Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something is not right


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Were you able to make a new folder in Temp?

 

Right click on Temp and select Properties.

 

Now click on Security.  It should show at least 3 users.  System, your login, and Administrators.  Does it?  Click on each and see if everything is checked under Allow


  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Addition to the above:

 

This is sort of what you should see in Properties:

 

[attachment=80432:temp.jpg]

 

Ron is my login.

 

 

 

 


  • 0

#18
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Yes it allowed me to create "New Folder".  Temp properties shows two lines:

 

1st line: My name & e-mail

 

2nd line: Administrators (Ralph\Administrators)


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

(Right click on TEMP and select Properties then Security) Click on Edit then on Add.  Type in: Everyone

then Check Names.  Then OK.  Then click on Everyone, and check Full Control under Allow.  OK.  

 

Now go back and try and run the  DISM command again


  • 0

#20
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

OK, this time it's running. Have an appointment, will update you later. Thanks


  • 0

#21
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568D2607-2E95-4D32-82E0-0BC464E51599}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568D2607-2E95-4D32-82E0-0BC464E51599}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C1E17B6-33A6-4B92-85A1-08BF5196D5F1}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C1E17B6-33A6-4B92-85A1-08BF5196D5F1}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D277F32-B4A8-4C34-AD42-B65329D0630C}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D277F32-B4A8-4C34-AD42-B65329D0630C}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69144A40-0124-430B-B3F8-B22DCE590922}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69144A40-0124-430B-B3F8-B22DCE590922}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => key not found.
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71C9B2DE-7999-4745-B97B-A5399F3AB7F8}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71C9B2DE-7999-4745-B97B-A5399F3AB7F8}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F7B6BB1-A4ED-4587-95BF-1343A39A74B7}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F7B6BB1-A4ED-4587-95BF-1343A39A74B7}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProfessionalCleaningSoftware_Start => key not found.
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8080D58F-F969-48BD-9B6E-EA6DFA8CFD76}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8080D58F-F969-48BD-9B6E-EA6DFA8CFD76}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C726201-EFB2-45A5-8213-3ED0C8E42C15}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C726201-EFB2-45A5-8213-3ED0C8E42C15}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E9C390E-B679-44BC-975F-8E9954E01EFC}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9C390E-B679-44BC-975F-8E9954E01EFC}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DAC99AF-40EB-4E23-B19B-F5E8D748B054}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DAC99AF-40EB-4E23-B19B-F5E8D748B054}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2791BBA-30B1-4CF1-8DA8-3B7E91892AC0}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2791BBA-30B1-4CF1-8DA8-3B7E91892AC0}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B357D940-DADB-41F4-AAB1-2F0833166F51}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B357D940-DADB-41F4-AAB1-2F0833166F51}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>C:\WINDOWS\System32\Tasks\PocketCloud => moved successfully
'C:\WINDOWS\System32\Tasks\PocketCloud' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PocketCloud" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CBECAE10-CCB7-4E4B-8994-FF26BDE300C2}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBECAE10-CCB7-4E4B-8994-FF26BDE300C2}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>C:\WINDOWS\System32\Tasks\JetBoost_AutoUpdate => moved successfully
'C:\WINDOWS\System32\Tasks\JetBoost_AutoUpdate' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JetBoost_AutoUpdate" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFC78AED-C551-4E41-975A-6071343F4BE8}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC78AED-C551-4E41-975A-6071343F4BE8}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D980C5EA-9D4A-498A-AA76-F972309D9970}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D980C5EA-9D4A-498A-AA76-F972309D9970}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>C:\WINDOWS\System32\Tasks\PocketCloudUpdater => moved successfully
'C:\WINDOWS\System32\Tasks\PocketCloudUpdater' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PocketCloudUpdater" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE05D4C9-6234-4612-8442-C9CE60CD2F75}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE05D4C9-6234-4612-8442-C9CE60CD2F75}" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C99700C-C51E-4ADA-AC61-0284AAA6197F} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4F407F2-05BE-487A-A960-E3D3C38EC2F9} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFAB4BF0-1742-4B5D-8D88-B9202D85A153} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FEA035A-B718-442B-BEF9-9E2062C15298} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{083EA1E7-9E50-4298-8DA5-BDE5A7428DA3} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{935B70A3-F6FE-4C80-A69D-1D8E92E5A88A} => value removed successfully
The system cannot find the path specified.

C:\WINDOWS\system32>EmptyTemp: => 655.8 MB temporary data Removed.
'EmptyTemp:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>
C:\WINDOWS\system32>The system needed a reboot.
'The' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>==== End of Fixlog 16:29:31 ====
'End' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>


  • 0

#22
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 24/02/2016 1:56:58 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/02/2016 6:48:05 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 07/02/2016 10:17:27 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 20/12/2015 6:35:39 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 15/12/2015 1:14:03 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/02/2016 5:23:25 PM
Type: Error Category: 0
Event: 137 Source: Microsoft-Windows-Kernel-Power
The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

Log: 'System' Date/Time: 24/02/2016 4:04:48 PM
Type: Error Category: 0
Event: 137 Source: Microsoft-Windows-Kernel-Power
The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

Log: 'System' Date/Time: 23/02/2016 11:26:33 PM
Type: Error Category: 0
Event: 137 Source: Microsoft-Windows-Kernel-Power
The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

Log: 'System' Date/Time: 23/02/2016 9:34:38 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 23/02/2016 9:31:21 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The LiveUpdateSvc service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 23/02/2016 9:30:22 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_283b9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 23/02/2016 9:30:22 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Storage_283b9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 23/02/2016 9:30:22 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Contact Data_283b9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 23/02/2016 9:30:22 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Sync Host_283b9 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 23/02/2016 9:30:22 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 23/02/2016 8:59:27 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca as Unavailable/Unavailable. The error: "15616" Happened while starting this command: "C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer

Log: 'System' Date/Time: 23/02/2016 8:54:40 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user Ralph\start_000 SID (S-1-5-21-4239315751-2608994865-2960470113-1008) from address LocalHost (Using LRPC) running in the application container Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 23/02/2016 2:17:32 PM
Type: Error Category: 0
Event: 137 Source: Microsoft-Windows-Kernel-Power
The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

Log: 'System' Date/Time: 22/02/2016 10:13:15 PM
Type: Error Category: 0
Event: 137 Source: Microsoft-Windows-Kernel-Power
The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

Log: 'System' Date/Time: 22/02/2016 8:44:34 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 22/02/2016 8:40:21 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Access_51d49 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 22/02/2016 8:40:21 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The User Data Storage_51d49 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 22/02/2016 8:40:21 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Contact Data_51d49 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 22/02/2016 8:40:21 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Sync Host_51d49 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Log: 'System' Date/Time: 22/02/2016 8:40:21 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/02/2016 6:48:50 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 24/02/2016 4:25:32 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 24/02/2016 4:25:25 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.

Log: 'System' Date/Time: 24/02/2016 3:32:08 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 23/02/2016 9:31:12 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 23/02/2016 9:31:12 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\PocketCloudVirtualChannel definition. Additional Data: Error Value: C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WPCRDPVirtualChannelServer.exe.

Log: 'System' Date/Time: 23/02/2016 8:54:29 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 23/02/2016 8:54:22 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.

Log: 'System' Date/Time: 23/02/2016 12:51:59 PM
Type: Warning Category: 0
Event: 4230 Source: Tcpip
TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.  This could be related to a problem in the TCP global or supplemental configuration and will cause  degraded throughput.

Log: 'System' Date/Time: 23/02/2016 12:47:12 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/02/2016 8:41:13 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Please visit http://support.microsoft.com/kb/197571for more information.

Log: 'System' Date/Time: 22/02/2016 8:41:11 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\PocketCloudUpdater definition. Additional Data: Error Value: C:\Program.

Log: 'System' Date/Time: 22/02/2016 8:41:09 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\PocketCloudVirtualChannel definition. Additional Data: Error Value: C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WPCRDPVirtualChannelServer.exe.

Log: 'System' Date/Time: 22/02/2016 8:41:09 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\JetBoost_AutoUpdate definition. Additional Data: Error Value: C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe.

Log: 'System' Date/Time: 22/02/2016 8:41:09 PM
Type: Warning Category: 414
Event: 414 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service found a misconfiguration in the NT TASK\PocketCloud definition. Additional Data: Error Value: C:\Program.

Log: 'System' Date/Time: 22/02/2016 7:55:13 PM
Type: Warning Category: 0
Event: 4230 Source: Tcpip
TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.  This could be related to a problem in the TCP global or supplemental configuration and will cause  degraded throughput.

Log: 'System' Date/Time: 22/02/2016 6:23:19 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.

Log: 'System' Date/Time: 21/02/2016 3:47:25 PM
Type: Warning Category: 0
Event: 4230 Source: Tcpip
TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.  This could be related to a problem in the TCP global or supplemental configuration and will cause  degraded throughput.

Log: 'System' Date/Time: 21/02/2016 3:46:25 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 20/02/2016 1:41:11 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe GBE Family Controller is disconnected from network.
 


  • 0

#23
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 24/02/2016 1:59:39 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/02/2016 10:00:09 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program firefox.exe version 44.0.2.5884 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.  Process ID: 235c  Start Time: 01d16e858210878d  Termination Time: 21  Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Report Id: c42f0b8a-da78-11e5-bef7-c81f6612a0d1  Faulting package full name:   Faulting package-relative application ID:  

Log: 'Application' Date/Time: 23/02/2016 9:35:27 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program firefox.exe version 44.0.2.5884 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.  Process ID: 1920  Start Time: 01d16e81bf182bc5  Termination Time: 9  Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Report Id: 50c9ed68-da75-11e5-bef7-c81f6612a0d1  Faulting package full name:   Faulting package-relative application ID:  

Log: 'Application' Date/Time: 23/02/2016 9:32:15 PM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 23/02/2016 8:59:27 PM
Type: Error Category: 5973
Event: 5973 Source: Microsoft-Windows-Immersive-Shell
Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started because it is currently updating. See the Microsoft-Windows-TWinUI/Operational log for additional information.

Log: 'Application' Date/Time: 23/02/2016 1:31:58 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35 Faulting module name: chakra.dll, version: 11.0.10586.103, time stamp: 0x56a849ae Exception code: 0xc0000005 Fault offset: 0x000000000018af4e Faulting process id: 0x1638 Faulting application start time: 0x01d16e3a535d53cf Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: C:\WINDOWS\SYSTEM32\chakra.dll Report Id: c96829c1-b8fe-4743-b672-c0fb5ed20d72 Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge

Log: 'Application' Date/Time: 22/02/2016 9:05:45 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.103, time stamp: 0x56a84dc4 Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4 Exception code: 0xc0000005 Fault offset: 0x00000000000780cd Faulting process id: 0x988 Faulting application start time: 0x01d16db1b1fef5e5 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Faulting module path: C:\WINDOWS\system32\CoreUIComponents.dll Report Id: 0297d095-3f4c-4da6-982f-e5a89512b25f Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge

Log: 'Application' Date/Time: 22/02/2016 9:05:31 PM
Type: Error Category: 0
Event: 513 Source: Microsoft-Windows-CAPI2
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied. .

Log: 'Application' Date/Time: 22/02/2016 9:03:19 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9 Exception code: 0xc0000005 Fault offset: 0x00ac6197 Faulting process id: 0x1234 Faulting application start time: 0x01d16db16babc851 Faulting application path: C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe Faulting module path: C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll Report Id: 5f820027-c94f-4e27-b4f2-985525e6cf9e Faulting package full name: Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Log: 'Application' Date/Time: 22/02/2016 8:52:33 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 20/02/2016 1:51:23 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program MicrosoftEdge.exe version 11.0.10586.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.  Process ID: 2ef4  Start Time: 01d16be45f1d7939  Termination Time: 4294967295  Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe  Report Id: 057aea50-d7d9-11e5-bef5-c81f6612a0d1  Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe  Faulting package-relative application ID: MicrosoftEdge

Log: 'Application' Date/Time: 18/02/2016 5:34:11 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35 Faulting module name: ntdll.dll, version: 10.0.10586.103, time stamp: 0x56a8483f Exception code: 0xc0000005 Fault offset: 0x000000000002e849 Faulting process id: 0x1d90 Faulting application start time: 0x01d16a726ba2de59 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: e8e897fe-a6c6-4c33-956e-983e224eef0e Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge

Log: 'Application' Date/Time: 18/02/2016 5:33:00 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35 Faulting module name: chakra.dll, version: 11.0.10586.103, time stamp: 0x56a849ae Exception code: 0xc0000005 Fault offset: 0x000000000018af4e Faulting process id: 0x2174 Faulting application start time: 0x01d16a7243bdfda6 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: C:\WINDOWS\SYSTEM32\chakra.dll Report Id: ecf59801-3063-4a65-9fab-8487444ccd74 Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge

Log: 'Application' Date/Time: 17/02/2016 10:49:32 PM
Type: Error Category: 0
Event: 1024 Source: MsiInstaller
Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Log: 'Application' Date/Time: 16/02/2016 9:42:39 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Log: 'Application' Date/Time: 16/02/2016 6:52:01 PM
Type: Error Category: 0
Event: 35 Source: SideBySide
Activation context generation failed for "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 16/02/2016 6:50:24 PM
Type: Error Category: 3
Event: 7010 Source: Microsoft-Windows-Search
The index cannot be initialized.

Details:
    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


Log: 'Application' Date/Time: 16/02/2016 6:50:24 PM
Type: Error Category: 3
Event: 3058 Source: Microsoft-Windows-Search
The application cannot be initialized.

Context: Windows Application

Details:
    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


Log: 'Application' Date/Time: 16/02/2016 6:50:24 PM
Type: Error Category: 3
Event: 3028 Source: Microsoft-Windows-Search
The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


Log: 'Application' Date/Time: 16/02/2016 6:50:24 PM
Type: Error Category: 3
Event: 3029 Source: Microsoft-Windows-Search
The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


Log: 'Application' Date/Time: 16/02/2016 6:50:23 PM
Type: Error Category: 3
Event: 3057 Source: Microsoft-Windows-Search
The plug-in manager <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application

Details:
    (HRESULT : 0x8e5e0210) (0x8e5e0210)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/02/2016 6:50:54 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.


Log: 'Application' Date/Time: 07/02/2016 10:19:14 PM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Corruption}.


Log: 'Application' Date/Time: 22/01/2016 10:00:12 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe' (pid 6824) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/01/2016 7:13:11 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (420) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 1089536 (0x000000000010a000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (74 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 16/01/2016 7:12:36 PM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (420) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 1089536 (0x000000000010a000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 12/01/2016 9:20:46 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe' (pid 25444) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 12/01/2016 8:58:10 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.

Log: 'Application' Date/Time: 10/01/2016 9:58:57 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1268) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 221184 (0x0000000000036000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (23 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/01/2016 8:32:19 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wuaueng.dll (1032) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 626688 (0x0000000000099000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (125 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/01/2016 8:30:49 AM
Type: Warning Category: 1
Event: 533 Source: ESENT
wuaueng.dll (1032) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 626688 (0x0000000000099000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 07/01/2016 7:59:54 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
RemindersServer (4320) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 0 (0x0000000000000000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (18 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 16/12/2015 5:37:30 PM
Type: Warning Category: 3
Event: 472 Source: ESENT
MicrosoftEdge (14896) C:\Users\start_000\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: The shadow header page of file C:\Users\start_000\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb was damaged. The primary header page (8192 bytes) was used instead.

Log: 'Application' Date/Time: 12/12/2015 2:10:45 PM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-4239315751-2608994865-2960470113-1008}/>.

Context:  Application, SystemIndex Catalog

Details:
    The remote procedure call failed and did not execute.  (HRESULT : 0x800706bf) (0x800706bf)


Log: 'Application' Date/Time: 12/12/2015 2:08:45 PM
Type: Warning Category: 3
Event: 3036 Source: Microsoft-Windows-Search
Crawl could not be completed on content source <iehistory://{S-1-5-21-4239315751-2608994865-2960470113-1008}/>.

Context:  Application, SystemIndex Catalog

Details:
    The remote procedure call failed and did not execute.  (HRESULT : 0x800706bf) (0x800706bf)


Log: 'Application' Date/Time: 04/12/2015 1:51:42 PM
Type: Warning Category: 3
Event: 2001 Source: LMS
LMS lost connection to Intel® MEI driver


Log: 'Application' Date/Time: 01/12/2015 4:03:40 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 0 (0x0000000000000000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (28 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 4837 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 01/12/2015 2:42:57 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 737280 (0x00000000000b4000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (26 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 10 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 01/12/2015 2:42:54 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 16384 (0x0000000000004000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 01/12/2015 2:42:54 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\edb.log" at offset 53248 (0x000000000000d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 29/11/2015 3:15:12 AM
Type: Warning Category: 3
Event: 3023 Source: Microsoft-Windows-Search
The update cannot be started because all of the content sources were excluded by site path rules, or removed from the index configuration.

Context:  Application, SystemIndex Catalog

Details:
    The URL was already processed during this update. If you received this message while processing alerts, then the alerts are redundant, or else Modify should be used instead of Add.  (HRESULT : 0x80040d0d) (0x80040d0d)

 


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

DISM completed OK?

 

Did you then run SFC /SCANNOW ?

 

I would uninstall PocketCloud as it is causing all sorts of errors.  I think it's poorly written as it creates tasks that don't work.

 

Event: 4230 Source: Tcpip

TCP/IP has chosen to restrict the congestion window for several connections due to a network condition.  This could be related to a problem in the TCP global or supplemental configuration and will cause  degraded throughput.

 

 

 

haven't seen this one in a while.  Is your WiFi showing a strong signal?

 

Go to http://www.speedtest.net/and click on Begin Test
 
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
 
Is that about the speed you expect?
 
Some of your errors are claiming that the hardware is at fault.  Let's check the temps and hard drive:
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.  (More Reply Options then Choose File, point it at the file then Open then Attach this File.)
 

  • 0

#25
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Yes, DISM completed OK.  Here is scannow:

C:\WINDOWS\system32>Type: Warning Category: 0
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 10010 Source: Microsoft-Windows-RestartManager
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Application 'C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe' (pid 25444) cannot be restarted - Application SID does not match Conductor SID..
'Application' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 12/01/2016 8:58:10 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 0
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 8303 Source: Microsoft-Windows-System-Restore
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.
'Scoping' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 10/01/2016 9:58:57 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 508 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>wuaueng.dll (1268) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 221184 (0x0000000000036000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (23 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
The system cannot execute the specified program.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 08/01/2016 8:32:19 AM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 508 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>wuaueng.dll (1032) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 626688 (0x0000000000099000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (125 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
The system cannot execute the specified program.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 08/01/2016 8:30:49 AM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 1
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 533 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>wuaueng.dll (1032) SUS20ClientDataStore: A request to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" at offset 626688 (0x0000000000099000) for 4096 (0x00001000) bytes has not completed for 36 second(s). This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
The system cannot execute the specified program.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 07/01/2016 7:59:54 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 508 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>RemindersServer (4320) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 0 (0x0000000000000000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (18 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
'RemindersServer' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 16/12/2015 5:37:30 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 3
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 472 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>MicrosoftEdge (14896) C:\Users\start_000\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\: The shadow header page of file C:\Users\start_000\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb was damaged. The primary header page (8192 bytes) was used instead.
'MicrosoftEdge' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 12/12/2015 2:10:45 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 3
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 3036 Source: Microsoft-Windows-Search
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Crawl could not be completed on content source <iehistory://{S-1-5-21-4239315751-2608994865-2960470113-1008}/>.Context:  Application, SystemIndex CatalogDetails:The remote procedure call failed and did not execute.  (HRESULT : 0x800706bf) (0x800706bf)
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 12/12/2015 2:08:45 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 3
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 3036 Source: Microsoft-Windows-Search
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Crawl could not be completed on content source <iehistory://{S-1-5-21-4239315751-2608994865-2960470113-1008}/>.Context:  Application, SystemIndex CatalogDetails:The remote procedure call failed and did not execute.  (HRESULT : 0x800706bf) (0x800706bf)
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 04/12/2015 1:51:42 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 3
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 2001 Source: LMS
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>LMS lost connection to Intel® MEI driver
'LMS' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 01/12/2015 4:03:40 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 510 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 0 (0x0000000000000000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (28 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 4837 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
'RemindersServer' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 01/12/2015 2:42:57 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 510 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 737280 (0x00000000000b4000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (26 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 10 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
'RemindersServer' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 01/12/2015 2:42:54 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 508 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\CortanaCoreDb.dat" at offset 16384 (0x0000000000004000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
'RemindersServer' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 01/12/2015 2:42:54 PM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 7
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 508 Source: ESENT
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\edb.log" at offset 53248 (0x000000000000d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
'RemindersServer' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>Log: 'Application' Date/Time: 29/11/2015 3:15:12 AM
'Log:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>Type: Warning Category: 3
The filename, directory name, or volume label syntax is incorrect.

C:\WINDOWS\system32>Event: 3023 Source: Microsoft-Windows-Search
'Event:' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>The update cannot be started because all of the content sources were excluded by site path rules, or removed from the index configuration.Context:  Application, SystemIndex CatalogDetails:The URL was already processed during this update. If you received this message while processing alerts, then the alerts are redundant, or else Modify should be used instead of Add.  (HRESULT : 0x80040d0d) (0x80040d0d)
'The' is not recognized as an internal or external command,
operable program or batch file.

C:\WINDOWS\system32>
C:\WINDOWS\system32>


  • 0

Advertisements


#26
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Pocketcloud has been uninstalled.

 

5114845656.png

 

Download was 29.27Mbps

 

Upload was 4.49Mbps

 

Ping 26ms


  • 0

#27
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Speccy:

 

 

Summary
        Operating System
            Windows 10 Home 64-bit
        CPU
            Intel Core i5 3330 @ 3.00GHz    35 °C
            Ivy Bridge 22nm Technology
        RAM
            8.00GB Dual-Channel DDR3 @ 798MHz (11-11-11-28)
        Motherboard
            Dell Inc. 084J0R (CPU 1)    28 °C
        Graphics
            DELL E2214H ([email protected])
            Intel HD Graphics (Dell)
        Storage
            931GB Seagate ST1000DM003-1CH162 (SATA)    32 °C
        Optical Drives
            PLDS DVD+-RW DH-16AES
        Audio
            High Definition Audio Device
Operating System
    Windows 10 Home 64-bit
    Computer type: Desktop
    Installation Date: 11/23/2015 4:20:35 PM
    
        Windows Security Center
            User Account Control (UAC)    Enabled
            Notify level    2 - Default
            Firewall    Enabled
        Windows Update
            AutoUpdate    Download Automatically and Install at Set Scheduled time
            Schedule Frequency    Every Day
            Schedule Time
        Windows Defender
            Windows Defender    Disabled
        Antivirus
                avast! Antivirus
                    Antivirus    Enabled
                    Company Name    AVAST Software
                    Product Version    11.1.2253
                    Virus Signature Database    Up to date
                Windows Defender
                    Antivirus    Disabled
                    Virus Signature Database    Up to date
        .NET Frameworks installed
            v4.6 Full
            v4.6 Client
            v3.5 SP1
            v3.0 SP2
            v2.0 SP2
        Internet Explorer
            Version    11.103.10586.0
        PowerShell
            Version    5.0.10586.0
        Environment Variables
            USERPROFILE    C:\Users\start_000
            SystemRoot    C:\WINDOWS
                User Variables
                    TEMP    C:\Users\start_000\AppData\Local\Temp
                    TMP    C:\Users\start_000\AppData\Local\Temp
                Machine Variables
                    ComSpec    C:\WINDOWS\system32\cmd.exe
                    FP_NO_HOST_CHECK    NO
                    NUMBER_OF_PROCESSORS    4
                    OS    Windows_NT
                    Path    C:\ProgramData\Oracle\Java\javapath
                    c:\Program Files (x86)\Intel\iCLS Client\
                    c:\Program Files\Intel\iCLS Client\
                    C:\WINDOWS\system32
                    C:\WINDOWS
                    C:\WINDOWS\System32\Wbem
                    C:\WINDOWS\System32\WindowsPowerShell\v1.0\
                    C:\Program Files (x86)\Windows Live\Shared
                    C:\Program Files\Intel\Intel Management Engine Components\DAL
                    C:\Program Files\Intel\Intel Management Engine Components\IPT
                    C:\Program Files (x86)\Intel\Intel Management Engine Components\DAL
                    C:\Program Files (x86)\Intel\Intel Management Engine Components\IPT
                    PATHEXT    .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
                    PROCESSOR_ARCHITECTURE    AMD64
                    PROCESSOR_IDENTIFIER    Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
                    PROCESSOR_LEVEL    6
                    PROCESSOR_REVISION    3a09
                    PSModulePath    C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
                    TEMP    C:\WINDOWS\TEMP
                    TMP    C:\WINDOWS\TEMP
                    USERNAME    SYSTEM
                    windir    C:\WINDOWS
        Power Profile
            Active power scheme    Dell
            Hibernation    Enabled
            Turn Off Monitor after: (On AC Power)    5 min
            Turn Off Hard Disk after: (On AC Power)    20 min
            Suspend after: (On AC Power)    30 min
            Screen saver    Disabled
        Uptime
                Current Session
                    Current Time    2/24/2016 7:03:09 PM
                    Current Uptime    95,540 sec (1 d, 02 h, 32 m, 20 s)
                    Last Boot Time    2/23/2016 4:30:49 PM
        Services
            Running    Application Host Helper Service
            Running    Application Information
            Running    Avast Antivirus
            Running    Background Intelligent Transfer Service
            Running    Background Tasks Infrastructure Service
            Running    Base Filtering Engine
            Running    CNG Key Isolation
            Running    COM+ Event System
            Running    Computer Browser
            Running    Connected User Experiences and Telemetry
            Running    CoreMessaging
            Running    Credential Manager
            Running    Cryptographic Services
            Running    Data Sharing Service
            Running    DCOM Server Process Launcher
            Running    Delivery Optimization
            Running    Device Association Service
            Running    DHCP Client
            Running    Diagnostic Policy Service
            Running    Diagnostic Service Host
            Running    Diagnostic System Host
            Running    Distributed Link Tracking Client
            Running    Distributed Transaction Coordinator
            Running    DNS Client
            Running    Function Discovery Provider Host
            Running    Function Discovery Resource Publication
            Running    Geolocation Service
            Running    Group Policy Client
            Running    HomeGroup Provider
            Running    Human Interface Device Service
            Running    IKE and AuthIP IPsec Keying Modules
            Running    Intel Capability Licensing Service Interface
            Running    Intel Content Protection HECI Service
            Running    Intel Dynamic Application Loader Host Interface Service
            Running    Intel HD Graphics Control Panel Service
            Running    Intel Management and Security Application Local Management Service
            Running    Intel Rapid Storage Technology
            Running    Internet Pass-Through Service
            Running    Local Session Manager
            Running    Message Queuing
            Running    Microsoft Office ClickToRun Service
            Running    Network Connected Devices Auto-Setup
            Running    Network Connection Broker
            Running    Network Connections
            Running    Network List Service
            Running    Network Location Awareness
            Running    Network Store Interface Service
            Running    Peer Networking Identity Manager
            Running    Plug and Play
            Running    Power
            Running    Print Spooler
            Running    Program Compatibility Assistant Service
            Running    Remote Access Auto Connection Manager
            Running    Remote Access Connection Manager
            Running    Remote Procedure Call (RPC)
            Running    RPC Endpoint Mapper
            Running    SAS Core Service
            Running    Secure Socket Tunneling Protocol Service
            Running    Security Accounts Manager
            Running    Security Center
            Running    Server
            Running    Shell Hardware Detection
            Running    State Repository Service
            Running    Superfetch
            Running    System Event Notification Service
            Running    System Events Broker
            Running    Task Scheduler
            Running    TCP/IP NetBIOS Helper
            Running    Themes
            Running    Tile Data model server
            Running    Time Broker
            Running    User Manager
            Running    User Profile Service
            Running    Windows Audio
            Running    Windows Audio Endpoint Builder
            Running    Windows Connection Manager
            Running    Windows Driver Foundation - User-mode Driver Framework
            Running    Windows Event Log
            Running    Windows Firewall
            Running    Windows Font Cache Service
            Running    Windows Image Acquisition (WIA)
            Running    Windows License Manager Service
            Running    Windows Management Instrumentation
            Running    Windows Presentation Foundation Font Cache 3.0.0.0
            Running    Windows Process Activation Service
            Running    Windows Search
            Running    WinHTTP Web Proxy Auto-Discovery Service
            Running    WLAN AutoConfig
            Running    Workstation
            Running    World Wide Web Publishing Service
            Running    ZAtheros Wlan Agent
            Stopped    ActiveX Installer (AxInstSV)
            Stopped    Adobe Acrobat Update Service
            Stopped    Adobe Flash Player Update Service
            Stopped    AllJoyn Router Service
            Stopped    App Readiness
            Stopped    Application Identity
            Stopped    Application Layer Gateway Service
            Stopped    AppX Deployment Service (AppXSVC)
            Stopped    Auto Time Zone Updater
            Stopped    BitLocker Drive Encryption Service
            Stopped    Block Level Backup Engine Service
            Stopped    Bluetooth Handsfree Service
            Stopped    Bluetooth Support Service
            Stopped    BrYNSvc
            Stopped    Certificate Propagation
            Stopped    Client License Service (ClipSVC)
            Stopped    COM+ System Application
            Stopped    Connected Device Platform Service
            Stopped    Cyberlink RichVideo Service(CRVS)
            Stopped    DataCollectionPublishingService
            Stopped    Device Install Service
            Stopped    Device Management Enrollment Service
            Stopped    Device Setup Manager
            Stopped    DevQuery Background Discovery Broker
            Stopped    dmwappushsvc
            Stopped    Downloaded Maps Manager
            Stopped    embeddedmode
            Stopped    Encrypting File System (EFS)
            Stopped    Enterprise App Management Service
            Stopped    Extensible Authentication Protocol
            Stopped    Fax
            Stopped    File History Service
            Stopped    Garmin Device Interaction Service
            Stopped    HomeGroup Listener
            Stopped    Hyper-V Data Exchange Service
            Stopped    Hyper-V Guest Service Interface
            Stopped    Hyper-V Guest Shutdown Service
            Stopped    Hyper-V Heartbeat Service
            Stopped    Hyper-V Remote Desktop Virtualization Service
            Stopped    Hyper-V Time Synchronization Service
            Stopped    Hyper-V VM Session Service
            Stopped    Hyper-V Volume Shadow Copy Requestor
            Stopped    Intel Capability Licensing Service TCP IP Interface
            Stopped    Intel Integrated Clock Controller Service - Intel ICCS
            Stopped    Interactive Services Detection
            Stopped    Internet Connection Sharing (ICS)
            Stopped    Internet Explorer ETW Collector Service
            Stopped    IP Helper
            Stopped    IPsec Policy Agent
            Stopped    KtmRm for Distributed Transaction Coordinator
            Stopped    Link-Layer Topology Discovery Mapper
            Stopped    LiveUpdate
            Stopped    MBAMService
            Stopped    Microsoft Diagnostics Hub Standard Collector Service
            Stopped    Microsoft Account Sign-in Assistant
            Stopped    Microsoft iSCSI Initiator Service
            Stopped    Microsoft Passport
            Stopped    Microsoft Passport Container
            Stopped    Microsoft Software Shadow Copy Provider
            Stopped    Microsoft Storage Spaces SMP
            Stopped    Microsoft Windows SMS Router Service.
            Stopped    Mozilla Maintenance Service
            Stopped    Net.Tcp Port Sharing Service
            Stopped    Netlogon
            Stopped    Network Connectivity Assistant
            Stopped    Network Setup Service
            Stopped    Office Source Engine
            Stopped    Optimize drives
            Stopped    PDFProFiltSrvPP
            Start pending    Peer Name Resolution Protocol
            Stopped    Peer Networking Grouping
            Stopped    Performance Counter DLL Host
            Stopped    Performance Logs & Alerts
            Stopped    Phone Service
            Stopped    PNRP Machine Name Publication Service
            Stopped    Portable Device Enumerator Service
            Stopped    Printer Extensions and Notifications
            Stopped    Problem Reports and Solutions Control Panel Support
            Stopped    Quality Windows Audio Video Experience
            Stopped    Remote Desktop Configuration
            Stopped    Remote Desktop Services
            Stopped    Remote Desktop Services UserMode Port Redirector
            Stopped    Remote Procedure Call (RPC) Locator
            Stopped    Remote Registry
            Stopped    Retail Demo Service
            Stopped    Routing and Remote Access
            Stopped    Secondary Logon
            Stopped    Sensor Data Service
            Stopped    Sensor Monitoring Service
            Stopped    Sensor Service
            Stopped    Smart Card
            Stopped    Smart Card Device Enumeration Service
            Stopped    Smart Card Removal Policy
            Stopped    SNMP Trap
            Stopped    Software Protection
            Stopped    Spot Verifier
            Stopped    SSDP Discovery
            Stopped    Still Image Acquisition Events
            Stopped    Storage Service
            Stopped    Storage Tiers Management
            Stopped    Telephony
            Stopped    TomTomHOMEService
            Stopped    Touch Keyboard and Handwriting Panel Service
            Stopped    Update Orchestrator Service
            Stopped    UPnP Device Host
            Stopped    Virtual Disk
            Stopped    Volume Shadow Copy
            Stopped    W3C Logging Service
            Stopped    WalletService
            Stopped    WebClient
            Stopped    Windows Backup
            Stopped    Windows Biometric Service
            Stopped    Windows Color System
            Stopped    Windows Connect Now - Config Registrar
            Stopped    Windows Defender Network Inspection Service
            Stopped    Windows Defender Service
            Stopped    Windows Encryption Provider Host Service
            Stopped    Windows Error Reporting Service
            Stopped    Windows Event Collector
            Stopped    Windows Installer
            Stopped    Windows Media Player Network Sharing Service
            Stopped    Windows Mobile Hotspot Service
            Stopped    Windows Modules Installer
            Stopped    Windows Push Notifications Service
            Stopped    Windows Remote Management (WS-Management)
            Stopped    Windows Store Service (WSService)
            Stopped    Windows Time
            Stopped    Windows Update
            Stopped    Wired AutoConfig
            Stopped    WMI Performance Adapter
            Stopped    Work Folders
            Stopped    WWAN AutoConfig
            Stopped    Xbox Live Auth Manager
            Stopped    Xbox Live Game Save
            Stopped    Xbox Live Networking Service
        TimeZone
            TimeZone    GMT -5:00 Hours
            Language    English (United States)
            Location    United States
            Format    English (United States)
            Currency    $
            Date Format    M/d/yyyy
            Time Format    h:mm:ss tt
        Scheduler
            2/24/2016 7:24 PM;    Adobe Flash Player Updater
            2/25/2016 4:40 AM;    GarminUpdaterTask
            Adobe Acrobat Update Task
            CCleanerSkipUAC
            Optimize Start Menu Cache Files-S-1-5-21-4239315751-2608994865-2960470113-1001
            Optimize Start Menu Cache Files-S-1-5-21-4239315751-2608994865-2960470113-1008
            SafeZone scheduled Autoupdate 1454594977
        Hotfixes
                Installed
                        2/12/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - February 2016 (KB890830)
                            After the download, this tool runs one time to check your computer
                            for infection by specific, prevalent malicious software (including
                            Blaster, Sasser, and Mydoom) and helps remove any infection that
                            is found. If an infection is found, the tool will display a status
                            report the next time that you start your computer. A new version
                            of the tool will be offered every month. If you want to manually
                            run the tool on your computer, you can download a copy from the
                            Microsoft Download Center, or you can run an online version from
                            microsoft.com. This tool is not a replacement for an antivirus
                            product. To help protect your computer, you should use an antivirus
                            product.
                        2/11/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3135782)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        2/11/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3135173)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        1/29/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124262)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        1/17/2016  Qualcomm Atheros Communications Inc. driver update for Dell Wireless 1506 802.11b/g/n (2.4GHz)
                            This driver was provided by Qualcomm Atheros Communications Inc.
                            for support of Dell Wireless 1506 802.11b/g/n (2.4GHz)
                        1/14/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - January 2016 (KB890830)
                            After the download, this tool runs one time to check your computer
                            for infection by specific, prevalent malicious software (including
                            Blaster, Sasser, and Mydoom) and helps remove any infection that
                            is found. If an infection is found, the tool will display a status
                            report the next time that you start your computer. A new version
                            of the tool will be offered every month. If you want to manually
                            run the tool on your computer, you can download a copy from the
                            Microsoft Download Center, or you can run an online version from
                            microsoft.com. This tool is not a replacement for an antivirus
                            product. To help protect your computer, you should use an antivirus
                            product.
                        1/12/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124263)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        1/7/2016  Update for Internet Explorer Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3133431)
                            Install this update to resolve issues in Windows. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article for more information.
                            After you install this item, you may have to restart your computer.
                        1/2/2016  Intel Corporation - Graphics Adapter WDDM1.0, Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel® HD Graphics
                            Intel Corporation Graphics Adapter WDDM1.0, Graphics Adapter
                            WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 software
                            update released in August, 2015
                        12/31/2015  Security Update for Internet Explorer Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3132372)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        12/19/2015  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3124200)
                            Install this update to resolve issues in Windows. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article for more information.
                            After you install this item, you may have to restart your computer.
                        12/9/2015  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3116900)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        12/9/2015  Security Update for Internet Explorer Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3119147)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        12/9/2015  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - December 2015 (KB890830)
                            After the download, this tool runs one time to check your computer
                            for infection by specific, prevalent malicious software (including
                            Blaster, Sasser, and Mydoom) and helps remove any infection that
                            is found. If an infection is found, the tool will display a status
                            report the next time that you start your computer. A new version
                            of the tool will be offered every month. If you want to manually
                            run the tool on your computer, you can download a copy from the
                            Microsoft Download Center, or you can run an online version from
                            microsoft.com. This tool is not a replacement for an antivirus
                            product. To help protect your computer, you should use an antivirus
                            product.
                        12/4/2015  Intel Corporation - Graphics Adapter WDDM1.0, Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel® HD Graphics
                            Intel Corporation Graphics Adapter WDDM1.0, Graphics Adapter
                            WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 software
                            update released in August, 2015
                        12/4/2015  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3116908)
                            Install this update to resolve issues in Windows. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article for more information.
                            After you install this item, you may have to restart your computer.
                        11/27/2015  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3120677)
                            Install this update to resolve issues in Windows. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article for more information.
                            After you install this item, you may have to restart your computer.
                        11/26/2015  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3120677)
                            Install this update to resolve issues in Windows. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article for more information.
                            After you install this item, you may have to restart your computer.
                        11/24/2015  Security Update for Internet Explorer Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3103688)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                        11/24/2015  Security Update for Internet Explorer Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3103688)
                            A security issue has been identified in a Microsoft software
                            product that could affect your system. You can help protect your
                            system by installing this update from Microsoft. For a complete
                            listing of the issues that are included in this update, see the
                            associated Microsoft Knowledge Base article. After you install
                            this update, you may have to restart your system.
                Not Installed
                        2/11/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - February 2016 (KB890830)
                            Installation Status    Failed
                            After the download, this tool runs one time to check your computer
                            for infection by specific, prevalent malicious software (including
                            Blaster, Sasser, and Mydoom) and helps remove any infection that
                            is found. If an infection is found, the tool will display a status
                            report the next time that you start your computer. A new version
                            of the tool will be offered every month. If you want to manually
                            run the tool on your computer, you can download a copy from the
                            Microsoft Download Center, or you can run an online version from
                            microsoft.com. This tool is not a replacement for an antivirus
                            product. To help protect your computer, you should use an antivirus
                            product.
                        2/4/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.213.5427.0)
                            Installation Status    Failed
                            Install this update to revise the definition files that are used
                            to detect viruses, spyware, and other potentially unwanted software.
                            Once you have installed this item, it cannot be removed.
                        1/12/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - January 2016 (KB890830)
                            Installation Status    Failed
                            After the download, this tool runs one time to check your computer
                            for infection by specific, prevalent malicious software (including
                            Blaster, Sasser, and Mydoom) and helps remove any infection that
                            is found. If an infection is found, the tool will display a status
                            report the next time that you start your computer. A new version
                            of the tool will be offered every month. If you want to manually
                            run the tool on your computer, you can download a copy from the
                            Microsoft Download Center, or you can run an online version from
                            microsoft.com. This tool is not a replacement for an antivirus
                            product. To help protect your computer, you should use an antivirus
                            product.
                        11/27/2015  Definition Update for Windows Defender - KB2267602 (Definition 1.211.1116.0)
                            Installation Status    Failed
                            Install this update to revise the definition files that are used
                            to detect viruses, spyware, and other potentially unwanted software.
                            Once you have installed this item, it cannot be removed.
        System Folders
            Application Data    C:\ProgramData
            Cookies    C:\Users\start_000\AppData\Local\Microsoft\Windows\INetCookies
            Desktop    C:\Users\start_000\Desktop
            Documents    C:\Users\Public\Documents
            Fonts    C:\WINDOWS\Fonts
            Global Favorites    C:\Users\start_000\Favorites
            Internet History    C:\Users\start_000\AppData\Local\Microsoft\Windows\History
            Local Application Data    C:\Users\start_000\AppData\Local
            Music    C:\Users\Public\Music
            Path for burning CD    C:\Users\start_000\AppData\Local\Microsoft\Windows\Burn\Burn
            Physical Desktop    C:\Users\start_000\Desktop
            Pictures    C:\Users\Public\Pictures
            Program Files    C:\Program Files
            Public Desktop    C:\Users\Public\Desktop
            Start Menu    C:\ProgramData\Microsoft\Windows\Start Menu
            Start Menu Programs    C:\ProgramData\Microsoft\Windows\Start Menu\Programs
            Startup    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
            Templates    C:\ProgramData\Microsoft\Windows\Templates
            Temporary Internet Files    C:\Users\start_000\AppData\Local\Microsoft\Windows\INetCache
            User Favorites    C:\Users\start_000\Favorites
            Videos    C:\Users\Public\Videos
            Windows Directory    C:\WINDOWS
            Windows/System    C:\WINDOWS\system32
        Process List
                ApplicationFrameHost.exe
                    Process ID    6384
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\ApplicationFrameHost.exe
                    Memory Usage    25 MB
                    Peak Memory Usage    34 MB
                Ath_WlanAgent.exe
                    Process ID    2812
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
                    Memory Usage    2.45 MB
                    Peak Memory Usage    4.95 MB
                audiodg.exe
                    Process ID    804
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\audiodg.exe
                    Memory Usage    11 MB
                    Peak Memory Usage    13 MB
                AvastSvc.exe
                    Process ID    1640
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                    Memory Usage    80 MB
                    Peak Memory Usage    181 MB
                avastui.exe
                    Process ID    7116
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\AVAST Software\Avast\avastui.exe
                    Memory Usage    22 MB
                    Peak Memory Usage    28 MB
                backgroundTaskHost.exe
                    Process ID    3676
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\backgroundTaskHost.exe
                    Memory Usage    44 MB
                    Peak Memory Usage    44 MB
                browser_broker.exe
                    Process ID    5580
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\browser_broker.exe
                    Memory Usage    9.56 MB
                    Peak Memory Usage    9.56 MB
                BrSupSsp.exe
                    Process ID    6724
                    User    start_000
                    Domain    RALPH
                    Path    C:\Brother\BPRSP\resources\BrSupSsp.exe
                    Memory Usage    2.33 MB
                    Peak Memory Usage    6.51 MB
                Calculator.exe
                    Process ID    3684
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
                    Memory Usage    1.15 MB
                    Peak Memory Usage    43 MB
                CLMLSvc_P2G8.exe
                    Process ID    3820
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
                    Memory Usage    876 KB
                    Peak Memory Usage    9.54 MB
                cmd.exe
                    Process ID    9240
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\cmd.exe
                    Memory Usage    13 MB
                    Peak Memory Usage    14 MB
                conhost.exe
                    Process ID    8392
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\conhost.exe
                    Memory Usage    13 MB
                    Peak Memory Usage    13 MB
                csrss.exe
                    Process ID    580
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\csrss.exe
                    Memory Usage    2.22 MB
                    Peak Memory Usage    4.27 MB
                csrss.exe
                    Process ID    656
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\csrss.exe
                    Memory Usage    5.39 MB
                    Peak Memory Usage    17 MB
                dasHost.exe
                    Process ID    1800
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\dasHost.exe
                    Memory Usage    9.52 MB
                    Peak Memory Usage    12 MB
                dwm.exe
                    Process ID    556
                    User    DWM-1
                    Domain    Window Manager
                    Path    C:\Windows\System32\dwm.exe
                    Memory Usage    56 MB
                    Peak Memory Usage    102 MB
                explorer.exe
                    Process ID    3880
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\explorer.exe
                    Memory Usage    119 MB
                    Peak Memory Usage    165 MB
                firefox.exe
                    Process ID    10204
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                    Memory Usage    363 MB
                    Peak Memory Usage    416 MB
                FlashPlayerPlugin_20_0_0_306.exe
                    Process ID    5124
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
                    Memory Usage    12 MB
                    Peak Memory Usage    12 MB
                FlashPlayerPlugin_20_0_0_306.exe
                    Process ID    9560
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
                    Memory Usage    167 MB
                    Peak Memory Usage    210 MB
                fontdrvhost.exe
                    Process ID    3968
                    Path    C:\Windows\System32\fontdrvhost.exe
                    Memory Usage    1.03 MB
                    Peak Memory Usage    2.76 MB
                HeciServer.exe
                    Process ID    2064
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files\Intel\iCLS Client\HeciServer.exe
                    Memory Usage    1.94 MB
                    Peak Memory Usage    6.64 MB
                IAStorDataMgrSvc.exe
                    Process ID    3320
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files\Intel\Intel Rapid Storage Technology\IAStorDataMgrSvc.exe
                    Memory Usage    19 MB
                    Peak Memory Usage    46 MB
                igfxCUIService.exe
                    Process ID    1260
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\igfxCUIService.exe
                    Memory Usage    2.13 MB
                    Peak Memory Usage    7.97 MB
                igfxEM.exe
                    Process ID    4324
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\igfxEM.exe
                    Memory Usage    7.35 MB
                    Peak Memory Usage    16 MB
                igfxHK.exe
                    Process ID    4260
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\igfxHK.exe
                    Memory Usage    4.46 MB
                    Peak Memory Usage    12 MB
                IntelCpHeciSvc.exe
                    Process ID    1620
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\SysWOW64\IntelCpHeciSvc.exe
                    Memory Usage    2.61 MB
                    Peak Memory Usage    6.75 MB
                Jhi_service.exe
                    Process ID    5424
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files (x86)\Intel\Intel Management Engine Components\DAL\Jhi_service.exe
                    Memory Usage    1.47 MB
                    Peak Memory Usage    5.32 MB
                LMS.exe
                    Process ID    7672
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files (x86)\Intel\Intel Management Engine Components\LMS\LMS.exe
                    Memory Usage    9.50 MB
                    Peak Memory Usage    16 MB
                lsass.exe
                    Process ID    812
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\lsass.exe
                    Memory Usage    11 MB
                    Peak Memory Usage    17 MB
                Microsoft.Photos.exe
                    Process ID    1312
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
                    Memory Usage    2.26 MB
                    Peak Memory Usage    123 MB
                MicrosoftEdge.exe
                    Process ID    2116
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
                    Memory Usage    59 MB
                    Peak Memory Usage    66 MB
                MicrosoftEdgeCP.exe
                    Process ID    7992
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                    Memory Usage    89 MB
                    Peak Memory Usage    96 MB
                mqsvc.exe
                    Process ID    2172
                    User    NETWORK SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\mqsvc.exe
                    Memory Usage    4.66 MB
                    Peak Memory Usage    12 MB
                msdtc.exe
                    Process ID    4576
                    User    NETWORK SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\msdtc.exe
                    Memory Usage    2.64 MB
                    Peak Memory Usage    9.93 MB
                officeclicktorun.exe
                    Process ID    2124
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
                    Memory Usage    27 MB
                    Peak Memory Usage    48 MB
                PassThruSvr.exe
                    Process ID    2212
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
                    Memory Usage    1.91 MB
                    Peak Memory Usage    4.28 MB
                plugin-container.exe
                    Process ID    6420
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
                    Memory Usage    29 MB
                    Peak Memory Usage    32 MB
                PresentationFontCache.exe
                    Process ID    3096
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
                    Memory Usage    8.66 MB
                    Peak Memory Usage    22 MB
                RemindersServer.exe
                    Process ID    4056
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
                    Memory Usage    4.46 MB
                    Peak Memory Usage    23 MB
                RuntimeBroker.exe
                    Process ID    4128
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\RuntimeBroker.exe
                    Memory Usage    46 MB
                    Peak Memory Usage    75 MB
                SASCore64.exe
                    Process ID    1300
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Program Files\SUPERAntiSpyware\SASCore64.exe
                    Memory Usage    1.71 MB
                    Peak Memory Usage    7.07 MB
                SearchFilterHost.exe
                    Process ID    8988
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\SearchFilterHost.exe
                    Memory Usage    9.41 MB
                    Peak Memory Usage    9.41 MB
                SearchIndexer.exe
                    Process ID    3436
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\SearchIndexer.exe
                    Memory Usage    33 MB
                    Peak Memory Usage    34 MB
                SearchProtocolHost.exe
                    Process ID    3896
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\SearchProtocolHost.exe
                    Memory Usage    17 MB
                    Peak Memory Usage    17 MB
                SearchProtocolHost.exe
                    Process ID    2308
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\SearchProtocolHost.exe
                    Memory Usage    6.31 MB
                    Peak Memory Usage    6.32 MB
                SearchUI.exe
                    Process ID    4644
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
                    Memory Usage    62 MB
                    Peak Memory Usage    174 MB
                services.exe
                    Process ID    796
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\services.exe
                    Memory Usage    5.82 MB
                    Peak Memory Usage    8.13 MB
                SettingSyncHost.exe
                    Process ID    668
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\SettingSyncHost.exe
                    Memory Usage    1.92 MB
                    Peak Memory Usage    42 MB
                ShellExperienceHost.exe
                    Process ID    4528
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
                    Memory Usage    23 MB
                    Peak Memory Usage    77 MB
                sihost.exe
                    Process ID    2416
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\sihost.exe
                    Memory Usage    17 MB
                    Peak Memory Usage    22 MB
                SkypeHost.exe
                    Process ID    4092
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
                    Memory Usage    4.86 MB
                    Peak Memory Usage    40 MB
                smss.exe
                    Process ID    456
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\smss.exe
                    Memory Usage    500 KB
                    Peak Memory Usage    1.18 MB
                Speccy64.exe
                    Process ID    7300
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\Speccy\Speccy64.exe
                    Memory Usage    28 MB
                    Peak Memory Usage    28 MB
                SpeechRuntime.exe
                    Process ID    5300
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
                    Memory Usage    13 MB
                    Peak Memory Usage    26 MB
                spoolsv.exe
                    Process ID    1828
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\spoolsv.exe
                    Memory Usage    9.02 MB
                    Peak Memory Usage    20 MB
                SUPERANTISPYWARE.EXE
                    Process ID    6600
                    User    start_000
                    Domain    RALPH
                    Path    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
                    Memory Usage    6.71 MB
                    Peak Memory Usage    79 MB
                svchost.exe
                    Process ID    2272
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    7.25 MB
                    Peak Memory Usage    11 MB
                svchost.exe
                    Process ID    1400
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    19 MB
                    Peak Memory Usage    24 MB
                svchost.exe
                    Process ID    1256
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    5.20 MB
                    Peak Memory Usage    9.90 MB
                svchost.exe
                    Process ID    1492
                    User    NETWORK SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    18 MB
                    Peak Memory Usage    71 MB
                svchost.exe
                    Process ID    1448
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    23 MB
                    Peak Memory Usage    98 MB
                svchost.exe
                    Process ID    1088
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    20 MB
                    Peak Memory Usage    37 MB
                svchost.exe
                    Process ID    1032
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    6.54 MB
                    Peak Memory Usage    10 MB
                svchost.exe
                    Process ID    1028
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    23 MB
                    Peak Memory Usage    33 MB
                svchost.exe
                    Process ID    648
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    46 MB
                    Peak Memory Usage    87 MB
                svchost.exe
                    Process ID    352
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    105 MB
                    Peak Memory Usage    164 MB
                svchost.exe
                    Process ID    888
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    14 MB
                    Peak Memory Usage    23 MB
                svchost.exe
                    Process ID    948
                    User    NETWORK SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    9.52 MB
                    Peak Memory Usage    17 MB
                svchost.exe
                    Process ID    2620
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    6.93 MB
                    Peak Memory Usage    11 MB
                svchost.exe
                    Process ID    2292
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    14 MB
                    Peak Memory Usage    20 MB
                svchost.exe
                    Process ID    5660
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    31 MB
                    Peak Memory Usage    41 MB
                svchost.exe
                    Process ID    9544
                    User    LOCAL SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\svchost.exe
                    Memory Usage    8.23 MB
                    Peak Memory Usage    8.44 MB
                System
                    Process ID    4
                    Memory Usage    117 MB
                    Peak Memory Usage    146 MB
                System Idle Process
                    Process ID    0
                SystemSettingsBroker.exe
                    Process ID    7556
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\SystemSettingsBroker.exe
                    Memory Usage    3.25 MB
                    Peak Memory Usage    13 MB
                taskhostw.exe
                    Process ID    4860
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\taskhostw.exe
                    Memory Usage    17 MB
                    Peak Memory Usage    27 MB
                unsecapp.exe
                    Process ID    5916
                    User    start_000
                    Domain    RALPH
                    Path    C:\Windows\System32\wbem\unsecapp.exe
                    Memory Usage    2.96 MB
                    Peak Memory Usage    6.84 MB
                wininit.exe
                    Process ID    680
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\wininit.exe
                    Memory Usage    1.30 MB
                    Peak Memory Usage    4.73 MB
                winlogon.exe
                    Process ID    716
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\winlogon.exe
                    Memory Usage    4.93 MB
                    Peak Memory Usage    17 MB
                WmiPrvSE.exe
                    Process ID    3784
                    User    NETWORK SERVICE
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\wbem\WmiPrvSE.exe
                    Memory Usage    16 MB
                    Peak Memory Usage    16 MB
                WmiPrvSE.exe
                    Process ID    9436
                    User    SYSTEM
                    Domain    NT AUTHORITY
                    Path    C:\Windows\System32\wbem\WmiPrvSE.exe
                    Memory Usage    7.36 MB
                    Peak Memory Usage    7.36 MB
        Security Options
            Accounts: Administrator account status    Disabled
            Accounts: Block Microsoft accounts    Not Defined
            Accounts: Guest account status    Disabled
            Accounts: Limit local account use of blank passwords to console logon only    Disabled
            Accounts: Rename administrator account    Administrator
            Accounts: Rename guest account    Guest
            Audit: Audit the access of global system objects    Disabled
            Audit: Audit the use of Backup and Restore privilege    Disabled
            Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings    Not Defined
            Audit: Shut down system immediately if unable to log security audits    Disabled
            DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax    Not Defined
            DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax    Not Defined
            Devices: Allow undock without having to log on    Enabled
            Devices: Allowed to format and eject removable media    Not Defined
            Devices: Prevent users from installing printer drivers    Disabled
            Devices: Restrict CD-ROM access to locally logged-on user only    Not Defined
            Devices: Restrict floppy access to locally logged-on user only    Not Defined
            Domain controller: Allow server operators to schedule tasks    Not Defined
            Domain controller: LDAP server signing requirements    Not Defined
            Domain controller: Refuse machine account password changes    Not Defined
            Domain member: Digitally encrypt or sign secure channel data (always)    Enabled
            Domain member: Digitally encrypt secure channel data (when possible)    Enabled
            Domain member: Digitally sign secure channel data (when possible)    Enabled
            Domain member: Disable machine account password changes    Disabled
            Domain member: Maximum machine account password age    30 days
            Domain member: Require strong (Windows 2000 or later) session key    Enabled
            Interactive logon: Display user information when the session is locked    Not Defined
            Interactive logon: Do not display last user name    Disabled
            Interactive logon: Do not require CTRL+ALT+DEL    Not Defined
            Interactive logon: Machine account lockout threshold    Not Defined
            Interactive logon: Machine inactivity limit    Not Defined
            Interactive logon: Message text for users attempting to log on
            Interactive logon: Message title for users attempting to log on
            Interactive logon: Number of previous logons to cache (in case domain controller is not available)    10 logons
            Interactive logon: Prompt user to change password before expiration    5 days
            Interactive logon: Require Domain Controller authentication to unlock workstation    Disabled
            Interactive logon: Require smart card    Disabled
            Interactive logon: Smart card removal behavior    No Action
            Microsoft network client: Digitally sign communications (always)    Disabled
            Microsoft network client: Digitally sign communications (if server agrees)    Enabled
            Microsoft network client: Send unencrypted password to third-party SMB servers    Disabled
            Microsoft network server: Amount of idle time required before suspending session    Not Defined
            Microsoft network server: Attempt S4U2Self to obtain claim information    Not Defined
            Microsoft network server: Digitally sign communications (always)    Disabled
            Microsoft network server: Digitally sign communications (if client agrees)    Disabled
            Microsoft network server: Disconnect clients when logon hours expire    Enabled
            Microsoft network server: Server SPN target name validation level    Not Defined
            Network access: Allow anonymous SID/Name translation    Disabled
            Network access: Do not allow anonymous enumeration of SAM accounts    Enabled
            Network access: Do not allow anonymous enumeration of SAM accounts and shares    Enabled
            Network access: Do not allow storage of passwords and credentials for network authentication    Disabled
            Network access: Let Everyone permissions apply to anonymous users    Disabled
            Network access: Named Pipes that can be accessed anonymously
            Network access: Remotely accessible registry paths    System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
            Network access: Remotely accessible registry paths and sub-paths    System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
            Network access: Restrict anonymous access to Named Pipes and Shares    Enabled
            Network access: Shares that can be accessed anonymously    Not Defined
            Network access: Sharing and security model for local accounts    Classic - local users authenticate as themselves
            Network security: Allow Local System to use computer identity for NTLM    Not Defined
            Network security: Allow LocalSystem NULL session fallback    Not Defined
            Network security: Allow PKU2U authentication requests to this computer to use online identities.

    Not Defined
            Network security: Configure encryption types allowed for Kerberos    Not Defined
            Network security: Do not store LAN Manager hash value on next password change    Enabled
            Network security: Force logoff when logon hours expire    Disabled
            Network security: LAN Manager authentication level    Not Defined
            Network security: LDAP client signing requirements    Negotiate signing
            Network security: Minimum session security for NTLM SSP based (including secure RPC) clients    Require 128-bit encryption
            Network security: Minimum session security for NTLM SSP based (including secure RPC) servers    Require 128-bit encryption
            Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication    Not Defined
            Network security: Restrict NTLM: Add server exceptions in this domain    Not Defined
            Network security: Restrict NTLM: Audit Incoming NTLM Traffic    Not Defined
            Network security: Restrict NTLM: Audit NTLM authentication in this domain    Not Defined
            Network security: Restrict NTLM: Incoming NTLM traffic    Not Defined
            Network security: Restrict NTLM: NTLM authentication in this domain    Not Defined
            Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers    Not Defined
            Recovery console: Allow automatic administrative logon    Enabled
            Recovery console: Allow floppy copy and access to all drives and all folders    Enabled
            Shutdown: Allow system to be shut down without having to log on    Enabled
            Shutdown: Clear virtual memory pagefile    Disabled
            System cryptography: Force strong key protection for user keys stored on the computer    Not Defined
            System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing    Disabled
            System objects: Require case insensitivity for non-Windows subsystems    Enabled
            System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)    Enabled
            System settings: Optional subsystems    Posix
            System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies    Disabled
            User Account Control: Admin Approval Mode for the Built-in Administrator account    Not Defined
            User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop    Disabled
            User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode    Prompt for consent for non-Windows binaries
            User Account Control: Behavior of the elevation prompt for standard users    Prompt for credentials
            User Account Control: Detect application installations and prompt for elevation    Enabled
            User Account Control: Only elevate executables that are signed and validated    Disabled
            User Account Control: Only elevate UIAccess applications that are installed in secure locations    Enabled
            User Account Control: Run all administrators in Admin Approval Mode    Enabled
            User Account Control: Switch to the secure desktop when prompting for elevation    Enabled
            User Account Control: Virtualize file and registry write failures to per-user locations    Enabled
        Device Tree
                ACPI x64-based PC
                        Microsoft ACPI-Compliant System
                            ACPI Fan
                            ACPI Fan
                            ACPI Fan
                            ACPI Fan
                            ACPI Fan
                            ACPI Fixed Feature Button
                            ACPI Power Button
                            ACPI Thermal Zone
                            ACPI Thermal Zone
                            Intel Core i5-3330 CPU @ 3.00GHz
                            Intel Core i5-3330 CPU @ 3.00GHz
                            Intel Core i5-3330 CPU @ 3.00GHz
                            Intel Core i5-3330 CPU @ 3.00GHz
                            System board
                                PCI Express Root Complex
                                    Intel 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
                                    Intel 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
                                    Intel Management Engine Interface
                                    Motherboard resources
                                    PCI-to-PCI Bridge
                                    System board
                                    Xeon processor E3 - 1200 v2/3rd Gen Core processor DRAM Controller - 0150
                                    Xeon processor E3 - 1200 v2/3rd Gen Core processor PCI Express Root Port - 0151
                                        Intel® HD Graphics
                                            Dell E2214H(Analog)
                                        Intel® USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
                                            USB Root Hub (xHCI)
                                        Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
                                                USB Root Hub
                                                        Generic USB Hub
                                                                USB Composite Device
                                                                        USB Input Device
                                                                            HID-compliant vendor-defined device
                                                                        USB Input Device
                                                                            HID-compliant vendor-defined device
                                        High Definition Audio Controller
                                            Intel Display Audio
                                                High Definition Audio Device
                                                    Headphones (High Definition Audio Device)
                                                    Line In (High Definition Audio Device)
                                                    Microphone (High Definition Audio Device)
                                                    Microphone (High Definition Audio Device)
                                                    Speakers (High Definition Audio Device)
                                        Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
                                                Dell Wireless 1506 802.11b/g/n (2.4GHz)
                                                    Microsoft Wi-Fi Direct Virtual Adapter
                                        Intel® 7 Series/C216 Chipset Family PCI Express Root Port 6 - 1E1A
                                            Realtek PCIe GBE Family Controller
                                        Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
                                                USB Root Hub
                                                        Generic USB Hub
                                                                USB Composite Device
                                                                        USB Input Device
                                                                            HID Keyboard Device
                                                                        USB Input Device
                                                                            HID-compliant consumer control device
                                                                            HID-compliant system controller
                                                                USB Input Device
                                                                    HID-compliant mouse
                                        Intel® B75 Express Chipset LPC Controller - 1E49
                                            Direct memory access controller
                                            High precision event timer
                                            Legacy device
                                            Motherboard resources
                                            Motherboard resources
                                            Motherboard resources
                                            Motherboard resources
                                            Numeric data processor
                                            Programmable interrupt controller
                                            System CMOS/real time clock
                                            System timer
                                        Intel® 7 Series/C216 Chipset Family SATA AHCI Controller
                                            PLDS DVD+-RW DH-16AES
                                            ST1000DM003-1CH162
CPU
        Intel Core i5 3330
            Cores    4
            Threads    4
            Name    Intel Core i5 3330
            Code Name    Ivy Bridge
            Package    Socket 1155 LGA
            Technology    22nm
            Specification    Intel Core i5-3330 CPU @ 3.00GHz
            Family    6
            Extended Family    6
            Model    A
            Extended Model    3A
            Stepping    9
            Revision    E1/L1
            Instructions    MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64, NX, VMX, AES, AVX
            Virtualization    Supported, Disabled
            Hyperthreading    Supported, Disabled
            Fan Speed    473 RPM
            Bus Speed    99.8 MHz
            Stock Core Speed    3000 MHz
            Stock Bus Speed    100 MHz
            Average Temperature    35 °C
                Caches
                    L1 Data Cache Size    4 x 32 KBytes
                    L1 Instructions Cache Size    4 x 32 KBytes
                    L2 Unified Cache Size    4 x 256 KBytes
                    L3 Unified Cache Size    6144 KBytes
                Cores
                        Core 0
                            Core Speed    2993.9 MHz
                            Multiplier    x 30.0
                            Bus Speed    99.8 MHz
                            Temperature    32 °C
                            Threads    APIC ID: 0
                        Core 1
                            Core Speed    2993.9 MHz
                            Multiplier    x 30.0
                            Bus Speed    99.8 MHz
                            Temperature    34 °C
                            Threads    APIC ID: 2
                        Core 2
                            Core Speed    2993.9 MHz
                            Multiplier    x 30.0
                            Bus Speed    99.8 MHz
                            Temperature    35 °C
                            Threads    APIC ID: 4
                        Core 3
                            Core Speed    2993.9 MHz
                            Multiplier    x 30.0
                            Bus Speed    99.8 MHz
                            Temperature    37 °C
                            Threads    APIC ID: 6
RAM
        Memory slots
            Total memory slots    2
            Used memory slots    2
            Free memory slots    0
        Memory
            Type    DDR3
            Size    8192 MBytes
            Channels #    Dual
            DRAM Frequency    798.4 MHz
            CAS# Latency (CL)    11 clocks
            RAS# to CAS# Delay (tRCD)    11 clocks
            RAS# Precharge (tRP)    11 clocks
            Cycle Time (tRAS)    28 clocks
            Command Rate (CR)    1T
        Physical Memory
            Memory Usage    37 %
            Total Physical    7.87 GB
            Available Physical    4.89 GB
            Total Virtual    9.12 GB
            Available Virtual    5.81 GB
        SPD
            Number Of SPD Modules    2
                Slot #1
                    Type    DDR3
                    Size    4096 MBytes
                    Manufacturer    Micron Technology
                    Max Bandwidth    PC3-12800 (800 MHz)
                    Part Number    8JTF51264AZ-1G6E1
                    Serial Number    1075488437
                    Week/year    35 / 13
                        Timing table
                                JEDEC #1
                                    Frequency    381.0 MHz
                                    CAS# Latency    5.0
                                    RAS# To CAS#    5
                                    RAS# Precharge    5
                                    tRAS    14
                                    tRC    19
                                    Voltage    1.500 V
                                JEDEC #2
                                    Frequency    457.1 MHz
                                    CAS# Latency    6.0
                                    RAS# To CAS#    6
                                    RAS# Precharge    6
                                    tRAS    16
                                    tRC    22
                                    Voltage    1.500 V
                                JEDEC #3
                                    Frequency    533.3 MHz
                                    CAS# Latency    7.0
                                    RAS# To CAS#    7
                                    RAS# Precharge    7
                                    tRAS    19
                                    tRC    26
                                    Voltage    1.500 V
                                JEDEC #4
                                    Frequency    609.5 MHz
                                    CAS# Latency    8.0
                                    RAS# To CAS#    8
                                    RAS# Precharge    8
                                    tRAS    22
                                    tRC    30
                                    Voltage    1.500 V
                                JEDEC #5
                                    Frequency    685.7 MHz
                                    CAS# Latency    9.0
                                    RAS# To CAS#    9
                                    RAS# Precharge    9
                                    tRAS    24
                                    tRC    33
                                    Voltage    1.500 V
                                JEDEC #6
                                    Frequency    761.9 MHz
                                    CAS# Latency    10.0
                                    RAS# To CAS#    10
                                    RAS# Precharge    10
                                    tRAS    27
                                    tRC    37
                                    Voltage    1.500 V
                                JEDEC #7
                                    Frequency    800.0 MHz
                                    CAS# Latency    11.0
                                    RAS# To CAS#    11
                                    RAS# Precharge    11
                                    tRAS    28
                                    tRC    39
                                    Voltage    1.500 V
                Slot #2
                    Type    DDR3
                    Size    4096 MBytes
                    Manufacturer    Micron Technology
                    Max Bandwidth    PC3-12800 (800 MHz)
                    Part Number    8JTF51264AZ-1G6E1
                    Serial Number    1075488443
                    Week/year    35 / 13
                        Timing table
                                JEDEC #1
                                    Frequency    381.0 MHz
                                    CAS# Latency    5.0
                                    RAS# To CAS#    5
                                    RAS# Precharge    5
                                    tRAS    14
                                    tRC    19
                                    Voltage    1.500 V
                                JEDEC #2
                                    Frequency    457.1 MHz
                                    CAS# Latency    6.0
                                    RAS# To CAS#    6
                                    RAS# Precharge    6
                                    tRAS    16
                                    tRC    22
                                    Voltage    1.500 V
                                JEDEC #3
                                    Frequency    533.3 MHz
                                    CAS# Latency    7.0
                                    RAS# To CAS#    7
                                    RAS# Precharge    7
                                    tRAS    19
                                    tRC    26
                                    Voltage    1.500 V
                                JEDEC #4
                                    Frequency    609.5 MHz
                                    CAS# Latency    8.0
                                    RAS# To CAS#    8
                                    RAS# Precharge    8
                                    tRAS    22
                                    tRC    30
                                    Voltage    1.500 V
                                JEDEC #5
                                    Frequency    685.7 MHz
                                    CAS# Latency    9.0
                                    RAS# To CAS#    9
                                    RAS# Precharge    9
                                    tRAS    24
                                    tRC    33
                                    Voltage    1.500 V
                                JEDEC #6
                                    Frequency    761.9 MHz
                                    CAS# Latency    10.0
                                    RAS# To CAS#    10
                                    RAS# Precharge    10
                                    tRAS    27
                                    tRC    37
                                    Voltage    1.500 V
                                JEDEC #7
                                    Frequency    800.0 MHz
                                    CAS# Latency    11.0
                                    RAS# To CAS#    11
                                    RAS# Precharge    11
                                    tRAS    28
                                    tRC    39
                                    Voltage    1.500 V
Motherboard
    Manufacturer    Dell Inc.
    Model    084J0R (CPU 1)
    Version    A00
    Chipset Vendor    Intel
    Chipset Model    Ivy Bridge
    Chipset Revision    09
    Southbridge Vendor    Intel
    Southbridge Model    P75/B75
    Southbridge Revision    04
    System Temperature    28 °C
        BIOS
            Brand    Dell Inc.
            Version    A10
            Date    5/13/2013
        Voltage
            CPU CORE    0.924 V
            MEMORY CONTROLLER    1.476 V
            +3.3V    2.004 V
            +5V    2.782 V
            -5V    -11.904 V
            +5V HIGH THRESHOLD    2.802 V
            CMOS BATTERY    1.632 V
        PCI Data
                Slot PCI-E
                    Slot Type    PCI-E
                    Slot Usage    In Use
                    Data lanes    x16
                    Slot Designation    PCIEX16
                    Characteristics    3.3V, Shared, PME
                    Slot Number    0
                Slot PCI-E
                    Slot Type    PCI-E
                    Slot Usage    In Use
                    Data lanes    x1
                    Slot Designation    PCIEX1
                    Characteristics    3.3V, Shared, PME
                    Slot Number    1
                Slot PCI-E
                    Slot Type    PCI-E
                    Slot Usage    In Use
                    Data lanes    x1
                    Slot Designation    PCIEX1
                    Characteristics    3.3V, Shared, PME
                    Slot Number    2
                Slot PCI-E
                    Slot Type    PCI-E
                    Slot Usage    In Use
                    Data lanes    x1
                    Slot Designation    PCIEX1
                    Characteristics    3.3V, Shared, PME
                    Slot Number    3
                Slot PCI-E
                    Slot Type    PCI-E
                    Slot Usage    In Use
                    Data lanes    x1
                    Slot Designation    PCIEX1
                    Characteristics    3.3V, Shared, PME
                    Slot Number    4
Graphics
        Monitor
            Name    DELL E2214H on Intel HD Graphics
            Current Resolution    1920x1080 pixels
            Work Resolution    1920x1080 pixels
            State    Enabled, Primary
            Monitor Width    1920
            Monitor Height    1080
            Monitor BPP    32 bits per pixel
            Monitor Frequency    60 Hz
            Device    \\.\DISPLAY1\Monitor0
        Intel HD Graphics
            Manufacturer    Intel
            Model    HD Graphics
            Device ID    8086-0152
            Revision    A
            Subvendor    Dell (1028)
            Current Performance Level    Level 0
            Driver version    10.18.10.4276
                Count of performance levels : 1
                    Level 1 - "Perf Level 0"
Storage
        Hard drives
                ST1000DM003-1CH162
                    Manufacturer    Seagate
                    Heads    16
                    Cylinders    121,601
                    Tracks    31,008,255
                    Sectors    1,953,520,065
                    SATA type    SATA-III 6.0Gb/s
                    Device type    Fixed
                    ATA Standard    ACS2
                    Serial Number    Z1D63150
                    Firmware Version Number    CC47
                    LBA Size    48-bit LBA
                    Power On Count    1746 times
                    Power On Time    228.4 days
                    Speed    7200 RPM
                    Features    S.M.A.R.T., APM, NCQ
                    Max. Transfer Mode    SATA III 6.0Gb/s
                    Used Transfer Mode    SATA III 6.0Gb/s
                    Interface    SATA
                    Capacity    931 GB
                    Real size    1,000,204,886,016 bytes
                    RAID Type    None
                        S.M.A.R.T
                            Status    Good
                            Temperature    32 °C
                            Temperature Range    OK (less than 50 °C)
                                S.M.A.R.T attributes
                                        01
                                            Attribute name    Read Error Rate
                                            Real value    0
                                            Current    117
                                            Worst    99
                                            Threshold    6
                                            Raw Value    0009D8AAC8
                                            Status    Good
                                        03
                                            Attribute name    Spin-Up Time
                                            Real value    0 ms
                                            Current    97
                                            Worst    97
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        04
                                            Attribute name    Start/Stop Count
                                            Real value    1,744
                                            Current    99
                                            Worst    99
                                            Threshold    20
                                            Raw Value    00000006D0
                                            Status    Good
                                        05
                                            Attribute name    Reallocated Sectors Count
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    10
                                            Raw Value    0000000000
                                            Status    Good
                                        07
                                            Attribute name    Seek Error Rate
                                            Real value    0
                                            Current    59
                                            Worst    57
                                            Threshold    30
                                            Raw Value    0006575E8A
                                            Status    Good
                                        09
                                            Attribute name    Power-On Hours (POH)
                                            Real value    228d 10h
                                            Current    94
                                            Worst    94
                                            Threshold    0
                                            Raw Value    000000156A
                                            Status    Good
                                        0A
                                            Attribute name    Spin Retry Count
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    97
                                            Raw Value    0000000000
                                            Status    Good
                                        0C
                                            Attribute name    Device Power Cycle Count
                                            Real value    1,746
                                            Current    99
                                            Worst    99
                                            Threshold    20
                                            Raw Value    00000006D2
                                            Status    Good
                                        B7
                                            Attribute name    SATA Downshift Error Count
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        B8
                                            Attribute name    End-to-End error / IOEDC
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    99
                                            Raw Value    0000000000
                                            Status    Good
                                        BB
                                            Attribute name    Reported Uncorrectable Errors
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        BC
                                            Attribute name    Command Timeout
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        BD
                                            Attribute name    High Fly Writes (WDC)
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        BE
                                            Attribute name    Airflow Temperature
                                            Real value    31 °C
                                            Current    69
                                            Worst    59
                                            Threshold    45
                                            Raw Value    002012001F
                                            Status    Good
                                        BF
                                            Attribute name    G-sense error rate
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        C0
                                            Attribute name    Power-off Retract Count
                                            Real value    21
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000015
                                            Status    Good
                                        C1
                                            Attribute name    Load/Unload Cycle Count
                                            Real value    7,207
                                            Current    97
                                            Worst    97
                                            Threshold    0
                                            Raw Value    0000001C27
                                            Status    Good
                                        C2
                                            Attribute name    Temperature
                                            Real value    31 °C
                                            Current    31
                                            Worst    41
                                            Threshold    0
                                            Raw Value    000000001F
                                            Status    Good
                                        C5
                                            Attribute name    Current Pending Sector Count
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        C6
                                            Attribute name    Uncorrectable Sector Count
                                            Real value    0
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        C7
                                            Attribute name    UltraDMA CRC Error Count
                                            Real value    0
                                            Current    200
                                            Worst    200
                                            Threshold    0
                                            Raw Value    0000000000
                                            Status    Good
                                        F0
                                            Attribute name    Head Flying Hours
                                            Real value    231d 0h
                                            Current    100
                                            Worst    253
                                            Threshold    0
                                            Raw Value    00000015A8
                                            Status    Good
                                        F1
                                            Attribute name    Total LBAs Written
                                            Real value    14,374,517,621
                                            Current    100
                                            Worst    253
                                            Threshold    0
                                            Raw Value    0058C9BB75
                                            Status    Good
                                        F2
                                            Attribute name    Total LBAs Read
                                            Real value    15,206,016,971
                                            Current    100
                                            Worst    253
                                            Threshold    0
                                            Raw Value    008A5967CB
                                            Status    Good
                        Partition 0
                            Partition ID    Disk #0, Partition #0
                            Size    500 MB
                        Partition 1
                            Partition ID    Disk #0, Partition #1
                            Size    40.0 MB
                        Partition 2
                            Partition ID    Disk #0, Partition #2
                            File System    NTFS
                            Volume Serial Number    1AA7B863
                            Size    489 MB
                            Used Space    278 MB (56%)
                            Free Space    211 MB (44%)
                        Partition 3
                            Partition ID    Disk #0, Partition #3
                            Disk Letter    C:
                            File System    NTFS
                            Volume Serial Number    0CAC1D37
                            Size    917 GB
                            Used Space    70 GB (7%)
                            Free Space    847 GB (93%)
                        Partition 4
                            Partition ID    Disk #0, Partition #4
                            File System    NTFS
                            Volume Serial Number    0E69A288
                            Size    449 MB
                            Used Space    346 MB (76%)
                            Free Space    103 MB (24%)
                        Partition 5
                            Partition ID    Disk #0, Partition #5
                            File System    NTFS
                            Volume Serial Number    C0BF1589
                            Size    349 MB
                            Used Space    31.1 MB (8%)
                            Free Space    318 MB (92%)
                        Partition 6
                            Partition ID    Disk #0, Partition #6
                            File System    NTFS
                            Volume Serial Number    1CD112FC
                            Size    11.8 GB
                            Used Space    11.1 GB (94%)
                            Free Space    682 MB (6%)
Optical Drives
        PLDS DVD+-RW DH-16AES
            Media Type    DVD Writer
            Name    PLDS DVD+-RW DH-16AES
            Availability    Running/Full Power
            Capabilities    Random Access, Supports Writing, Supports Removable Media
            Read capabilities    CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
            Write capabilities    CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
            Config Manager Error Code    Device is working properly
            Config Manager User Config    FALSE
            Drive    E:
            Media Loaded    FALSE
            SCSI Bus    1
            SCSI Logical Unit    0
            SCSI Port    0
            SCSI Target Id    0
            Status    OK
Audio
        Sound Cards
            High Definition Audio Device
            Intel Display Audio
        Playback Devices
            Speakers (High Definition Audio Device)    (default)
            Headphones (High Definition Audio Device)
        Recording Devices
            Microphone (High Definition Audio Device)    (default)
            Line In (High Definition Audio Device)
            Microphone (High Definition Audio Device)    (default)
Peripherals
        HID Keyboard Device
            Device Kind    Keyboard
            Device Name    HID Keyboard Device
            Vendor    Unknown
            Location    USB Input Device
                Driver
                    Date    6-21-2006
                    Version    10.0.10586.0
                    File    C:\WINDOWS\system32\DRIVERS\kbdhid.sys
                    File    C:\WINDOWS\system32\DRIVERS\kbdclass.sys
        HID-compliant mouse
            Device Kind    Mouse
            Device Name    HID-compliant mouse
            Vendor    Primax Electronics
            Location    USB Input Device
                Driver
                    Date    6-21-2006
                    Version    10.0.10586.0
                    File    C:\WINDOWS\system32\DRIVERS\mouhid.sys
                    File    C:\WINDOWS\system32\DRIVERS\mouclass.sys
        Brother MFC-J475DW LAN
            Device Kind    Camera/scanner
            Device Name    Brother MFC-J475DW LAN
            Vendor    Brother
                Driver
                    Date    11-5-2013
                    Version    1.0.7.7
                    File    C:\WINDOWS\system32\BrWi212c.dll
                    File    C:\WINDOWS\system32\BrJDec.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\MFJ475DWN\BrTwdFe.ds
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\MFJ475DWN\TWMFJ475DWN.ini
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrTwds.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrTwdsUi.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrTwdScn.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrScnDev.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrStiIf.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrScnFlt.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\BrTwJDec.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\RLACMPCAPI.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Common\brAutCrp.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnAru.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnBul.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnChn.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnCht.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnCze.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnDan.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnDut.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnEng.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnFin.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnFrc.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnFre.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnGer.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnHrv.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnHun.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnInd.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnIta.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnJpn.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnKor.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnNor.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnPol.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnPor.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnPtb.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnRom.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnRus.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnSlv.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnSpa.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnSrl.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnSvk.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnSwe.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnTha.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnTrk.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnUkr.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnUsa.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BRScnVit.chm
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdAru.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdBul.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdChn.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdCht.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdCze.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdDan.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdDut.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdEng.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdFin.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdfrc.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdFre.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdGer.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdHrv.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdHun.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdInd.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdIta.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdJpn.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdKor.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdNor.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdPol.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdPor.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdPtb.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdRom.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdRus.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdSlv.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdSpa.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdSrl.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdSvk.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdSwe.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdTha.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdTrk.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdUkr.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdUsa.dll
                    File    C:\WINDOWS\TWAIN_32\BrSc13a\Lang\BrTwdVit.dll
                    File    C:\WINDOWS\system32\drivers\serscan.sys
        Printers
                Brother MFC-J475DW Printer (Default Printer)
                    Printer Port    BRW3C77E6938438
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    600 * 600 dpi Color
                    Status    Unknown
                        Driver
                            Driver Name    Brother MFC-J475DW Printer (v1.01)
                            Driver Path    C:\WINDOWS\system32\spool\DRIVERS\x64\3\BRPRI13A.DLL
                Brother PC-FAX v.3.2
                    Printer Port    BRW3C77E6938438
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    200 * 200 dpi Monochrome
                    Status    Unknown
                        Driver
                            Driver Name    Brother PC-FAX v.3.2 (v1.00)
                            Driver Path    C:\WINDOWS\system32\spool\DRIVERS\x64\3\BRPRF13A.DLL
                Fax
                    Printer Port    SHRFAX:
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    200 * 200 dpi Monochrome
                    Status    Unknown
                        Driver
                            Driver Name    Microsoft Shared Fax Driver (v4.00)
                            Driver Path    C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
                Microsoft Print to PDF
                    Printer Port    PORTPROMPT:
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    600 * 600 dpi Color
                    Status    Unknown
                        Driver
                            Driver Name    Microsoft Print To PDF (v6.03)
                            Driver Path    C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
                Microsoft XPS Document Writer
                    Printer Port    PORTPROMPT:
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    600 * 600 dpi Color
                    Status    Unknown
                        Driver
                            Driver Name    Microsoft XPS Document Writer v4 (v6.03)
                            Driver Path    C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
                PaperPort Image Printer
                    Printer Port    Nuance Image Printer Writer Port
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    200 * 200 dpi Color
                    Status    Unknown
                        Driver
                            Driver Name    Nuance Image Printer Driver (v6.03)
                            Driver Path    C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
                Send To OneNote 2013
                    Printer Port    nul:
                    Print Processor    winprint
                    Availability    Always
                    Priority    1
                    Duplex    None
                    Print Quality    600 * 600 dpi Color
                    Status    Unknown
                        Driver
                            Driver Name    Send to Microsoft OneNote 15 Driver (v6.03)
                            Driver Path    C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
Network
    You are connected to the internet
    Connected through    Realtek PCIe GBE Family Controller
    IP Address    192.168.1.71
    Subnet mask    255.255.255.0
    Gateway server    192.168.1.254
    Preferred DNS server    192.168.1.254
    DHCP    Enabled
    DHCP server    192.168.1.254
    External IP Address    32.209.57.96
    Adapter Type    Ethernet
    NetBIOS over TCP/IP    Enabled via DHCP
    NETBIOS Node Type    Hybrid node
    Link Speed    1.6 KBps
        Computer Name
            NetBIOS Name    RALPH
            DNS Name    Ralph
            Membership    Part of workgroup
            Workgroup    WORKGROUP
        Remote Desktop
            Disabled
                Console
                    State    Active
                    Domain    RALPH
        WinInet Info
            LAN Connection
            Local system uses a local area network to connect to the Internet
            Local system has RAS to connect to the Internet
        Wi-Fi Info
            Using native Wi-Fi API version    2
            Available access points count    2
                Wi-Fi (ATTUtBnS22)
                    SSID    ATTUtBnS22
                    Frequency    2412000 kHz
                    Channel Number    1
                    Name    ATTUtBnS22
                    Signal Strength/Quality    48
                    Security    Enabled
                    State    The interface is not connected to any network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK
                Wi-Fi (Frontier2544)
                    SSID    Frontier2544
                    Frequency    2462000 kHz
                    Channel Number    11
                    Name    Frontier2544
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is not connected to any network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK
        WinHTTPInfo
            WinHTTPSessionProxyType    No proxy
            Session Proxy
            Session Proxy Bypass
            Connect Retries    5
            Connect Timeout (ms)    60,000
            HTTP Version    HTTP 1.1
            Max Connects Per 1.0 Servers    INFINITE
            Max Connects Per Servers    INFINITE
            Max HTTP automatic redirects    10
            Max HTTP status continue    10
            Send Timeout (ms)    30,000
            IEProxy Auto Detect    Yes
            IEProxy Auto Config
            IEProxy
            IEProxy Bypass
            Default Proxy Config Access Type    No proxy
            Default Config Proxy
            Default Config Proxy Bypass
        Sharing and Discovery
            Network Discovery    Enabled
            File and Printer Sharing    Enabled
            File and printer sharing service    Enabled
            Simple File Sharing    Enabled
            Administrative Shares    Enabled
            Network access: Sharing and security model for local accounts    Classic - local users authenticate as themselves
        Adapters List
                Enabled
                        Dell Wireless 1506 802.11b/g/n (2.4GHz)
                            Connection-specific DNS Suffix    frontier.com
                            Connection Name    Wi-Fi
                            DHCP enabled    Yes
                            MAC Address    3C-77-E6-A5-82-AD
                        Realtek PCIe GBE Family Controller
                            Connection-specific DNS Suffix    frontier.com
                            Connection Name    Ethernet
                            NetBIOS over TCPIP    Yes
                            DHCP enabled    Yes
                            MAC Address    C8-1F-66-12-A0-D1
                            IP Address    192.168.1.71
                            Subnet mask    255.255.255.0
                            Gateway server    192.168.1.254
                            DHCP    192.168.1.254
                            DNS Server    192.168.1.254
        Network Shares
            Users    C:\Users
        Current TCP Connections
                AvastSvc.exe (1640)
                    Local 127.0.0.1:27275    LISTEN
                    Local 192.168.1.71:4607    CLOSE-WAIT Remote 5.45.58.252:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:4612    CLOSE-WAIT Remote 5.45.58.252:80 (Querying... ) (HTTP)
                    Local 127.0.0.1:12563    LISTEN
                    Local 192.168.1.71:13780    ESTABLISHED Remote 77.234.44.25:80 (Querying... ) (HTTP)
                    Local 127.0.0.1:1574    ESTABLISHED Remote 127.0.0.1:1575 (Querying... )
                    Local 127.0.0.1:1575    ESTABLISHED Remote 127.0.0.1:1574 (Querying... )
                    Local 127.0.0.1:1576    LISTEN
                    Local 127.0.0.1:1577    ESTABLISHED Remote 127.0.0.1:1578 (Querying... )
                    Local 127.0.0.1:1578    ESTABLISHED Remote 127.0.0.1:1577 (Querying... )
                    Local 127.0.0.1:1579    LISTEN
                    Local 127.0.0.1:12025    LISTEN
                    Local 127.0.0.1:12110    LISTEN
                    Local 127.0.0.1:12119    LISTEN
                    Local 127.0.0.1:12143    LISTEN
                    Local 127.0.0.1:12465    LISTEN
                    Local 127.0.0.1:12993    LISTEN
                    Local 127.0.0.1:12995    LISTEN
                C:\Program Files (x86)\Mozilla Firefox\firefox.exe (10204)
                    Local 192.168.1.71:14463    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14464    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14465    ESTABLISHED Remote 107.191.134.40:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14466    ESTABLISHED Remote 107.191.134.40:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14469    ESTABLISHED Remote 172.230.64.62:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14473    ESTABLISHED Remote 23.78.188.168:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14474    ESTABLISHED Remote 107.191.134.19:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14475    ESTABLISHED Remote 107.191.134.19:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14480    ESTABLISHED Remote 8.43.72.61:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14481    ESTABLISHED Remote 69.169.85.6:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14490    ESTABLISHED Remote 172.230.83.142:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14494    ESTABLISHED Remote 69.169.86.39:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14497    ESTABLISHED Remote 152.163.66.141:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14509    ESTABLISHED Remote 204.11.109.66:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14516    ESTABLISHED Remote 23.0.160.58:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14520    ESTABLISHED Remote 104.67.66.201:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14532    ESTABLISHED Remote 107.178.242.85:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14534    ESTABLISHED Remote 199.187.193.1:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14540    ESTABLISHED Remote 23.66.178.77:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14553    ESTABLISHED Remote 23.66.191.115:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14569    ESTABLISHED Remote 31.13.69.203:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14577    ESTABLISHED Remote 52.4.237.141:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14579    ESTABLISHED Remote 199.59.149.230:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14580    ESTABLISHED Remote 23.235.33.196:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14587    ESTABLISHED Remote 216.58.219.226:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14588    ESTABLISHED Remote 216.58.219.226:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14595    ESTABLISHED Remote 23.235.33.196:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14605    ESTABLISHED Remote 173.194.204.95:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14613    ESTABLISHED Remote 54.240.160.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14614    ESTABLISHED Remote 54.240.160.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14623    ESTABLISHED Remote 54.240.160.161:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14625    ESTABLISHED Remote 54.240.160.62:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14626    ESTABLISHED Remote 54.240.160.62:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14627    ESTABLISHED Remote 54.240.160.62:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14628    ESTABLISHED Remote 54.240.160.62:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14630    ESTABLISHED Remote 54.240.160.103:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14631    ESTABLISHED Remote 54.240.160.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14632    ESTABLISHED Remote 216.58.217.132:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14633    ESTABLISHED Remote 173.194.206.113:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14636    ESTABLISHED Remote 216.58.217.132:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14639    ESTABLISHED Remote 54.240.160.161:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14641    ESTABLISHED Remote 54.240.160.103:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14646    ESTABLISHED Remote 66.225.197.197:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14655    ESTABLISHED Remote 23.235.39.175:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14657    ESTABLISHED Remote 50.31.164.173:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14662    ESTABLISHED Remote 74.125.226.26:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14669    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14672    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14674    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14675    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14676    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14677    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14689    ESTABLISHED Remote 107.23.122.42:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14690    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14691    ESTABLISHED Remote 199.187.193.7:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14692    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14696    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14697    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 127.0.0.1:13455    ESTABLISHED Remote 127.0.0.1:13454 (Querying... )
                    Local 192.168.1.71:14699    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14700    ESTABLISHED Remote 172.217.0.38:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14705    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14706    ESTABLISHED Remote 172.230.82.6:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14710    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14713    ESTABLISHED Remote 72.21.91.12:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14726    ESTABLISHED Remote 23.66.161.93:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14727    ESTABLISHED Remote 209.15.224.6:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14735    ESTABLISHED Remote 23.66.161.93:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14736    ESTABLISHED Remote 23.66.161.93:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14737    ESTABLISHED Remote 23.66.161.93:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14738    ESTABLISHED Remote 23.66.161.93:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14741    ESTABLISHED Remote 172.230.64.62:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14746    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14747    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14748    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14749    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14750    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14751    ESTABLISHED Remote 31.13.69.194:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14772    ESTABLISHED Remote 89.184.67.69:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14792    ESTABLISHED Remote 199.38.164.157:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14795    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14796    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14797    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14798    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14799    ESTABLISHED Remote 63.135.90.143:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14806    ESTABLISHED Remote 31.13.69.197:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14814    ESTABLISHED Remote 198.54.12.145:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14816    ESTABLISHED Remote 54.192.18.33:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14861    ESTABLISHED Remote 74.217.31.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14862    ESTABLISHED Remote 74.217.31.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14863    ESTABLISHED Remote 74.217.31.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14864    ESTABLISHED Remote 74.217.31.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14865    ESTABLISHED Remote 31.13.71.12:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14866    ESTABLISHED Remote 54.175.136.224:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14868    ESTABLISHED Remote 23.78.197.231:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14870    ESTABLISHED Remote 54.172.130.131:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14872    ESTABLISHED Remote 172.230.91.78:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14874    ESTABLISHED Remote 172.230.91.78:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14875    ESTABLISHED Remote 172.230.92.182:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14876    ESTABLISHED Remote 54.209.117.157:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14878    ESTABLISHED Remote 54.172.130.131:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14879    ESTABLISHED Remote 54.172.130.131:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14884    ESTABLISHED Remote 52.71.96.127:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14886    ESTABLISHED Remote 52.72.17.252:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14888    ESTABLISHED Remote 107.191.134.33:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14889    ESTABLISHED Remote 199.187.193.133:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14890    ESTABLISHED Remote 199.187.193.133:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14898    ESTABLISHED Remote 158.69.134.28:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14901    ESTABLISHED Remote 54.209.119.139:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14902    ESTABLISHED Remote 54.175.136.224:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14904    ESTABLISHED Remote 54.209.150.174:80 (Querying... ) (HTTP)
                    Local 127.0.0.1:13454    ESTABLISHED Remote 127.0.0.1:13455 (Querying... )
                    Local 192.168.1.71:14070    ESTABLISHED Remote 74.121.140.178:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14281    ESTABLISHED Remote 173.194.123.109:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14282    ESTABLISHED Remote 173.194.123.109:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14283    ESTABLISHED Remote 173.194.123.109:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14289    ESTABLISHED Remote 31.13.71.36:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14918    ESTABLISHED Remote 52.20.120.180:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14919    ESTABLISHED Remote 107.191.134.99:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14920    ESTABLISHED Remote 52.73.207.218:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14294    ESTABLISHED Remote 173.194.123.60:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14922    ESTABLISHED Remote 173.194.208.95:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14925    ESTABLISHED Remote 52.72.171.139:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14301    ESTABLISHED Remote 23.235.33.196:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14928    ESTABLISHED Remote 199.187.193.7:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14316    ESTABLISHED Remote 173.194.206.101:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14320    ESTABLISHED Remote 173.194.68.97:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14323    ESTABLISHED Remote 199.27.76.134:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14939    ESTABLISHED Remote 107.21.123.60:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14330    ESTABLISHED Remote 74.125.22.100:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14942    ESTABLISHED Remote 52.5.153.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14944    ESTABLISHED Remote 66.35.58.87:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14945    ESTABLISHED Remote 66.35.58.87:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14946    ESTABLISHED Remote 66.35.58.87:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14950    ESTABLISHED Remote 52.5.153.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14951    ESTABLISHED Remote 52.5.153.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14952    ESTABLISHED Remote 52.5.153.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14953    ESTABLISHED Remote 52.5.153.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14957    ESTABLISHED Remote 66.35.58.84:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14958    ESTABLISHED Remote 66.35.58.78:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14960    ESTABLISHED Remote 107.178.240.47:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14961    ESTABLISHED Remote 23.47.27.27:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14331    ESTABLISHED Remote 107.191.134.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14338    ESTABLISHED Remote 107.191.134.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14341    ESTABLISHED Remote 31.13.69.203:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14348    ESTABLISHED Remote 23.235.46.68:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14357    ESTABLISHED Remote 172.229.252.149:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14361    ESTABLISHED Remote 172.230.89.61:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14972    ESTABLISHED Remote 209.205.209.130:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14367    ESTABLISHED Remote 172.230.81.130:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14974    ESTABLISHED Remote 88.208.34.174:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14370    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14371    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14980    ESTABLISHED Remote 158.69.134.29:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14372    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14373    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14374    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14987    ESTABLISHED Remote 205.185.216.10:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14375    ESTABLISHED Remote 172.230.74.79:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14416    ESTABLISHED Remote 199.187.193.134:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14994    ESTABLISHED Remote 209.197.3.7:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14698    ESTABLISHED Remote 31.13.71.12:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14998    ESTABLISHED Remote 174.36.220.228:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14999    ESTABLISHED Remote 54.172.113.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15000    ESTABLISHED Remote 54.172.113.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15001    ESTABLISHED Remote 54.172.113.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15002    ESTABLISHED Remote 54.172.113.88:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15003    ESTABLISHED Remote 198.232.124.240:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:15004    ESTABLISHED Remote 52.5.153.34:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15005    ESTABLISHED Remote 158.69.134.28:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15006    ESTABLISHED Remote 192.35.249.123:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15007    ESTABLISHED Remote 158.69.134.28:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15008    ESTABLISHED Remote 192.35.249.123:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15009    ESTABLISHED Remote 67.220.190.18:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15010    ESTABLISHED Remote 67.220.190.18:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15012    ESTABLISHED Remote 108.178.14.114:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15013    ESTABLISHED Remote 108.178.14.114:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15014    ESTABLISHED Remote 205.185.216.42:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15015    ESTABLISHED Remote 185.114.32.58:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15016    CLOSE-WAIT Remote 185.114.32.58:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15021    ESTABLISHED Remote 209.205.210.210:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15025    ESTABLISHED Remote 209.46.48.146:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14417    ESTABLISHED Remote 216.58.219.226:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14419    ESTABLISHED Remote 204.11.109.75:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14421    ESTABLISHED Remote 204.11.109.75:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14430    ESTABLISHED Remote 172.230.64.62:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14437    ESTABLISHED Remote 184.29.106.123:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14443    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14453    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14454    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14456    ESTABLISHED Remote 107.191.134.105:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14457    ESTABLISHED Remote 107.191.134.50:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14460    ESTABLISHED Remote 204.77.28.33:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14461    ESTABLISHED Remote 199.16.156.201:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:14462    ESTABLISHED Remote 204.11.109.65:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14997    ESTABLISHED Remote 174.36.220.228:80 (Querying... ) (HTTP)
                C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (4092)
                    Local 192.168.1.71:34000    LISTEN
                C:\Windows\explorer.exe (3880)
                    Local 192.168.1.71:14909    ESTABLISHED Remote 23.47.27.27:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:13340    ESTABLISHED Remote 65.52.108.234:443 (Querying... ) (HTTPS)
                C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (2116)
                    Local 192.168.1.71:15029    ESTABLISHED Remote 199.27.76.64:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15030    ESTABLISHED Remote 199.27.76.64:80 (Querying... ) (HTTP)
                C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (7992)
                    Local 192.168.1.71:15027    ESTABLISHED Remote 199.27.76.64:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15028    ESTABLISHED Remote 199.27.76.64:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15031    ESTABLISHED Remote 172.230.75.56:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15032    ESTABLISHED Remote 172.230.75.56:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15033    ESTABLISHED Remote 74.125.29.113:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15034    ESTABLISHED Remote 74.125.29.113:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15035    ESTABLISHED Remote 169.54.33.138:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15036    ESTABLISHED Remote 169.54.33.138:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15037    ESTABLISHED Remote 74.125.22.155:443 (Querying... ) (HTTPS)
                    Local 192.168.1.71:15038    ESTABLISHED Remote 74.125.22.155:443 (Querying... ) (HTTPS)
                C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe (9560)
                    Local 192.168.1.71:14688    ESTABLISHED Remote 68.232.32.220:1935 (Querying... )
                LMS.exe (7672)
                    Local 127.0.0.1:1681    LISTEN
                    Local 0.0.0.0:16992    LISTEN
                    Local 0.0.0.0:623    LISTEN
                lsass.exe (812)
                    Local 0.0.0.0:1539    LISTEN
                mqsvc.exe (2172)
                    Local 0.0.0.0:2107    LISTEN
                    Local 0.0.0.0:2105    LISTEN
                    Local 0.0.0.0:2103    LISTEN
                    Local 0.0.0.0:1801    LISTEN
                    Local 0.0.0.0:1542    LISTEN
                services.exe (796)
                    Local 0.0.0.0:1543    LISTEN
                spoolsv.exe (1828)
                    Local 0.0.0.0:1540    LISTEN
                svchost.exe (1028)
                    Local 0.0.0.0:1537    LISTEN
                svchost.exe (648)
                    Local 0.0.0.0:1538    LISTEN
                    Local 0.0.0.0:7680    LISTEN
                svchost.exe (948)
                    Local 0.0.0.0:135 (DCE)    LISTEN
                System Process
                    Local 192.168.1.71:14913    TIME-WAIT Remote 162.208.21.242:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14969    TIME-WAIT Remote 205.185.216.42:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14973    TIME-WAIT Remote 209.205.209.130:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14964    TIME-WAIT Remote 8.30.11.16:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14976    TIME-WAIT Remote 88.208.34.174:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14978    TIME-WAIT Remote 67.220.183.66:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14981    TIME-WAIT Remote 158.69.134.29:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14985    TIME-WAIT Remote 69.172.216.111:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14962    TIME-WAIT Remote 23.47.27.27:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14940    TIME-WAIT Remote 107.21.123.60:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14986    TIME-WAIT Remote 69.172.216.111:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14938    TIME-WAIT Remote 192.229.163.43:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14931    TIME-WAIT Remote 174.35.27.75:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14926    TIME-WAIT Remote 52.72.171.139:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14921    TIME-WAIT Remote 52.73.207.218:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14990    TIME-WAIT Remote 162.208.21.242:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14991    TIME-WAIT Remote 162.208.21.242:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14915    TIME-WAIT Remote 205.185.216.10:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:15026    TIME-WAIT Remote 77.234.42.73:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14934    TIME-WAIT Remote 74.217.63.66:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14905    TIME-WAIT Remote 54.209.150.174:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14911    TIME-WAIT Remote 77.234.42.58:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14906    TIME-WAIT Remote 205.185.216.42:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14965    TIME-WAIT Remote 162.208.21.242:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14966    TIME-WAIT Remote 162.208.21.242:80 (Querying... ) (HTTP)
                    Local 192.168.1.71:14967    TIME-WAIT Remote 205.185.216.10:80 (Querying... ) (HTTP)
                System Process
                    Local 0.0.0.0:445 (Windows shares)    LISTEN
                    Local 0.0.0.0:5357    LISTEN
                    Local 192.168.1.71:139 (NetBIOS session service)    LISTEN
                    Local 0.0.0.0:80 (HTTP)    LISTEN
                wininit.exe (680)
                    Local 0.0.0.0:1536    LISTEN
Generated with Speccy v1.29.714


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

OK.  Something went wrong with sfc /scannow

 

looks like you tried to copy the 

 

 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 

But it didn't take and you pasted in the last thing you copied which was the VEW log.

 

Speccy says you have one of those sorry Seagate drives with all of the read errors.

 

  S.M.A.R.T attributes
                                        01
                                            Attribute name    Read Error Rate
                                            Real value    0
                                            Current    117
                                            Worst    99
                                            Threshold    6
                                            Raw Value    0009D8AAC8
                                            Status    Good
...
                                            Attribute name    Seek Error Rate
                                            Real value    0
                                            Current    59
                                            Worst    57
                                            Threshold    30
                                            Raw Value    0006575E8A
                                            Status    Good

 

 

 

 

You should monitor these values.  If they get higher fast then clone the drive before it fails and next time get a Western Digital Black.  Seek and Read errors will slow things down since the HD has to repeat a search every time it gets it wrong.  Could also be the reason for these errors:

 

 

C:\WINDOWS\system32>RemindersServer (5100) CortanaCoreInstance: A request to write to the file "C:\Users\start_000\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ESEDatabase_CortanaCoreInstance\edb.log" at offset 53248 (0x000000000000d000) for 4096 (0x00001000) bytes succeeded, but took an abnormally long time (17 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

 

 

 

 

Try setting your Power Options  to High Performance

 

http://www.tenforums...ndows-10-a.html

 

It seems to have a problem with sleep or hibernation so best not to let it sleep.

 

Speccy doesn't think much of your power supply but Speccy is not reliable about power supply voltages.  However, your errors where it just dies could be caused by a flaky power supply especially since it doesn't seem to leave BSOD errors.


  • 0

#29
starter005

starter005

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

OK, I set it for high performance and I set sleep to "never".

 

Thanks for all of your help and patience.


  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Let's clear the logs and reboot then look at the logs to see what errors we are still getting.

 

To Clear the logs:

 

Copy the next line:

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

Windows key + x and choose Command Line (Admin)  (There are two so make sure you get the admin one)

 

Right click in the Command Window and  Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.

 

When the prompt returns, reboot.

 

Now run VEW as before for both Application and System:

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP