016	f08	DnldMgr	FATAL: Failed to connect to the BITS service; unable to start new downloads or interact with existing download jobs. (hr = 80080005)
2014-12-13	07:29:06:514	1016	f08	DnldMgr	FATAL: DM:CAgentDownloadManager::DownloadUpdate: pDownloadJob->Init failed with 0x80246008.
2014-12-13	07:29:06:514	1016	f08	DnldMgr	WARNING: Got error (hr = 80246008) starting update 0 in call 15. Notifying call.
2014-12-13	07:29:06:530	1016	f08	Service	WARNING: CNetworkListManagerHelper | IsInternetConnectionAvailable | GetConnectivity failed, hr = 8007042c.
2014-12-13	07:29:06:530	1016	f08	DnldMgr	Error 0x80246008 occurred while downloading update; notifying dependent calls.
2014-12-13	07:29:06:530	1016	12ac	AU	>>##  RESUMED  ## AU: Download update [UpdateId = {D90ACC09-FDB1-4AD9-8A8F-4BC2DC1207A9}]
2014-12-13	07:29:06:530	1016	12ac	AU	  # WARNING: Download failed, error = 0x80246008
2014-12-13	07:29:06:577	1016	f08	DnldMgr	WARNING: Extended error for reported error 80246008 = 80080005
2014-12-13	07:29:06:577	1016	f08	DnldMgr	WARNING: Extended error for reported error 80246008 = 80080005

These error's refer too

Code:

C:\Users\Alex\Desktop\~ENV>err 80080005
# for hex 0x80080005 / decimal -2146959355 :
  CO_E_SERVER_EXEC_FAILURE                                      winerror.h
# Server execution failed
# 1 matches found for "80080005"

Code:

C:\Users\Alex\Desktop\~ENV>err 8007042c
# as an HRESULT: Severity: FAILURE (1), Facility: 0x7, Code 0x42c
# for hex 0x42c / decimal 1068 :
  RES_SMB_SHARE_CANT_ADD                                        clusvmsg.h
  JET_wrnColumnSetNull                                          esent98.h
# /* Column set to NULL-value */
  SQL_1068_severity_16                                          sql_err
# Only one list of index hints per table is allowed.
  ERROR_SERVICE_DEPENDENCY_FAIL                                 winerror.h
# The dependency service or group failed to start.
# 4 matches found for "8007042c"

This looks like it might be a cause from the RPCSS service.

Please download OTL (by OldTimer) from the link below and save it to your Desktop.

Download Mirror #1

Disable all anti-virus and anti-malware software to prevent them inhibiting OTL in any way. If you are unsure how to do this, see THIS.
Double-click OTL.exe to run it.
Set every option to None -> Except for Services please set Services to All
Click Run Scan to start OTL.
When OTL finishes scanning, OTL.txt will open.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this logs into your next post please.

someguy · Dec 16, 2014

OTL Log:

Code:

OTL logfile created on: 12/16/2014 7:22:48 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\roger_000\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.87 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.70% Memory free
5.37 Gb Paging File | 3.27 Gb Available in Paging File | 60.95% Paging File free
Paging file location(s): c:\pagefile.sys 1536 6144 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 289.75 Gb Total Space | 25.08 Gb Free Space | 8.66% Space Free | Partition Type: NTFS
 
Computer Name: SAM | User Name: roger_000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Services (All) ==========
 
SRV:64bit: - [2014/10/01 05:53:44 | 003,286,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2013/10/30 21:56:24 | 000,915,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2013/10/10 01:21:20 | 001,160,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2013/10/10 01:20:43 | 000,723,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/08/26 21:21:27 | 000,227,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2013/08/15 21:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/15 21:22:11 | 004,917,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2013/07/12 22:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2013/07/01 16:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/27 22:46:34 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Disabled | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV:64bit: - [2013/06/24 14:54:52 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2013/06/24 14:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 01:23:06 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2013/06/01 01:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/06/01 01:19:42 | 000,785,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2013/05/16 05:52:36 | 000,066,048 | ---- | M] (Hewlett-Packard) [On_Demand | Stopped] -- C:\Windows\SysNative\HPZipm12.dll -- (Pml Driver HPZ12)
SRV:64bit: - [2013/05/16 05:52:32 | 000,050,688 | ---- | M] (Hewlett-Packard) [On_Demand | Stopped] -- C:\Windows\SysNative\HPZinw12.dll -- (Net Driver HPZ12)
SRV:64bit: - [2013/05/03 22:59:51 | 001,483,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2013/05/03 22:58:49 | 001,332,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2013/05/03 22:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/03 22:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 20:52:07 | 000,816,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2013/04/08 20:51:41 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2013/04/08 20:50:39 | 001,285,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2013/04/08 20:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/05 22:29:15 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2013/03/01 18:45:18 | 000,103,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2013/03/01 18:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 18:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 00:23:16 | 000,087,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2013/01/09 15:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 15:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/01/09 15:22:29 | 000,894,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/05 20:19:59 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2012/11/05 20:19:56 | 000,710,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2012/11/05 20:19:48 | 000,466,944 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2012/10/23 19:24:35 | 000,405,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2012/10/10 21:44:21 | 000,264,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2012/10/10 21:43:53 | 001,280,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2012/10/10 21:43:40 | 000,331,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/10/10 21:43:28 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2012/09/19 22:33:56 | 001,314,816 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2012/09/19 22:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2012/09/19 22:33:04 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/09/19 22:33:04 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umpnpmgr.dll -- (DeviceInstall)
SRV:64bit: - [2012/09/19 22:33:04 | 000,089,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2012/09/19 22:32:45 | 000,076,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2012/09/19 22:32:17 | 000,356,352 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2012/09/19 22:31:57 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2012/09/19 22:31:57 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2012/09/19 22:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/19 22:31:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2012/09/19 22:30:35 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2012/08/06 17:12:02 | 000,099,696 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AECLSr64.exe -- (AECLFilters)
SRV:64bit: - [2012/08/06 16:16:40 | 000,007,168 | ---- | M] (Cirrus Logic) [Auto | Stopped] -- c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe -- (CirrusAudioService)
SRV:64bit: - [2012/07/25 21:26:47 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/07/25 19:08:51 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2012/07/25 19:08:50 | 001,616,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2012/07/25 19:08:49 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2012/07/25 19:08:48 | 000,093,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2012/07/25 19:08:47 | 000,769,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2012/07/25 19:08:45 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2012/07/25 19:08:45 | 000,014,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2012/07/25 19:08:34 | 000,144,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2012/07/25 19:08:34 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2012/07/25 19:08:32 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2012/07/25 19:08:30 | 000,669,696 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2012/07/25 19:08:24 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2012/07/25 19:08:16 | 000,094,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2012/07/25 19:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2012/07/25 19:08:13 | 002,836,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2012/07/25 19:08:10 | 000,011,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2012/07/25 19:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/07/25 19:08:02 | 000,191,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2012/07/25 19:07:47 | 001,731,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2012/07/25 19:07:47 | 000,570,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2012/07/25 19:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 19:07:46 | 000,218,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2012/07/25 19:07:46 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2012/07/25 19:07:45 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2012/07/25 19:07:45 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2012/07/25 19:07:42 | 000,335,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2012/07/25 19:07:42 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2012/07/25 19:07:41 | 000,358,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2012/07/25 19:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 19:07:38 | 000,520,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2012/07/25 19:07:38 | 000,250,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2012/07/25 19:07:33 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2012/07/25 19:07:30 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/07/25 19:07:29 | 000,723,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2012/07/25 19:07:28 | 000,305,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2012/07/25 19:07:28 | 000,084,480 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2012/07/25 19:07:25 | 000,502,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2012/07/25 19:07:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2012/07/25 19:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 19:07:23 | 000,309,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2012/07/25 19:07:23 | 000,266,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2012/07/25 19:07:23 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2012/07/25 19:07:16 | 000,565,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2012/07/25 19:07:11 | 000,291,328 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2012/07/25 19:07:09 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2012/07/25 19:07:09 | 000,062,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2012/07/25 19:07:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2012/07/25 19:07:08 | 000,148,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2012/07/25 19:07:07 | 000,196,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2012/07/25 19:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2012/07/25 19:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2012/07/25 19:07:05 | 000,159,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2012/07/25 19:07:03 | 000,358,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2012/07/25 19:07:03 | 000,099,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2012/07/25 19:07:01 | 000,826,368 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2012/07/25 19:07:01 | 000,428,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2012/07/25 19:07:01 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2012/07/25 19:07:00 | 000,394,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2012/07/25 19:07:00 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2012/07/25 19:06:58 | 001,379,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2012/07/25 19:06:58 | 000,329,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2012/07/25 19:06:58 | 000,329,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2012/07/25 19:06:58 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2012/07/25 19:06:55 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2012/07/25 19:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 19:06:34 | 000,255,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2012/07/25 19:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 19:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 19:06:18 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2012/07/25 19:06:12 | 000,107,520 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2012/07/25 19:05:59 | 000,274,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2012/07/25 19:05:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2012/07/25 19:05:55 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2012/07/25 19:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 19:05:51 | 000,474,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2012/07/25 19:05:51 | 000,438,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2012/07/25 19:05:51 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2012/07/25 19:05:49 | 000,471,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2012/07/25 19:05:49 | 000,471,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2012/07/25 19:05:46 | 001,366,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2012/07/25 19:05:46 | 000,036,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2012/07/25 19:05:40 | 000,369,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2012/07/25 19:05:38 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2012/07/25 19:05:38 | 000,021,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2012/07/25 19:05:36 | 000,507,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/25 19:05:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2012/07/25 19:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 19:05:32 | 000,197,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2012/07/25 19:05:31 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2012/07/25 19:05:27 | 000,340,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2012/07/25 19:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 19:05:16 | 000,149,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2012/07/25 19:05:16 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2012/07/25 19:05:13 | 000,089,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2012/07/25 19:05:12 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/07/25 19:05:09 | 000,112,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2012/07/25 19:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:05:04 | 000,065,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2012/07/25 19:05:04 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 16:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/19 13:09:48 | 002,247,992 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2012/07/19 10:53:46 | 000,953,720 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012/04/20 11:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/12/02 22:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/24 07:55:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/08/26 14:29:16 | 000,199,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2013/05/15 14:36:15 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2013/04/08 13:52:16 | 000,670,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2013/02/28 17:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2013/02/26 01:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/02/26 01:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013/02/26 00:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/12/25 13:25:47 | 000,116,648 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2012/12/25 13:25:47 | 000,116,648 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2012/11/05 20:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/05 20:20:19 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2012/10/14 21:41:38 | 000,014,752 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2012/10/11 21:41:52 | 000,026,496 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2012/10/11 15:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/10/10 21:06:02 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2012/10/06 00:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/26 03:08:38 | 000,043,616 | R--- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2012/07/25 19:20:56 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2012/07/25 19:20:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2012/07/25 19:20:50 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2012/07/25 19:20:45 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2012/07/25 19:20:39 | 002,042,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2012/07/25 19:20:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2012/07/25 19:20:17 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2012/07/25 19:20:17 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2012/07/25 19:20:14 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2012/07/25 19:20:10 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2012/07/25 19:20:06 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2012/07/25 19:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 19:19:59 | 000,506,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2012/07/25 19:19:54 | 000,249,344 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2012/07/25 19:19:47 | 000,230,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2012/07/25 19:19:46 | 000,304,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2012/07/25 19:19:42 | 001,421,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2012/07/25 19:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2012/07/25 19:19:05 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2012/07/25 19:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2012/07/25 19:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 19:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2012/07/25 19:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2012/07/25 19:18:26 | 000,394,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2012/07/25 19:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/07/17 11:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 11:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/09 10:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/25 07:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 18:43:48 | 000,254,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
SRV - [2011/07/20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/06 16:17:24 | 000,028,144 | ---- | M] (Quest Software) [Disabled | Stopped] -- C:\Program Files (x86)\PacketTrap Networks\PacketTrap IT\ptagentservice.exe -- (PacketTrapItAgent)
SRV - [2011/05/06 16:17:22 | 000,028,144 | ---- | M] (Quest Software) [Disabled | Stopped] -- C:\Program Files (x86)\PacketTrap Networks\PacketTrap IT\ptserverservice.exe -- (PacketTrapItServer)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/10 12:18:22 | 000,000,000 | R--D | C] -- C:\Users\roger_000\Dropbox
[2014/12/09 07:45:42 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Local\VMware
[2014/12/09 07:45:37 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Roaming\VMware
[2014/12/09 07:40:45 | 000,000,000 | ---D | C] -- C:\Users\roger_000\Documents\Teamviewer
[2014/12/08 07:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/12/08 07:14:43 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/12/08 07:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/12/07 13:20:15 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/12/07 13:17:21 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Roaming\Dropbox
[2014/12/07 13:13:13 | 000,323,712 | ---- | C] (Dropbox, Inc.) -- C:\Users\roger_000\Desktop\DropboxInstaller.exe
[2014/12/07 09:01:23 | 001,400,832 | ---- | C] (niemiro) -- C:\Users\roger_000\Desktop\SFCFix.exe
[2014/12/04 21:45:28 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Local\Smilebox
[2014/12/04 21:45:11 | 000,000,000 | ---D | C] -- C:\Users\roger_000\Documents\My Smilebox Creations
[2014/12/04 21:40:15 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Roaming\Smilebox
[2014/12/04 11:25:39 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2014/12/04 08:03:55 | 000,000,000 | ---D | C] -- C:\SFCFix
[2014/12/04 07:29:12 | 000,000,000 | ---D | C] -- C:\Users\roger_000\AppData\Local\niemiro
[2014/11/28 23:06:57 | 000,000,000 | ---D | C] -- C:\Program Files\Temp File Cleaner
[2014/11/19 22:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2014/11/18 08:21:17 | 001,707,532 | ---- | C] (Thisisu) -- C:\Users\roger_000\Desktop\JRT_NEW.exe
[2014/11/16 18:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youda Sushi Chef
[2013/05/03 12:46:36 | 012,996,448 | ---- | C] (MPC-HC Team) -- C:\Program Files\mpc-hc64.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/16 04:53:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/15 11:00:29 | 418,296,796 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/12/15 11:00:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/15 11:00:27 | 3321,122,816 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/15 08:29:38 | 000,000,383 | ---- | M] () -- C:\Users\roger_000\Documents\Document.rtf
[2014/12/13 10:02:37 | 000,890,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/13 10:02:37 | 000,751,200 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/13 10:02:37 | 000,141,858 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/11 21:06:56 | 000,001,146 | ---- | M] () -- C:\Users\roger_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/12/11 21:06:47 | 000,001,028 | ---- | M] () -- C:\Users\roger_000\Desktop\Dropbox.lnk
[2014/12/10 20:19:46 | 000,373,248 | ---- | M] () -- C:\Users\roger_000\Documents\blank form_pobox_97-03cmptble_format_tmplate.dot
[2014/12/10 20:19:14 | 000,065,419 | ---- | M] () -- C:\Users\roger_000\Documents\blank form_pobox_97-03cmptble_format_tmplate.dotx
[2014/12/10 20:18:47 | 000,065,333 | ---- | M] () -- C:\Users\roger_000\Documents\blank form_pobox_docx_format_tmplate.dotx
[2014/12/10 05:34:10 | 000,061,440 | ---- | M] ( ) -- C:\Users\roger_000\Desktop\VEW.exe
[2014/12/09 14:36:53 | 000,000,310 | ---- | M] () -- C:\Users\roger_000\Documents\Randstad-Dec14.rtf
[2014/12/08 07:14:47 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/12/08 00:11:51 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-245734584-1491303904-1116496198-1004UA.job
[2014/12/08 00:11:51 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/08 00:11:51 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/08 00:11:51 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-245734584-1491303904-1116496198-1004Core.job
[2014/12/07 13:13:36 | 000,323,712 | ---- | M] (Dropbox, Inc.) -- C:\Users\roger_000\Desktop\DropboxInstaller.exe
[2014/12/07 09:03:00 | 001,379,713 | ---- | M] () -- C:\Users\roger_000\Desktop\SFCFix.zip
[2014/12/07 09:01:25 | 001,400,832 | ---- | M] (niemiro) -- C:\Users\roger_000\Desktop\SFCFix.exe
[2014/12/07 08:17:12 | 000,033,763 | ---- | M] () -- C:\Users\roger_000\Desktop\KBBs2remove.rtf
[2014/12/06 19:49:48 | 000,033,445 | ---- | M] () -- C:\Users\roger_000\Desktop\Backup of KBBs2remove.wbk
[2014/12/06 15:19:13 | 000,000,162 | -H-- | M] () -- C:\Users\roger_000\Desktop\~$Bs2remove.rtf
[2014/12/06 15:10:50 | 000,731,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/12/04 21:40:16 | 000,001,885 | ---- | M] () -- C:\Users\roger_000\Desktop\Smilebox.lnk
[2014/12/04 21:40:16 | 000,001,865 | ---- | M] () -- C:\Users\roger_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2014/12/04 10:36:52 | 000,001,207 | ---- | M] () -- C:\Users\roger_000\Desktop\cmd - Shortcut.lnk
[2014/12/03 21:40:26 | 000,000,000 | ---- | M] () -- C:\Windows\dism
[2014/11/28 23:06:58 | 000,000,842 | ---- | M] () -- C:\Users\roger_000\Desktop\Temp File Cleaner.lnk
[2014/11/28 20:52:44 | 000,000,862 | ---- | M] () -- C:\Windows\SysNative\termcap
[2014/11/21 20:12:36 | 000,000,157 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2014/11/19 22:05:49 | 000,001,291 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014/11/16 18:26:57 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2014/11/16 18:18:59 | 000,000,256 | ---- | M] () -- C:\Users\Public\Desktop\More Youda Games.url
[2014/11/16 18:18:58 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Youda Sushi Chef.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/12/15 08:29:38 | 000,000,383 | ---- | C] () -- C:\Users\roger_000\Documents\Document.rtf
[2014/12/13 10:08:36 | 418,296,796 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/12/10 20:19:42 | 000,373,248 | ---- | C] () -- C:\Users\roger_000\Documents\blank form_pobox_97-03cmptble_format_tmplate.dot
[2014/12/10 20:19:13 | 000,065,419 | ---- | C] () -- C:\Users\roger_000\Documents\blank form_pobox_97-03cmptble_format_tmplate.dotx
[2014/12/10 20:18:44 | 000,065,333 | ---- | C] () -- C:\Users\roger_000\Documents\blank form_pobox_docx_format_tmplate.dotx
[2014/12/10 12:18:23 | 000,001,028 | ---- | C] () -- C:\Users\roger_000\Desktop\Dropbox.lnk
[2014/12/10 05:34:09 | 000,061,440 | ---- | C] ( ) -- C:\Users\roger_000\Desktop\VEW.exe
[2014/12/09 14:36:52 | 000,000,310 | ---- | C] () -- C:\Users\roger_000\Documents\Randstad-Dec14.rtf
[2014/12/08 07:14:47 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/12/07 13:20:47 | 000,001,146 | ---- | C] () -- C:\Users\roger_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/12/07 09:02:59 | 001,379,713 | ---- | C] () -- C:\Users\roger_000\Desktop\SFCFix.zip
[2014/12/06 15:19:13 | 000,000,162 | -H-- | C] () -- C:\Users\roger_000\Desktop\~$Bs2remove.rtf
[2014/12/06 15:11:04 | 000,033,763 | ---- | C] () -- C:\Users\roger_000\Desktop\KBBs2remove.rtf
[2014/12/06 15:11:04 | 000,033,445 | ---- | C] () -- C:\Users\roger_000\Desktop\Backup of KBBs2remove.wbk
[2014/12/04 21:40:16 | 000,001,885 | ---- | C] () -- C:\Users\roger_000\Desktop\Smilebox.lnk
[2014/12/04 21:40:16 | 000,001,871 | ---- | C] () -- C:\Users\roger_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smilebox.lnk
[2014/12/04 21:40:16 | 000,001,865 | ---- | C] () -- C:\Users\roger_000\Application Data\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk
[2014/12/04 10:36:46 | 000,001,207 | ---- | C] () -- C:\Users\roger_000\Desktop\cmd - Shortcut.lnk
[2014/12/03 21:40:26 | 000,000,000 | ---- | C] () -- C:\Windows\dism
[2014/11/28 20:52:49 | 000,000,862 | ---- | C] () -- C:\Windows\SysNative\termcap
[2014/11/16 18:18:58 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Youda Sushi Chef.lnk
[2014/05/16 11:41:02 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2014/04/09 18:28:41 | 000,000,196 | ---- | C] () -- C:\Users\roger_000\.packettracer
[2014/01/12 05:13:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/12 05:13:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/12 05:13:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/12 05:13:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/12 05:13:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/12/10 19:12:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/09/11 06:50:27 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/03/23 13:20:02 | 000,000,297 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/02/28 17:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2013/02/01 14:30:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/01 22:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/01 21:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 19:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 19:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 19:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 5120 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
< End of report >

Go The Power · Dec 19, 2014

You have a lot of disabled services, 54 to be exact.

Code:

	Line 10: SRV:64bit: - [2013/06/27 22:46:34 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Disabled | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
	Line 37: SRV:64bit: - [2012/11/05 20:19:48 | 000,466,944 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
	Line 39: SRV:64bit: - [2012/10/10 21:44:21 | 000,264,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
	Line 43: SRV:64bit: - [2012/09/19 22:33:56 | 001,314,816 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
	Line 49: SRV:64bit: - [2012/09/19 22:32:17 | 000,356,352 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
	Line 53: SRV:64bit: - [2012/09/19 22:31:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
	Line 61: SRV:64bit: - [2012/07/25 19:08:48 | 000,093,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
	Line 68: SRV:64bit: - [2012/07/25 19:08:30 | 000,669,696 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
	Line 70: SRV:64bit: - [2012/07/25 19:08:16 | 000,094,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
	Line 72: SRV:64bit: - [2012/07/25 19:08:13 | 002,836,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
	Line 73: SRV:64bit: - [2012/07/25 19:08:10 | 000,011,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
	Line 83: SRV:64bit: - [2012/07/25 19:07:42 | 000,335,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
	Line 88: SRV:64bit: - [2012/07/25 19:07:38 | 000,250,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
	Line 91: SRV:64bit: - [2012/07/25 19:07:29 | 000,723,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
	Line 93: SRV:64bit: - [2012/07/25 19:07:28 | 000,084,480 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
	Line 98: SRV:64bit: - [2012/07/25 19:07:23 | 000,266,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
	Line 100: SRV:64bit: - [2012/07/25 19:07:16 | 000,565,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
	Line 101: SRV:64bit: - [2012/07/25 19:07:11 | 000,291,328 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
	Line 106: SRV:64bit: - [2012/07/25 19:07:07 | 000,196,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
	Line 109: SRV:64bit: - [2012/07/25 19:07:05 | 000,159,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
	Line 110: SRV:64bit: - [2012/07/25 19:07:03 | 000,358,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
	Line 111: SRV:64bit: - [2012/07/25 19:07:03 | 000,099,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
	Line 115: SRV:64bit: - [2012/07/25 19:07:00 | 000,394,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
	Line 125: SRV:64bit: - [2012/07/25 19:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
	Line 127: SRV:64bit: - [2012/07/25 19:06:12 | 000,107,520 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
	Line 133: SRV:64bit: - [2012/07/25 19:05:51 | 000,438,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
	Line 139: SRV:64bit: - [2012/07/25 19:05:40 | 000,369,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
	Line 140: SRV:64bit: - [2012/07/25 19:05:38 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
	Line 141: SRV:64bit: - [2012/07/25 19:05:38 | 000,021,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
	Line 149: SRV:64bit: - [2012/07/25 19:05:16 | 000,149,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
	Line 151: SRV:64bit: - [2012/07/25 19:05:13 | 000,089,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
	Line 163: SRV:64bit: - [2012/07/19 13:09:48 | 002,247,992 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
	Line 164: SRV:64bit: - [2012/07/19 10:53:46 | 000,953,720 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
	Line 165: SRV:64bit: - [2012/04/20 11:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
	Line 167: SRV - [2014/09/24 07:55:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
	Line 171: SRV - [2013/02/28 17:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
	Line 175: SRV - [2012/12/25 13:25:47 | 000,116,648 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
	Line 176: SRV - [2012/12/25 13:25:47 | 000,116,648 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
	Line 179: SRV - [2012/10/14 21:41:38 | 000,014,752 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
	Line 180: SRV - [2012/10/11 21:41:52 | 000,026,496 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe -- (MemeoBackgroundService)
	Line 183: SRV - [2012/10/06 00:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
	Line 189: SRV - [2012/07/25 19:20:39 | 002,042,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
	Line 190: SRV - [2012/07/25 19:20:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
	Line 197: SRV - [2012/07/25 19:19:59 | 000,506,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
	Line 198: SRV - [2012/07/25 19:19:54 | 000,249,344 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
	Line 200: SRV - [2012/07/25 19:19:46 | 000,304,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
	Line 203: SRV - [2012/07/25 19:19:05 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
	Line 210: SRV - [2012/07/17 11:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
	Line 211: SRV - [2012/07/17 11:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
	Line 212: SRV - [2012/07/09 10:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
	Line 213: SRV - [2012/06/25 07:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
	Line 214: SRV - [2012/04/24 18:43:48 | 000,254,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
	Line 216: SRV - [2011/05/06 16:17:24 | 000,028,144 | ---- | M] (Quest Software) [Disabled | Stopped] -- C:\Program Files (x86)\PacketTrap Networks\PacketTrap IT\ptagentservice.exe -- (PacketTrapItAgent)
	Line 217: SRV - [2011/05/06 16:17:22 | 000,028,144 | ---- | M] (Quest Software) [Disabled | Stopped] -- C:\Program Files (x86)\PacketTrap Networks\PacketTrap IT\ptserverservice.exe -- (PacketTrapItServer)

It is not normal to have this many disabled services, I only have 4 disabled services. Have you gone in and disabled any? this can often happen if cracked software is installed or a virus.

I am not accusing you of having cracked software, most people don't release. But can you please do the following scans:

License Information (Windows 8)

Right click on the

button
Click on Command prompt =>
Inside the Command Prompt windows copy and paste the following command
licensingdiag.exe -report "%userprofile%\Desktop\report.txt" -log "%userprofile%\Desktop\repfiles.cab"
Once finished please go to your desktop -> You will see two files report.txt and repfiles.cab -> Please select both files and add them into a zip file
Upload this zip file to your next reply

CKScanner

Download CKScanner from here

Important : Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify that the file is saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Also what Antivirus do you have?

Alex

Win 8 corrupt DISM/CBS- i think...

Member

Attachments

Member

Attachments

Senior Administrator, Windows Update Expert, Contributor

Member

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Attachments

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Senior Administrator, Windows Update Expert, Contributor

Member

Senior Administrator, Windows Update Expert, Contributor