Summary Operating System Windows 8.1 Enterprise 64-bit CPU AMD A8-7600 54 °C Kaveri 28nm Technology RAM 8.00GB Dual-Channel DDR3 @ 798MHz (10-10-10-30) Motherboard ASRock FM2A58M-DG3+ (CPUSocket) 33 °C Graphics 37LC3R-ZH (1360x768@60Hz) 2047MB NVIDIA GeForce GTX 750 Ti (MSI) 33 °C Storage 931GB Seagate ST1000DM003-1ER162 (SATA) 34 °C Optical Drives TSSTcorp CDDVDW SH-S203B Audio Realtek High Definition Audio Operating System Windows 8.1 Enterprise 64-bit Computer type: Desktop Installation Date: 2/17/2017 1:10:36 AM Windows Security Center User Account Control (UAC) Enabled Notify level 0 - Never Notify Firewall Enabled Windows Update AutoUpdate Download Automatically and Install at Set Scheduled time Schedule Frequency Every Day Schedule Time Windows Defender Windows Defender Enabled Antivirus Antivirus Enabled Display Name Windows Defender Virus Signature Database Up to date .NET Frameworks installed v4.6 Full v4.6 Client v3.5 SP1 v3.0 SP2 v2.0 SP2 Internet Explorer Version 11.0.9600.18161 PowerShell Version 4.0 Java Java Runtime Environment Path C:\Program Files (x86)\Java\jre1.8.0_121\bin\java.exe Version 8.0 Update 121 Build 13 Environment Variables USERPROFILE C:\Users\Marius SystemRoot C:\Windows User Variables TEMP C:\Users\Marius\AppData\Local\Temp TMP C:\Users\Marius\AppData\Local\Temp Machine Variables ComSpec C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK NO NUMBER_OF_PROCESSORS 4 OS Windows_NT Path C:\ProgramData\Oracle\Java\javapath C:\Windows\system32 C:\Windows C:\Windows\System32\Wbem C:\Windows\System32\WindowsPowerShell\v1.0\ C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE AMD64 PROCESSOR_IDENTIFIER AMD64 Family 21 Model 48 Stepping 1, AuthenticAMD PROCESSOR_LEVEL 21 PROCESSOR_REVISION 3001 PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ TEMP C:\Windows\TEMP TMP C:\Windows\TEMP USERNAME SYSTEM windir C:\Windows Power Profile Active power scheme High performance Hibernation Enabled Turn Off Monitor after: (On AC Power) 15 min Turn Off Hard Disk after: (On AC Power) 20 min Suspend after: (On AC Power) Never Screen saver Disabled Uptime Current Session Current Time 2/19/2017 8:02:04 PM Current Uptime 19,711 sec (0 d, 05 h, 28 m, 31 s) Last Boot Time 2/19/2017 2:33:33 PM Services Running Application Experience Running Application Host Helper Service Running Application Information Running Background Intelligent Transfer Service Running Background Tasks Infrastructure Service Running Base Filtering Engine Running CNG Key Isolation Running COM+ Event System Running Computer Browser Running Cryptographic Services Running DCOM Server Process Launcher Running Device Association Service Running DHCP Client Running Diagnostic Policy Service Running Diagnostic Service Host Running Diagnostic System Host Running Distributed Link Tracking Client Running DNS Client Running Function Discovery Provider Host Running Function Discovery Resource Publication Running HomeGroup Listener Running HomeGroup Provider Running Human Interface Device Service Running IP Helper Running Local Session Manager Running Malwarebytes Service Running Net.Pipe Listener Adapter Running Net.Tcp Listener Adapter Running Net.Tcp Port Sharing Service Running Network Connected Devices Auto-Setup Running Network Connection Broker Running Network List Service Running Network Location Awareness Running Network Store Interface Service Running NVIDIA Display Container LS Running NVIDIA LocalSystem Container Running NVIDIA Wireless Controller Service Running Peer Name Resolution Protocol Running Peer Networking Grouping Running Peer Networking Identity Manager Running Plug and Play Running Power Running Program Compatibility Assistant Service Running Remote Procedure Call (RPC) Running RPC Endpoint Mapper Running Security Accounts Manager Running Server Running Shell Hardware Detection Running SSDP Discovery Running Superfetch Running System Event Notification Service Running System Events Broker Running Task Scheduler Running TCP/IP NetBIOS Helper Running Themes Running Time Broker Running UPnP Device Host Running User Profile Service Running Windows Audio Running Windows Audio Endpoint Builder Running Windows Connection Manager Running Windows Defender Service Running Windows Event Log Running Windows Firewall Running Windows Font Cache Service Running Windows Management Instrumentation Running Windows Media Player Network Sharing Service Running Windows Process Activation Service Running Windows Search Running Windows Update Running WinHTTP Web Proxy Auto-Discovery Service Running Workstation Running World Wide Web Publishing Service Stopped ActiveX Installer (AxInstSV) Stopped App Readiness Stopped Application Identity Stopped Application Layer Gateway Service Stopped Application Management Stopped AppX Deployment Service (AppXSVC) Stopped ASP.NET State Service Stopped BitLocker Drive Encryption Service Stopped Block Level Backup Engine Service Stopped Bluetooth Handsfree Service Stopped Bluetooth Support Service Stopped BranchCache Stopped Certificate Propagation Stopped COM+ System Application Stopped Credential Manager Stopped Device Install Service Stopped Device Setup Manager Stopped Distributed Transaction Coordinator Stopped Encrypting File System (EFS) Stopped Extensible Authentication Protocol Stopped Family Safety Stopped Fax Stopped File History Service Stopped Group Policy Client Stopped Health Key and Certificate Management Stopped Hyper-V Data Exchange Service Stopped Hyper-V Guest Service Interface Stopped Hyper-V Guest Shutdown Service Stopped Hyper-V Heartbeat Service Stopped Hyper-V Remote Desktop Virtualization Service Stopped Hyper-V Time Synchronization Service Stopped Hyper-V Volume Shadow Copy Requestor Stopped IKE and AuthIP IPsec Keying Modules Stopped Interactive Services Detection Stopped Internet Connection Sharing (ICS) Stopped Internet Explorer ETW Collector Service Stopped IPsec Policy Agent Stopped KtmRm for Distributed Transaction Coordinator Stopped Link-Layer Topology Discovery Mapper Stopped Microsoft Account Sign-in Assistant Stopped Microsoft iSCSI Initiator Service Stopped Microsoft Keyboard Filter Stopped Microsoft Software Shadow Copy Provider Stopped Microsoft Storage Spaces SMP Stopped Mozilla Maintenance Service Stopped Multimedia Class Scheduler Stopped Net.Msmq Listener Adapter Stopped Netlogon Stopped Network Access Protection Agent Stopped Network Connections Stopped Network Connectivity Assistant Stopped NVIDIA NetworkService Container Stopped Offline Files Stopped Optimize drives Stopped Performance Counter DLL Host Stopped Performance Logs & Alerts Stopped PNRP Machine Name Publication Service Stopped Portable Device Enumerator Service Stopped Print Spooler Stopped Printer Extensions and Notifications Stopped Problem Reports and Solutions Control Panel Support Stopped Quality Windows Audio Video Experience Stopped Remote Access Auto Connection Manager Stopped Remote Access Connection Manager Stopped Remote Desktop Configuration Stopped Remote Desktop Services Stopped Remote Desktop Services UserMode Port Redirector Stopped Remote Procedure Call (RPC) Locator Stopped Remote Registry Stopped Routing and Remote Access Stopped Secondary Logon Stopped Secure Socket Tunneling Protocol Service Stopped Security Center Stopped Sensor Monitoring Service Stopped Smart Card Stopped Smart Card Device Enumeration Service Stopped Smart Card Removal Policy Stopped SNMP Trap Stopped Software Protection Stopped Spot Verifier Stopped Still Image Acquisition Events Stopped Storage Service Stopped Telephony Stopped Thread Ordering Server Stopped Touch Keyboard and Handwriting Panel Service Stopped Virtual Disk Stopped Volume Shadow Copy Stopped W3C Logging Service Stopped WebClient Stopped Windows Biometric Service Stopped Windows Color System Stopped Windows Connect Now - Config Registrar Stopped Windows Defender Network Inspection Service Stopped Windows Driver Foundation - User-mode Driver Framework Stopped Windows Encryption Provider Host Service Stopped Windows Error Reporting Service Stopped Windows Event Collector Stopped Windows Image Acquisition (WIA) Stopped Windows Installer Stopped Windows Location Framework Service Stopped Windows Modules Installer Stopped Windows Presentation Foundation Font Cache 3.0.0.0 Stopped Windows Remote Management (WS-Management) Stopped Windows Store Service (WSService) Stopped Windows Time Stopped Wired AutoConfig Stopped WLAN AutoConfig Stopped WMI Performance Adapter Stopped Work Folders Stopped WWAN AutoConfig TimeZone TimeZone GMT +2:00 Hours Language English (United States) Location Lithuania Format English (United States) Currency $ Date Format M/d/yyyy Time Format h:mm:ss tt Scheduler 3/18/2017 6:57 AM; klcp_update Optimize Start Menu Cache Files-S-1-5-21-2264090065-1336448463-196550333-1003 Optimize Start Menu Cache Files-S-1-5-21-2264090065-1336448463-196550333-500 Hotfixes Installed 2/19/2017 Definition Update for Windows Defender - KB2267602 (Definition 1.235.3184.0) Install this update to revise the definition files that are used to detect viruses, spyware, and other potentially unwanted software. Once you have installed this item, it cannot be removed. 2/18/2017 Update for Windows (KB2999226) Fix for KB2999226 2/16/2017 Update for Windows (KB2999226) Fix for KB2999226 2/16/2017 Lithuanian Language Pack - Windows 8.1 for x64-based Systems - (KB3012997) [lt-LT_LP] After you install this language pack, you can make it the display language. Swipe in from the right edge of the screen (if you're using a mouse, point to the upper-right corner of the screen and move the mouse pointer down) and tap or click "Search." Enter "language", tap or click "language" and then tap or click "Add a language to this device." Select the installed language pack, then tap or click "Move up" until it's at the top of the list. Sign out and then sign back in to finish. 2/16/2017 Lithuanian Language Pack - Windows 8.1 for x64-based Systems - (KB3012997) [lt-LT_LP] After you install this language pack, you can make it the display language. Swipe in from the right edge of the screen (if you're using a mouse, point to the upper-right corner of the screen and move the mouse pointer down) and tap or click "Search." Enter "language", tap or click "language" and then tap or click "Add a language to this device." Select the installed language pack, then tap or click "Move up" until it's at the top of the list. Sign out and then sign back in to finish. 2/16/2017 Update for Windows 8.1 for x64-based Systems (KB3020370) Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer. Not Installed System Folders Application Data C:\ProgramData Cookies C:\Users\Marius\AppData\Local\Microsoft\Windows\INetCookies Desktop C:\Users\Marius\Desktop Documents C:\Users\Public\Documents Fonts C:\Windows\Fonts Global Favorites C:\Users\Marius\Favorites Internet History C:\Users\Marius\AppData\Local\Microsoft\Windows\History Local Application Data C:\Users\Marius\AppData\Local Music C:\Users\Public\Music Path for burning CD C:\Users\Marius\AppData\Local\Microsoft\Windows\Burn\Burn Physical Desktop C:\Users\Marius\Desktop Pictures C:\Users\Public\Pictures Program Files C:\Program Files Public Desktop C:\Users\Public\Desktop Start Menu C:\ProgramData\Microsoft\Windows\Start Menu Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Templates C:\ProgramData\Microsoft\Windows\Templates Temporary Internet Files C:\Users\Marius\AppData\Local\Microsoft\Windows\INetCache User Favorites C:\Users\Marius\Favorites Videos C:\Users\Public\Videos Windows Directory C:\Windows Windows/System C:\Windows\system32 Process List audiodg.exe Process ID 5680 User LOCAL SERVICE Domain NT AUTHORITY Memory Usage 15 MB Peak Memory Usage 15 MB conhost.exe Process ID 4108 User Marius Domain Darknet Path C:\Windows\system32\conhost.exe Memory Usage 3.21 MB Peak Memory Usage 3.23 MB csrss.exe Process ID 4640 User SYSTEM Domain NT AUTHORITY Memory Usage 5.66 MB Peak Memory Usage 12 MB csrss.exe Process ID 572 User SYSTEM Domain NT AUTHORITY Memory Usage 3.95 MB Peak Memory Usage 3.99 MB dasHost.exe Process ID 1516 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\system32\dashost.exe Memory Usage 14 MB Peak Memory Usage 14 MB dllhost.exe Process ID 5660 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\DllHost.exe Memory Usage 3.72 MB Peak Memory Usage 3.72 MB dllhost.exe Process ID 5148 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\DllHost.exe Memory Usage 4.36 MB Peak Memory Usage 4.36 MB dllhost.exe Process ID 2964 User Marius Domain Darknet Path C:\Windows\system32\DllHost.exe Memory Usage 9.25 MB Peak Memory Usage 9.25 MB dllhost.exe Process ID 4056 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\DllHost.exe Memory Usage 5.38 MB Peak Memory Usage 5.41 MB dwm.exe Process ID 2908 User DWM-3 Domain Window Manager Path C:\Windows\System32\dwm.exe Memory Usage 25 MB Peak Memory Usage 40 MB explorer.exe Process ID 3104 User Marius Domain Darknet Path C:\Windows\Explorer.EXE Memory Usage 110 MB Peak Memory Usage 119 MB firefox.exe Process ID 3324 User Marius Domain Darknet Path C:\Program Files (x86)\Mozilla Firefox\firefox.exe Memory Usage 159 MB Peak Memory Usage 229 MB firefox.exe Process ID 1208 User Marius Domain Darknet Path C:\Program Files (x86)\Mozilla Firefox\firefox.exe Memory Usage 164 MB Peak Memory Usage 177 MB FlashPlayerPlugin_24_0_0_221.exe Process ID 4420 User Marius Domain Darknet Path C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe Memory Usage 23 MB Peak Memory Usage 23 MB FlashPlayerPlugin_24_0_0_221.exe Process ID 3284 User Marius Domain Darknet Path C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe Memory Usage 28 MB Peak Memory Usage 31 MB lsass.exe Process ID 728 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\lsass.exe Memory Usage 12 MB Peak Memory Usage 12 MB MBAMService.exe Process ID 616 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe Memory Usage 211 MB Peak Memory Usage 270 MB mbamtray.exe Process ID 4736 User Marius Domain Darknet Path C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Memory Usage 25 MB Peak Memory Usage 25 MB MBAMWsc.exe Process ID 2416 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe Memory Usage 6.12 MB Peak Memory Usage 6.15 MB MsMpEng.exe Process ID 1936 User SYSTEM Domain NT AUTHORITY Memory Usage 20 MB Peak Memory Usage 661 MB nvcontainer.exe Process ID 3408 User Marius Domain Darknet Path C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe Memory Usage 27 MB Peak Memory Usage 46 MB nvcontainer.exe Process ID 1800 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe Memory Usage 20 MB Peak Memory Usage 21 MB NVDisplay.Container.exe Process ID 976 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe Memory Usage 9.52 MB Peak Memory Usage 11 MB NVIDIA Share.exe Process ID 3740 User Marius Domain Darknet Path C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Memory Usage 34 MB Peak Memory Usage 34 MB NVIDIA Share.exe Process ID 4124 User Marius Domain Darknet Path C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe Memory Usage 48 MB Peak Memory Usage 53 MB NVIDIA Web Helper.exe Process ID 676 User Marius Domain Darknet Path C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe Memory Usage 47 MB Peak Memory Usage 47 MB nvspcaps64.exe Process ID 2380 User Marius Domain Darknet Path C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe Memory Usage 25 MB Peak Memory Usage 56 MB nvtray.exe Process ID 752 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\NVIDIA Corporation\Display\nvtray.exe Memory Usage 9.36 MB Peak Memory Usage 9.38 MB nvtray.exe Process ID 3344 User Marius Domain Darknet Path C:\Program Files\NVIDIA Corporation\Display\nvtray.exe Memory Usage 9.34 MB Peak Memory Usage 9.36 MB nvwirelesscontroller.exe Process ID 1820 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe Memory Usage 6.35 MB Peak Memory Usage 6.37 MB nvxdsync.exe Process ID 892 User SYSTEM Domain NT AUTHORITY Path C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe Memory Usage 20 MB Peak Memory Usage 22 MB plugin-container.exe Process ID 5160 User Marius Domain Darknet Path C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Memory Usage 16 MB Peak Memory Usage 17 MB RAVCpl64.exe Process ID 196 User Marius Domain Darknet Path C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe Memory Usage 9.28 MB Peak Memory Usage 10 MB SearchIndexer.exe Process ID 2264 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\SearchIndexer.exe Memory Usage 27 MB Peak Memory Usage 28 MB services.exe Process ID 692 User SYSTEM Domain NT AUTHORITY Memory Usage 6.95 MB Peak Memory Usage 13 MB smss.exe Process ID 416 User SYSTEM Domain NT AUTHORITY Memory Usage KB Peak Memory Usage 1.14 MB SMSvcHost.exe Process ID 1524 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe Memory Usage 28 MB Peak Memory Usage 29 MB SMSvcHost.exe Process ID 780 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe Memory Usage 28 MB Peak Memory Usage 30 MB Speccy64.exe Process ID 2748 User Marius Domain Darknet Path C:\Program Files\Speccy\Speccy64.exe Memory Usage 22 MB Peak Memory Usage 22 MB speedfan.exe Process ID 4336 User Marius Domain Darknet Path C:\Program Files (x86)\SpeedFan\speedfan.exe Memory Usage 20 MB Peak Memory Usage 28 MB svchost.exe Process ID 1048 User SYSTEM Domain NT AUTHORITY Path C:\Windows\System32\svchost.exe Memory Usage 68 MB Peak Memory Usage 113 MB svchost.exe Process ID 480 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 20 MB Peak Memory Usage 21 MB svchost.exe Process ID 576 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 53 MB Peak Memory Usage 256 MB svchost.exe Process ID 460 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\System32\svchost.exe Memory Usage 25 MB Peak Memory Usage 28 MB svchost.exe Process ID 860 User NETWORK SERVICE Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 7.39 MB Peak Memory Usage 7.49 MB svchost.exe Process ID 820 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 11 MB Peak Memory Usage 18 MB svchost.exe Process ID 1144 User NETWORK SERVICE Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 16 MB Peak Memory Usage 16 MB svchost.exe Process ID 3860 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\System32\svchost.exe Memory Usage 12 MB Peak Memory Usage 13 MB svchost.exe Process ID 3312 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 13 MB Peak Memory Usage 14 MB svchost.exe Process ID 1920 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 7.73 MB Peak Memory Usage 7.75 MB svchost.exe Process ID 1456 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 7.40 MB Peak Memory Usage 7.50 MB svchost.exe Process ID 1320 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\system32\svchost.exe Memory Usage 22 MB Peak Memory Usage 23 MB System Process ID 4 Memory Usage 1.16 MB Peak Memory Usage 28 MB System Idle Process Process ID 0 wininit.exe Process ID 636 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\wininit.exe Memory Usage 4.12 MB Peak Memory Usage 4.48 MB winlogon.exe Process ID 1560 User SYSTEM Domain NT AUTHORITY Path C:\Windows\System32\WinLogon.exe Memory Usage 5.21 MB Peak Memory Usage 9.22 MB WmiPrvSE.exe Process ID 4628 User NETWORK SERVICE Domain NT AUTHORITY Path C:\Windows\system32\wbem\wmiprvse.exe Memory Usage 11 MB Peak Memory Usage 12 MB WmiPrvSE.exe Process ID 2040 User SYSTEM Domain NT AUTHORITY Path C:\Windows\system32\wbem\wmiprvse.exe Memory Usage 28 MB Peak Memory Usage 31 MB WmiPrvSE.exe Process ID 2120 User LOCAL SERVICE Domain NT AUTHORITY Path C:\Windows\system32\wbem\wmiprvse.exe Memory Usage 8.39 MB Peak Memory Usage 8.67 MB wmpnetwk.exe Process ID 4940 User NETWORK SERVICE Domain NT AUTHORITY Path C:\Program Files\Windows Media Player\wmpnetwk.exe Memory Usage 5.65 MB Peak Memory Usage 15 MB Security Options Accounts: Administrator account status Disabled Accounts: Block Microsoft accounts Not Defined Accounts: Guest account status Disabled Accounts: Limit local account use of blank passwords to console logon only Enabled Accounts: Rename administrator account Administrator Accounts: Rename guest account Guest Audit: Audit the access of global system objects Disabled Audit: Audit the use of Backup and Restore privilege Disabled Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined Audit: Shut down system immediately if unable to log security audits Disabled DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined Devices: Allow undock without having to log on Enabled Devices: Allowed to format and eject removable media Not Defined Devices: Prevent users from installing printer drivers Disabled Devices: Restrict CD-ROM access to locally logged-on user only Not Defined Devices: Restrict floppy access to locally logged-on user only Not Defined Domain controller: Allow server operators to schedule tasks Not Defined Domain controller: LDAP server signing requirements Not Defined Domain controller: Refuse machine account password changes Not Defined Domain member: Digitally encrypt or sign secure channel data (always) Enabled Domain member: Digitally encrypt secure channel data (when possible) Enabled Domain member: Digitally sign secure channel data (when possible) Enabled Domain member: Disable machine account password changes Disabled Domain member: Maximum machine account password age 30 days Domain member: Require strong (Windows 2000 or later) session key Enabled Interactive logon: Display user information when the session is locked Not Defined Interactive logon: Do not display last user name Disabled Interactive logon: Do not require CTRL+ALT+DEL Not Defined Interactive logon: Machine account lockout threshold Not Defined Interactive logon: Machine inactivity limit Not Defined Interactive logon: Message text for users attempting to log on Interactive logon: Message title for users attempting to log on Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons Interactive logon: Prompt user to change password before expiration 5 days Interactive logon: Require Domain Controller authentication to unlock workstation Disabled Interactive logon: Require smart card Disabled Interactive logon: Smart card removal behavior No Action Microsoft network client: Digitally sign communications (always) Disabled Microsoft network client: Digitally sign communications (if server agrees) Enabled Microsoft network client: Send unencrypted password to third-party SMB servers Disabled Microsoft network server: Amount of idle time required before suspending session 15 minutes Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined Microsoft network server: Digitally sign communications (always) Disabled Microsoft network server: Digitally sign communications (if client agrees) Disabled Microsoft network server: Disconnect clients when logon hours expire Enabled Microsoft network server: Server SPN target name validation level Not Defined Network access: Allow anonymous SID/Name translation Disabled Network access: Do not allow anonymous enumeration of SAM accounts Enabled Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled Network access: Do not allow storage of passwords and credentials for network authentication Disabled Network access: Let Everyone permissions apply to anonymous users Disabled Network access: Named Pipes that can be accessed anonymously Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog Network access: Restrict anonymous access to Named Pipes and Shares Enabled Network access: Shares that can be accessed anonymously Not Defined Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves Network security: Allow Local System to use computer identity for NTLM Not Defined Network security: Allow LocalSystem NULL session fallback Not Defined Network security: Allow PKU2U authentication requests to this computer to use online identities. Not Defined Network security: Configure encryption types allowed for Kerberos Not Defined Network security: Do not store LAN Manager hash value on next password change Enabled Network security: Force logoff when logon hours expire Disabled Network security: LAN Manager authentication level Not Defined Network security: LDAP client signing requirements Negotiate signing Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined Network security: Restrict NTLM: Add server exceptions in this domain Not Defined Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined Network security: Restrict NTLM: Incoming NTLM traffic Not Defined Network security: Restrict NTLM: NTLM authentication in this domain Not Defined Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined Recovery console: Allow automatic administrative logon Disabled Recovery console: Allow floppy copy and access to all drives and all folders Disabled Shutdown: Allow system to be shut down without having to log on Enabled Shutdown: Clear virtual memory pagefile Disabled System cryptography: Force strong key protection for user keys stored on the computer Not Defined System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled System objects: Require case insensitivity for non-Windows subsystems Enabled System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled System settings: Optional subsystems System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials User Account Control: Detect application installations and prompt for elevation Enabled User Account Control: Only elevate executables that are signed and validated Disabled User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled User Account Control: Run all administrators in Admin Approval Mode Enabled User Account Control: Switch to the secure desktop when prompting for elevation Disabled User Account Control: Virtualize file and registry write failures to per-user locations Enabled Device Tree ACPI x64-based PC Microsoft ACPI-Compliant System ACPI Fixed Feature Button ACPI Power Button AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G High precision event timer Motherboard resources System board PCI Express Root Complex AMD SMBus Motherboard resources Motherboard resources PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard host CPU bridge PCI standard PCI-to-PCI bridge System board PCI standard host CPU bridge Motherboard resources PCI Express standard Root Port NVIDIA GeForce GTX 750 Ti Generic PnP Monitor NVIDIA Miracast Audio High Definition Audio Controller NVIDIA High Definition Audio PCI Express standard Root Port Realtek PCIe GBE Family Controller Standard SATA AHCI Controller ST1000DM003-1ER162 TSSTcorp CDDVDW SH-S203B Standard OpenHCD USB Host Controller USB Root Hub Standard Enhanced PCI to USB Host Controller USB Root Hub Standard OpenHCD USB Host Controller USB Root Hub Standard Enhanced PCI to USB Host Controller USB Root Hub Standard Dual Channel PCI IDE Controller ATA Channel 0 ATA Channel 1 High Definition Audio Controller Realtek High Definition Audio Line In (2- Realtek High Definition Audio) Microphone (2- Realtek High Definition Audio) Speakers (2- Realtek High Definition Audio) PCI standard ISA bridge Communications Port (COM1) Direct memory access controller Motherboard resources Motherboard resources Motherboard resources Numeric data processor Programmable interrupt controller System CMOS/real time clock System speaker System timer ECP Printer Port (LPT1) Printer Port Logical Interface Standard OpenHCD USB Host Controller USB Root Hub Standard OpenHCD USB Host Controller USB Root Hub USB Input Device HID-compliant mouse USB Composite Device USB Input Device HID Keyboard Device USB Input Device HID-compliant consumer control device HID-compliant system controller HID-compliant vendor-defined device Standard Enhanced PCI to USB Host Controller USB Root Hub CPU AMD A8-7600 Cores 4 Threads 4 Name AMD A8-7600 Code Name Kaveri Package Socket FM2+ (906) Technology 28nm Specification AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G Family F Extended Family 15 Model 0 Extended Model 30 Stepping 1 Revision KV-A1 Instructions MMX (+), SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, SSE4A, AMD 64, NX, VMX, AES, AVX, FMA3, FMA4 Virtualization Supported, Disabled Hyperthreading Not supported Fan Speed 2700 RPM Bus Speed 99.8 MHz Stock Core Speed 3100 MHz Stock Bus Speed 100 MHz Average Temperature 54 °C Caches L1 Data Cache Size 4 x 16 KBytes L1 Instructions Cache Size 2 x 96 KBytes L2 Unified Cache Size 2 x 2048 KBytes Cores Core 0 Core Speed 3093.7 MHz Multiplier x 31.0 Bus Speed 99.8 MHz Temperature 54 °C Threads APIC ID: 0 Core 1 Core Speed 3093.7 MHz Multiplier x 31.0 Bus Speed 99.8 MHz Temperature 54 °C Threads APIC ID: 1 Core 2 Core Speed 3093.7 MHz Multiplier x 31.0 Bus Speed 99.8 MHz Temperature 54 °C Threads APIC ID: 2 Core 3 Core Speed 3093.7 MHz Multiplier x 31.0 Bus Speed 99.8 MHz Temperature 54 °C Threads APIC ID: 3 RAM Memory slots Total memory slots 2 Used memory slots 2 Free memory slots 0 Memory Type DDR3 Size 8192 MBytes Channels # Dual DRAM Frequency 798.4 MHz CAS# Latency (CL) 10 clocks RAS# to CAS# Delay (tRCD) 10 clocks RAS# Precharge (tRP) 10 clocks Cycle Time (tRAS) 30 clocks Bank Cycle Time (tRC) 39 clocks Physical Memory Memory Usage 21 % Total Physical 7.95 GB Available Physical 6.27 GB Total Virtual 9.20 GB Available Virtual 7.29 GB SPD Number Of SPD Modules 2 Slot #1 Type DDR3 Size 4096 MBytes Manufacturer Kingston Max Bandwidth PC3-12800J (800 MHz) Part Number KHX1600C10D3/8G Serial Number 1764238645 Week/year 30 / 15 Timing table JEDEC #1 Frequency 480.0 MHz CAS# Latency 6.0 RAS# To CAS# 6 RAS# Precharge 6 tRAS 19 tRC 24 Voltage 1.500 V JEDEC #2 Frequency 560.0 MHz CAS# Latency 7.0 RAS# To CAS# 7 RAS# Precharge 7 tRAS 21 tRC 27 Voltage 1.500 V JEDEC #3 Frequency 640.0 MHz CAS# Latency 8.0 RAS# To CAS# 8 RAS# Precharge 8 tRAS 24 tRC 31 Voltage 1.500 V JEDEC #4 Frequency 720.0 MHz CAS# Latency 9.0 RAS# To CAS# 9 RAS# Precharge 9 tRAS 27 tRC 35 Voltage 1.500 V JEDEC #5 Frequency 800.0 MHz CAS# Latency 10.0 RAS# To CAS# 10 RAS# Precharge 10 tRAS 30 tRC 39 Voltage 1.500 V JEDEC #6 Frequency 800.0 MHz CAS# Latency 11.0 RAS# To CAS# 10 RAS# Precharge 10 tRAS 30 tRC 39 Voltage 1.500 V Slot #2 Type DDR3 Size 4096 MBytes Manufacturer Kingston Max Bandwidth PC3-12800J (800 MHz) Part Number KHX1600C10D3/8G Serial Number 1797467943 Week/year 47 / 14 Timing table JEDEC #1 Frequency 480.0 MHz CAS# Latency 6.0 RAS# To CAS# 6 RAS# Precharge 6 tRAS 19 tRC 24 Voltage 1.500 V JEDEC #2 Frequency 560.0 MHz CAS# Latency 7.0 RAS# To CAS# 7 RAS# Precharge 7 tRAS 21 tRC 27 Voltage 1.500 V JEDEC #3 Frequency 640.0 MHz CAS# Latency 8.0 RAS# To CAS# 8 RAS# Precharge 8 tRAS 24 tRC 31 Voltage 1.500 V JEDEC #4 Frequency 720.0 MHz CAS# Latency 9.0 RAS# To CAS# 9 RAS# Precharge 9 tRAS 27 tRC 35 Voltage 1.500 V JEDEC #5 Frequency 800.0 MHz CAS# Latency 10.0 RAS# To CAS# 10 RAS# Precharge 10 tRAS 30 tRC 39 Voltage 1.500 V JEDEC #6 Frequency 800.0 MHz CAS# Latency 11.0 RAS# To CAS# 10 RAS# Precharge 10 tRAS 30 tRC 39 Voltage 1.500 V Motherboard Manufacturer ASRock Model FM2A58M-DG3+ (CPUSocket) Chipset Vendor AMD Chipset Model K15 IMC Chipset Revision 00 Southbridge Vendor AMD Southbridge Model A58 FCH Southbridge Revision 2.6 System Temperature 33 °C BIOS Brand American Megatrends Inc. Version P2.70 Date 1/11/2016 Voltage CPU CORE 0.896 V MEMORY CONTROLLER 1.856 V AVCC 3.248 V 3VCC 3.248 V VIN5 1.712 V PCI Data Slot PCI-E Slot Type PCI-E Slot Usage In Use Data lanes x16 Slot Designation J6B2 Characteristics 3.3V, Shared, PME Slot Number 0 Slot PCI-E Slot Type PCI-E Slot Usage In Use Data lanes x1 Slot Designation J6B1 Characteristics 3.3V, Shared, PME Slot Number 1 Slot PCI-E Slot Type PCI-E Slot Usage In Use Data lanes x1 Slot Designation J6D1 Characteristics 3.3V, Shared, PME Slot Number 2 Graphics Monitor Name 37LC3R-ZH on NVIDIA GeForce GTX 750 Ti Current Resolution 1360x768 pixels Work Resolution 1360x728 pixels State Enabled, Primary Monitor Width 1360 Monitor Height 768 Monitor BPP 32 bits per pixel Monitor Frequency 60 Hz Device \\.\DISPLAY1\Monitor0 NVIDIA GeForce GTX 750 Ti Manufacturer NVIDIA Model GeForce GTX 750 Ti Device ID 10DE-1380 Revision A3 Subvendor MSI (1462) Current Performance Level Level 0 Current GPU Clock 135 MHz Current Memory Clock 405 MHz Current Shader Clock 405 MHz Voltage 0.937 V Technology 28 nm Bus Interface PCI Express x16 Temperature 33 °C Driver version 21.21.13.7866 BIOS Version 82.07.32.00.fd Physical Memory 2047 MB Virtual Memory 2048 MB Count of performance levels : 1 Level 1 - "Perf Level 0" GPU Clock 135 MHz Shader Clock 405 MHz Storage Hard drives ST1000DM003-1ER162 Manufacturer Seagate Heads 16 Cylinders 121,601 Tracks 31,008,255 Sectors 1,953,520,065 SATA type SATA-III 6.0Gb/s Device type Fixed ATA Standard ACS2 Serial Number Z4Y9KVEG Firmware Version Number CC46 LBA Size 48-bit LBA Power On Count 783 times Power On Time 180.6 days Speed 7200 RPM Features S.M.A.R.T., APM, NCQ Max. Transfer Mode SATA III 6.0Gb/s Used Transfer Mode SATA II 3.0Gb/s Interface SATA Capacity 931 GB Real size 1,000,204,886,016 bytes RAID Type None S.M.A.R.T Status Good Temperature 34 °C Temperature Range OK (less than 50 °C) S.M.A.R.T attributes 01 Attribute name Read Error Rate Real value 0 Current 111 Worst 99 Threshold 6 Raw Value 000212EE20 Status Good 03 Attribute name Spin-Up Time Real value 0 ms Current 98 Worst 97 Threshold 0 Raw Value 0000000000 Status Good 04 Attribute name Start/Stop Count Real value 616 Current 100 Worst 100 Threshold 20 Raw Value 0000000268 Status Good 05 Attribute name Reallocated Sectors Count Real value 0 Current 100 Worst 100 Threshold 10 Raw Value 0000000000 Status Good 07 Attribute name Seek Error Rate Real value 0 Current 80 Worst 60 Threshold 30 Raw Value 000626B5D6 Status Good 09 Attribute name Power-On Hours (POH) Real value 180d 15h Current 96 Worst 96 Threshold 0 Raw Value 00000010EF Status Good 0A Attribute name Spin Retry Count Real value 0 Current 100 Worst 100 Threshold 97 Raw Value 0000000000 Status Good 0C Attribute name Device Power Cycle Count Real value 783 Current 100 Worst 100 Threshold 20 Raw Value 000000030F Status Good B7 Attribute name SATA Downshift Error Count Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good B8 Attribute name End-to-End error / IOEDC Real value 0 Current 100 Worst 100 Threshold 99 Raw Value 0000000000 Status Good BB Attribute name Reported Uncorrectable Errors Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good BC Attribute name Command Timeout Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good BD Attribute name High Fly Writes (WDC) Real value 1 Current 99 Worst 99 Threshold 0 Raw Value 0000000001 Status Good BE Attribute name Airflow Temperature Real value 34 °C Current 66 Worst 51 Threshold 45 Raw Value 00221D0022 Status Good BF Attribute name G-sense error rate Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good C0 Attribute name Power-off Retract Count Real value 85 Current 100 Worst 100 Threshold 0 Raw Value 0000000055 Status Good C1 Attribute name Load/Unload Cycle Count Real value 5,536 Current 98 Worst 98 Threshold 0 Raw Value 00000015A0 Status Good C2 Attribute name Temperature Real value 34 °C Current 34 Worst 49 Threshold 0 Raw Value 0000000022 Status Good C5 Attribute name Current Pending Sector Count Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good C6 Attribute name Uncorrectable Sector Count Real value 0 Current 100 Worst 100 Threshold 0 Raw Value 0000000000 Status Good C7 Attribute name UltraDMA CRC Error Count Real value 0 Current 200 Worst 200 Threshold 0 Raw Value 0000000000 Status Good F0 Attribute name Head Flying Hours Real value 186d 20h Current 100 Worst 253 Threshold 0 Raw Value 0000001184 Status Good F1 Attribute name Total LBAs Written Real value 41,954,513,730 Current 100 Worst 253 Threshold 0 Raw Value 00C4AF1342 Status Good F2 Attribute name Total LBAs Read Real value 867,092,599,838 Current 100 Worst 253 Threshold 0 Raw Value 00E2BF141E Status Good Partition 0 Partition ID Disk #0, Partition #0 File System NTFS Volume Serial Number 92536A83 Size 499 MB Used Space 278 MB (55%) Free Space 221 MB (45%) Partition 1 Partition ID Disk #0, Partition #1 Disk Letter C: File System NTFS Volume Serial Number EE5D34F1 Size 438 GB Used Space 177 GB (40%) Free Space 261 GB (60%) Partition 2 Partition ID Disk #0, Partition #2 Disk Letter E: File System NTFS Volume Serial Number EC361933 Size 492 GB Used Space 19.6 GB (3%) Free Space 472 GB (97%) Optical Drives TSSTcorp CDDVDW SH-S203B Media Type DVD Writer Name TSSTcorp CDDVDW SH-S203B Availability Running/Full Power Capabilities Random Access, Supports Writing, Supports Removable Media Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL Config Manager Error Code Device is working properly Config Manager User Config FALSE Drive D: Media Loaded FALSE SCSI Bus 1 SCSI Logical Unit 0 SCSI Port 2 SCSI Target Id 0 Status OK Audio Sound Cards NVIDIA Miracast Audio Realtek High Definition Audio NVIDIA Virtual Audio Device (Wave Extensible) (WDM) NVIDIA High Definition Audio Playback Device Speakers (2- Realtek High Definition Audio) Recording Devices Microphone (2- Realtek High Definition Audio) (default) Line In (2- Realtek High Definition Audio) Speaker Configuration Speaker type 5.1 Peripherals HID Keyboard Device Device Kind Keyboard Device Name HID Keyboard Device Vendor Chicony Electronics Co Ltd Location USB Input Device Driver Date 6-21-2006 Version 6.3.9600.17393 File C:\Windows\system32\DRIVERS\kbdhid.sys File C:\Windows\system32\DRIVERS\kbdclass.sys HID-compliant mouse Device Kind Mouse Device Name HID-compliant mouse Vendor PixArt Imaging Location USB Input Device Driver Date 6-21-2006 Version 6.3.9600.17393 File C:\Windows\system32\DRIVERS\mouhid.sys File C:\Windows\system32\DRIVERS\mouclass.sys Printers Network You are connected to the internet Connected through Realtek PCIe GBE Family Controller IP Address 192.168.1.231 Subnet mask 255.255.255.0 Gateway server 192.168.1.254 Preferred DNS server 192.168.1.254 DHCP Enabled DHCP server 192.168.1.254 External IP Address 78.61.129.16 Adapter Type Ethernet NetBIOS over TCP/IP Enabled via DHCP NETBIOS Node Type Hybrid node Link Speed 0 Bps Computer Name NetBIOS Name DARKNET DNS Name Darknet Membership Part of workgroup Workgroup WORKGROUP Remote Desktop Disabled Console State Active Domain Darknet WinInet Info LAN Connection Local system uses a local area network to connect to the Internet Local system has RAS to connect to the Internet Wi-Fi Info Wi-Fi not enabled WinHTTPInfo WinHTTPSessionProxyType No proxy Session Proxy Session Proxy Bypass Connect Retries 5 Connect Timeout (ms) 60,000 HTTP Version HTTP 1.1 Max Connects Per 1.0 Servers INFINITE Max Connects Per Servers INFINITE Max HTTP automatic redirects 10 Max HTTP status continue 10 Send Timeout (ms) 30,000 IEProxy Auto Detect Yes IEProxy Auto Config IEProxy IEProxy Bypass Default Proxy Config Access Type No proxy Default Config Proxy Default Config Proxy Bypass Sharing and Discovery Network Discovery Enabled File and Printer Sharing Enabled File and printer sharing service Enabled Simple File Sharing Enabled Administrative Shares Enabled Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves Adapters List Enabled Realtek PCIe GBE Family Controller Connection-specific DNS Suffix home Connection Name Ethernet NetBIOS over TCPIP Yes DHCP enabled Yes MAC Address D0-50-99-5A-03-E7 IP Address 192.168.1.231 Subnet mask 255.255.255.0 Gateway server 192.168.1.254 DHCP 192.168.1.254 DNS Server 192.168.1.254 Network Shares Users C:\Users Current TCP Connections C:\Program Files (x86)\Mozilla Firefox\firefox.exe (1208) Local 127.0.0.1:54560 ESTABLISHED Remote 127.0.0.1:54561 (Querying... ) Local 127.0.0.1:54561 ESTABLISHED Remote 127.0.0.1:54560 (Querying... ) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3324) Local 127.0.0.1:54563 ESTABLISHED Remote 127.0.0.1:54564 (Querying... ) Local 127.0.0.1:54564 ESTABLISHED Remote 127.0.0.1:54563 (Querying... ) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (3740) Local 127.0.0.1:54537 ESTABLISHED Remote 127.0.0.1:54523 (Querying... ) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (676) Local 127.0.0.1:54523 LISTEN Local 127.0.0.1:54523 ESTABLISHED Remote 127.0.0.1:54537 (Querying... ) lsass.exe (728) Local 0.0.0.0:49155 LISTEN MBAMService.exe (616) Local 192.168.1.231:54448 CLOSE-WAIT Remote 52.24.1.181:443 (Querying... ) (HTTPS) nvcontainer.exe (1800) Local 127.0.0.1:54458 ESTABLISHED Remote 127.0.0.1:65001 (Querying... ) Local 127.0.0.1:65000 LISTEN Local 127.0.0.1:65001 LISTEN Local 127.0.0.1:65001 ESTABLISHED Remote 127.0.0.1:54458 (Querying... ) services.exe (692) Local 0.0.0.0:49162 LISTEN svchost.exe (460) Local 0.0.0.0:49153 LISTEN svchost.exe (576) Local 0.0.0.0:49154 LISTEN svchost.exe (860) Local 0.0.0.0:135 (DCE) LISTEN System Process Local 0.0.0.0:80 (HTTP) LISTEN Local 0.0.0.0:445 (Windows shares) LISTEN Local 0.0.0.0:2869 LISTEN Local 0.0.0.0:5357 LISTEN Local 0.0.0.0:10243 LISTEN Local 192.168.1.231:139 (NetBIOS session service) LISTEN wininit.exe (636) Local 0.0.0.0:49152 LISTEN wmpnetwk.exe (4940) Local 0.0.0.0:554 LISTEN Generated with Speccy v1.30.730