Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System very slow, malwarebytes says no infection?

Malware

  • Please log in to reply

#1
bhzendner

bhzendner

    Member

  • Member
  • PipPipPip
  • 219 posts

ts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by quatrine mb (administrator) on DESKTOP-TCLSL11 (15-07-2016 22:09:53)
Running from C:\Users\quatrine mb\Desktop
Loaded Profiles: quatrine mb (Available Profiles: quatrine mb)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
() C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe
(iSheriff security from the cloud) C:\Program Files (x86)\CloudClient\isfacs.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(iSheriff Security from the cloud) C:\Program Files (x86)\CloudClient\avbdapi3.0.0.71\ccavona64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Spotify Ltd) C:\Users\quatrine mb\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\TOSHIBA\System Setting\Hotkey\TCrdKBB.exe
(iSheriff Cloud Security) C:\Program Files (x86)\CloudClient\isfagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInRC.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(iSheriff Security from the cloud) C:\Program Files (x86)\CloudClient\avbdapi3.0.0.71\ccbdscan64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Trend Micro Inc.) C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\housecall.bin
(Trend Micro Inc.) C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\HouseCallX_x64\HouseCallX.exe
(Kaspersky Lab ZAO) C:\Users\quatrine mb\Desktop\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\quatrine mb\AppData\Local\Temp\{AAAD8619-CCB9-439D-AF5B-C7CC1BA1A5DB}\{C613974E-D9F7-4A94-B260-4BDF7C468C11}.exe
(Trend Micro Inc.) C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\tmase\Inspect.exe
(Insecure.Org) C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [559920 2015-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2016-02-24] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA)
HKLM-x32\...\Run: [CloudClient] => C:\Program Files (x86)\CloudClient\isfagent.exe [2427992 2016-07-13] (iSheriff Cloud Security)
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\Run: [Spotify Web Helper] => C:\Users\quatrine mb\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-12] (Spotify Ltd)
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\Run: [Spotify] => C:\Users\quatrine mb\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-12] (Spotify Ltd)
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\RunOnce: [Uninstall C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\RunOnce: [Uninstall C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1"
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\RunOnce: [Uninstall C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\...\RunOnce: [Uninstall C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
Startup: C:\Users\quatrine mb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-02-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2996a4b1-bb0f-493c-afe4-1e545e1d9d64}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b3a40420-bba6-486f-b181-36850f286ff9}: [DhcpNameServer] 192.168.160.1
 
Internet Explorer:
==================
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba15.msn.com/?pc=TBTE
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.new.toshiba.com?cid=H15C2
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://start.new.toshiba.com?cid=H15C2
SearchScopes: HKU\S-1-5-21-4126747306-3002756303-3608770802-1001 -> DefaultScope {B5049875-0B4C-437B-BF5B-DBD2EB00D97D} URL =
SearchScopes: HKU\S-1-5-21-4126747306-3002756303-3608770802-1001 -> {B5049875-0B4C-437B-BF5B-DBD2EB00D97D} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-02-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
 
Chrome:
=======
CHR Profile: C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-11]
CHR Extension: (Google Docs) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-11]
CHR Extension: (Google Drive) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-11]
CHR Extension: (YouTube) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-11]
CHR Extension: (Google Sheets) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-11]
CHR Extension: (Google Docs Offline) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-15]
CHR Extension: (Gmail) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\quatrine mb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-15]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 Cloud Client Service; C:\Program Files (x86)\CloudClient\isfacs.exe [824408 2016-07-09] (iSheriff security from the cloud)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] ()
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-05-27] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-12] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-18] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2016-02-24] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-06-30] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2016-06-30] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2016-02-24] (Synaptics Incorporated)
R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [326960 2015-06-24] (TOSHIBA)
R2 TOSTABSYSSVC; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe [32560 2015-06-16] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-06-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43000 2015-05-27] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-05-27] (Intel Corporation)
R3 gzflt; C:\Program Files (x86)\CloudClient\avbdapi3.0.0.71\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-02-24] (Intel Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-06-15] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation)
R3 npf; C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\tmase\nmap\npf\x64\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2016-07-15] (Sysinternals - www.sysinternals.com)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-02-24] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45720 2015-06-13] (Toshiba Corporation)
R1 tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [316168 2015-12-24] (Trend Micro Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-15 22:09 - 2016-07-15 22:11 - 00019855 _____ C:\Users\quatrine mb\Desktop\FRST.txt
2016-07-15 22:09 - 2016-07-15 22:09 - 02390528 _____ (Farbar) C:\Users\quatrine mb\Desktop\FRST64.exe
2016-07-15 22:09 - 2016-07-15 22:09 - 00000000 ____D C:\FRST
2016-07-15 22:08 - 2016-07-15 22:08 - 02390528 _____ (Farbar) C:\Users\quatrine mb\Downloads\FRST64.exe
2016-07-15 22:07 - 2016-07-15 22:07 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\quatrine mb\Downloads\tdsskiller (1).exe
2016-07-15 22:05 - 2016-07-15 22:05 - 00000000 ____D C:\WINDOWS\Trend Micro
2016-07-15 22:05 - 2016-07-15 22:05 - 00000000 ____D C:\ProgramData\Trend Micro
2016-07-15 22:04 - 2016-07-15 22:10 - 00260752 _____ C:\TDSSKiller.3.1.0.9_15.07.2016_22.04.24_log.txt
2016-07-15 22:03 - 2016-07-15 22:04 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\quatrine mb\Desktop\tdsskiller.exe
2016-07-15 22:02 - 2016-07-15 22:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\quatrine mb\Downloads\tdsskiller.exe
2016-07-15 21:58 - 2016-07-15 21:58 - 02527376 _____ (Trend Micro Inc.) C:\Users\quatrine mb\Downloads\HousecallLauncher64.exe
2016-07-15 21:58 - 2016-07-15 21:58 - 00000036 _____ C:\Users\quatrine mb\AppData\Local\housecall.guid.cache
2016-07-15 21:58 - 2015-12-24 06:03 - 00316168 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-07-15 21:57 - 2016-07-15 21:57 - 00001326 _____ C:\Users\quatrine mb\Desktop\Procmon - Shortcut.lnk
2016-07-15 21:55 - 2016-07-15 21:55 - 00084792 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2016-07-15 19:53 - 2016-07-15 19:53 - 00001326 _____ C:\Users\quatrine mb\Desktop\Diskmon - Shortcut.lnk
2016-07-15 19:51 - 2016-07-15 19:51 - 00003404 _____ C:\WINDOWS\System32\Tasks\{DE1095FE-66E1-46C4-85DC-232BCB262076}
2016-07-15 19:50 - 2016-07-15 19:50 - 00000000 ____D C:\Users\quatrine mb\Downloads\SysinternalsSuite
2016-07-15 19:49 - 2016-07-15 19:50 - 21153704 _____ C:\Users\quatrine mb\Downloads\SysinternalsSuite.zip
2016-07-15 19:44 - 2016-07-15 19:44 - 00001304 _____ C:\Users\quatrine mb\Desktop\procexp - Shortcut.lnk
2016-07-15 19:44 - 2016-07-15 19:44 - 00000000 ____D C:\Users\quatrine mb\Downloads\ProcessExplorer
2016-07-15 19:33 - 2016-07-15 19:33 - 01270466 _____ C:\Users\quatrine mb\Downloads\ProcessExplorer.zip
2016-07-15 19:29 - 2016-07-15 19:29 - 00987728 _____ (Google Inc.) C:\Users\quatrine mb\Downloads\ChromeSetup.exe
2016-07-15 19:24 - 2016-07-15 19:25 - 04529456 _____ (Piriform Ltd) C:\Users\quatrine mb\Downloads\dfsetup221.exe
2016-07-15 17:35 - 2016-07-15 17:35 - 00000000 ___HD C:\OneDriveTemp
2016-07-15 15:12 - 2016-07-15 15:12 - 00032256 _____ C:\Users\quatrine mb\Documents\SW Time Sheet 7.1.16-7.15.16.xls
2016-07-15 14:14 - 2016-07-15 14:14 - 00261314 _____ C:\Users\quatrine mb\Desktop\Rees 7.15.16.pdf
2016-07-15 13:31 - 2016-07-15 13:31 - 00000000 ____D C:\Users\quatrine mb\Desktop\Barnes
2016-07-15 11:35 - 2016-07-15 11:35 - 00000000 ____D C:\Users\quatrine mb\AppData\Roaming\TightVNC
2016-07-15 11:34 - 2016-07-15 11:34 - 02076064 _____ C:\Users\quatrine mb\Downloads\ShowMyPC3500.exe
2016-07-14 12:06 - 2016-07-14 12:09 - 00039424 _____ C:\Users\quatrine mb\Documents\Drf GiaQuinta 7.14.16.xls
2016-07-13 17:26 - 2016-07-13 17:26 - 00038912 _____ C:\Users\quatrine mb\Documents\DRF Freeman rr 7.13.16.xls
2016-07-13 17:21 - 2016-07-13 17:21 - 00044544 _____ C:\Users\quatrine mb\Documents\DER 7.13.16.xls
2016-07-13 17:06 - 2016-07-13 17:06 - 00038912 _____ C:\Users\quatrine mb\Documents\Drf Williams RR 7.13.16.xls
2016-07-13 17:02 - 2016-07-13 17:02 - 00034304 _____ C:\Users\quatrine mb\Documents\Fed Ex Finholm 7.13.16.xls
2016-07-13 16:56 - 2016-07-13 16:56 - 00000000 ____D C:\Users\quatrine mb\Desktop\Goss rr
2016-07-13 12:41 - 2015-10-15 18:24 - 00000000 ____D C:\UBIOS
2016-07-13 10:06 - 2016-06-30 21:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 10:06 - 2016-06-30 21:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 10:06 - 2016-06-30 20:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 10:06 - 2016-06-30 20:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 10:06 - 2016-06-30 20:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 10:06 - 2016-06-30 20:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 10:06 - 2016-06-30 20:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 10:06 - 2016-06-30 20:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 10:06 - 2016-06-30 20:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 10:06 - 2016-06-30 20:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 10:06 - 2016-06-30 20:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 10:06 - 2016-06-30 20:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 10:06 - 2016-06-30 20:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 10:06 - 2016-06-30 20:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 10:06 - 2016-06-30 20:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 10:06 - 2016-06-30 20:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 10:06 - 2016-06-30 20:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 10:06 - 2016-06-30 20:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 10:06 - 2016-06-30 20:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 10:06 - 2016-06-30 20:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 10:06 - 2016-06-30 20:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 10:06 - 2016-06-30 20:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 10:06 - 2016-06-30 20:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 10:06 - 2016-06-30 20:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 10:06 - 2016-06-30 20:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 10:06 - 2016-06-30 20:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 10:06 - 2016-06-30 20:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 10:06 - 2016-06-30 20:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 10:05 - 2016-06-30 22:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 10:05 - 2016-06-30 21:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 10:05 - 2016-06-30 21:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 10:05 - 2016-06-30 21:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 10:05 - 2016-06-30 21:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 10:05 - 2016-06-30 21:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 10:05 - 2016-06-30 21:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 10:05 - 2016-06-30 21:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 10:05 - 2016-06-30 21:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 10:05 - 2016-06-30 21:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 10:05 - 2016-06-30 21:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 10:05 - 2016-06-30 21:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 10:05 - 2016-06-30 21:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 10:05 - 2016-06-30 21:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 10:05 - 2016-06-30 21:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 10:05 - 2016-06-30 21:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 10:05 - 2016-06-30 21:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 10:05 - 2016-06-30 21:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 10:05 - 2016-06-30 21:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 10:05 - 2016-06-30 21:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 10:05 - 2016-06-30 21:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 10:05 - 2016-06-30 21:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 10:05 - 2016-06-30 21:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 10:05 - 2016-06-30 21:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 10:05 - 2016-06-30 21:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 10:05 - 2016-06-30 21:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 10:05 - 2016-06-30 21:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 10:05 - 2016-06-30 21:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 10:05 - 2016-06-30 21:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 10:05 - 2016-06-30 21:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 10:05 - 2016-06-30 21:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 10:05 - 2016-06-30 21:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 10:05 - 2016-06-30 21:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 10:05 - 2016-06-30 20:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 10:05 - 2016-06-30 20:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 10:05 - 2016-06-30 20:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 10:05 - 2016-06-30 20:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 10:05 - 2016-06-30 20:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 10:05 - 2016-06-30 20:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 10:05 - 2016-06-30 20:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 10:05 - 2016-06-30 20:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 10:05 - 2016-06-30 20:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 10:05 - 2016-06-30 20:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 10:05 - 2016-06-30 20:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 10:05 - 2016-06-30 20:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 10:05 - 2016-06-30 20:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 10:05 - 2016-06-30 20:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 10:05 - 2016-06-30 20:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 10:05 - 2016-06-30 20:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 10:05 - 2016-06-30 20:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 10:05 - 2016-06-30 20:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 10:05 - 2016-06-30 20:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 10:05 - 2016-06-30 20:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 10:05 - 2016-06-30 20:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 10:05 - 2016-06-30 20:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 10:05 - 2016-06-30 20:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 10:05 - 2016-06-30 20:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 10:05 - 2016-06-30 20:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 10:05 - 2016-06-30 20:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 10:05 - 2016-06-30 20:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 10:05 - 2016-06-30 20:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 10:05 - 2016-06-30 20:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 10:05 - 2016-06-30 20:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 10:05 - 2016-06-30 20:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 10:05 - 2016-06-30 20:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 10:05 - 2016-06-30 20:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 10:05 - 2016-06-30 20:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 10:05 - 2016-06-30 20:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 10:05 - 2016-06-30 20:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 10:05 - 2016-06-30 20:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 10:05 - 2016-06-30 20:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 10:05 - 2016-06-30 20:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 10:05 - 2016-06-30 20:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 10:05 - 2016-06-30 20:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 10:05 - 2016-06-30 20:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 10:05 - 2016-06-30 20:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 10:05 - 2016-06-30 20:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 10:05 - 2016-06-30 20:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 10:05 - 2016-06-30 20:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 10:05 - 2016-06-30 20:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 10:05 - 2016-06-30 20:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 10:05 - 2016-06-30 20:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 10:05 - 2016-06-30 20:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 10:05 - 2016-06-30 20:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 10:05 - 2016-06-30 20:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 10:05 - 2016-06-30 20:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 10:05 - 2016-06-30 20:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 10:05 - 2016-06-30 20:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 10:05 - 2016-06-30 20:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 10:05 - 2016-06-30 20:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 10:05 - 2016-06-30 20:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 10:05 - 2016-06-30 20:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 10:05 - 2016-06-30 20:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 10:05 - 2016-06-30 20:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 10:05 - 2016-06-30 20:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 10:05 - 2016-06-30 20:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 10:05 - 2016-06-30 20:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 10:05 - 2016-06-30 20:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 10:05 - 2016-06-30 20:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 10:05 - 2016-06-30 20:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 10:05 - 2016-06-30 20:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 10:05 - 2016-06-30 20:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 10:05 - 2016-06-30 20:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 10:05 - 2016-06-30 20:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 10:05 - 2016-06-30 20:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 10:05 - 2016-06-30 20:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 10:05 - 2016-06-30 20:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 10:05 - 2016-06-30 20:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 10:05 - 2016-06-30 20:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 10:05 - 2016-06-30 20:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 10:05 - 2016-06-30 20:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 10:05 - 2016-06-30 20:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 10:05 - 2016-06-30 20:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 10:05 - 2016-06-30 20:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 10:05 - 2016-06-30 20:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 10:05 - 2016-06-30 20:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 10:05 - 2016-06-30 20:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 10:05 - 2016-06-30 20:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 10:05 - 2016-06-30 20:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 10:05 - 2016-06-30 20:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 10:05 - 2016-06-30 20:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 10:05 - 2016-06-30 20:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 10:05 - 2016-06-30 20:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 10:05 - 2016-06-30 20:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 10:05 - 2016-06-30 20:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 10:05 - 2016-06-30 20:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 10:05 - 2016-06-30 20:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 10:05 - 2016-06-30 20:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 10:05 - 2016-06-30 20:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 10:04 - 2016-06-30 22:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 10:04 - 2016-06-30 22:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 10:04 - 2016-06-30 22:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 10:04 - 2016-06-30 21:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 10:04 - 2016-06-30 21:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 10:04 - 2016-06-30 21:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 10:04 - 2016-06-30 21:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 10:04 - 2016-06-30 21:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 10:04 - 2016-06-30 21:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 10:04 - 2016-06-30 21:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 10:04 - 2016-06-30 21:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 10:04 - 2016-06-30 21:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 10:04 - 2016-06-30 21:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 10:04 - 2016-06-30 21:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 10:04 - 2016-06-30 21:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 10:04 - 2016-06-30 21:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 10:04 - 2016-06-30 21:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 10:04 - 2016-06-30 21:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 10:04 - 2016-06-30 21:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 10:04 - 2016-06-30 21:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 10:04 - 2016-06-30 21:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 10:04 - 2016-06-30 21:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 10:04 - 2016-06-30 21:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 10:04 - 2016-06-30 21:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 10:04 - 2016-06-30 21:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 10:04 - 2016-06-30 21:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 10:04 - 2016-06-30 21:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 10:04 - 2016-06-30 21:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 10:04 - 2016-06-30 21:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 10:04 - 2016-06-30 21:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 10:04 - 2016-06-30 21:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 10:04 - 2016-06-30 21:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 10:04 - 2016-06-30 21:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 10:04 - 2016-06-30 21:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 10:04 - 2016-06-30 21:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 10:04 - 2016-06-30 21:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 10:04 - 2016-06-30 21:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 10:04 - 2016-06-30 21:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 10:04 - 2016-06-30 21:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 10:04 - 2016-06-30 21:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 10:04 - 2016-06-30 21:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 10:04 - 2016-06-30 21:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 10:04 - 2016-06-30 21:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 10:04 - 2016-06-30 20:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 10:04 - 2016-06-30 20:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 10:04 - 2016-06-30 20:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 10:04 - 2016-06-30 20:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 10:04 - 2016-06-30 20:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 10:04 - 2016-06-30 20:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 10:04 - 2016-06-30 20:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 10:04 - 2016-06-30 20:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 10:04 - 2016-06-30 20:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 10:04 - 2016-06-30 20:53 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-07-13 10:04 - 2016-06-30 20:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 10:04 - 2016-06-30 20:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 10:04 - 2016-06-30 20:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 10:04 - 2016-06-30 20:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 10:04 - 2016-06-30 20:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 10:04 - 2016-06-30 20:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 10:04 - 2016-06-30 20:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 10:04 - 2016-06-30 20:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 10:04 - 2016-06-30 20:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 10:04 - 2016-06-30 20:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 10:04 - 2016-06-30 20:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 10:04 - 2016-06-30 20:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 10:04 - 2016-06-30 20:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 10:04 - 2016-06-30 20:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 10:04 - 2016-06-30 20:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 10:04 - 2016-06-30 20:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 10:04 - 2016-06-30 20:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 10:04 - 2016-06-30 20:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 10:04 - 2016-06-30 20:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 10:04 - 2016-06-30 20:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 10:04 - 2016-06-30 20:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 10:04 - 2016-06-30 20:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 10:04 - 2016-06-30 20:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 10:04 - 2016-06-30 20:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 10:04 - 2016-06-30 20:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 10:04 - 2016-06-30 20:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 10:04 - 2016-06-30 20:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 10:04 - 2016-06-30 20:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 10:04 - 2016-06-30 20:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 10:04 - 2016-06-30 20:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 10:04 - 2016-06-30 20:41 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-07-13 10:04 - 2016-06-30 20:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 10:04 - 2016-06-30 20:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 10:04 - 2016-06-30 20:41 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-07-13 10:04 - 2016-06-30 20:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 10:04 - 2016-06-30 20:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 10:04 - 2016-06-30 20:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 10:04 - 2016-06-30 20:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 10:04 - 2016-06-30 20:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 10:04 - 2016-06-30 20:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 10:04 - 2016-06-30 20:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 10:04 - 2016-06-30 20:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 10:04 - 2016-06-30 20:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 10:04 - 2016-06-30 20:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 10:04 - 2016-06-30 20:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 10:04 - 2016-06-30 20:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 10:04 - 2016-06-30 20:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 10:04 - 2016-06-30 20:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 10:04 - 2016-06-30 20:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 10:04 - 2016-06-30 20:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 10:04 - 2016-06-30 20:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 10:04 - 2016-06-30 20:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 10:04 - 2016-06-30 20:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 10:04 - 2016-06-30 20:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 10:04 - 2016-06-30 20:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 10:04 - 2016-06-30 20:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 10:04 - 2016-06-30 20:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 10:04 - 2016-06-30 20:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 10:04 - 2016-06-30 20:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 10:04 - 2016-06-30 20:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 10:04 - 2016-06-30 20:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 10:04 - 2016-06-30 20:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 10:04 - 2016-06-30 20:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 10:04 - 2016-06-30 20:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 10:04 - 2016-06-30 20:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 10:04 - 2016-06-30 20:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 10:04 - 2016-06-30 20:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 10:04 - 2016-06-30 20:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 10:04 - 2016-06-30 20:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 10:04 - 2016-06-30 20:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 10:04 - 2016-06-30 20:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 10:04 - 2016-06-30 20:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 10:04 - 2016-06-30 20:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 10:04 - 2016-06-30 20:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 10:04 - 2016-06-30 20:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 10:04 - 2016-06-30 20:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 10:04 - 2016-06-30 20:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 10:04 - 2016-06-30 20:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 10:04 - 2016-06-30 20:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 10:04 - 2016-06-30 20:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 10:04 - 2016-06-30 20:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 10:04 - 2016-06-30 20:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 10:04 - 2016-06-30 20:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 10:04 - 2016-06-30 20:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 10:04 - 2016-06-30 20:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 10:04 - 2016-06-30 20:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 10:04 - 2016-06-30 20:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 10:04 - 2016-06-30 20:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 10:04 - 2016-06-30 20:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 10:04 - 2016-06-30 20:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 10:04 - 2016-06-30 20:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 10:04 - 2016-06-30 20:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 10:04 - 2016-06-30 20:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 10:04 - 2016-06-30 20:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 10:04 - 2016-06-30 20:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 10:04 - 2016-06-30 20:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 10:04 - 2016-06-30 20:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 10:04 - 2016-06-30 20:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 10:04 - 2016-06-30 20:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 10:04 - 2016-06-30 20:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 10:04 - 2016-06-30 20:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 10:04 - 2016-06-30 20:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 10:04 - 2016-06-30 20:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 10:04 - 2016-06-30 20:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 10:04 - 2016-06-30 20:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 10:04 - 2016-06-30 20:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 10:04 - 2016-06-30 20:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 10:04 - 2016-06-30 20:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 10:04 - 2016-02-08 21:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 10:03 - 2016-06-30 22:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 10:03 - 2016-06-30 22:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 10:03 - 2016-06-30 22:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 10:03 - 2016-06-30 22:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 10:03 - 2016-06-30 21:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 10:03 - 2016-06-30 21:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 10:03 - 2016-06-30 21:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 10:03 - 2016-06-30 21:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 10:03 - 2016-06-30 21:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 10:03 - 2016-06-30 21:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 10:03 - 2016-06-30 21:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 10:03 - 2016-06-30 21:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 10:03 - 2016-06-30 21:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 10:03 - 2016-06-30 21:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 10:03 - 2016-06-30 21:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 10:03 - 2016-06-30 21:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 10:03 - 2016-06-30 21:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 10:03 - 2016-06-30 21:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 10:03 - 2016-06-30 20:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 10:03 - 2016-06-30 20:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 10:03 - 2016-06-30 20:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 10:03 - 2016-06-30 20:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 10:03 - 2016-06-30 20:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 10:03 - 2016-06-30 20:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 10:03 - 2016-06-30 20:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 10:03 - 2016-06-30 20:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 10:03 - 2016-06-30 20:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 10:03 - 2016-06-30 20:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 10:03 - 2016-06-30 20:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 10:03 - 2016-06-30 20:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 10:03 - 2016-06-30 20:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 10:03 - 2016-06-30 20:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 10:03 - 2016-06-30 20:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 10:03 - 2016-06-30 20:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 10:03 - 2016-06-30 20:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 10:03 - 2016-06-30 20:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 10:03 - 2016-06-30 20:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 10:03 - 2016-06-30 20:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 10:03 - 2016-06-30 20:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 10:03 - 2016-06-30 20:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 10:03 - 2016-06-30 20:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 10:03 - 2016-06-30 20:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 10:03 - 2016-06-30 20:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 10:03 - 2016-06-30 20:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 10:03 - 2016-06-30 20:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 10:03 - 2016-06-30 20:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 10:03 - 2016-06-30 20:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 10:03 - 2016-06-30 20:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 10:03 - 2016-06-30 20:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 10:03 - 2016-06-30 20:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 10:03 - 2016-06-30 20:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 10:03 - 2016-06-30 20:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 10:03 - 2016-06-30 20:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 10:03 - 2016-06-30 20:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 10:03 - 2016-06-30 20:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 10:03 - 2016-06-30 20:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 10:03 - 2016-06-30 20:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 10:03 - 2016-06-30 20:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 10:03 - 2016-06-30 20:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 10:03 - 2016-06-30 20:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 10:03 - 2016-06-30 20:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 10:03 - 2016-06-30 20:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 10:03 - 2016-06-30 20:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 10:03 - 2016-06-30 20:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 10:03 - 2016-06-30 20:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 10:03 - 2016-06-30 20:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 10:03 - 2016-06-30 20:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 10:03 - 2016-06-30 20:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 10:03 - 2016-06-30 20:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 10:03 - 2016-06-30 20:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 10:03 - 2016-06-30 20:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 10:03 - 2016-06-30 20:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 10:03 - 2016-06-30 20:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 10:03 - 2016-06-30 20:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 10:03 - 2016-06-30 20:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 10:03 - 2016-06-30 20:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 10:03 - 2016-06-28 04:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 17:08 - 2016-07-12 17:08 - 00038912 _____ C:\Users\quatrine mb\Documents\Drf Roberts 7.12.16 for pick up com.xls
2016-07-12 17:05 - 2016-07-12 17:05 - 00038912 _____ C:\Users\quatrine mb\Documents\Drf Roberts 7.12.16.xls
2016-07-09 15:50 - 2016-07-09 15:50 - 00016518 _____ C:\Users\quatrine mb\Documents\SW commission June 2016.xlsx
2016-07-09 13:28 - 2016-07-09 13:28 - 00034304 _____ C:\Users\quatrine mb\Documents\Fed Ex Partos 7.9.16.xls
2016-07-07 17:30 - 2016-07-07 17:30 - 00038912 _____ C:\Users\quatrine mb\Documents\Drf Goss rr 7.7.16.xls
2016-07-07 17:01 - 2016-07-07 17:01 - 00034304 _____ C:\Users\quatrine mb\Documents\Fed Ex Pearson rr 7.7.16.xls
2016-07-07 15:20 - 2016-07-07 17:28 - 00039936 _____ C:\Users\quatrine mb\Documents\Der 7.7.16.xls
2016-07-07 14:26 - 2016-07-07 14:27 - 00000000 ____D C:\Users\quatrine mb\Desktop\Concannon 7.7.16
2016-07-05 18:25 - 2016-07-05 18:25 - 00044032 _____ C:\Users\quatrine mb\Documents\Der 7.5.16.xls
2016-07-01 17:44 - 2016-07-01 17:44 - 00044032 _____ C:\Users\quatrine mb\Documents\DER 7.1.16.xls
2016-07-01 11:39 - 2016-07-07 16:16 - 00264963 _____ C:\Users\quatrine mb\Desktop\Hammerstein 6.30.16.pdf
2016-06-30 17:07 - 2016-06-30 17:07 - 00032256 _____ C:\Users\quatrine mb\Documents\SW time sheet 6.16.16-6.30.16.xls
2016-06-30 16:43 - 2016-06-30 16:43 - 00042496 _____ C:\Users\quatrine mb\Documents\Cuttings Roberts 6.30.16.xls
2016-06-30 16:27 - 2016-06-30 16:27 - 00037888 _____ C:\Users\quatrine mb\Documents\COM form Roberts 6.30.16.xls
2016-06-30 15:58 - 2016-06-30 15:58 - 00038912 _____ C:\Users\quatrine mb\Documents\pilot Haas 6.30.16.xls
2016-06-26 13:09 - 2016-06-26 13:09 - 00038912 _____ C:\Users\quatrine mb\Documents\Drf Williams 6.26.16.xls
2016-06-26 13:01 - 2016-06-26 13:01 - 00044544 _____ C:\Users\quatrine mb\Documents\Der 6.26.16.xls
2016-06-25 16:23 - 2016-06-25 17:22 - 00044544 _____ C:\Users\quatrine mb\Documents\Der 6.25.16.xls
2016-06-25 14:43 - 2016-06-25 14:53 - 00261755 _____ C:\Users\quatrine mb\Desktop\Mader 6.25.16.pdf
2016-06-25 13:28 - 2016-06-25 14:27 - 00265099 _____ C:\Users\quatrine mb\Desktop\Filholm 6.25.16.pdf
2016-06-24 17:14 - 2016-06-24 17:14 - 00044544 _____ C:\Users\quatrine mb\Documents\Der 6.24.16.xls
2016-06-24 14:01 - 2016-06-24 14:01 - 00034304 _____ C:\Users\quatrine mb\Documents\Fed Ex Morrisseau 6.24.16.xls
2016-06-23 09:40 - 2016-06-23 09:40 - 00961444 _____ C:\WINDOWS\Minidump\062316-21484-01.dmp
2016-06-20 16:03 - 2016-06-20 16:03 - 00042496 _____ C:\Users\quatrine mb\Documents\RR form Williams 6.20.16.xls
2016-06-20 13:42 - 2016-06-20 13:42 - 00033792 _____ C:\Users\quatrine mb\Documents\wood sample Krim 6.20.16.xls
2016-06-20 11:23 - 2016-06-20 11:23 - 00038912 _____ C:\Users\quatrine mb\Documents\drf Williams 6.20.16.xls
2016-06-20 10:33 - 2016-06-20 10:33 - 00041984 _____ C:\Users\quatrine mb\Documents\cutting Sutton 6.20.16.xls
2016-06-18 11:13 - 2016-06-18 13:12 - 00044544 _____ C:\Users\quatrine mb\Documents\Der 6.18.16.xls
2016-06-18 10:34 - 2016-06-18 10:34 - 00038912 _____ C:\Users\quatrine mb\Documents\Master Drf form.xls
2016-06-17 16:38 - 2016-06-17 16:38 - 00000000 ____D C:\Users\quatrine mb\AppData\Local\CEF
2016-06-17 13:20 - 2016-07-15 17:41 - 00000000 ____D C:\Users\quatrine mb\AppData\Roaming\Spotify
2016-06-17 13:19 - 2016-07-15 19:21 - 00000000 ____D C:\Users\quatrine mb\AppData\Local\Spotify
2016-06-15 11:14 - 2016-06-15 11:14 - 00032256 _____ C:\Users\quatrine mb\Documents\JF time sheet 6.1-6.15.16.xls
2016-06-15 10:49 - 2016-06-15 10:50 - 00032256 _____ C:\Users\quatrine mb\Documents\sw time sheet 6.1-6.15.16.xls
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-15 22:01 - 2016-03-11 12:45 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-15 21:52 - 2016-02-24 17:11 - 00000000 ____D C:\ProgramData\LogMeIn
2016-07-15 21:46 - 2016-02-24 18:04 - 00000000 ____D C:\Program Files (x86)\CloudClient
2016-07-15 19:42 - 2015-08-04 23:31 - 00000000 ____D C:\ProgramData\WinZip
2016-07-15 19:30 - 2016-03-11 12:48 - 00002359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-15 19:30 - 2016-03-11 12:48 - 00002347 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-15 19:25 - 2016-03-11 12:51 - 00001776 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-07-15 19:25 - 2016-03-11 12:51 - 00000000 ____D C:\Program Files\Defraggler
2016-07-15 19:21 - 2016-03-11 13:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-15 19:20 - 2016-03-11 13:03 - 00001186 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-15 19:20 - 2016-03-11 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-15 19:20 - 2016-03-11 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-15 19:18 - 2016-03-11 12:56 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-15 17:35 - 2016-03-11 12:45 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-15 17:35 - 2016-02-25 13:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-15 17:35 - 2016-02-24 17:02 - 00000000 ___RD C:\Users\quatrine mb\OneDrive
2016-07-15 17:35 - 2016-02-24 16:58 - 00000000 __SHD C:\Users\quatrine mb\IntelGraphicsProfiles
2016-07-15 16:32 - 2016-03-21 14:30 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35A75A79-C7A8-4902-83AF-C7057CCF60B3}
2016-07-15 15:53 - 2016-04-28 16:09 - 00000000 ____D C:\Users\quatrine mb\Desktop\finished rr's
2016-07-15 14:53 - 2016-03-03 13:54 - 00000000 ____D C:\Users\quatrine mb\Desktop\FORMS
2016-07-15 14:28 - 2016-03-03 14:06 - 00000000 ___RD C:\Users\quatrine mb\Documents\Scanned Documents
2016-07-15 11:34 - 2016-03-02 15:57 - 00001430 _____ C:\Users\quatrine mb\Desktop\ShowMyPC.lnk
2016-07-15 10:12 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-15 10:12 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-14 16:51 - 2016-02-24 17:12 - 00001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-07-14 16:50 - 2016-02-25 13:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-14 11:24 - 2016-02-24 16:58 - 00000000 ____D C:\Users\quatrine mb\AppData\Local\Packages
2016-07-13 16:57 - 2016-04-28 16:08 - 00000000 ____D C:\Users\quatrine mb\Desktop\finished orders
2016-07-13 16:24 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-13 16:06 - 2016-02-25 13:42 - 00000000 ____D C:\Users\quatrine mb
2016-07-13 12:41 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-07-13 12:41 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-13 12:29 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-13 12:29 - 2015-08-04 22:48 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-13 12:26 - 2015-08-04 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-13 12:16 - 2015-10-30 02:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-13 12:16 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 10:44 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 10:43 - 2016-02-24 18:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 10:40 - 2016-02-24 18:21 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-06 17:39 - 2016-03-02 15:35 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-01 21:37 - 2015-10-30 00:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-01 21:37 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 12:14 - 2016-03-31 15:12 - 00554956 _____ C:\Users\quatrine mb\Desktop\Pigeon 3.31.16.pdf
2016-06-30 22:05 - 2016-02-25 13:37 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-06-30 09:44 - 2016-02-24 17:11 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2016-06-30 09:43 - 2016-02-24 17:12 - 00122400 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2016-06-30 09:43 - 2016-02-24 17:12 - 00107520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2016-06-25 15:57 - 2016-03-25 17:47 - 00044544 _____ C:\Users\quatrine mb\Documents\Der 3.25.16.xls
2016-06-25 10:29 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-25 10:27 - 2016-02-25 14:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-23 09:40 - 2016-03-30 09:46 - 753960127 _____ C:\WINDOWS\MEMORY.DMP
2016-06-23 09:40 - 2016-03-30 09:46 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-15 15:49 - 2016-02-25 13:33 - 00241696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-15 15:46 - 2015-10-30 00:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 15:46 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
 
==================== Files in the root of some directories =======
 
2016-07-15 21:58 - 2016-07-15 21:58 - 0000036 _____ () C:\Users\quatrine mb\AppData\Local\housecall.guid.cache
2016-02-25 13:39 - 2016-02-25 13:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

LastRegBack: 2016-07-09 10:24
 
==================== End of FRST.txt ============================

rft

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by quatrine mb (2016-07-15 22:13:10)
Running from C:\Users\quatrine mb\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-25 21:00:07)
Boot Mode: Normal
==========================================================
 

==================== Accounts: =============================
 
Administrator (S-1-5-21-4126747306-3002756303-3608770802-500 - Administrator - Disabled)
caloffice (S-1-5-21-4126747306-3002756303-3608770802-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-4126747306-3002756303-3608770802-503 - Limited - Disabled)
Guest (S-1-5-21-4126747306-3002756303-3608770802-501 - Limited - Disabled)
quatrine mb (S-1-5-21-4126747306-3002756303-3608770802-1001 - Administrator - Enabled) => C:\Users\quatrine mb
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: "Endpoint Antivirus" (Enabled - Up to date) {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
AS: "Endpoint Antivirus" (Enabled - Up to date) {ECD425A9-8C8F-D447-4EAB-6F599E267857}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bluetooth® Link (HKLM\...\{3F3DCC8C-2C93-4082-A6DE-BBDC74804FA0}) (Version: 4.3.03 - Toshiba Corporation)
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.)
Endpoint Antivirus 3.0.0.71 64b (HKLM-x32\...\{3A3BF9E5-F7BB-42DE-A669-4C1752CB4B3A}) (Version: 3.0.7.1 - iSheriff Inc)
Endpoint Security (HKLM-x32\...\{6D3687A4-4F95-4144-9B81-6FE6DA532013}) (Version: 5.8.0.0215 - Cloud Security Team)
Family Vacation 2: Road Trip (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Get Dropbox (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.147 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4112 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{1A51AA9E-D4BC-4318-9419-B55EA4C95B3C}) (Version: 17.1.1525.1443 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
LogMeIn (HKLM-x32\...\{13D18F35-D634-4E6E-9C14-819C5FBEE6B4}) (Version: 4.1.7060 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{E35E56F6-3CE5-469B-952C-E5E2B3C79E6C}) (Version: 1.3.1835 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Plagiarii (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SocialSafe (HKLM-x32\...\SocialSafe 7.0.6) (Version: 7.0.6 - Social Safe Limited)
Spotify (HKLM-x32\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.8 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 3.0.0.9 - Toshiba Corporation)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: 2.0.1.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.1.6403 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 4.16.000 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{C8DE846D-1E4B-4CFA-9292-D0C657AEFE3E}) (Version: 1.2.0.0 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 2.00.0005 - Toshiba Corporation)
TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.6.6401 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.1.1 - TOSHIBA)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.16 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4126747306-3002756303-3608770802-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {24D60507-FE8B-4B23-9C5E-22724F671049} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [2015-07-08] (Toshiba Corporation)
Task: {26AF6603-010F-42F3-8248-196AB8462A08} - System32\Tasks\{DE1095FE-66E1-46C4-85DC-232BCB262076} => pcalua.exe -a "C:\Users\quatrine mb\Downloads\SysinternalsSuite\Diskmon.exe" -d "C:\Users\quatrine mb\Downloads\SysinternalsSuite"
Task: {2FA3FAA8-CD13-48B6-B8A2-88DD903D1EA8} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3E3B01D5-0D9D-4B7F-A650-4638BCAE1FD6} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {428AD489-655F-47C3-8F8E-B1C1169D17CC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26] (Realtek Semiconductor)
Task: {434FC4CD-11C9-4984-B538-60FC47C9DCDC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {4BE1B348-CFD9-440B-AA14-CE9B771AABFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {615F1CDC-6724-428D-B994-3D11EFFFB3E2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {AC81C5B0-843F-440B-86C3-A5ECE51975D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {AE8E92D9-B7B6-4A12-985F-C3FB95AC9AA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-11] (Google Inc.)
Task: {C6095BAE-8D96-4EF9-97AD-8C09B526736B} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2015-06-12] (TOSHIBA Corporation)
Task: {D300AD0C-59F7-407D-B51B-2C898F8B8F15} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2015-05-27] ()
Task: {D3414FFC-E68F-4F6F-9C43-B3AAFDF6B592} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-03-27 14:53 - 2013-03-27 14:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2016-02-25 14:39 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-06-16 16:41 - 2015-06-16 16:41 - 00032560 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe
2015-05-27 12:46 - 2015-05-27 12:46 - 00019960 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 10:03 - 2016-06-30 21:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 10:03 - 2016-06-30 21:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-16 10:47 - 2016-05-16 10:47 - 00959168 _____ () C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-25 14:44 - 2016-02-25 14:44 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-02-24 14:18 - 2016-02-24 14:18 - 00402912 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-25 13:26 - 2016-02-25 13:26 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 10:05 - 2016-06-30 20:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 10:04 - 2016-06-30 20:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 10:03 - 2016-06-30 20:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 10:04 - 2016-06-30 20:22 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-07-13 10:04 - 2016-06-30 20:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 10:04 - 2016-06-30 20:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\System Setting\SmoothView.dll
2013-08-01 14:24 - 2013-08-01 14:24 - 00438112 _____ () C:\Program Files\TOSHIBA\System Setting\Hotkey\TcrdKBB.exe
2016-04-19 09:52 - 2016-04-19 09:53 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-03 10:19 - 2016-06-03 10:20 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 10:19 - 2016-06-03 10:20 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 10:19 - 2016-06-03 10:20 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-03 11:19 - 2016-03-03 11:21 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-07-15 21:58 - 2009-08-17 00:38 - 00148992 _____ () C:\Users\quatrine mb\AppData\Local\Temp\HouseCall\libexpatw.dll
2016-05-16 10:47 - 2016-05-16 10:47 - 00679624 _____ () C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-02-25 14:39 - 2016-02-25 14:39 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2016-02-25 14:40 - 2016-02-25 14:45 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-04-19 09:52 - 2016-04-19 09:53 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 09:52 - 2016-04-19 09:53 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 

==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 

==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 

==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 04:04 - 2015-07-10 04:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4126747306-3002756303-3608770802-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 

==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CA80C93D-9C6F-4390-ADB0-A597F1097108}] => (Allow) C:\Program Files (x86)\CloudClient\isfacs.exe
FirewallRules: [{CF931DBD-E61C-47B3-939C-F3AD6304BA50}] => (Allow) C:\Program Files (x86)\CloudClient\isfacs.exe
FirewallRules: [{CA79AF97-24B8-413D-847B-2528B2586044}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{43949E8A-8756-4CD0-914D-16BCC0215726}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{6029600C-F614-49F4-9905-2227259D2142}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{A51ADE3E-48A1-47AE-8F1E-76F7426F8821}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{B13BCAAE-77EA-4CC0-A64C-7F6267D9A608}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{E4BD394F-FE54-4887-988F-01AC1B57496E}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{B44DD0C5-85EE-4941-BA82-F26DDEEA7ADC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{99E18A1C-56D6-4781-8DB9-8FD394CA3588}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{C4AE6E70-C671-4A8D-B86A-CFBCA197DA93}C:\users\quatrine mb\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\quatrine mb\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1932C833-7756-4533-9B93-35484F88309D}C:\users\quatrine mb\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\quatrine mb\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{97C49C8F-2784-4A13-A3EE-FD98E061593F}C:\users\quatrine mb\appdata\local\temp\showmypc\-showmypc3500\tvnserver.exe] => (Block) C:\users\quatrine mb\appdata\local\temp\showmypc\-showmypc3500\tvnserver.exe
FirewallRules: [UDP Query User{5543A831-8454-4B27-8B4F-1A48688F1EC4}C:\users\quatrine mb\appdata\local\temp\showmypc\-showmypc3500\tvnserver.exe] => (Block) C:\users\quatrine mb\appdata\local\temp\showmypc\-showmypc3500\tvnserver.exe
FirewallRules: [{BE586551-84B6-47CE-8ACF-202A71072CAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{095BD462-5095-4C50-9F2F-CAFD2B925E0E}C:\users\quatrine mb\appdata\local\temp\housecall\tmase\nmap\nmap.exe] => (Allow) C:\users\quatrine mb\appdata\local\temp\housecall\tmase\nmap\nmap.exe
FirewallRules: [UDP Query User{9DC15D8A-1DB8-490E-BFC2-34DED0A5D525}C:\users\quatrine mb\appdata\local\temp\housecall\tmase\nmap\nmap.exe] => (Allow) C:\users\quatrine mb\appdata\local\temp\housecall\tmase\nmap\nmap.exe
 
==================== Restore Points =========================
 

==================== Faulty Device Manager Devices =============
 

==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/15/2016 10:12:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 09:53:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8
 
Error: (07/15/2016 09:43:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 09:30:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 09:27:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 09:06:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 08:45:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 08:45:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 08:42:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/15/2016 08:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TCLSL11)
Description: Activation of app C27EB4BA.Dropbox_xbfy0k16fey96!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 

System errors:
=============
Error: (07/15/2016 09:11:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/15/2016 07:47:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/15/2016 05:33:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TCLSL11)
Description: {0002DF02-0000-0000-C000-000000000046}
 
Error: (07/15/2016 05:33:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_379895c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (07/15/2016 05:33:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_379895c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (07/15/2016 05:33:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_379895c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (07/15/2016 05:33:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_379895c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (07/15/2016 05:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/15/2016 03:40:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TCLSL11)
Description: {0002DF02-0000-0000-C000-000000000046}
 
Error: (07/15/2016 03:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_3328c25 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 

CodeIntegrity:
===================================
  Date: 2016-07-13 14:46:24.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-07-13 12:24:36.593
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-07-13 10:45:20.725
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-17 16:39:42.967
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-15 15:50:12.896
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-14 18:01:03.817
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-13 13:52:19.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-13 10:35:43.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-13 10:08:57.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-05-11 11:23:27.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

==================== Memory info ===========================
 
Processor: Intel® Core™ i3-5015U CPU @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 6058.26 MB
Available physical RAM: 1511.7 MB
Total Virtual: 7018.26 MB
Available Virtual: 2985.83 MB
 
==================== Drives ================================
 
Drive c: (TI10716700G) (Fixed) (Total:464.72 GB) (Free:419.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

srf

    


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.

  • 0

#3
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 92.67 0 K 4 K 0
procexp64.exe 2.24 21,668 K 58,924 K 2960 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System 1.13 256 K 4,488 K 4
LogMeInRC.exe 0.97 55,404 K 56,108 K 1040
Interrupts 0.68 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.47 85,692 K 88,104 K 88
svchost.exe 0.47 36,956 K 59,084 K 988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.16 9,724 K 17,240 K 332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
LogMeIn.exe 0.16 33,204 K 47,292 K 5876 LogMeIn LogMeIn, Inc. (Verified) LogMeIn
MsMpEng.exe 0.14 155,416 K 107,372 K 4368 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.11 7,136 K 12,900 K 1628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
TecoService.exe 0.11 2,900 K 5,808 K 2712 TOSHIBA eco Utility Service Toshiba Corporation (Verified) TOSHIBA CORPORATION
svchost.exe 0.11 21,736 K 24,064 K 1228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.09 104,508 K 109,080 K 340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
explorer.exe 0.05 45,040 K 85,472 K 6744 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.05 4,888 K 7,292 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.04 7,672 K 12,880 K 856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
LogMeInSystray.exe 0.03 4,264 K 16,168 K 7320 LogMeIn Desktop Application LogMeIn, Inc. (Verified) LogMeIn
officeclicktorun.exe 0.03 26,592 K 29,032 K 5292 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.02 3,812 K 6,800 K 832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
dts_apo_service.exe 0.02 21,344 K 11,456 K 5392 dts_apo_service (Verified) DTS
OneDrive.exe 0.02 5,436 K 13,620 K 4920 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
MpCmdRun.exe 0.02 2,920 K 10,560 K 7812
TabTip.exe 0.02 2,712 K 5,360 K 4488
csrss.exe 0.02 1,956 K 3,848 K 664
svchost.exe 0.02 4,560 K 7,040 K 2616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 0.02 11,020 K 16,364 K 1792 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 18,120 K 20,972 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
wlanext.exe 0.01 4,996 K 4,832 K 2000
TecoResident.exe 0.01 2,688 K 9,940 K 6036 Resident module of eco Utility TOSHIBA Corporation (Verified) TOSHIBA CORPORATION
GamesAppIntegrationService.exe 0.01 1,476 K 2,588 K 6028 WildTangent Games App Integration Service WildTangent (Verified) WildTangent Inc
RMService.exe 0.01 1,968 K 3,988 K 2916 RMServic TOSHIBA (Verified) TOSHIBA CORPORATION
ZeroConfigService.exe 0.01 4,644 K 6,464 K 2444 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
WUDFHost.exe 0.01 1,456 K 2,680 K 1724
EvtEng.exe 0.01 4,232 K 5,196 K 2740 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
services.exe 0.01 3,200 K 5,152 K 652
svchost.exe < 0.01 6,772 K 23,380 K 6256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
HPSupportSolutionsFrameworkService.exe < 0.01 37,916 K 40,640 K 4948 HP Support Solutions Framework Service HP Inc. (Verified) Hewlett-Packard Company
WmiPrvSE.exe < 0.01 5,992 K 9,836 K 2136
GFNEXSrv.exe < 0.01 2,276 K 2,892 K 1700 GFNEXSrv (Verified) TOSHIBA CORPORATION
SASCore64.exe < 0.01 1,100 K 1,724 K 2684
RtkAudioService64.exe < 0.01 1,748 K 3,080 K 1568 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
esif_assist_64.exe < 0.01 1,140 K 1,468 K 676
SynTPEnh.exe < 0.01 5,872 K 6,680 K 1240 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
isfagent.exe < 0.01 2,620 K 4,176 K 6664 Endpoint User Agent iSheriff Cloud Security (Verified) iSheriff Inc
LMIGuardianSvc.exe < 0.01 1,852 K 8,168 K 7184 LMIGuardianSvc LogMeIn, Inc. (Verified) LogMeIn
csrss.exe < 0.01 1,428 K 2,200 K 520
TMachInfo.exe < 0.01 23,044 K 10,816 K 6936 TSS TMachInfo Service TOSHIBA Corporation (Verified) TOSHIBA CORPORATION
WUDFHost.exe 24,632 K 25,444 K 1144
WUDFHost.exe 1,584 K 1,888 K 2032
winlogon.exe 2,280 K 3,368 K 712
wininit.exe 888 K 1,044 K 604
unsecapp.exe 1,496 K 4,632 K 3288
TOSTABSYSSVC.exe 1,184 K 1,784 K 2908 TOSHIBA Tablet System Service (Verified) TOSHIBA CORPORATION
ToshibaServiceStation.exe 70,744 K 5,240 K 3952 TOSHIBA Service Station TOSHIBA Corporation (Verified) TOSHIBA CORPORATION
TCrdMain_Win8.exe 3,584 K 4,420 K 5916 TOSHIBA System Settings Main Module TOSHIBA Corporation (Verified) TOSHIBA CORPORATION
TCrdKBB.exe 816 K 1,208 K 3500 TCrdKBB Application (Verified) TOSHIBA CORPORATION
taskhostw.exe 6,536 K 11,800 K 4120 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,360 K 6,840 K 912
TabTip32.exe 1,200 K 1,148 K 4724
TabTip.exe 1,956 K 2,824 K 524
SystemSettings.exe Suspended 18,640 K 38,576 K 6576 Settings Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 832 K 1,208 K 2180
SynTPEnhService.exe 888 K 1,408 K 2792 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 5,136 K 13,996 K 2560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,416 K 2,444 K 3884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,360 K 11,684 K 2164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
smss.exe 360 K 352 K 352
SkypeHost.exe Suspended 3,952 K 2,524 K 5600 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 6,144 K 15,144 K 4136 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 41,260 K 55,200 K 7068 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SearchUI.exe Suspended 70,028 K 109,416 K 5084 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe 1,376 K 6,364 K 1428
SearchIndexer.exe 38,660 K 37,804 K 3976 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 1,140 K 5,528 K 4960
RuntimeBroker.exe 13,676 K 32,392 K 3960 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RichVideo64.exe 1,168 K 1,708 K 2520 RichVideo Module (Verified) CyberLink Corp.
RegSrvc.exe 1,604 K 2,204 K 2812 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
RAVCpl64.exe 3,736 K 820 K 4556 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
ramaint.exe 1,480 K 6,796 K 4440 LogMeIn Maintenance Service LogMeIn, Inc. (Verified) LogMeIn
procexp.exe 2,464 K 9,112 K 3464 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
NisSrv.exe 11,796 K 5,988 K 4732 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 6,864 K 12,200 K 756 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
jhi_service.exe 1,164 K 1,944 K 6560 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
igfxTray.exe 3,080 K 4,684 K 1440 (Verified) Intel® pGFX
igfxHK.exe 2,300 K 2,784 K 372 igfxHK Module Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 3,780 K 5,708 K 1468 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 1,688 K 3,908 K 1368 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
ibtsiva.exe 844 K 1,468 K 2568 Intel® Wireless Bluetooth® iBtSiva Service Intel Corporation (Verified) Intel Corporation-Wireless Connectivity Solutions
hpwuschd2.exe 1,552 K 8,528 K 6644 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
fontdrvhost.exe 752 K 1,116 K 4836
esif_uf.exe 1,588 K 1,956 K 2436 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel® Software
dasHost.exe 3,476 K 4,956 K 2024
conhost.exe 1,076 K 1,336 K 2008
ApplicationFrameHost.exe 8,080 K 14,504 K 7612 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Did you install Log Me In?  If you aren't using it uninstall it.

 

It looks like Dropbox is unhappy.  Can you uninstall it?

 

Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)

  • 0

#5
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts

Log me in is how I access the computer.

I am uninstalling drop box as I type.


  • 0

#6
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts
Summary
Operating System
Windows 10 Home 64-bit
CPU
Intel Core i3 5015U @ 2.10GHz 43 °C
Broadwell-U 14nm Technology
RAM
6.00GB Dual-Channel DDR3 @ 798MHz (11-11-11-28)
Motherboard
FF40 0692 (U3E1) 42 °C
Graphics
Generic PnP Monitor ([email protected])
Intel HD Graphics 5500 (Toshiba)
Storage
465GB TOSHIBA MQ01ABF050 (SATA) 36 °C
Optical Drives
No optical disk drives detected
Audio
Realtek High Definition Audio
Operating System
Windows 10 Home 64-bit
Computer type: Tablet
Installation Date: 2/25/2016 1:00:07 PM
Serial Number: 
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Disabled
Antivirus
Windows Defender
Antivirus Disabled
Virus Signature Database Up to date
"Endpoint Antivirus"
Antivirus Enabled
Virus Signature Database Up to date
.NET Frameworks installed
v4.6 Full
v4.6 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 11.494.10586.0
PowerShell
Version 5.0.10586.0
Environment Variables
USERPROFILE C:\Users\quatrine mb
SystemRoot C:\WINDOWS
User Variables
MOZ_PLUGIN_PATH C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\
TEMP C:\Users\quatrine mb\AppData\Local\Temp
TMP C:\Users\quatrine mb\AppData\Local\Temp
Machine Variables
ComSpec C:\WINDOWS\system32\cmd.exe
NUMBER_OF_PROCESSORS 4
OS Windows_NT
Path C:\Program Files (x86)\Intel\iCLS Client\
C:\Program Files\Intel\iCLS Client\
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\WINDOWS\System32\WindowsPowerShell\v1.0\
C:\Program Files (x86)\Intel\Intel Management Engine Components\DAL
C:\Program Files\Intel\Intel Management Engine Components\DAL
C:\Program Files (x86)\Intel\Intel Management Engine Components\IPT
C:\Program Files\Intel\Intel Management Engine Components\IPT
C:\Program Files\Intel\WiFi\bin\
C:\Program Files\Common Files\Intel\WirelessCommon\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 61 Stepping 4, GenuineIntel
PROCESSOR_LEVEL 6
PROCESSOR_REVISION 3d04
PSModulePath C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
USERNAME SYSTEM
windir C:\WINDOWS
Battery
AC Line Online
Battery Charge % 96 %
Battery State Unknown status
Remaining Battery Time Unknown
Power Profile
Active power scheme Balanced
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Monitor after: (On Battery Power) Never
Turn Off Hard Disk after: (On AC Power) 20 min
Turn Off Hard Disk after: (On Battery Power) 10 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 8/3/2016 10:24:13 AM
Current Uptime 945,359 sec (10 d, 22 h, 35 m, 59 s)
Last Boot Time 7/23/2016 11:48:14 AM
Services
Running Application Information
Running AppX Deployment Service (AppXSVC)
Running Background Intelligent Transfer Service
Running Background Tasks Infrastructure Service
Running Base Filtering Engine
Running Bluetooth Support Service
Running Cloud Client Service
Running CNG Key Isolation
Running COM+ Event System
Running Connected User Experiences and Telemetry
Running CoreMessaging
Running Credential Manager
Running Cryptographic Services
Running Data Sharing Service
Running DCOM Server Process Launcher
Running Device Association Service
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running DTS APO Service
Running ESIF Upper Framework Service
Running Geolocation Service
Running GFNEX Service
Running Group Policy Client
Running Human Interface Device Service
Running Intel Bluetooth Service
Running Intel Dynamic Application Loader Host Interface Service
Running Intel HD Graphics Control Panel Service
Running Intel PROSet/Wireless Event Log
Running Intel PROSet/Wireless Registry Service
Running Intel PROSet/Wireless Zero Configuration Service
Running IP Helper
Running LMIGuardianSvc
Running Local Session Manager
Running LogMeIn
Running LogMeIn Maintenance Service
Running Microsoft Office ClickToRun Service
Running Microsoft Software Shadow Copy Provider
Running Network Connection Broker
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Realtek Audio Service
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running SAS Core Service
Running Security Accounts Manager
Running Security Center
Running Sensor Monitoring Service
Running Sensor Service
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running State Repository Service
Running Storage Service
Running Superfetch
Running SynTPEnh Caller Service
Running System Event Notification Service
Running System Events Broker
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running Tile Data model server
Running Time Broker
Running TMachInfo
Running TOSHIBA eco Utility Service
Running TOSHIBA Tablet System Service
Running TOSRMService
Running Touch Keyboard and Handwriting Panel Service
Running Update Orchestrator Service
Running User Manager
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connection Manager
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Installer
Running Windows License Manager Service
Running Windows Management Instrumentation
Running Windows Presentation Foundation Font Cache 3.0.0.0
Running Windows Search
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped AllJoyn Router Service
Stopped App Readiness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Auto Time Zone Updater
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Handsfree Service
Stopped Certificate Propagation
Stopped Client License Service (ClipSVC)
Stopped COM+ System Application
Stopped Computer Browser
Stopped Connected Device Platform Service
Stopped DataCollectionPublishingService
Stopped Delivery Optimization
Stopped Device Install Service
Stopped Device Management Enrollment Service
Stopped Device Setup Manager
Stopped DevQuery Background Discovery Broker
Stopped Distributed Transaction Coordinator
Stopped dmwappushsvc
Stopped Downloaded Maps Manager
Stopped embeddedmode
Stopped Encrypting File System (EFS)
Stopped Enterprise App Management Service
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped File History Service
Stopped Function Discovery Provider Host
Stopped Function Discovery Resource Publication
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped Hyper-V Data Exchange Service
Stopped Hyper-V Guest Service Interface
Stopped Hyper-V Guest Shutdown Service
Stopped Hyper-V Heartbeat Service
Stopped Hyper-V Remote Desktop Virtualization Service
Stopped Hyper-V Time Synchronization Service
Stopped Hyper-V VM Session Service
Stopped Hyper-V Volume Shadow Copy Requestor
Stopped IKE and AuthIP IPsec Keying Modules
Stopped Intel Capability Licensing Service TCP IP Interface
Stopped Intel Content Protection HECI Service
Stopped Intel Integrated Clock Controller Service - Intel ICCS
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Internet Explorer ETW Collector Service
Stopped IPsec Policy Agent
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft Diagnostics Hub Standard Collector Service
Stopped Microsoft Account Sign-in Assistant
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Passport
Stopped Microsoft Passport Container
Stopped Microsoft Storage Spaces SMP
Stopped Microsoft Windows SMS Router Service.
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Connected Devices Auto-Setup
Stopped Network Connections
Stopped Network Connectivity Assistant
Stopped Network Setup Service
Stopped Office Source Engine
Stopped Optimize drives
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped Phone Service
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Printer Extensions and Notifications
Stopped Problem Reports and Solutions Control Panel Support
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Retail Demo Service
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Secure Socket Tunneling Protocol Service
Stopped Sensor Data Service
Stopped Smart Card
Stopped Smart Card Device Enumeration Service
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped Spot Verifier
Stopped Still Image Acquisition Events
Stopped Storage Tiers Management
Stopped Telephony
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WalletService
Stopped WebClient
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender Network Inspection Service
Stopped Windows Defender Service
Stopped Windows Encryption Provider Host Service
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Media Player Network Sharing Service
Stopped Windows Mobile Hotspot Service
Stopped Windows Modules Installer
Stopped Windows Push Notifications Service
Stopped Windows Remote Management (WS-Management)
Stopped Windows Store Service (WSService)
Stopped Windows Time
Stopped Wired AutoConfig
Stopped Wireless PAN DHCP Server
Stopped WMI Performance Adapter
Stopped Work Folders
Stopped WWAN AutoConfig
Stopped Xbox Live Auth Manager
Stopped Xbox Live Game Save
Stopped Xbox Live Networking Service
TimeZone
TimeZone GMT -8:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
8/3/2016 11:06 AM; GoogleUpdateTaskMachineUA
8/3/2016 2:06 PM; GoogleUpdateTaskMachineCore
8/3/2016 11:26 PM; BTSchedulerTask
CCleanerSkipUAC
Resolution+ Setting Task
RTKCPL
Hotfixes
Installed
7/23/2016  Intel driver update for Intel® Dual Band Wireless-AC 7265
This driver was provided by Intel for support of Intel Dual
Band Wireless-AC 7265
7/23/2016  TOSHIBA driver update for TOSHIBA x86 ACPI-Compliant Value Added Logical and General Purpose Device
This driver was provided by TOSHIBA for support of TOSHIBA x86
ACPI-Compliant Value Added Logical and General Purpose Device
7/13/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.225.1417.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
7/13/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3174060)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/13/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - July 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
7/13/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3172985)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
7/13/2016  Update for Windows 10 Version 1511 for x64-based Systems (KB3173428)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/17/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3167685)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/15/2016  Update for Windows 10 Version 1511 for x64-based Systems (KB3149135)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
6/15/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3163018)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
6/15/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - June 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/13/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3163207)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/13/2016  Update for Windows 10 Version 1511 for x64-based Systems (KB3152599)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
5/11/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3156421)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
5/11/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - May 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
5/11/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3157993)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/13/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3147458)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
4/13/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - April 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
4/13/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3154132)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
3/22/2016  Update for Windows 10 Version 1511 for x64-based Systems (KB3140741)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
3/11/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3144756)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
3/8/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - March 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
3/8/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3140768)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
3/2/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.213.7751.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
3/2/2016  Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3140743)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
3/2/2016  Update for Windows 10 Version 1511 for x64-based Systems (KB3139907)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
2/27/2016  Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3135782)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
Not Installed
7/13/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.225.1417.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
System Folders
Application Data C:\ProgramData
Cookies C:\Users\quatrine mb\AppData\Local\Microsoft\Windows\INetCookies
Desktop C:\Users\quatrine mb\Desktop
Documents C:\Users\Public\Documents
Fonts C:\WINDOWS\Fonts
Global Favorites C:\Users\quatrine mb\Favorites
Internet History C:\Users\quatrine mb\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\quatrine mb\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\quatrine mb\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\quatrine mb\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\quatrine mb\AppData\Local\Microsoft\Windows\INetCache
User Favorites C:\Users\quatrine mb\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Process List
ApplicationFrameHost.exe
Process ID 5788
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\ApplicationFrameHost.exe
Memory Usage 56 MB
Peak Memory Usage 58 MB
audiodg.exe
Process ID 5916
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\audiodg.exe
Memory Usage 19 MB
Peak Memory Usage 36 MB
browser_broker.exe
Process ID 6992
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\browser_broker.exe
Memory Usage 40 MB
Peak Memory Usage 41 MB
ccavona64.exe
Process ID 4308
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\CloudClient\avbdapi3.0.0.71\ccavona64.exe
Memory Usage 116 MB
Peak Memory Usage 179 MB
conhost.exe
Process ID 12168
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\conhost.exe
Memory Usage 4.97 MB
Peak Memory Usage 5.57 MB
conhost.exe
Process ID 9864
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\conhost.exe
Memory Usage 4.44 MB
Peak Memory Usage 4.92 MB
csisyncclient.exe
Process ID 10708
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
Memory Usage 81 MB
Peak Memory Usage 81 MB
csrss.exe
Process ID 520
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 1.88 MB
Peak Memory Usage 4.58 MB
csrss.exe
Process ID 12092
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 6.47 MB
Peak Memory Usage 19 MB
dasHost.exe
Process ID 1956
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\dasHost.exe
Memory Usage 17 MB
Peak Memory Usage 21 MB
dts_apo_service.exe
Process ID 6492
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
Memory Usage 85 MB
Peak Memory Usage 94 MB
dwm.exe
Process ID 10324
User DWM-7
Domain Window Manager
Path C:\Windows\System32\dwm.exe
Memory Usage 158 MB
Peak Memory Usage 176 MB
esif_assist_64.exe
Process ID 5864
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\Temp\DPTF\esif_assist_64.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
esif_uf.exe
Process ID 2616
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\esif_uf.exe
Memory Usage 23 MB
Peak Memory Usage 26 MB
EvtEng.exe
Process ID 2400
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\WiFi\bin\EvtEng.exe
Memory Usage 41 MB
Peak Memory Usage 46 MB
explorer.exe
Process ID 876
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\explorer.exe
Memory Usage 233 MB
Peak Memory Usage 246 MB
GFNEXSrv.exe
Process ID 1692
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
Memory Usage 23 MB
Peak Memory Usage 26 MB
ibtsiva.exe
Process ID 2200
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
igfxCUIService.exe
Process ID 1288
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\igfxCUIService.exe
Memory Usage 16 MB
Peak Memory Usage 18 MB
igfxEM.exe
Process ID 1044
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\igfxEM.exe
Memory Usage 40 MB
Peak Memory Usage 40 MB
igfxHK.exe
Process ID 10760
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\igfxHK.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
igfxTray.exe
Process ID 2000
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\igfxTray.exe
Memory Usage 35 MB
Peak Memory Usage 35 MB
isfacs.exe
Process ID 13200
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\CloudClient\isfacs.exe
Memory Usage 34 MB
Peak Memory Usage 35 MB
isfagent.exe
Process ID 7968
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files (x86)\CloudClient\isfagent.exe
Memory Usage 36 MB
Peak Memory Usage 36 MB
jhi_service.exe
Process ID 8636
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel Management Engine Components\DAL\jhi_service.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
LMIGuardianSvc.exe
Process ID 2268
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
Memory Usage 30 MB
Peak Memory Usage 33 MB
LogMeIn.exe
Process ID 2344
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
Memory Usage 91 MB
Peak Memory Usage 92 MB
LogMeInRC.exe
Process ID 9508
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\LogMeInRC.exe
Memory Usage 51 MB
Peak Memory Usage 57 MB
LogMeInSystray.exe
Process ID 12424
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
Memory Usage 52 MB
Peak Memory Usage 52 MB
lsass.exe
Process ID 764
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\lsass.exe
Memory Usage 34 MB
Peak Memory Usage 38 MB
Microsoft.Photos.exe
Process ID 9728
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Memory Usage 124 MB
Peak Memory Usage 124 MB
MicrosoftEdge.exe
Process ID 200
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Memory Usage 123 MB
Peak Memory Usage 137 MB
MicrosoftEdgeCP.exe
Process ID 6732
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Memory Usage 263 MB
Peak Memory Usage 282 MB
MicrosoftEdgeCP.exe
Process ID 10272
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Memory Usage 116 MB
Peak Memory Usage 356 MB
MicrosoftEdgeCP.exe
Process ID 12376
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Memory Usage 49 MB
Peak Memory Usage 110 MB
MicrosoftEdgeCP.exe
Process ID 4636
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Memory Usage 100 MB
Peak Memory Usage 246 MB
msiexec.exe
Process ID 1636
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\msiexec.exe
Memory Usage 29 MB
Peak Memory Usage 75 MB
officeclicktorun.exe
Process ID 348
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
Memory Usage 60 MB
Peak Memory Usage 60 MB
OneDrive.exe
Process ID 2972
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Memory Usage 68 MB
Peak Memory Usage 71 MB
ONENOTEM.EXE
Process ID 8648
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Memory Usage 31 MB
Peak Memory Usage 31 MB
PresentationFontCache.exe
Process ID 2836
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
Memory Usage 82 MB
Peak Memory Usage 87 MB
ramaint.exe
Process ID 2292
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
Memory Usage 26 MB
Peak Memory Usage 29 MB
RAVCpl64.exe
Process ID 4068
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Memory Usage 46 MB
Peak Memory Usage 47 MB
RegSrvc.exe
Process ID 2456
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
Memory Usage 28 MB
Peak Memory Usage 31 MB
RemindersServer.exe
Process ID 9860
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
Memory Usage 38 MB
Peak Memory Usage 42 MB
RMService.exe
Process ID 2696
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
RtkAudioService64.exe
Process ID 1504
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
Memory Usage 26 MB
Peak Memory Usage 29 MB
RuntimeBroker.exe
Process ID 5964
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 109 MB
Peak Memory Usage 134 MB
SASCore64.exe
Process ID 2236
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\SUPERAntiSpyware\SASCore64.exe
Memory Usage 22 MB
Peak Memory Usage 25 MB
SearchFilterHost.exe
Process ID 3764
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchFilterHost.exe
Memory Usage 9.38 MB
Peak Memory Usage 9.38 MB
SearchIndexer.exe
Process ID 5224
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchIndexer.exe
Memory Usage 100 MB
Peak Memory Usage 129 MB
SearchProtocolHost.exe
Process ID 188
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchProtocolHost.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
SearchProtocolHost.exe
Process ID 7752
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\SearchProtocolHost.exe
Memory Usage 6.37 MB
Peak Memory Usage 6.37 MB
SearchUI.exe
Process ID 5808
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Memory Usage 84 MB
Peak Memory Usage 267 MB
services.exe
Process ID 744
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\services.exe
Memory Usage 4.96 MB
Peak Memory Usage 8.83 MB
SettingSyncHost.exe
Process ID 12532
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\SettingSyncHost.exe
Memory Usage 2.66 MB
Peak Memory Usage 14 MB
ShellExperienceHost.exe
Process ID 9244
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Memory Usage 128 MB
Peak Memory Usage 158 MB
sihost.exe
Process ID 2116
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\sihost.exe
Memory Usage 42 MB
Peak Memory Usage 43 MB
SkypeHost.exe
Process ID 6396
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
Memory Usage 47 MB
Peak Memory Usage 48 MB
smss.exe
Process ID 360
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\smss.exe
Memory Usage 328 KB
Peak Memory Usage 1.13 MB
SnippingTool.exe
Process ID 3488
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\SnippingTool.exe
Memory Usage 17 MB
Peak Memory Usage 26 MB
Speccy64.exe
Process ID 6536
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 31 MB
Peak Memory Usage 31 MB
splwow64.exe
Process ID 11724
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\splwow64.exe
Memory Usage 13 MB
Peak Memory Usage 25 MB
spoolsv.exe
Process ID 1776
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 44 MB
Peak Memory Usage 55 MB
Spotify.exe
Process ID 9504
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Roaming\Spotify\Spotify.exe
Memory Usage 126 MB
Peak Memory Usage 142 MB
Spotify.exe
Process ID 3064
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Roaming\Spotify\Spotify.exe
Memory Usage 128 MB
Peak Memory Usage 149 MB
Spotify.exe
Process ID 5312
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Roaming\Spotify\Spotify.exe
Memory Usage 152 MB
Peak Memory Usage 194 MB
SpotifyCrashService.exe
Process ID 7400
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Roaming\Spotify\SpotifyCrashService.exe
Memory Usage 28 MB
Peak Memory Usage 28 MB
SpotifyWebHelper.exe
Process ID 8720
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Users\quatrine mb\AppData\Roaming\Spotify\SpotifyWebHelper.exe
Memory Usage 31 MB
Peak Memory Usage 31 MB
svchost.exe
Process ID 6600
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\svchost.exe
Memory Usage 57 MB
Peak Memory Usage 58 MB
svchost.exe
Process ID 908
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1004
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 162 MB
Peak Memory Usage 183 MB
svchost.exe
Process ID 544
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 56 MB
Peak Memory Usage 65 MB
svchost.exe
Process ID 10828
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.98 MB
Peak Memory Usage 7.99 MB
svchost.exe
Process ID 956
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 109 MB
Peak Memory Usage 207 MB
svchost.exe
Process ID 12300
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 50 MB
svchost.exe
Process ID 976
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 60 MB
Peak Memory Usage 67 MB
svchost.exe
Process ID 1360
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 41 MB
Peak Memory Usage 98 MB
svchost.exe
Process ID 1540
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 89 MB
svchost.exe
Process ID 6500
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.65 MB
Peak Memory Usage 7.62 MB
svchost.exe
Process ID 384
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.77 MB
Peak Memory Usage 8.57 MB
svchost.exe
Process ID 2368
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 25 MB
Peak Memory Usage 27 MB
svchost.exe
Process ID 2512
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 35 MB
Peak Memory Usage 39 MB
svchost.exe
Process ID 1036
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 29 MB
Peak Memory Usage 33 MB
svchost.exe
Process ID 848
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 82 MB
Peak Memory Usage 84 MB
SynTPEnh.exe
Process ID 9232
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 46 MB
Peak Memory Usage 47 MB
SynTPEnhService.exe
Process ID 2640
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
Memory Usage 6.36 MB
Peak Memory Usage 7.82 MB
SynTPHelper.exe
Process ID 8992
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
System
Process ID 4
Memory Usage 399 MB
Peak Memory Usage 896 MB
System Idle Process
Process ID 0
SystemSettings.exe
Process ID 8896
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Memory Usage 101 MB
Peak Memory Usage 101 MB
TabTip.exe
Process ID 6620
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
Memory Usage 44 MB
Peak Memory Usage 44 MB
TabTip32.exe
Process ID 11828
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
taskhostw.exe
Process ID 2480
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Windows\System32\taskhostw.exe
Memory Usage 62 MB
Peak Memory Usage 96 MB
TCrdKBB.exe
Process ID 10548
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\TOSHIBA\System Setting\Hotkey\TCrdKBB.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
TCrdMain_Win8.exe
Process ID 600
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe
Memory Usage 39 MB
Peak Memory Usage 39 MB
TecoResident.exe
Process ID 7684
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\TOSHIBA\Teco\TecoResident.exe
Memory Usage 34 MB
Peak Memory Usage 35 MB
TecoService.exe
Process ID 2716
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\TOSHIBA\Teco\TecoService.exe
Memory Usage 33 MB
Peak Memory Usage 37 MB
TMachInfo.exe
Process ID 11152
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
Memory Usage 79 MB
Peak Memory Usage 91 MB
ToshibaServiceStation.exe
Process ID 4612
User quatrine mb
Domain DESKTOP-TCLSL11
Path C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
Memory Usage 228 MB
Peak Memory Usage 242 MB
TOSTABSYSSVC.exe
Process ID 2660
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe
Memory Usage 23 MB
Peak Memory Usage 25 MB
unsecapp.exe
Process ID 3440
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\unsecapp.exe
Memory Usage 12 MB
Peak Memory Usage 14 MB
wininit.exe
Process ID 608
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wininit.exe
Memory Usage 2.48 MB
Peak Memory Usage 5.20 MB
winlogon.exe
Process ID 10128
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\winlogon.exe
Memory Usage 15 MB
Peak Memory Usage 19 MB
wlanext.exe
Process ID 4172
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wlanext.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
WmiPrvSE.exe
Process ID 3476
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 36 MB
Peak Memory Usage 60 MB
WmiPrvSE.exe
Process ID 12384
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
WUDFHost.exe
Process ID 1920
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
WUDFHost.exe
Process ID 1208
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 33 MB
Peak Memory Usage 58 MB
ZeroConfigService.exe
Process ID 2652
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Memory Usage 46 MB
Peak Memory Usage 50 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Block Microsoft accounts Not Defined
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Enabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Machine account lockout threshold Not Defined
Interactive logon: Machine inactivity limit Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session Not Defined
Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network security: Allow PKU2U authentication requests to this computer to use online identities.
 
Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Not Defined
Recovery console: Allow floppy copy and access to all drives and all folders Not Defined
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Not Defined
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fan
ACPI Fan
ACPI Fan
ACPI Fan
ACPI Fan
ACPI Fixed Feature Button
ACPI Lid
ACPI Processor Aggregator
ACPI Thermal Zone
ACPI Thermal Zone
ACPI Thermal Zone
Bluetooth ACPI
GPIO Laptop or Slate Indicator Driver
Intel Core i3-5015U CPU @ 2.10GHz
Intel Core i3-5015U CPU @ 2.10GHz
Intel Core i3-5015U CPU @ 2.10GHz
Intel Core i3-5015U CPU @ 2.10GHz
Intel Dynamic Platform and Thermal Framework Manager
Microsoft Windows Management Interface for ACPI
Motherboard resources
Trusted Platform Module 2.0
PCI Express Root Complex
Intel Dynamic Platform and Thermal Framework Processor Participant
Intel Management Engine Interface
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Mobile 5th Generation Intel Core PCI Express Root Port #1 - 9C90
Motherboard resources
Motherboard resources
PCI standard host CPU bridge
Synaptics SMBus Driver
Intel® HD Graphics 5500
Generic PnP Monitor
Intel® USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
USB Root Hub (xHCI)
Intel® Wireless Bluetooth®
Bluetooth Device (Personal Area Network)
Bluetooth Device (RFCOMM Protocol TDI)
Microsoft Bluetooth Enumerator
Microsoft Bluetooth LE Enumerator
USB Input Device
HID Sensor Collection V2
HID-compliant vendor-defined device
USB Input Device
HID-compliant device
HID-compliant touch screen
HID-compliant vendor-defined device
HID-compliant vendor-defined device
USB Composite Device
TOSHIBA Web Camera - HD
High Definition Audio Controller
Realtek High Definition Audio
Microphone Array (Realtek High Definition Audio)
Speakers (Realtek High Definition Audio)
Mobile 5th Generation Intel® Core™ PCI Express Root Port #3 - 9C94
Intel® Dual Band Wireless-AC 7265
Microsoft Wi-Fi Direct Virtual Adapter
Mobile 5th Generation Intel® Core™ PCI Express Root Port #6 - 9C9A
Realtek PCIE CardReader
Mobile 5th Generation Intel® Core™ USB EHCI Controller - 9CA6
USB Root Hub
Generic USB Hub
Mobile 5th Generation Intel® Core™ Base SKU LPC Controller - 9CC5
Direct memory access controller
High precision event timer
Legacy device
Motherboard resources
Motherboard resources
Motherboard resources
Programmable interrupt controller
Standard PS/2 Keyboard
Synaptics SMBus TouchPad
System CMOS/real time clock
System timer
Intel® 9 Series Chipset Family SATA AHCI Controller
TOSHIBA MQ01ABF050
TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device
Toshiba Hotkey Driver
HID-compliant consumer control device
HID-compliant consumer control device
HID-compliant wireless radio controls
Microsoft UEFI-Compliant System
System Firmware
CPU
Intel Core i3 5015U
Cores 2
Threads 4
Name Intel Core i3 5015U
Code Name Broadwell-U
Package Socket 1168 BGA
Technology 14nm
Specification Intel Core i3-5015U CPU @ 2.10GHz
Family 6
Extended Family 6
Model D
Extended Model 3D
Stepping 4
Revision E0/F0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64, NX, VMX, AES, AVX, AVX2, FMA3
Virtualization Supported, Enabled
Hyperthreading Supported, Enabled
Bus Speed 99.8 MHz
Stock Core Speed 2100 MHz
Stock Bus Speed 100 MHz
Average Temperature 43 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2 x 256 KBytes
L3 Unified Cache Size 3072 KBytes
Cores
Core 0
Core Speed 1397.2 MHz
Multiplier x 14.0
Bus Speed 99.8 MHz
Temperature 42 °C
Threads APIC ID: 0, 1
Core 1
Core Speed 2095.8 MHz
Multiplier x 21.0
Bus Speed 99.8 MHz
Temperature 43 °C
Threads APIC ID: 2, 3
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 6144 MBytes
Channels # Dual
DRAM Frequency 798.4 MHz
CAS# Latency (CL) 11 clocks
RAS# to CAS# Delay (tRCD) 11 clocks
RAS# Precharge (tRP) 11 clocks
Cycle Time (tRAS) 28 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 63 %
Total Physical 5.92 GB
Available Physical 2.16 GB
Total Virtual 12 GB
Available Virtual 8.16 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Samsung
Max Bandwidth PC3-12800 (800 MHz)
Part Number M471B5173QH0-YK0
Serial Number 552519438
Week/year 17 / 15
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.350 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 22
Voltage 1.350 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 26
Voltage 1.350 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.350 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1.350 V
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 27
tRC 37
Voltage 1.350 V
JEDEC #7
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 39
Voltage 1.350 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC3-12800 (800 MHz)
Part Number HMT425S6CFR6A-PB
Serial Number 1061963695
Week/year 14 / 15
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.350 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 22
Voltage 1.350 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 26
Voltage 1.350 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.350 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1.350 V
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 27
tRC 37
Voltage 1.350 V
JEDEC #7
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 39
Voltage 1.350 V
Motherboard
Manufacturer FF40
Model 0692 (U3E1)
Version 2.0
Chipset Vendor Intel
Chipset Model Broadwell-U
Chipset Revision 09
Southbridge Vendor Intel
Southbridge Model ID9CC5
Southbridge Revision 03
System Temperature 42 °C
BIOS
Brand INSYDE Corp.
Version 5.10
Date 9/21/2015
PCI Data
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J6C1
Characteristics PME, Hot Plug
Slot Number 0
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J6D2
Characteristics PME, Hot Plug
Slot Number 1
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage In Use
Data lanes x1
Slot Designation J7C1
Characteristics PME, Hot Plug
Slot Number 2
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J7D1
Characteristics PME, Hot Plug
Slot Number 3
Slot PCI-E x4
Slot Type PCI-E x4
Slot Usage Available
Data lanes x4
Slot Designation J8C1
Characteristics PME, Hot Plug
Slot Number 4
Graphics
Monitor
Name Generic PnP Monitor on Intel HD Graphics 5500
Current Resolution 1280x768 pixels
Work Resolution 1280x728 pixels
State Enabled, Primary
Monitor Width 1280
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Intel HD Graphics 5500
Manufacturer Intel
Model HD Graphics 5500
Device ID 8086-1616
Revision A
Subvendor Toshiba (1179)
Current Performance Level Level 0
Driver version 20.19.15.4360
Count of performance levels : 1
Level 1 - "Perf Level 0"
GPU Clock 848 MHz
Storage
Hard drives
TOSHIBA MQ01ABF050
Manufacturer TOSHIBA
Heads 16
Cylinders 60,801
Tracks 15,504,255
Sectors 976,768,065
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number 553SC00KT
Firmware Version Number AM0P3M
LBA Size 48-bit LBA
Power On Count 231 times
Power On Time 49.7 days
Speed 5400 RPM
Features S.M.A.R.T., APM, NCQ
Max. Transfer Mode SATA II 3.0Gb/s
Used Transfer Mode SATA II 3.0Gb/s
Interface SATA
Capacity 465 GB
Real size 500,107,862,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 36 °C
Temperature Range OK (less than 50 °C)
S.M.A.R.T attributes
01
Attribute name Read Error Rate
Real value 0
Current 100
Worst 100
Threshold 50
Raw Value 0000000000
Status Good
02
Attribute name Throughput Performance
Real value 0
Current 100
Worst 100
Threshold 50
Raw Value 0000000000
Status Good
03
Attribute name Spin-Up Time
Real value 1318 ms
Current 100
Worst 100
Threshold 1
Raw Value 0000000526
Status Good
04
Attribute name Start/Stop Count
Real value 231
Current 100
Worst 100
Threshold 0
Raw Value 00000000E7
Status Good
05
Attribute name Reallocated Sectors Count
Real value 0
Current 100
Worst 100
Threshold 50
Raw Value 0000000000
Status Good
07
Attribute name Seek Error Rate
Real value 0
Current 100
Worst 100
Threshold 50
Raw Value 0000000000
Status Good
08
Attribute name Seek Time Performance
Real value 0
Current 100
Worst 100
Threshold 50
Raw Value 0000000000
Status Good
09
Attribute name Power-On Hours (POH)
Real value 49d 16h
Current 98
Worst 98
Threshold 0
Raw Value 00000004A8
Status Good
0A
Attribute name Spin Retry Count
Real value 0
Current 104
Worst 100
Threshold 30
Raw Value 0000000000
Status Good
0C
Attribute name Device Power Cycle Count
Real value 231
Current 100
Worst 100
Threshold 0
Raw Value 00000000E7
Status Good
BF
Attribute name G-sense error rate
Real value 5
Current 100
Worst 100
Threshold 0
Raw Value 0000000005
Status Good
C0
Attribute name Power-off Retract Count
Real value 29
Current 100
Worst 100
Threshold 0
Raw Value 000000001D
Status Good
C1
Attribute name Load/Unload Cycle Count
Real value 14,066
Current 99
Worst 99
Threshold 0
Raw Value 00000036F2
Status Good
C2
Attribute name Temperature
Real value 36 °C
Current 100
Worst 100
Threshold 0
Raw Value 0000130024
Status Good
C4
Attribute name Reallocation Event Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
C5
Attribute name Current Pending Sector Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
C6
Attribute name Uncorrectable Sector Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
C7
Attribute name UltraDMA CRC Error Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
DC
Attribute name Disk Shift
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
DE
Attribute name Loaded Hours
Real value 1,158
Current 98
Worst 98
Threshold 0
Raw Value 0000000486
Status Good
DF
Attribute name Load/Unload Retry Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
E0
Attribute name Load Friction
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
E2
Attribute name Load 'In'-time
Real value 178
Current 100
Worst 100
Threshold 0
Raw Value 00000000B2
Status Good
F0
Attribute name Head Flying Hours
Real value 0h
Current 100
Worst 100
Threshold 1
Raw Value 0000000000
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 260 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number BA02D8B5
Size 464 GB
Used Space 57 GB (12%)
Free Space 407 GB (88%)
Partition 2
Partition ID Disk #0, Partition #2
File System NTFS
Volume Serial Number A09BC3D9
Size 787 MB
Used Space 439 MB (55%)
Free Space 348 MB (45%)
Optical Drives
No optical disk drives detected
Audio
Sound Card
Realtek High Definition Audio
Playback Device
Speakers (Realtek High Definition Audio)
Recording Device
Microphone Array (Realtek High Definition Audio)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor TOS
Location Mobile 5th Generation Intel Core Base SKU LPC Controller - 9CC5
Driver
Date 6-21-2006
Version 10.0.10586.0
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Synaptics SMBus TouchPad
Device Kind Mouse
Device Name Synaptics SMBus TouchPad
Vendor TOS
Location Mobile 5th Generation Intel Core Base SKU LPC Controller - 9CC5
Driver
Date 7-21-2015
Version 19.0.16.3
File C:\WINDOWS\system32\DRIVERS\SynTP.sys
File C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel_Aux.sys
File C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF_Aux.sys
File C:\WINDOWS\system32\SynTPAPI.dll
File C:\WINDOWS\system32\SynCOM.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynRemoveUserSettings.dat
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\StaticImg.html
File C:\Program Files\Synaptics\SynTP\StaticImg.png
File C:\Program Files\Synaptics\SynTP\SynSysDetect.js
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FFlickVNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSmartSense.wmv
File C:\Program Files\Synaptics\SynTP\SynSmartSenseNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDownNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRightNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentum.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.wmv
File C:\Program Files\Synaptics\SynTP\SynBlackScreen.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrained.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynTapping.wmv
File C:\Program Files\Synaptics\SynTP\SynButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDragging.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeed.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressure.wmv
File C:\Program Files\Synaptics\SynTP\SynNoButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZones.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDrag.wmv
File C:\Program Files\Synaptics\SynTP\SynTapLockingDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickLR.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPressNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynButtonsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGestureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDraggingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoomNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapLockingDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVCoasting_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHCoasting_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVCoastingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHCoastingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgePulls.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.html
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.html
File C:\Program Files\Synaptics\SynTP\SynMomentum.html
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.html
File C:\Program Files\Synaptics\SynTP\SynRotating.html
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.html
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.html
File C:\Program Files\Synaptics\SynTP\SynAccessibility.html
File C:\Program Files\Synaptics\SynTP\SynSmartSense.html
File C:\Program Files\Synaptics\SynTP\SynButtons.html
File C:\Program Files\Synaptics\SynTP\SynClicking.html
File C:\Program Files\Synaptics\SynTP\SynMultiFingerGestures.html
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.html
File C:\Program Files\Synaptics\SynTP\SynPointing.html
File C:\Program Files\Synaptics\SynTP\SynScrolling.html
File C:\Program Files\Synaptics\SynTP\SynSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynTapping.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynScrollingVertical.html
File C:\Program Files\Synaptics\SynTP\SynScrollingHorizontal.html
File C:\Program Files\Synaptics\SynTP\SynScrollingChiral.html
File C:\Program Files\Synaptics\SynTP\SynLockingDrags.html
File C:\Program Files\Synaptics\SynTP\SynEdgePulls.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTappingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerRightClickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgePullsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheckNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivityNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrainedNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FHSlide.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FHSlideNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapActionCenter.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapCortana.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapActionCenter.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapCortana.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FClickActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FClickCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FClickActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FClickCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FVSlide.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FVSlideNB.wmv
File C:\Program Files\Synaptics\SynTP\dpinst.exe
File C:\Program Files\Synaptics\SynTP\SynSmbDrv.ini
File C:\Program Files\Synaptics\SynTP\SynToshiba.exe
File C:\WINDOWS\SysWOW64\SynCom.dll
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\SynTPCo33.dll
File C:\WINDOWS\system32\WdfCoInstaller01011.dll
HP Officejet Pro 8610
Device Kind Printer
Device Name HP Officejet Pro 8610
Vendor HP
Location HP1D8588 (HP Officejet Pro 8610)
Driver
Date 8-11-2013
Version 13.33.0.2473
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpoj_8610.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hppcl13-pipelineconfig.xml
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpbxpsrender.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\UNIDRV.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\UNIRES.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\UNIDRVUI.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\STDNAMES.GPD
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\STDDTYPE.GDL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\STDSCHEM.GDL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\STDSCHMX.GDL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\UNIDRV.HLP
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\LOCALE.GPD
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpmacronames.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpbytxdrv13.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpbytxUI13.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpvplres13.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpfime52.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpbx3config13.ini
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\UIDialog.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\MSXPSINC.GPD
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpinksts7112LM.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\hpinksts7112.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\xpssvcs.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{25DFF8E1-0A32-4D46-99AC-387ACDA410EC}\mxdwdrv.dll
File C:\WINDOWS\system32\hpinkcoi7112.dll
File C:\WINDOWS\system32\hpinkins7112.exe
File C:\WINDOWS\system32\hpinksts7112LM.dll
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Chicony Electronics Co Ltd
Comment TOSHIBA Web Camera - HD
Location USB Composite Device
Driver
Date 6-21-2006
Version 10.0.10586.0
File C:\WINDOWS\system32\drivers\usbvideo.sys
WSD Scan Device
Device Kind Camera/scanner
Device Name WSD Scan Device
Vendor Hewlett-Packard
Comment HP1D8588 (HP Officejet Pro 8610)
Driver
Date 6-21-2006
Version 10.0.10586.0
File C:\WINDOWS\system32\DRIVERS\WSDScan.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Foxit Reader PDF Printer
Printer Port FOXIT_Reader:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Foxit Reader PDF Printer Driver (v4.01)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\frdvpr_drv.dll
HP1D8588 (HP Officejet Pro 8610) (Default Printer)
Printer Port WSD-2844806b-80c4-4550-981c-bfa650e0cdc0.0064
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Officejet Pro 8610 (v6.03)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Microsoft Print to PDF
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft Print To PDF (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
Microsoft XPS Document Writer
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer v4 (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
Send To OneNote 2013
Printer Port nul:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send to Microsoft OneNote 15 Driver (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_f9853ae82ff0dda6\Amd64\mxdwdrv.dll
Network
You are connected to the internet
Connected through Intel Dual Band Wireless-AC 7265
IP Address 192.168.1.6
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 98.112.92.33
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 42.2 KBps
Computer Name
NetBIOS Name DESKTOP-TCLSL11
DNS Name DESKTOP-TCLSL11
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain DESKTOP-TCLSL11
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 6
Wi-Fi ()
SSID
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 90
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi ()
SSID
Frequency 2462000 kHz
Channel Number 11
Name No name
Signal Strength/Quality 66
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (Conference AP)
SSID Conference AP
Frequency 5240000 kHz
Channel Number 48
Name Conference AP
Signal Strength/Quality 11
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (GTC36)
SSID GTC36
Frequency 2412000 kHz
Channel Number 1
Name GTC36
Signal Strength/Quality 80
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (NETGEAR35)
SSID NETGEAR35
Frequency 2437000 kHz
Channel Number 6
Name NETGEAR35
Signal Strength/Quality 41
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (WiFi Hotspot 8429)
SSID WiFi Hotspot 8429
Frequency 2412000 kHz
Channel Number 1
Name WiFi Hotspot 8429
Signal Strength/Quality 36
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Enabled
Bluetooth Device (Personal Area Network)
Connection Name Bluetooth Network Connection
DHCP enabled Yes
MAC Address 94-65-9C-3F-0B-0A
Intel® Dual Band Wireless-AC 7265
Connection-specific DNS Suffix home
Connection Name Wi-Fi
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address 94-65-9C-3F-0B-06
IP Address 192.168.1.6
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
DHCP 192.168.1.1
DNS Server 192.168.1.1
Network Shares
No network shares
Current TCP Connections
C:\Program Files (x86)\CloudClient\isfagent.exe (7968)
Local 127.0.0.1:51295 ESTABLISHED Remote 127.0.0.1:8000 (Querying... )
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (12424)
Local 127.0.0.1:51294 ESTABLISHED Remote 127.0.0.1:2002 (Querying... )
C:\Users\quatrine mb\AppData\Local\Microsoft\OneDrive\OneDrive.exe (2972)
Local 192.168.1.6:53520 ESTABLISHED Remote 65.52.108.220:443 (Querying... ) (HTTPS)
C:\Users\quatrine mb\AppData\Roaming\Spotify\Spotify.exe (3064)
Local 0.0.0.0:57621 LISTEN
Local 127.0.0.1:4371 LISTEN
Local 127.0.0.1:4381 LISTEN
Local 192.168.1.6:53494 ESTABLISHED Remote 194.68.29.82:443 (Querying... ) (HTTPS)
C:\Users\quatrine mb\AppData\Roaming\Spotify\SpotifyWebHelper.exe (8720)
Local 127.0.0.1:4370 LISTEN
Local 127.0.0.1:4380 LISTEN
C:\Windows\explorer.exe (876)
Local 192.168.1.6:53751 ESTABLISHED Remote 65.52.108.222:443 (Querying... ) (HTTPS)
C:\Windows\System32\svchost.exe (6600)
Local 192.168.1.6:53655 ESTABLISHED Remote 132.245.47.66:443 (Querying... ) (HTTPS)
ccavona64.exe (4308)
Local 127.0.0.1:52410 ESTABLISHED Remote 127.0.0.1:8000 (Querying... )
isfacs.exe (13200)
Local 0.0.0.0:8000 LISTEN
Local 127.0.0.1:8000 ESTABLISHED Remote 127.0.0.1:51295 (Querying... )
Local 127.0.0.1:8000 ESTABLISHED Remote 127.0.0.1:52410 (Querying... )
LogMeIn.exe (2344)
Local 0.0.0.0:2002 LISTEN
Local 127.0.0.1:2002 ESTABLISHED Remote 127.0.0.1:51294 (Querying... )
Local 192.168.1.6:53524 ESTABLISHED Remote 216.52.233.177:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53772 ESTABLISHED Remote 216.52.233.177:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53775 ESTABLISHED Remote 216.52.233.177:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53776 ESTABLISHED Remote 216.52.233.177:443 (Querying... ) (HTTPS)
lsass.exe (764)
Local 0.0.0.0:49668 LISTEN
services.exe (744)
Local 0.0.0.0:49669 LISTEN
spoolsv.exe (1776)
Local 0.0.0.0:49667 LISTEN
svchost.exe (908)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (956)
Local 0.0.0.0:49666 LISTEN
Local 192.168.1.6:54131 ESTABLISHED Remote 13.107.4.50:80 (Querying... ) (HTTP)
svchost.exe (976)
Local 0.0.0.0:49665 LISTEN
System Process
Local 192.168.1.6:53804 TIME-WAIT Remote 216.58.195.228:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54211 TIME-WAIT Remote 23.215.101.104:80 (Querying... ) (HTTP)
Local 192.168.1.6:54212 TIME-WAIT Remote 23.215.101.104:80 (Querying... ) (HTTP)
Local 192.168.1.6:54213 TIME-WAIT Remote 63.251.210.243:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54218 TIME-WAIT Remote 52.85.83.212:80 (Querying... ) (HTTP)
Local 192.168.1.6:54219 TIME-WAIT Remote 52.85.83.212:80 (Querying... ) (HTTP)
Local 192.168.1.6:54220 TIME-WAIT Remote 52.85.83.212:80 (Querying... ) (HTTP)
Local 192.168.1.6:54224 TIME-WAIT Remote 52.201.27.49:80 (Querying... ) (HTTP)
Local 192.168.1.6:54225 TIME-WAIT Remote 52.201.27.49:80 (Querying... ) (HTTP)
Local 192.168.1.6:54226 TIME-WAIT Remote 52.201.27.49:80 (Querying... ) (HTTP)
Local 192.168.1.6:54227 TIME-WAIT Remote 52.85.77.57:80 (Querying... ) (HTTP)
Local 192.168.1.6:54228 TIME-WAIT Remote 52.85.77.57:80 (Querying... ) (HTTP)
Local 192.168.1.6:54229 TIME-WAIT Remote 52.85.77.57:80 (Querying... ) (HTTP)
Local 192.168.1.6:54230 TIME-WAIT Remote 52.85.77.57:80 (Querying... ) (HTTP)
Local 192.168.1.6:54231 TIME-WAIT Remote 52.85.83.173:80 (Querying... ) (HTTP)
Local 192.168.1.6:54236 TIME-WAIT Remote 54.235.196.88:80 (Querying... ) (HTTP)
Local 192.168.1.6:54237 TIME-WAIT Remote 54.235.196.88:80 (Querying... ) (HTTP)
Local 192.168.1.6:54238 TIME-WAIT Remote 54.235.196.88:80 (Querying... ) (HTTP)
Local 127.0.0.1:8000 TIME-WAIT Remote 127.0.0.1:54008 (Querying... )
Local 127.0.0.1:8000 TIME-WAIT Remote 127.0.0.1:54266 (Querying... )
Local 192.168.1.6:54241 TIME-WAIT Remote 52.85.83.183:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54243 TIME-WAIT Remote 52.85.83.56:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54244 TIME-WAIT Remote 52.85.83.56:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54245 TIME-WAIT Remote 54.235.196.88:80 (Querying... ) (HTTP)
Local 192.168.1.6:54248 TIME-WAIT Remote 52.48.220.232:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54249 TIME-WAIT Remote 172.217.4.163:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54253 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:54254 TIME-WAIT Remote 63.251.210.243:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54255 TIME-WAIT Remote 63.251.210.243:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54260 TIME-WAIT Remote 172.217.4.134:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54264 TIME-WAIT Remote 216.58.217.198:80 (Querying... ) (HTTP)
Local 192.168.1.6:54265 TIME-WAIT Remote 216.58.217.198:80 (Querying... ) (HTTP)
Local 192.168.1.6:53798 TIME-WAIT Remote 64.4.54.254:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53871 TIME-WAIT Remote 151.101.24.134:80 (Querying... ) (HTTP)
Local 192.168.1.6:53805 TIME-WAIT Remote 216.58.216.14:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53813 TIME-WAIT Remote 172.217.4.163:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53817 TIME-WAIT Remote 216.58.217.206:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53819 TIME-WAIT Remote 172.217.4.174:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53821 TIME-WAIT Remote 216.58.219.42:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53822 TIME-WAIT Remote 216.58.193.206:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53823 TIME-WAIT Remote 172.217.4.173:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53824 TIME-WAIT Remote 216.58.217.195:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53826 TIME-WAIT Remote 216.58.217.195:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53827 TIME-WAIT Remote 216.58.195.228:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53829 TIME-WAIT Remote 104.156.81.196:80 (Querying... ) (HTTP)
Local 192.168.1.6:53831 TIME-WAIT Remote 104.65.4.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53832 TIME-WAIT Remote 104.65.4.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53833 TIME-WAIT Remote 104.65.4.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53838 TIME-WAIT Remote 68.67.129.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53839 TIME-WAIT Remote 68.67.129.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53840 TIME-WAIT Remote 68.67.129.157:80 (Querying... ) (HTTP)
Local 192.168.1.6:53846 TIME-WAIT Remote 74.125.25.156:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53849 TIME-WAIT Remote 216.58.193.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53850 TIME-WAIT Remote 216.58.217.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53854 TIME-WAIT Remote 172.217.4.130:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53855 TIME-WAIT Remote 216.58.217.198:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53856 TIME-WAIT Remote 172.217.4.130:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53857 TIME-WAIT Remote 74.125.199.95:80 (Querying... ) (HTTP)
Local 192.168.1.6:53858 TIME-WAIT Remote 74.125.199.95:80 (Querying... ) (HTTP)
Local 192.168.1.6:53862 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53863 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53864 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53865 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53866 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53867 TIME-WAIT Remote 151.101.24.249:80 (Querying... ) (HTTP)
Local 192.168.1.6:53869 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:54267 TIME-WAIT Remote 172.217.4.142:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53872 TIME-WAIT Remote 216.58.219.14:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53873 TIME-WAIT Remote 216.58.219.14:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53874 TIME-WAIT Remote 72.21.91.121:80 (Querying... ) (HTTP)
Local 192.168.1.6:53875 TIME-WAIT Remote 72.21.91.121:80 (Querying... ) (HTTP)
Local 192.168.1.6:53876 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53877 TIME-WAIT Remote 151.101.24.134:80 (Querying... ) (HTTP)
Local 192.168.1.6:53878 TIME-WAIT Remote 216.58.193.206:80 (Querying... ) (HTTP)
Local 192.168.1.6:53879 TIME-WAIT Remote 216.58.193.206:80 (Querying... ) (HTTP)
Local 192.168.1.6:53880 TIME-WAIT Remote 52.85.83.210:80 (Querying... ) (HTTP)
Local 192.168.1.6:53881 TIME-WAIT Remote 52.85.83.210:80 (Querying... ) (HTTP)
Local 192.168.1.6:53882 TIME-WAIT Remote 216.58.217.194:80 (Querying... ) (HTTP)
Local 192.168.1.6:53883 TIME-WAIT Remote 216.58.217.200:80 (Querying... ) (HTTP)
Local 192.168.1.6:53884 TIME-WAIT Remote 216.58.217.194:80 (Querying... ) (HTTP)
Local 192.168.1.6:53885 TIME-WAIT Remote 151.101.24.68:80 (Querying... ) (HTTP)
Local 192.168.1.6:53886 TIME-WAIT Remote 216.58.217.200:80 (Querying... ) (HTTP)
Local 192.168.1.6:53887 TIME-WAIT Remote 151.101.24.68:80 (Querying... ) (HTTP)
Local 192.168.1.6:53888 TIME-WAIT Remote 74.125.28.156:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53890 TIME-WAIT Remote 216.58.219.2:80 (Querying... ) (HTTP)
Local 192.168.1.6:53891 TIME-WAIT Remote 216.58.219.2:80 (Querying... ) (HTTP)
Local 192.168.1.6:53892 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53893 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53894 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53895 TIME-WAIT Remote 23.215.100.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53896 TIME-WAIT Remote 23.215.100.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53899 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:53904 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53910 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53918 TIME-WAIT Remote 195.93.42.2:80 (Querying... ) (HTTP)
Local 192.168.1.6:53919 TIME-WAIT Remote 172.217.4.130:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53920 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53921 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53922 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53923 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53924 TIME-WAIT Remote 151.101.24.166:80 (Querying... ) (HTTP)
Local 192.168.1.6:53925 TIME-WAIT Remote 172.217.4.130:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53927 TIME-WAIT Remote 162.248.16.34:80 (Querying... ) (HTTP)
Local 192.168.1.6:53928 TIME-WAIT Remote 50.97.236.98:80 (Querying... ) (HTTP)
Local 192.168.1.6:53929 TIME-WAIT Remote 50.97.236.98:80 (Querying... ) (HTTP)
Local 192.168.1.6:53930 TIME-WAIT Remote 50.97.236.98:80 (Querying... ) (HTTP)
Local 192.168.1.6:53931 TIME-WAIT Remote 23.57.32.196:80 (Querying... ) (HTTP)
Local 192.168.1.6:53932 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53933 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53934 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53935 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53939 TIME-WAIT Remote 162.248.16.30:80 (Querying... ) (HTTP)
Local 192.168.1.6:53941 TIME-WAIT Remote 162.248.16.30:80 (Querying... ) (HTTP)
Local 192.168.1.6:53942 TIME-WAIT Remote 192.243.232.36:80 (Querying... ) (HTTP)
Local 192.168.1.6:53943 TIME-WAIT Remote 192.243.232.36:80 (Querying... ) (HTTP)
Local 192.168.1.6:53944 TIME-WAIT Remote 192.243.232.36:80 (Querying... ) (HTTP)
Local 192.168.1.6:53948 TIME-WAIT Remote 216.58.217.194:80 (Querying... ) (HTTP)
Local 192.168.1.6:53952 TIME-WAIT Remote 216.58.217.193:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53953 TIME-WAIT Remote 23.57.32.196:80 (Querying... ) (HTTP)
Local 192.168.1.6:53954 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53955 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53956 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:53961 TIME-WAIT Remote 52.9.65.37:80 (Querying... ) (HTTP)
Local 192.168.1.6:53962 TIME-WAIT Remote 52.9.65.37:80 (Querying... ) (HTTP)
Local 192.168.1.6:53964 TIME-WAIT Remote 23.57.58.128:80 (Querying... ) (HTTP)
Local 192.168.1.6:53965 TIME-WAIT Remote 23.57.58.128:80 (Querying... ) (HTTP)
Local 192.168.1.6:53966 TIME-WAIT Remote 23.57.58.128:80 (Querying... ) (HTTP)
Local 192.168.1.6:53967 TIME-WAIT Remote 31.13.70.2:443 (Querying... ) (HTTPS)
Local 192.168.1.6:53968 TIME-WAIT Remote 204.11.109.78:80 (Querying... ) (HTTP)
Local 192.168.1.6:53969 TIME-WAIT Remote 204.11.109.78:80 (Querying... ) (HTTP)
Local 192.168.1.6:53970 TIME-WAIT Remote 162.248.16.50:80 (Querying... ) (HTTP)
Local 192.168.1.6:53971 TIME-WAIT Remote 162.248.16.50:80 (Querying... ) (HTTP)
Local 192.168.1.6:53973 TIME-WAIT Remote 52.25.173.171:80 (Querying... ) (HTTP)
Local 192.168.1.6:53975 TIME-WAIT Remote 172.217.4.162:80 (Querying... ) (HTTP)
Local 192.168.1.6:53977 TIME-WAIT Remote 52.25.173.171:80 (Querying... ) (HTTP)
Local 192.168.1.6:53978 TIME-WAIT Remote 172.217.4.162:80 (Querying... ) (HTTP)
Local 192.168.1.6:53980 TIME-WAIT Remote 216.39.55.12:80 (Querying... ) (HTTP)
Local 192.168.1.6:53984 TIME-WAIT Remote 184.169.177.160:80 (Querying... ) (HTTP)
Local 192.168.1.6:53985 TIME-WAIT Remote 184.169.177.160:80 (Querying... ) (HTTP)
Local 192.168.1.6:53986 TIME-WAIT Remote 52.33.115.192:80 (Querying... ) (HTTP)
Local 192.168.1.6:53987 TIME-WAIT Remote 74.121.136.104:80 (Querying... ) (HTTP)
Local 192.168.1.6:53988 TIME-WAIT Remote 74.121.136.104:80 (Querying... ) (HTTP)
Local 192.168.1.6:53989 TIME-WAIT Remote 216.39.55.12:80 (Querying... ) (HTTP)
Local 192.168.1.6:53991 TIME-WAIT Remote 184.169.177.160:80 (Querying... ) (HTTP)
Local 192.168.1.6:53992 TIME-WAIT Remote 74.121.136.104:80 (Querying... ) (HTTP)
Local 192.168.1.6:53993 TIME-WAIT Remote 52.33.115.192:80 (Querying... ) (HTTP)
Local 192.168.1.6:53994 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:53995 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:53997 TIME-WAIT Remote 162.248.16.24:80 (Querying... ) (HTTP)
Local 192.168.1.6:54000 TIME-WAIT Remote 69.172.216.56:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54006 TIME-WAIT Remote 204.154.110.79:80 (Querying... ) (HTTP)
Local 192.168.1.6:54009 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54010 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54011 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54012 TIME-WAIT Remote 52.33.115.192:80 (Querying... ) (HTTP)
Local 192.168.1.6:54013 TIME-WAIT Remote 204.11.109.66:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54014 TIME-WAIT Remote 204.11.109.66:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54015 TIME-WAIT Remote 204.11.109.66:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54016 TIME-WAIT Remote 204.11.109.66:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54017 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54018 TIME-WAIT Remote 23.215.101.123:80 (Querying... ) (HTTP)
Local 192.168.1.6:54019 TIME-WAIT Remote 23.215.101.123:80 (Querying... ) (HTTP)
Local 192.168.1.6:54020 TIME-WAIT Remote 23.215.101.123:80 (Querying... ) (HTTP)
Local 192.168.1.6:54021 TIME-WAIT Remote 138.108.6.20:80 (Querying... ) (HTTP)
Local 192.168.1.6:54025 TIME-WAIT Remote 152.163.13.77:80 (Querying... ) (HTTP)
Local 192.168.1.6:54026 TIME-WAIT Remote 152.163.13.77:80 (Querying... ) (HTTP)
Local 192.168.1.6:54027 TIME-WAIT Remote 54.193.92.233:80 (Querying... ) (HTTP)
Local 192.168.1.6:54028 TIME-WAIT Remote 54.193.92.233:80 (Querying... ) (HTTP)
Local 192.168.1.6:54030 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54031 TIME-WAIT Remote 204.11.109.66:80 (Querying... ) (HTTP)
Local 192.168.1.6:54035 TIME-WAIT Remote 69.172.216.111:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54037 TIME-WAIT Remote 69.169.85.6:80 (Querying... ) (HTTP)
Local 192.168.1.6:54042 TIME-WAIT Remote 198.41.214.67:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54046 TIME-WAIT Remote 207.46.96.206:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54049 TIME-WAIT Remote 54.213.30.218:80 (Querying... ) (HTTP)
Local 192.168.1.6:54050 TIME-WAIT Remote 52.34.206.238:80 (Querying... ) (HTTP)
Local 192.168.1.6:54051 TIME-WAIT Remote 69.169.85.6:80 (Querying... ) (HTTP)
Local 192.168.1.6:54052 TIME-WAIT Remote 69.169.85.6:80 (Querying... ) (HTTP)
Local 192.168.1.6:54053 TIME-WAIT Remote 74.125.199.95:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54065 TIME-WAIT Remote 23.215.101.106:80 (Querying... ) (HTTP)
Local 192.168.1.6:54070 TIME-WAIT Remote 185.86.139.19:80 (Querying... ) (HTTP)
Local 192.168.1.6:54076 TIME-WAIT Remote 69.194.244.11:80 (Querying... ) (HTTP)
Local 192.168.1.6:54077 TIME-WAIT Remote 69.194.244.11:80 (Querying... ) (HTTP)
Local 192.168.1.6:54078 TIME-WAIT Remote 69.194.244.11:80 (Querying... ) (HTTP)
Local 192.168.1.6:54090 TIME-WAIT Remote 72.28.103.58:80 (Querying... ) (HTTP)
Local 192.168.1.6:54091 TIME-WAIT Remote 72.28.103.58:80 (Querying... ) (HTTP)
Local 192.168.1.6:54092 TIME-WAIT Remote 23.222.219.53:80 (Querying... ) (HTTP)
Local 192.168.1.6:54094 TIME-WAIT Remote 172.217.4.162:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54095 TIME-WAIT Remote 216.58.193.198:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54096 TIME-WAIT Remote 216.58.217.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54098 TIME-WAIT Remote 72.28.103.58:80 (Querying... ) (HTTP)
Local 192.168.1.6:54099 TIME-WAIT Remote 216.58.217.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54100 TIME-WAIT Remote 216.58.217.198:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54101 TIME-WAIT Remote 216.58.217.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54102 TIME-WAIT Remote 216.58.217.198:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54106 TIME-WAIT Remote 52.85.76.27:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54107 TIME-WAIT Remote 52.85.76.27:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54112 TIME-WAIT Remote 198.8.71.239:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54113 TIME-WAIT Remote 198.8.71.239:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54114 TIME-WAIT Remote 198.8.71.239:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54121 TIME-WAIT Remote 52.22.153.61:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54122 TIME-WAIT Remote 216.58.217.198:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54127 TIME-WAIT Remote 23.56.220.184:80 (Querying... ) (HTTP)
Local 192.168.1.6:54145 TIME-WAIT Remote 192.229.163.25:80 (Querying... ) (HTTP)
Local 192.168.1.6:54147 TIME-WAIT Remote 31.13.70.7:80 (Querying... ) (HTTP)
Local 192.168.1.6:54152 TIME-WAIT Remote 216.58.193.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54154 TIME-WAIT Remote 216.58.193.194:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54156 TIME-WAIT Remote 31.13.70.7:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54157 TIME-WAIT Remote 23.56.220.184:80 (Querying... ) (HTTP)
Local 192.168.1.6:54158 TIME-WAIT Remote 23.56.220.184:80 (Querying... ) (HTTP)
Local 192.168.1.6:54159 TIME-WAIT Remote 204.154.111.228:80 (Querying... ) (HTTP)
Local 192.168.1.6:54160 TIME-WAIT Remote 204.154.111.228:80 (Querying... ) (HTTP)
Local 192.168.1.6:54161 TIME-WAIT Remote 204.154.111.228:80 (Querying... ) (HTTP)
Local 192.168.1.6:54162 TIME-WAIT Remote 204.154.111.228:80 (Querying... ) (HTTP)
Local 192.168.1.6:54163 TIME-WAIT Remote 204.154.111.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54164 TIME-WAIT Remote 204.154.111.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54165 TIME-WAIT Remote 204.154.111.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54170 TIME-WAIT Remote 192.229.163.25:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54173 TIME-WAIT Remote 107.6.77.98:80 (Querying... ) (HTTP)
Local 192.168.1.6:54175 TIME-WAIT Remote 104.16.26.235:80 (Querying... ) (HTTP)
Local 192.168.1.6:54176 TIME-WAIT Remote 104.16.18.35:80 (Querying... ) (HTTP)
Local 192.168.1.6:54177 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:54178 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:54179 TIME-WAIT Remote 23.57.40.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:54180 TIME-WAIT Remote 23.215.100.18:80 (Querying... ) (HTTP)
Local 192.168.1.6:54183 TIME-WAIT Remote 54.230.139.245:443 (Querying... ) (HTTPS)
Local 192.168.1.6:54189 TIME-WAIT Remote 50.97.236.98:80 (Querying... ) (HTTP)
Local 192.168.1.6:54195 TIME-WAIT Remote 104.65.4.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54196 TIME-WAIT Remote 104.65.4.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54197 TIME-WAIT Remote 104.65.4.224:80 (Querying... ) (HTTP)
Local 192.168.1.6:54198 TIME-WAIT Remote 104.16.24.35:80 (Querying... ) (HTTP)
Local 192.168.1.6:54201 TIME-WAIT Remote 104.16.36.83:80 (Querying... ) (HTTP)
Local 192.168.1.6:54202 TIME-WAIT Remote 23.43.166.218:80 (Querying... ) (HTTP)
Local 192.168.1.6:54205 TIME-WAIT Remote 23.43.166.218:80 (Querying... ) (HTTP)
Local 192.168.1.6:54210 TIME-WAIT Remote 69.194.244.13:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 192.168.1.6:139 (NetBIOS session service) LISTEN
wininit.exe (608)
Local 0.0.0.0:49664 LISTEN
Generated with Speccy v1.29.714

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Not seeing much.  Temps are good.  Hard drive too.  Network OK.  Process Explorer log looked OK.  You can uninstall Speccy.  We don't need it any more.

 

Let's try:

 

Copy the next line:

 

FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
 
 
Open an elevated command prompt:
 
 
If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:
 
Right click and Paste (or Edit then Paste) and the copied line will appear.  Hit Enter. 
 
Now Type(with an Enter after each line):
 
 DISM  /Online  /Cleanup-Image  /RestoreHealth
 
 (I use two spaces so you can be sure to see where one space goes.)
This will take a while to complete.  Once the prompt returns:
 
Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 
sfc  /scannow
 
 
 
This will also take a few minutes.  
 
When it finishes it will say one of the following:
 
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
 

Let me know which you get.

 

 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#8
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts

It has been stuck on this step at 20% for a long time?   DISM  /Online  /Cleanup-Image  /RestoreHealth


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

It normally only takes 15 - 20 minutes to run.  It does normally sit at 20% for a while before finishing in a rush.  It will need the Internet so make sure that's connected.

 

If it has been more than 20 minutes I would stop it (Ctrl + c will probably do it or you can close the window) then run SFC /scannow and try DSIM again after SFC runs.


  • 0

#10
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 05/08/2016 5:17:25 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/08/2016 11:02:52 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:10 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:04 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:04 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:04 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 10:46:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 05/08/2016 12:44:19 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/08/2016 11:12:51 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/08/2016 8:34:30 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/08/2016 5:55:43 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/08/2016 5:10:09 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-TCLSL11\quatrine mb SID (S-1-5-21-4126747306-3002756303-3608770802-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 04/08/2016 5:07:41 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 05/08/2016 11:30:37 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name tpc.googlesyndication.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 05/08/2016 11:02:54 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 05/08/2016 3:44:31 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 05/08/2016 12:44:20 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 11:12:52 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 8:34:32 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 5:55:59 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 3:47:34 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 12:47:26 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 12:33:57 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\System32\IWMSSvc.dll 
 
Log: 'System' Date/Time: 04/08/2016 12:29:31 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device HID\VID_048D&PID_8350&Col02\6&e8ed777&0&0001.
 
Log: 'System' Date/Time: 04/08/2016 12:29:30 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 04/08/2016 12:28:05 AM
Type: Warning Category: 0
Event: 4 Source: Microsoft-Windows-Kernel-Tm
The TransactionManager (TmId={8BD67533-59E0-11E6-BE75-806E6F6E6963}, LogPath=\SystemRoot\System32\Config\TxR\{f5b13570-4b48-11e6-80cb-e41d2d012050}.TM) has failed to advance its log tail, due to the transaction (UOW={8BD6775B-59E0-11E6-BE75-DDE9B8F31B37}, Description='') being unresolved for some time.  The transaction must be forced to resolve in order for the TransactionManager to continue to provide transactional services.  Forcing the incorrect outcome may cause data corruption in any subordinate ResourceManagers or Transactionmanagers.
 
Log: 'System' Date/Time: 04/08/2016 12:13:42 AM
Type: Warning Category: 0
Event: 263 Source: Win32k
The event description cannot be found.
 
Log: 'System' Date/Time: 04/08/2016 12:13:32 AM
Type: Warning Category: 0
Event: 263 Source: Win32k
The event description cannot be found.

  • 0

#11
bhzendner

bhzendner

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 219 posts

Windows Resource Protection did not find any integrity violations.


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Is it running any better now?


  • 0






Similar Topics


Also tagged with one or more of these keywords: Malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP