Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 10 bogged down ....Takes forever to load pages or scroll


  • Please log in to reply

#1
demozast

demozast

    Member

  • Member
  • PipPip
  • 74 posts

Hi

 

Thank you first off for taking the time to look at this .

 

I mainly use this computer for Ebay and recently the pages are lagging, won't scroll or will just plain lock up and not respond.  I've done a free clean up program that has worked wel in the past and run a check from Malwarebytes.com and found nothing.  My computer did do some updates recently so I am kind of suspecting that is the culprit.  Any help would be greatly appreciated.

 

 

64 bit operating system, x64-based processor

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by demozast (administrator) on KIRKS (16-12-2016 23:37:35)
Running from C:\Users\demozast\Desktop
Loaded Profiles: demozast (Available Profiles: Kirk & demozast)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Facebook Inc.) C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-06] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\...\Run: [Facebook Update] => C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-08] (Facebook Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5368b1ce-e33e-45dc-a83c-1775fa80e27d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8500a964-37f0-4456-ba41-85966b9e5980}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.midco.net/
HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {C69A395C-89AB-4291-A3E2-26F222212560} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3866968966-2643451653-4206778344-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-3866968966-2643451653-4206778344-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3866968966-2643451653-4206778344-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\demozast\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.midco.net/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default [2016-12-16]
CHR Extension: (Google Drive) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Norton Security Toolbar) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2015-08-07]
CHR Extension: (YouTube) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Google Docs Offline) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (AdBlock) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-06]
CHR Extension: (Gmail) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\demozast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-04] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-04] (Symantec Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-16 23:37 - 2016-12-16 23:38 - 00015372 _____ C:\Users\demozast\Desktop\FRST.txt
2016-12-14 19:11 - 2016-12-09 04:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 19:11 - 2016-12-09 04:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 19:11 - 2016-12-09 04:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 19:11 - 2016-12-09 04:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 19:11 - 2016-12-09 04:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 19:11 - 2016-12-09 04:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 19:11 - 2016-12-09 04:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 19:11 - 2016-12-09 04:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 19:11 - 2016-12-09 04:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 19:11 - 2016-12-09 04:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 19:11 - 2016-12-09 04:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 19:11 - 2016-12-09 04:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 19:11 - 2016-12-09 04:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 19:11 - 2016-12-09 03:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 19:11 - 2016-12-09 03:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 19:11 - 2016-12-09 03:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 19:11 - 2016-12-09 03:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 19:11 - 2016-12-09 03:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 19:11 - 2016-12-09 03:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 19:11 - 2016-12-09 03:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 19:11 - 2016-12-09 03:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 19:11 - 2016-12-09 03:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 19:11 - 2016-12-09 03:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 19:11 - 2016-12-09 03:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 19:11 - 2016-12-09 03:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 19:11 - 2016-12-09 03:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 19:11 - 2016-12-09 03:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 19:11 - 2016-12-09 03:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 19:11 - 2016-12-09 03:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 19:11 - 2016-12-09 03:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 19:11 - 2016-12-09 03:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 19:11 - 2016-12-09 03:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 19:11 - 2016-12-09 03:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 19:11 - 2016-12-09 03:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 19:11 - 2016-12-09 03:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 19:11 - 2016-12-09 03:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 19:11 - 2016-12-09 03:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 19:11 - 2016-12-09 03:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 19:11 - 2016-12-09 03:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 19:11 - 2016-12-09 03:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 19:11 - 2016-12-09 03:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 19:11 - 2016-12-09 03:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 19:11 - 2016-12-09 03:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 19:11 - 2016-12-09 03:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 19:11 - 2016-12-09 03:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 19:11 - 2016-12-09 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 19:11 - 2016-12-09 03:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 19:11 - 2016-12-09 03:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 19:11 - 2016-12-09 03:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 19:11 - 2016-12-09 03:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 19:11 - 2016-12-09 03:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 19:11 - 2016-12-09 03:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 19:10 - 2016-12-09 04:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 19:10 - 2016-12-09 04:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 19:10 - 2016-12-09 04:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 19:10 - 2016-12-09 04:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 19:10 - 2016-12-09 04:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 19:10 - 2016-12-09 04:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 19:10 - 2016-12-09 04:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 19:10 - 2016-12-09 04:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 19:10 - 2016-12-09 04:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 19:10 - 2016-12-09 04:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 19:10 - 2016-12-09 04:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 19:10 - 2016-12-09 04:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 19:10 - 2016-12-09 04:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 19:10 - 2016-12-09 04:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 19:10 - 2016-12-09 04:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 19:10 - 2016-12-09 04:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 19:10 - 2016-12-09 04:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 19:10 - 2016-12-09 04:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 19:10 - 2016-12-09 03:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 19:10 - 2016-12-09 03:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 19:10 - 2016-12-09 03:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 19:10 - 2016-12-09 03:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 19:10 - 2016-12-09 03:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 19:10 - 2016-12-09 03:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 19:10 - 2016-12-09 03:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 19:10 - 2016-12-09 03:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 19:10 - 2016-12-09 03:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 19:10 - 2016-12-09 03:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 19:10 - 2016-12-09 03:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 19:10 - 2016-12-09 03:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 19:10 - 2016-12-09 03:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 19:10 - 2016-12-09 03:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 19:10 - 2016-12-09 03:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 19:10 - 2016-12-09 03:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 19:10 - 2016-12-09 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 19:10 - 2016-12-09 03:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 19:10 - 2016-12-09 03:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 19:10 - 2016-12-09 03:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 19:10 - 2016-12-09 03:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 19:10 - 2016-12-09 03:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 19:10 - 2016-12-09 02:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 19:09 - 2016-12-09 04:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 19:09 - 2016-12-09 04:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 19:09 - 2016-12-09 04:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 19:09 - 2016-12-09 04:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 19:09 - 2016-12-09 04:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 19:09 - 2016-12-09 03:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 19:09 - 2016-12-09 03:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 19:09 - 2016-12-09 03:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 19:09 - 2016-12-09 03:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 19:09 - 2016-12-09 03:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 19:09 - 2016-12-09 03:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 19:09 - 2016-12-09 03:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 19:09 - 2016-12-09 03:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 19:09 - 2016-12-09 03:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 19:09 - 2016-12-09 03:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 19:04 - 2016-12-09 04:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 19:04 - 2016-12-09 03:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 19:04 - 2016-12-09 03:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 19:04 - 2016-12-09 03:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 19:04 - 2016-12-09 03:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-09 21:20 - 2016-11-11 04:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 21:20 - 2016-11-11 04:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 21:20 - 2016-11-11 04:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 21:20 - 2016-11-11 04:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 21:20 - 2016-11-11 04:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 21:20 - 2016-11-11 04:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 21:20 - 2016-11-11 04:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 21:20 - 2016-11-11 04:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 21:20 - 2016-11-11 04:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 21:20 - 2016-11-11 04:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 21:20 - 2016-11-11 04:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 21:20 - 2016-11-11 03:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 21:20 - 2016-11-11 03:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 21:20 - 2016-11-11 03:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 21:20 - 2016-11-11 03:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 21:20 - 2016-11-11 03:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 21:20 - 2016-11-11 03:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 21:20 - 2016-11-11 03:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 21:20 - 2016-11-11 03:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 21:20 - 2016-11-11 03:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 21:20 - 2016-11-11 03:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 21:20 - 2016-11-11 03:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 21:20 - 2016-11-11 03:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 21:20 - 2016-11-11 03:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 21:20 - 2016-11-11 03:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 21:20 - 2016-11-11 03:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 21:20 - 2016-11-11 03:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 21:20 - 2016-11-11 03:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 21:20 - 2016-11-11 03:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 21:20 - 2016-11-11 03:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 21:20 - 2016-11-11 03:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 21:20 - 2016-11-11 03:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 21:20 - 2016-11-11 03:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 21:20 - 2016-11-11 03:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 21:20 - 2016-11-11 03:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 21:20 - 2016-11-11 03:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 21:20 - 2016-11-11 03:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 21:20 - 2016-11-11 03:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 21:20 - 2016-11-11 03:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 21:20 - 2016-11-11 03:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 21:20 - 2016-11-11 03:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 21:20 - 2016-11-11 03:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 21:20 - 2016-11-11 03:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 21:20 - 2016-11-11 03:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 21:20 - 2016-11-11 03:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 21:20 - 2016-11-11 03:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 21:20 - 2016-11-11 03:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 21:20 - 2016-11-11 03:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 21:20 - 2016-11-11 03:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 21:20 - 2016-11-11 03:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 21:20 - 2016-11-11 03:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 21:20 - 2016-11-11 03:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 21:20 - 2016-11-11 03:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 21:20 - 2016-11-11 03:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 21:20 - 2016-11-11 03:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 21:20 - 2016-11-11 03:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 21:20 - 2016-11-11 03:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 21:20 - 2016-11-11 03:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 21:20 - 2016-11-11 03:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 21:20 - 2016-11-11 03:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 21:20 - 2016-11-11 03:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 21:20 - 2016-11-11 03:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 21:20 - 2016-11-11 03:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 21:20 - 2016-11-11 03:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 21:20 - 2016-11-11 03:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 21:20 - 2016-11-11 02:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 21:20 - 2016-11-11 01:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 21:20 - 2016-11-11 01:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 21:20 - 2016-11-11 01:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 21:20 - 2016-11-11 01:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 21:20 - 2016-11-11 01:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 21:20 - 2016-11-11 01:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 21:20 - 2016-11-11 01:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 21:20 - 2016-11-11 01:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 21:20 - 2016-11-11 01:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-09 21:20 - 2016-11-11 01:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-09 21:20 - 2016-11-11 01:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-09 21:20 - 2016-11-11 01:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-09 21:20 - 2016-11-11 01:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-09 21:20 - 2016-11-11 01:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-09 21:20 - 2016-11-11 01:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-09 21:20 - 2016-11-11 01:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 21:20 - 2016-11-11 01:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-09 21:20 - 2016-11-11 01:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-09 21:20 - 2016-11-11 01:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 21:20 - 2016-11-11 01:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-09 21:20 - 2016-11-11 01:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-09 21:20 - 2016-11-11 01:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-09 21:20 - 2016-11-11 01:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-09 21:20 - 2016-11-11 01:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-09 21:20 - 2016-11-11 01:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-09 21:20 - 2016-11-11 01:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-09 21:20 - 2016-11-11 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-09 21:20 - 2016-11-11 01:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-09 21:20 - 2016-11-11 01:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-09 21:20 - 2016-11-11 01:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 21:20 - 2016-11-11 01:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-09 21:20 - 2016-11-11 01:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-09 21:20 - 2016-11-11 01:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-09 21:20 - 2016-11-11 01:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-09 21:20 - 2016-11-11 01:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-09 21:20 - 2016-11-11 01:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-09 21:20 - 2016-11-11 01:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-09 21:20 - 2016-11-11 01:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-09 21:20 - 2016-11-11 01:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-09 21:20 - 2016-11-11 01:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-09 21:20 - 2016-11-11 01:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-09 21:19 - 2016-11-11 04:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 21:19 - 2016-11-11 04:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 21:19 - 2016-11-11 04:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 21:19 - 2016-11-11 04:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 21:19 - 2016-11-11 04:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 21:19 - 2016-11-11 04:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 21:19 - 2016-11-11 04:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 21:19 - 2016-11-11 04:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 21:19 - 2016-11-11 04:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 21:19 - 2016-11-11 04:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 21:19 - 2016-11-11 03:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 21:19 - 2016-11-11 03:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 21:19 - 2016-11-11 03:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 21:19 - 2016-11-11 03:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-09 21:19 - 2016-11-11 03:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 21:19 - 2016-11-11 03:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 21:19 - 2016-11-11 03:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 21:19 - 2016-11-11 03:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 21:19 - 2016-11-11 03:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 21:19 - 2016-11-11 03:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 21:19 - 2016-11-11 03:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 21:19 - 2016-11-11 03:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 21:19 - 2016-11-11 03:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 21:19 - 2016-11-11 03:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 21:19 - 2016-11-11 03:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 21:19 - 2016-11-11 03:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 21:19 - 2016-11-11 03:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 21:19 - 2016-11-11 03:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 21:19 - 2016-11-11 03:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-09 21:19 - 2016-11-11 03:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 21:19 - 2016-11-11 03:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 21:19 - 2016-11-11 03:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 21:19 - 2016-11-11 03:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 21:19 - 2016-11-11 03:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-09 21:19 - 2016-11-11 03:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 21:19 - 2016-11-11 03:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 21:19 - 2016-11-11 03:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 21:19 - 2016-11-11 03:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 21:19 - 2016-11-11 03:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 21:19 - 2016-11-11 03:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 21:19 - 2016-11-11 03:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 21:19 - 2016-11-11 03:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 21:19 - 2016-11-11 03:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 21:19 - 2016-11-11 03:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 21:19 - 2016-11-11 03:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 21:19 - 2016-11-11 03:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-09 21:19 - 2016-11-11 03:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 21:19 - 2016-11-11 03:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 21:19 - 2016-11-11 03:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-09 21:19 - 2016-11-11 03:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 21:19 - 2016-11-11 03:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 21:19 - 2016-11-11 03:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 21:19 - 2016-11-11 03:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 21:19 - 2016-11-11 03:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 21:19 - 2016-11-11 03:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 21:19 - 2016-11-11 03:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 21:19 - 2016-11-11 02:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-09 21:19 - 2016-11-11 01:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-09 21:19 - 2016-11-11 01:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-09 21:19 - 2016-11-11 01:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-09 21:19 - 2016-11-11 01:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-09 21:19 - 2016-11-11 01:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-09 21:19 - 2016-11-11 01:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-09 21:19 - 2016-11-11 01:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 21:19 - 2016-11-11 01:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-09 21:19 - 2016-11-11 01:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 21:19 - 2016-11-11 01:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-09 21:19 - 2016-11-11 01:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-09 21:19 - 2016-11-11 01:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 21:19 - 2016-11-11 01:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-09 21:19 - 2016-11-11 01:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 21:19 - 2016-11-11 01:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 21:19 - 2016-11-11 01:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-09 21:19 - 2016-11-11 01:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-09 21:19 - 2016-11-11 01:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-09 21:19 - 2016-11-11 01:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-09 21:19 - 2016-11-11 01:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-09 21:19 - 2016-11-11 01:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-09 21:19 - 2016-11-11 01:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-09 21:19 - 2016-11-11 01:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-09 21:19 - 2016-11-11 01:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-09 21:19 - 2016-11-11 01:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-09 21:19 - 2016-11-11 01:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-09 21:19 - 2016-11-11 01:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-09 21:19 - 2016-11-11 01:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-09 21:19 - 2016-11-11 01:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-09 21:19 - 2016-11-11 01:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-09 21:19 - 2016-11-11 01:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-09 21:19 - 2016-11-11 01:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-09 21:19 - 2016-11-11 01:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-09 21:19 - 2016-11-11 01:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 21:19 - 2016-11-11 01:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-09 21:19 - 2016-11-11 01:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-09 21:18 - 2016-11-11 04:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 21:18 - 2016-11-11 03:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 21:18 - 2016-11-11 03:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 21:18 - 2016-11-11 03:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 21:18 - 2016-11-11 03:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 21:18 - 2016-11-11 03:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 21:18 - 2016-11-11 03:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 21:18 - 2016-11-11 03:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 21:18 - 2016-11-11 03:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 21:18 - 2016-11-11 03:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 21:18 - 2016-11-11 03:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 21:18 - 2016-11-11 03:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 21:18 - 2016-11-11 03:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 21:18 - 2016-11-11 03:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 21:18 - 2016-11-11 03:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 21:18 - 2016-11-11 03:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 21:18 - 2016-11-11 03:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 21:18 - 2016-11-11 03:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 21:18 - 2016-11-11 03:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 21:18 - 2016-11-11 03:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 21:18 - 2016-11-11 03:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-09 21:18 - 2016-11-11 03:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 21:18 - 2016-11-11 03:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 21:18 - 2016-11-11 03:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 21:18 - 2016-11-11 03:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 21:18 - 2016-11-11 03:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 21:18 - 2016-11-11 03:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 21:18 - 2016-11-11 03:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 21:18 - 2016-11-11 03:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 21:18 - 2016-11-11 03:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 21:18 - 2016-11-11 03:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 21:18 - 2016-11-11 03:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 21:18 - 2016-11-11 03:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 21:18 - 2016-11-11 03:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 21:18 - 2016-11-11 03:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 21:18 - 2016-11-11 03:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 21:18 - 2016-11-11 03:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 21:18 - 2016-11-11 03:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 21:18 - 2016-11-11 03:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-09 21:18 - 2016-11-11 03:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 21:18 - 2016-11-11 03:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 21:18 - 2016-11-11 03:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 21:18 - 2016-11-11 03:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 21:18 - 2016-11-11 03:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 21:18 - 2016-11-11 03:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 21:18 - 2016-11-11 03:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-09 21:18 - 2016-11-11 03:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 21:18 - 2016-11-11 03:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 21:18 - 2016-11-11 03:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 21:18 - 2016-11-11 03:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 21:18 - 2016-11-11 02:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-09 21:18 - 2016-11-11 02:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-09 21:18 - 2016-11-11 02:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-09 21:18 - 2016-11-11 01:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 21:18 - 2016-11-11 01:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-09 21:18 - 2016-11-11 01:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 21:18 - 2016-11-11 01:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-09 21:18 - 2016-11-11 01:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-09 21:18 - 2016-11-11 01:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-09 21:18 - 2016-11-11 01:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-09 21:18 - 2016-11-11 01:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 21:18 - 2016-11-11 01:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-09 21:18 - 2016-11-11 01:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-09 21:18 - 2016-11-11 01:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-09 21:18 - 2016-11-11 01:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-09 21:18 - 2016-11-11 01:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 21:18 - 2016-11-11 01:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-09 21:18 - 2016-11-11 01:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-05 21:18 - 2016-12-09 19:06 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-04 13:12 - 2016-12-04 13:12 - 00031484 _____ C:\Users\demozast\Desktop\eBayISAPI.gz
2016-11-22 00:19 - 2016-11-02 06:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-22 00:19 - 2016-11-02 05:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-22 00:19 - 2016-11-02 05:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-22 00:19 - 2016-11-02 05:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-22 00:19 - 2016-11-02 05:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-22 00:19 - 2016-11-02 05:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-22 00:19 - 2016-11-02 05:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-22 00:19 - 2016-11-02 05:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-22 00:19 - 2016-11-02 05:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-22 00:19 - 2016-11-02 04:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-22 00:19 - 2016-11-02 04:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-22 00:19 - 2016-11-02 04:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-22 00:19 - 2016-11-02 04:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-22 00:19 - 2016-11-02 04:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-22 00:19 - 2016-11-02 04:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-22 00:19 - 2016-11-02 04:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-22 00:19 - 2016-11-02 04:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-22 00:19 - 2016-11-02 04:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-22 00:19 - 2016-11-02 04:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-22 00:19 - 2016-11-02 04:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-22 00:19 - 2016-11-02 04:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-22 00:19 - 2016-11-02 04:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-22 00:19 - 2016-11-02 04:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-22 00:19 - 2016-11-02 04:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-22 00:19 - 2016-11-02 04:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-22 00:19 - 2016-11-02 04:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-22 00:19 - 2016-11-02 04:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-22 00:19 - 2016-11-02 04:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-22 00:19 - 2016-11-02 04:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-22 00:19 - 2016-11-02 04:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-22 00:19 - 2016-11-02 04:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-22 00:19 - 2016-11-02 04:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-22 00:19 - 2016-11-02 04:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-22 00:19 - 2016-11-02 04:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-22 00:19 - 2016-11-02 04:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-22 00:19 - 2016-11-02 02:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-22 00:18 - 2016-11-02 05:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-22 00:18 - 2016-11-02 05:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-22 00:18 - 2016-11-02 05:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-22 00:18 - 2016-11-02 05:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-22 00:18 - 2016-11-02 04:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-22 00:18 - 2016-11-02 04:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-22 00:18 - 2016-11-02 04:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-22 00:18 - 2016-11-02 04:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-22 00:18 - 2016-11-02 04:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-22 00:18 - 2016-11-02 04:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-22 00:18 - 2016-11-02 04:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-22 00:18 - 2016-11-02 04:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-22 00:18 - 2016-11-02 04:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-22 00:18 - 2016-11-02 04:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-22 00:18 - 2016-11-02 04:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-22 00:18 - 2016-11-02 04:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-22 00:18 - 2016-11-02 04:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-22 00:18 - 2016-11-02 04:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-22 00:18 - 2016-11-02 04:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-22 00:18 - 2016-11-02 04:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-22 00:18 - 2016-11-02 04:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-22 00:18 - 2016-11-02 04:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-22 00:18 - 2016-11-02 04:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-22 00:18 - 2016-11-02 04:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-22 00:18 - 2016-11-02 04:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-22 00:18 - 2016-11-02 04:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-22 00:18 - 2016-11-02 04:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-22 00:18 - 2016-11-02 04:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-22 00:18 - 2016-11-02 04:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-22 00:18 - 2016-11-02 04:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-22 00:18 - 2016-11-02 04:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-22 00:18 - 2016-11-02 04:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-22 00:18 - 2016-11-02 04:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-22 00:18 - 2016-11-02 04:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-22 00:17 - 2016-11-02 05:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-22 00:17 - 2016-11-02 05:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-22 00:17 - 2016-11-02 05:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-22 00:17 - 2016-11-02 05:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-22 00:17 - 2016-11-02 05:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-22 00:17 - 2016-11-02 05:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-22 00:17 - 2016-11-02 05:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-22 00:17 - 2016-11-02 05:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-22 00:17 - 2016-11-02 05:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-22 00:17 - 2016-11-02 05:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-22 00:17 - 2016-11-02 05:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-22 00:17 - 2016-11-02 04:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-22 00:17 - 2016-11-02 04:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-22 00:17 - 2016-11-02 04:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-22 00:17 - 2016-11-02 04:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-22 00:17 - 2016-11-02 04:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-22 00:17 - 2016-11-02 04:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-22 00:17 - 2016-11-02 04:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-22 00:17 - 2016-11-02 04:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-22 00:17 - 2016-11-02 04:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-22 00:17 - 2016-11-02 04:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-22 00:17 - 2016-11-02 04:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-22 00:17 - 2016-11-02 04:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-22 00:17 - 2016-11-02 04:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-22 00:17 - 2016-11-02 04:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-22 00:17 - 2016-11-02 04:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-22 00:17 - 2016-11-02 04:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-22 00:17 - 2016-11-02 04:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-22 00:17 - 2016-11-02 04:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-22 00:17 - 2016-11-02 04:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-22 00:17 - 2016-11-02 04:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-22 00:17 - 2016-11-02 04:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-22 00:17 - 2016-11-02 04:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-22 00:17 - 2016-11-02 04:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-22 00:17 - 2016-11-02 04:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-22 00:17 - 2016-11-02 04:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-22 00:17 - 2016-11-02 04:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-22 00:17 - 2016-11-02 04:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-22 00:17 - 2016-11-02 04:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-22 00:17 - 2016-11-02 04:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-22 00:17 - 2016-11-02 04:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-22 00:17 - 2016-11-02 04:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-22 00:17 - 2016-11-02 04:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-22 00:17 - 2016-11-02 04:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-22 00:17 - 2016-11-02 04:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-22 00:17 - 2016-11-02 04:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-22 00:17 - 2016-11-02 04:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-22 00:17 - 2016-11-02 04:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-22 00:17 - 2016-11-02 04:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-22 00:17 - 2016-11-02 04:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-22 00:17 - 2016-11-02 04:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-22 00:17 - 2016-11-02 04:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-22 00:17 - 2016-11-02 04:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-22 00:17 - 2016-11-02 04:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-22 00:17 - 2016-11-02 04:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-22 00:17 - 2016-11-02 04:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-22 00:17 - 2016-11-02 04:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-22 00:17 - 2016-11-02 04:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-22 00:17 - 2016-11-02 04:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-22 00:17 - 2016-11-02 04:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-22 00:17 - 2016-11-02 04:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-22 00:17 - 2016-11-02 04:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-22 00:17 - 2016-11-02 04:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-22 00:17 - 2016-11-02 04:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-22 00:17 - 2016-11-02 04:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-22 00:17 - 2016-11-02 03:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-22 00:17 - 2016-11-02 03:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-22 00:16 - 2016-11-02 04:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-22 00:16 - 2016-11-02 04:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-22 00:16 - 2016-11-02 04:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-16 23:37 - 2016-06-25 17:21 - 00000000 ____D C:\Users\demozast\Desktop\FRST-OlderVersion
2016-12-16 23:37 - 2016-06-19 00:05 - 00000000 ____D C:\FRST
2016-12-16 23:37 - 2016-06-19 00:04 - 02420224 _____ (Farbar) C:\Users\demozast\Desktop\FRST64.exe
2016-12-16 23:05 - 2016-09-26 03:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-16 22:37 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-16 22:37 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-16 22:35 - 2013-01-07 18:10 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-16 22:27 - 2016-09-26 04:06 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 22:27 - 2016-09-26 04:06 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 20:52 - 2014-07-15 23:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-16 20:49 - 2014-07-15 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-16 20:49 - 2014-07-15 23:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-16 20:49 - 2013-10-06 10:08 - 00001177 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-16 20:19 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-16 20:19 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-16 20:09 - 2013-01-04 23:27 - 00000000 ____D C:\ProgramData\Kodak
2016-12-14 23:21 - 2016-09-26 03:25 - 01155994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-14 23:19 - 2016-09-26 03:26 - 00000000 ____D C:\Users\demozast
2016-12-14 23:16 - 2016-10-09 17:51 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordemozast.job
2016-12-14 23:16 - 2016-09-26 04:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-14 23:16 - 2016-09-26 03:17 - 00351128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-14 23:16 - 2016-07-16 00:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-14 23:15 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-14 21:52 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-14 21:12 - 2016-10-09 17:51 - 00003260 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordemozast
2016-12-14 20:49 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 20:28 - 2013-08-13 23:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 19:24 - 2013-01-05 23:45 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 18:39 - 2013-01-05 13:58 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-13 01:12 - 2016-07-16 05:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-13 01:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-13 01:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-13 01:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-13 01:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-13 01:12 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-13 01:12 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-13 01:12 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-13 01:12 - 2016-07-16 00:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-11 17:56 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 17:56 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 20:55 - 2016-07-16 05:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 19:06 - 2015-11-29 18:03 - 00002415 _____ C:\Users\demozast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 19:06 - 2015-11-29 18:03 - 00000000 ___RD C:\Users\demozast\OneDrive
2016-12-02 23:20 - 2013-01-04 23:19 - 00000000 ____D C:\Users\demozast\AppData\Local\Packages
2016-11-27 00:53 - 2013-06-16 22:28 - 00000000 ____D C:\Users\demozast\Desktop\ebay parts
2016-11-22 22:22 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-18 16:25 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
 
==================== Files in the root of some directories =======
 
2012-09-19 14:00 - 2012-09-19 14:00 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-09 18:24
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by demozast (16-12-2016 23:39:54)
Running from C:\Users\demozast\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-26 10:10:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3866968966-2643451653-4206778344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3866968966-2643451653-4206778344-503 - Limited - Disabled)
demozast (S-1-5-21-3866968966-2643451653-4206778344-1003 - Administrator - Enabled) => C:\Users\demozast
Guest (S-1-5-21-3866968966-2643451653-4206778344-501 - Limited - Disabled)
Kirk (S-1-5-21-3866968966-2643451653-4206778344-1001 - Administrator - Enabled) => C:\Users\Kirk
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4407 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-400 Series Printer Uninstall (HKLM\...\EPSON XP-400 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FLV Media Player version 5.1.3 (HKLM-x32\...\{E3CA6C8D-0413-4D2F-BA7A-A46D7C2594E0}_is1) (Version: 5.1.3 - M1)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\...\HPConnectedMusic) (Version: 1.1 (build 25) hp - Meridian Audio Ltd)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LTCM Client (HKLM-x32\...\LTCM Client) (Version:  - Leader Technologies Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03D7FAC3-8247-4FDE-AC6B-5375F8CCCED4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-09-29] (HP Inc.)
Task: {1E442511-22D5-4E08-A71F-6795F1251D3D} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\demozast\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {22083BDD-7D03-40EB-A8D0-6808A96DB49C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003UA => C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-08] (Facebook Inc.)
Task: {28B0E3E8-7CFE-4678-82A1-9D746A0777B4} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe
Task: {32ABFEF5-E833-4539-A8F1-5500C265F36F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {43F6A7B5-B19F-437D-B6A7-AEE6D3D3C0BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {4981A169-61C0-46CA-994B-B5523E878616} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5065ACC4-1529-4E3F-B95A-2F055A528311} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {56F195CF-23B9-40A9-91C4-CDC7BFD1B292} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {587F91CD-C1B9-4AC0-B849-27338D3D5111} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {62C9AD43-D4C1-43FA-83E8-C42D23AB0FD7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-31] (HP Inc.)
Task: {65BD54C5-738C-4B81-9143-287344568A49} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe
Task: {76A44531-7451-481A-9975-197C39523EAD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8C3263AD-56D5-4220-B506-91055892A495} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8C5DE001-412A-4AB5-AE95-7C922074C05E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D42143E-CFEC-42E0-905A-9E1F09EF04A2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8F5CD1BF-B314-4AAC-8C0D-79E4BFADC3FF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9FCD66F8-978A-45C9-81A4-112586155835} - System32\Tasks\HPCeeScheduleFordemozast => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {B7E6F5C5-CBE5-4175-BBFC-D647B206A1EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003Core => C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-08] (Facebook Inc.)
Task: {B9A59897-8F5D-4DBE-A3E5-B308464900D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BB280799-018E-411C-BE32-127D344837A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {BDB534F4-BF8B-4175-836F-54DE631C1071} - \WPD\SqmUpload_S-1-5-21-3866968966-2643451653-4206778344-1003 -> No File <==== ATTENTION
Task: {C0B39590-9683-45DA-BB9F-1FA4D28488A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {C2CF4C32-A85A-4A5E-AB58-6D45B98E84DA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C778C5AF-A173-42CB-8FAE-121EFE831954} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe
Task: {CE69A5A6-48A3-4FFE-B8A9-FC12762FE77F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CFAB031C-BC95-40A7-A81C-D747FF9E2FD6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {D60ECC5D-4F75-4496-9673-2FAABB454C01} - \WPD\SqmUpload_S-1-5-21-3866968966-2643451653-4206778344-1001 -> No File <==== ATTENTION
Task: {E1FECEAF-A268-4EB3-A86A-15D3F1094D5E} - System32\Tasks\{D7E53DC4-4693-4BFE-91CC-2611C777C295} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {E7AFC866-EF5A-42F3-BD05-4859B316B4DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003Core.job => C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003UA.job => C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFordemozast.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\demozast\AppData\Local\Microsoft\Windows\RoamingTiles\-10339220340.lnk -> hxxp://www.mmatko.com/
Shortcut: C:\Users\demozast\AppData\Local\Microsoft\Windows\RoamingTiles\-16340558900.lnk -> hxxp://we-crash.proboards.com/index.cgi
Shortcut: C:\Users\demozast\AppData\Local\Microsoft\Windows\RoamingTiles\20039258040.lnk -> hxxp://www.ebay.com/
Shortcut: C:\Users\demozast\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.com
 
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-10339220340.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x9d2f7f76 -pinnedTimeHigh 0x01cdeb0e -securityFlags 0x00000000 -url 0x00000016 hxxp://www.mmatko.com/
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-16340558900.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xbf0a539e -pinnedTimeHigh 0x01cdeb69 -securityFlags 0x00000000 -url 0x00000027 hxxp://we-crash.proboards.com/index.cgi
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17410224730.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xef18e22c -pinnedTimeHigh 0x01cdeb0d -securityFlags 0x00000000 -url 0x0000002b hxxps://www.netit.financial-net.com/hcpfcu/
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\20039258040.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x8ba2f0c6 -pinnedTimeHigh 0x01cdeb10 -securityFlags 0x00000000 -url 0x00000014 hxxp://www.ebay.com/
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\4867468330.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x63a44039 -pinnedTimeHigh 0x01cdeb0e -securityFlags 0x00000000 -url 0x0000003d hxxps://www.paypal.com/us/cgi-bin/webscr?cmd=_account&nav=0.0
ShortcutWithArgument: C:\Users\demozast\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\9176798760.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x79795daf -pinnedTimeHigh 0x01cdeb0c -securityFlags 0x00000000 -url 0x00000019 hxxps://www.facebook.com/
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 19:11 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 19:11 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-09 19:04 - 2016-12-09 19:04 - 01678560 _____ () C:\Users\demozast\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-29 01:18 - 2016-09-06 22:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 19:10 - 2016-12-09 03:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-22 00:17 - 2016-11-02 04:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-22 00:18 - 2016-11-02 04:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-22 00:17 - 2016-11-02 04:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-22 00:17 - 2016-11-02 04:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-22 00:17 - 2016-11-02 04:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-22 00:17 - 2016-11-02 04:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-12-09 19:04 - 2016-12-09 19:04 - 01244376 _____ () C:\Users\demozast\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2012-09-19 13:10 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-16 22:35 - 2016-12-08 01:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-16 22:35 - 2016-12-08 01:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\...\financial-net.com -> hxxps://www.ea.netit.financial-net.com
IE trusted site: HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\...\netitfinancial-net.com -> hxxps://www.netitfinancial-net.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3866968966-2643451653-4206778344-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_Svinoya_Norway_Sunset.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{BA916B22-C861-4B73-8935-E2D54E73D5D5}] => LPort=53000
FirewallRules: [{ACC502FC-EC6E-4BDA-BE83-BED8730A510F}] => LPort=52000
FirewallRules: [{9A1AAE40-1628-4430-AB31-53B63108608E}] => C:\Users\demozast\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{0324464B-0A18-4256-A303-B9E1DF6B28FD}] => C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{8ED31D95-B74D-4C1B-BEC7-3F3145122A6D}] => C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{D718A08A-CE57-4617-BF45-95826F90C6D3}] => C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{79ECC238-13EC-4B70-850D-68B35206F2FD}] => C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{6148320F-80AA-4BAB-83A5-9EA5C647FF00}] => C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{7F377744-3512-4FEA-A682-B8074EF47D47}] => C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{70CCEC3A-EF3E-41D1-BB1A-B636323BE3A2}] => C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{2A92337D-A319-4128-9781-AD65345DE530}] => C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{BC849640-5DC6-4776-96E3-971AAD1B47BD}] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{067CE335-B481-462D-A0F0-0B02AAF99C8A}] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{B11E3C73-6DF0-4420-AC1C-98FCB2FD3E49}] => LPort=9322
FirewallRules: [UDP Query User{8F3FA3B4-2D46-460D-AA07-3863187ADA1B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{87497ABC-3567-454E-A06F-3097443D3BC4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{C801C2D2-2582-4A06-B534-052FDBE87018}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{D1022B5D-8D68-4C88-AEEE-A7696F226F5D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{8074209F-85ED-4F91-9D3A-D669004A14D7}] => C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{A310D3C7-2193-4767-A940-D8EF30644753}] => C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{264A10F7-AC56-40D0-9E55-64EF74B068E2}] => E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{2A73AA65-48E3-452D-B33F-9D4C48D54EFA}] => E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{A75038AB-F3D6-4FD5-B11F-C6967913A1C1}] => LPort=5353
FirewallRules: [{56FF84A5-E09B-4643-A05B-37023DC0CE4B}] => LPort=9322
FirewallRules: [{213A1504-F722-4848-BB1C-DC9E62BFFD4C}] => LPort=5353
FirewallRules: [UDP Query User{79BBBC2A-BC04-4DFF-B225-6480163A02F3}C:\users\demozast\appdata\local\hpconnectedmusic\application\hpconnectedmusic.exe] => C:\users\demozast\appdata\local\hpconnectedmusic\application\hpconnectedmusic.exe
FirewallRules: [TCP Query User{B7DD96D7-0AF9-4D3A-967E-08EBE4C8EC5E}C:\users\demozast\appdata\local\hpconnectedmusic\application\hpconnectedmusic.exe] => C:\users\demozast\appdata\local\hpconnectedmusic\application\hpconnectedmusic.exe
FirewallRules: [{186F95C2-82CB-471D-BEE4-15883CEC1B7C}] => LPort=1900
FirewallRules: [{22EAFE59-855B-49A6-9B20-00FFD2573F39}] => LPort=2869
FirewallRules: [{7470477E-E167-47B7-A69C-263F93DA42C7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E3A8AFB8-D012-4B7B-9B8B-DBD88B68FD0E}] => c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F0B516A0-1D8D-43CA-9CEA-EECAA0E27C7F}] => c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{027CC838-274E-4AC6-B5C7-1CF73AD910AD}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{289AC9B4-8FC8-47B7-9DB5-AA03AA66B48B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{99D7A69B-17E4-4102-B434-AFFEB4119085}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6432DED6-5D3E-4629-BB20-1C0163832190}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4B80C8E7-EBE4-4D81-82C4-EF551EB3589D}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{F629912D-C039-4C5D-9596-CD32482F8017}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
28-11-2016 21:39:26 Scheduled Checkpoint
07-12-2016 07:07:20 Scheduled Checkpoint
14-12-2016 19:22:39 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/15/2016 05:26:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 20.0.168.192.in-addr.arpa. PTR Kirks.local.
 
Error: (12/15/2016 05:26:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.20:5353   15 20.0.168.192.in-addr.arpa. PTR Kirks-2.local.
 
Error: (12/14/2016 11:14:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_ProfSvc, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: combase.dll, version: 10.0.14393.479, time stamp: 0x582589b6
Exception code: 0xc0000005
Fault offset: 0x00000000000b071c
Faulting process id: 0x50c
Faulting application start time: 0x01d255109c31be76
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 2a016704-1c8b-4475-9106-17e25085f8cb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/14/2016 10:53:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 20.0.168.192.in-addr.arpa. PTR Kirks.local.
 
Error: (12/14/2016 10:53:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.20:5353   15 20.0.168.192.in-addr.arpa. PTR Kirks-2.local.
 
Error: (12/14/2016 09:48:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 20.0.168.192.in-addr.arpa. PTR Kirks.local.
 
Error: (12/14/2016 09:48:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.20:5353   15 20.0.168.192.in-addr.arpa. PTR Kirks-2.local.
 
Error: (12/14/2016 09:11:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 20.0.168.192.in-addr.arpa. PTR Kirks.local.
 
Error: (12/14/2016 09:11:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.20:5353   15 20.0.168.192.in-addr.arpa. PTR Kirks-2.local.
 
Error: (12/14/2016 09:04:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7438
 
 
System errors:
=============
Error: (12/16/2016 10:42:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (12/16/2016 10:39:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/16/2016 09:48:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Microsoft Office File Validation Add-in.
 
Error: (12/16/2016 08:06:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (12/15/2016 08:51:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/15/2016 06:25:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
 
Error: (12/15/2016 06:21:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 11:14:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (12/14/2016 11:14:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications System Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (12/14/2016 11:14:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-16 21:16:36.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-16 21:16:36.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-16 21:16:36.550
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-16 21:16:31.163
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-16 21:16:30.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-15 19:03:56.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-15 19:03:56.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-15 19:03:56.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-15 19:03:55.030
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-15 19:03:55.024
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD E1-1200 APU with Radeon™ HD Graphics
Percentage of memory in use: 43%
Total physical RAM: 3660.09 MB
Available physical RAM: 2072.72 MB
Total Virtual: 4300.09 MB
Available Virtual: 2400.42 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:444.06 GB) (Free:400.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.78 GB) (Free:2.47 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DA981CF9)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP
Clear the Java Cache by following the instructions on
 
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 51 
 
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
 
If you feel you must have Java:
Get the latest Java at:
 
Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
 
(If you also want the 64 bit version then use the 64 bit version of IE to get it.)
 
Also uninstall Bonjour as it is not working correctly.  
 
Let's see if we can figure out what is going on:
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 
TASKLIST  /SVC  >  \junk.txt
notepad  \junk.txt
 
Open an Elevated Command Prompt:
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 
 
 
 

  • 0

#3
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Here are the 2 reports you wanted to see.  I tried with the command prompt, but it said access denied after the 1st line and then opened a blank notepad on the 2nd.
 
Thanks in advance :)
 
 
 
Summary
Operating System
Windows 10 Home 64-bit
CPU
AMD E1-1200
Zacate 40nm Technology
RAM
4.00GB DDR3 @ 533MHz (7-7-7-19)
Motherboard
Quanta 2AF5 (P0)
Graphics
HP Omni / Pro ([email protected])
384MB ATI AMD Radeon HD 7310 Graphics (HP) 53 °C
Storage
465GB Seagate ST3500413AS (SATA) 37 °C
14GB OLYMPUS VR340,D750 USB Device (USB)
Optical Drives
hp DVD A DS8A8SH
Audio
Realtek High Definition Audio
Operating System
Windows 10 Home 64-bit
Computer type: Desktop
Installation Date: 9/26/2016 5:10:48 AM
 
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Enabled
Display Name Windows Defender
Virus Signature Database Up to date
.NET Frameworks installed
v4.6 Full
v4.6 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 11.576.14393.0
PowerShell
Version 5.1.14393.0
Environment Variables
USERPROFILE C:\Users\demozast
SystemRoot C:\WINDOWS
User Variables
OneDrive C:\Users\demozast\OneDrive
Path C:\Users\demozast\AppData\Local\Microsoft\WindowsApps
TEMP C:\Users\demozast\AppData\Local\Temp
TMP C:\Users\demozast\AppData\Local\Temp
Machine Variables
AMDAPPSDKROOT c:\Program Files (x86)\AMD APP\
ComSpec C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK NO
KDS_LANGUAGE 13
NUMBER_OF_PROCESSORS 2
OnlineServices Online Services
OS Windows_NT
Path c:\Program Files (x86)\AMD APP\bin\x86_64
c:\Program Files (x86)\AMD APP\bin\x86
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\WINDOWS\System32\WindowsPowerShell\v1.0\
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
Platform HPD
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL 20
PROCESSOR_REVISION 0200
PSModulePath C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
USERNAME SYSTEM
windir C:\WINDOWS
Power Profile
Active power scheme ENERGY STAR Qualified
Hibernation Enabled
Turn Off Monitor after: (On AC Power) 10 min
Turn Off Hard Disk after: (On AC Power) 20 min
Suspend after: (On AC Power) 20 min
Screen saver Disabled
Uptime
Current Session
Current Time 12/18/2016 12:16:59 AM
Current Uptime 262,830 sec (3 d, 01 h, 00 m, 30 s)
Last Boot Time 12/14/2016 11:16:29 PM
Services
Running AMD External Events Utility
Running AMD FUEL Service
Running Andrea RT Filters Service
Running Application Host Helper Service
Running Application Information
Running AppX Deployment Service (AppXSVC)
Running Background Intelligent Transfer Service
Running Background Tasks Infrastructure Service
Running Base Filtering Engine
Running CDPUserSvc_299ce2e
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Connected Devices Platform Service
Running Connected User Experiences and Telemetry
Running Contact Data_299ce2e
Running CoreMessaging
Running Credential Manager
Running Cryptographic Services
Running Data Sharing Service
Running DCOM Server Process Launcher
Running Device Association Service
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Epson Scanner Service
Running EpsonBidirectionalService
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Geolocation Service
Running HomeGroup Provider
Running HP Support Assistant Service
Running Human Interface Device Service
Running IconMan_R
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running Kodak AiO Network Discovery Service
Running Kodak AiO Status Monitor Service
Running Local Session Manager
Running Network Connected Devices Auto-Setup
Running Network Connection Broker
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Radio Management Service
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running State Repository Service
Running Storage Service
Running Superfetch
Running Sync Host_299ce2e
Running System Event Notification Service
Running System Events Broker
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running Tile Data model server
Running Time Broker
Running User Data Access_299ce2e
Running User Data Storage_299ce2e
Running User Manager
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connect Now - Config Registrar
Running Windows Connection Manager
Running Windows Defender Network Inspection Service
Running Windows Defender Service
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows License Manager Service
Running Windows Management Instrumentation
Running Windows Push Notifications System Service
Running Windows Search
Running Windows Time
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped AllJoyn Router Service
Stopped App Readiness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped ASP.NET State Service
Stopped Auto Time Zone Updater
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Handsfree Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped Client License Service (ClipSVC)
Stopped COM+ System Application
Stopped DataCollectionPublishingService
Stopped Delivery Optimization
Stopped Device Install Service
Stopped Device Management Enrollment Service
Stopped Device Setup Manager
Stopped DevQuery Background Discovery Broker
Stopped Distributed Transaction Coordinator
Stopped dmwappushsvc
Stopped Downloaded Maps Manager
Stopped Embedded Mode
Stopped Encrypting File System (EFS)
Stopped Enterprise App Management Service
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped File History Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Group Policy Client
Stopped HomeGroup Listener
Stopped HP Software Framework Service
Stopped HV Host Service
Stopped Hyper-V Data Exchange Service
Stopped Hyper-V Guest Service Interface
Stopped Hyper-V Guest Shutdown Service
Stopped Hyper-V Heartbeat Service
Stopped Hyper-V PowerShell Direct Service
Stopped Hyper-V Remote Desktop Virtualization Service
Stopped Hyper-V Time Synchronization Service
Stopped Hyper-V Volume Shadow Copy Requestor
Stopped Infrared monitor service
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped MessagingService_299ce2e
Stopped Microsoft Diagnostics Hub Standard Collector Service
Stopped Microsoft Account Sign-in Assistant
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped Microsoft Passport
Stopped Microsoft Passport Container
Stopped Microsoft Software Shadow Copy Provider
Stopped Microsoft Storage Spaces SMP
Stopped Microsoft Windows SMS Router Service.
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Connections
Stopped Network Connectivity Assistant
Stopped Network Setup Service
Stopped Office Source Engine
Stopped Optimize drives
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped Phone Service
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Printer Extensions and Notifications
Stopped Problem Reports and Solutions Control Panel Support
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Retail Demo Service
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Secure Socket Tunneling Protocol Service
Stopped Sensor Data Service
Stopped Sensor Monitoring Service
Stopped Sensor Service
Stopped Shared PC Account Manager
Stopped Smart Card
Stopped Smart Card Device Enumeration Service
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped Spot Verifier
Stopped Still Image Acquisition Events
Stopped Storage Tiers Management
Stopped Telephony
Stopped Touch Keyboard and Handwriting Panel Service
Stopped Update Orchestrator Service for Windows Update
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped W3C Logging Service
Stopped WalletService
Stopped WebClient
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows Camera Frame Server
Stopped Windows Encryption Provider Host Service
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Insider Service
Stopped Windows Installer
Stopped Windows Media Player Network Sharing Service
Stopped Windows Mobile Hotspot Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Process Activation Service
Stopped Windows Push Notifications User Service_299ce2e
Stopped Windows Remote Management (WS-Management)
Stopped Wired AutoConfig
Stopped Work Folders
Stopped WWAN AutoConfig
Stopped Xbox Live Auth Manager
Stopped Xbox Live Game Save
Stopped Xbox Live Networking Service
TimeZone
TimeZone GMT -6:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
12/18/2016 12:32 AM; GoogleUpdateTaskMachineUA
12/18/2016 3:01 AM; FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003UA
12/18/2016 5:08 AM; OneDrive Standalone Update Task v2
12/18/2016 9:01 PM; FacebookUpdateTaskUserS-1-5-21-3866968966-2643451653-4206778344-1003Core
12/18/2016 9:12 PM; HPCeeScheduleFordemozast
12/18/2016 10:32 PM; GoogleUpdateTaskMachineCore
12/19/2016 3:42 AM; OneDrive Standalone Update Task
Optimize Start Menu Cache Files-S-1-5-21-3866968966-2643451653-4206778344-1001
Optimize Start Menu Cache Files-S-1-5-21-3866968966-2643451653-4206778344-1003
Hotfixes
Installed
12/18/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2562.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/17/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2473.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/17/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2473.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/15/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2285.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/15/2016  Security Update for Adobe Flash Player for Windows 10 Version 1607 (for x64-based Systems) (KB3209498)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/15/2016  Security Update for Microsoft Office Excel 2007 (KB3128019)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/15/2016  Security Update for Microsoft Office 2007 suites (KB3128020)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/15/2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128022)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
12/15/2016  Security Update for Microsoft Office Word 2007 (KB3128025)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/15/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3206632)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
12/15/2016  Security Update for Microsoft Office 2007 suites (KB2883033)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
12/15/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - December 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
12/15/2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128024)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
12/14/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2217.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2109.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.2098.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/13/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3201845)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
12/10/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1854.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/9/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1768.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/7/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1547.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/6/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1442.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/4/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1360.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/4/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1316.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/3/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1211.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
12/2/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.1128.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/29/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.841.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/28/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.768.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/26/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.657.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/25/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.582.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/24/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.474.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/23/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.370.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/23/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3200970)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/22/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.278.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/21/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.200.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/20/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.148.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/20/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.148.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/18/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.65.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/18/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.233.65.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/17/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.2177.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/14/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1895.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/13/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1871.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/12/2016  Security Update for Adobe Flash Player for Windows 10 Version 1607 (for x64-based Systems) (KB3202790)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/12/2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3127889)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
11/12/2016  Security Update for Microsoft Office 2007 suites (KB2986253)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/12/2016  Security Update for Microsoft Office Excel 2007 (KB3118395)
A security vulnerability exists in Microsoft Office Excel 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/12/2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3127948)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
11/12/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2, 2016 x64 Edition - November 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
11/12/2016  Security Update for Microsoft Office 2007 suites (KB3118396)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/12/2016  Security Update for Microsoft Office Word 2007 (KB3127949)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11/12/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1771.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/11/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1690.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/8/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1459.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/5/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1221.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/5/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1216.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/4/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1139.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/4/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1134.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/3/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.1052.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/2/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.959.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
11/1/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.890.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/31/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.820.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/30/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.779.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/29/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.723.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/29/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.688.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/28/2016  Security Update for Adobe Flash Player for Windows 10 Version 1607 (for x64-based Systems) (KB3201860)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/28/2016  Update for Windows 10 Version 1607 for x64-based Systems (KB3199986)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/28/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3197954)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/28/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.566.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/27/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.502.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/26/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.413.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/24/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.261.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/23/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.216.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/22/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.182.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/21/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.87.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/20/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.22.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/20/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.18.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/19/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.2021.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/18/2016  Update for Windows 10 Version 1607 for x64-based Systems (KB3199209)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/18/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1943.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/16/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/16/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1814.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/15/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/15/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1736.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/14/2016  Security Update for Microsoft Office 2007 suites (KB3118301)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/14/2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3118307)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
10/14/2016  Security Update for Microsoft Office Word 2007 (KB3118308)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
10/14/2016  Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - October 2016 (KB890830)
After the download, this tool runs one time to check your computer
for infection by specific, prevalent malicious software (including
Blaster, Sasser, and Mydoom) and helps remove any infection that
is found. If an infection is found, the tool will display a status
report the next time that you start your computer. A new version
of the tool will be offered every month. If you want to manually
run the tool on your computer, you can download a copy from the
Microsoft Download Center, or you can run an online version from
microsoft.com. This tool is not a replacement for an antivirus
product. To help protect your computer, you should use an antivirus
product.
10/14/2016  Security Update for Microsoft Silverlight (KB3193713)
This security update to Silverlight includes fixes outlined in
KB 3193713. This update is backward compatible with web applications
built using previous versions of Silverlight.
10/14/2016  Security Update for Adobe Flash Player for Windows 10 Version 1607 (for x64-based Systems) (KB3194343)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/14/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1662.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/12/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1571.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/10/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1296.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/9/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1218.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/8/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1182.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/7/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1054.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/6/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194496)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/6/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.962.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/3/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.776.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/2/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.709.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/1/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.645.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/30/2016  Update for Windows 10 Version 1607 for x64-based Systems (KB3176936)
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
9/30/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3193494)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/30/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.545.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2016  Security Update for Adobe Flash Player for Windows 10 Version 1607 for x64-based Systems (KB3188128)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/26/2016  Feature update to Windows 10, version 1607
Install the anniversary version of Windows.
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
12/30/1899  
Not Installed
12/17/2016  Microsoft Office File Validation Add-in
Installation Status Failed
Microsoft Office File Validation is a security add-in for Office
2003 and 2007. Office File Validation is used to validate that
Binary File Format files conform to the Microsoft Office File
Format. The user will be notified of possible security risks
if files fail to conform to the format.
11/22/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3200970)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/13/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3200970)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11/12/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3200970)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/22/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.231.151.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/14/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194798)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
10/6/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.1034.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
10/3/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194496)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
10/1/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3194496)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
9/30/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.400.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.400.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2016  Definition Update for Windows Defender - KB2267602 (Definition 1.229.400.0)
Installation Status Failed
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
9/29/2016  Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3193494)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
9/29/2016  Update for Windows 10 Version 1607 for x64-based Systems (KB3176936)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
System Folders
Application Data C:\ProgramData
Cookies C:\Users\demozast\AppData\Local\Microsoft\Windows\INetCookies
Desktop C:\Users\demozast\Desktop
Documents C:\Users\Public\Documents
Fonts C:\WINDOWS\Fonts
Global Favorites C:\Users\demozast\Favorites
Internet History C:\Users\demozast\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\demozast\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\demozast\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\demozast\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\demozast\AppData\Local\Microsoft\Windows\INetCache
User Favorites C:\Users\demozast\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Process List
AERTSr64.exe
Process ID 2172
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
Memory Usage 688 KB
Peak Memory Usage 3.03 MB
ApplicationFrameHost.exe
Process ID 9084
User demozast
Domain Kirks
Path C:\Windows\System32\ApplicationFrameHost.exe
Memory Usage 13 MB
Peak Memory Usage 22 MB
atieclxx.exe
Process ID 4572
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\atieclxx.exe
Memory Usage 3.49 MB
Peak Memory Usage 9.51 MB
atiesrxx.exe
Process ID 1160
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\atiesrxx.exe
Memory Usage 1.33 MB
Peak Memory Usage 5.74 MB
audiodg.exe
Process ID 6024
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\audiodg.exe
Memory Usage 13 MB
Peak Memory Usage 17 MB
backgroundTaskHost.exe
Process ID 4784
User demozast
Domain Kirks
Path C:\Windows\System32\backgroundTaskHost.exe
Memory Usage 22 MB
Peak Memory Usage 41 MB
CCC.exe
Process ID 6604
User demozast
Domain Kirks
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 11 MB
Peak Memory Usage 87 MB
chrome.exe
Process ID 5892
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 114 MB
Peak Memory Usage 146 MB
chrome.exe
Process ID 2972
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 48 MB
Peak Memory Usage 53 MB
chrome.exe
Process ID 4880
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 176 MB
Peak Memory Usage 229 MB
chrome.exe
Process ID 4512
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 47 MB
Peak Memory Usage 67 MB
chrome.exe
Process ID 8288
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 8.15 MB
Peak Memory Usage 8.95 MB
chrome.exe
Process ID 7124
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 7.45 MB
Peak Memory Usage 8.10 MB
chrome.exe
Process ID 1544
User demozast
Domain Kirks
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 93 MB
Peak Memory Usage 111 MB
CLMLSvc_P2G8.exe
Process ID 1100
User demozast
Domain Kirks
Path C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
Memory Usage 2.40 MB
Peak Memory Usage 11 MB
CompatTelRunner.exe
Process ID 5008
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\CompatTelRunner.exe
Memory Usage 17 MB
Peak Memory Usage 30 MB
CompatTelRunner.exe
Process ID 6240
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\CompatTelRunner.exe
Memory Usage 17 MB
Peak Memory Usage 30 MB
conhost.exe
Process ID 7248
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\conhost.exe
Memory Usage 5.88 MB
Peak Memory Usage 5.88 MB
conhost.exe
Process ID 2688
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\conhost.exe
Memory Usage 5.88 MB
Peak Memory Usage 5.88 MB
csrss.exe
Process ID 512
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 2.26 MB
Peak Memory Usage 38 MB
csrss.exe
Process ID 6184
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 3.57 MB
Peak Memory Usage 14 MB
dasHost.exe
Process ID 1928
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\dasHost.exe
Memory Usage 7.70 MB
Peak Memory Usage 13 MB
dllhost.exe
Process ID 5680
User demozast
Domain Kirks
Path C:\Windows\System32\dllhost.exe
Memory Usage 9.67 MB
Peak Memory Usage 17 MB
dllhost.exe
Process ID 2968
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\dllhost.exe
Memory Usage 6.21 MB
Peak Memory Usage 6.21 MB
dllhost.exe
Process ID 4344
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\dllhost.exe
Memory Usage 5.82 MB
Peak Memory Usage 5.82 MB
dwm.exe
Process ID 7552
User DWM-2
Domain Window Manager
Path C:\Windows\System32\dwm.exe
Memory Usage 31 MB
Peak Memory Usage 59 MB
eEBSvc.exe
Process ID 2244
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
Memory Usage 1.53 MB
Peak Memory Usage 7.75 MB
EEventManager.exe
Process ID 1220
User demozast
Domain Kirks
Path C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
Memory Usage 4.01 MB
Peak Memory Usage 19 MB
EKAiOHostService.exe
Process ID 2296
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
Memory Usage 14 MB
Peak Memory Usage 27 MB
EKPrinterSDK.exe
Process ID 2308
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
Memory Usage 2.37 MB
Peak Memory Usage 7.61 MB
escsvc64.exe
Process ID 3028
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\escsvc64.exe
Memory Usage 1.09 MB
Peak Memory Usage 7.71 MB
explorer.exe
Process ID 7012
User demozast
Domain Kirks
Path C:\Windows\explorer.exe
Memory Usage 91 MB
Peak Memory Usage 142 MB
explorer.exe
Process ID 1028
User demozast
Domain Kirks
Path C:\Windows\explorer.exe
Memory Usage 27 MB
Peak Memory Usage 42 MB
FacebookUpdate.exe
Process ID 7952
User demozast
Domain Kirks
Path C:\Users\demozast\AppData\Local\Facebook\Update\FacebookUpdate.exe
Memory Usage 1.70 MB
Peak Memory Usage 8.77 MB
fontdrvhost.exe
Process ID 4188
Path C:\Windows\System32\fontdrvhost.exe
Memory Usage 3.26 MB
Peak Memory Usage 3.34 MB
Fuel.Service.exe
Process ID 2180
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Memory Usage 2.65 MB
Peak Memory Usage 8.69 MB
HPSA_Service.exe
Process ID 3040
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
Memory Usage 5.27 MB
Peak Memory Usage 22 MB
lsass.exe
Process ID 676
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\lsass.exe
Memory Usage 9.47 MB
Peak Memory Usage 13 MB
Memory Compression
Process ID 2592
User SYSTEM
Domain NT AUTHORITY
Memory Usage 65 MB
Peak Memory Usage 100 MB
MOM.exe
Process ID 5708
User demozast
Domain Kirks
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 4.32 MB
Peak Memory Usage 29 MB
MpCmdRun.exe
Process ID 7736
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Defender\MpCmdRun.exe
Memory Usage 7.25 MB
Peak Memory Usage 11 MB
MSASCuiL.exe
Process ID 1452
User demozast
Domain Kirks
Path C:\Program Files\Windows Defender\MSASCuiL.exe
Memory Usage 3.20 MB
Peak Memory Usage 13 MB
MsMpEng.exe
Process ID 2428
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Windows Defender\MsMpEng.exe
Memory Usage 102 MB
Peak Memory Usage 523 MB
NisSrv.exe
Process ID 4008
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Defender\NisSrv.exe
Memory Usage 12 MB
Peak Memory Usage 42 MB
OneDrive.exe
Process ID 6292
User demozast
Domain Kirks
Path C:\Users\demozast\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Memory Usage 8.56 MB
Peak Memory Usage 26 MB
RIconMan.exe
Process ID 2080
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
Memory Usage 2.40 MB
Peak Memory Usage 8.41 MB
RtkNGUI64.exe
Process ID 7624
User demozast
Domain Kirks
Path C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Memory Usage 3.45 MB
Peak Memory Usage 12 MB
RuntimeBroker.exe
Process ID 3388
User demozast
Domain Kirks
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 28 MB
Peak Memory Usage 53 MB
SearchIndexer.exe
Process ID 2320
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchIndexer.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
SearchProtocolHost.exe
Process ID 6164
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchProtocolHost.exe
Memory Usage 15 MB
Peak Memory Usage 17 MB
SearchUI.exe
Process ID 9020
User demozast
Domain Kirks
Path C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Memory Usage 37 MB
Peak Memory Usage 110 MB
services.exe
Process ID 668
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\services.exe
Memory Usage 6.13 MB
Peak Memory Usage 7.46 MB
ShellExperienceHost.exe
Process ID 4828
User demozast
Domain Kirks
Path C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Memory Usage 36 MB
Peak Memory Usage 83 MB
sihost.exe
Process ID 1648
User demozast
Domain Kirks
Path C:\Windows\System32\sihost.exe
Memory Usage 14 MB
Peak Memory Usage 20 MB
SkypeHost.exe
Process ID 4816
User demozast
Domain Kirks
Path C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Memory Usage 10 MB
Peak Memory Usage 20 MB
smartscreen.exe
Process ID 6672
User demozast
Domain Kirks
Path C:\Windows\System32\smartscreen.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
smss.exe
Process ID 364
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\smss.exe
Memory Usage 444 KB
Peak Memory Usage 1.14 MB
Speccy64.exe
Process ID 5780
User demozast
Domain Kirks
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 283 MB
Peak Memory Usage 283 MB
spoolsv.exe
Process ID 1704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 18 MB
Peak Memory Usage 36 MB
svchost.exe
Process ID 2252
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.05 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 2420
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 1496
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.66 MB
Peak Memory Usage 7.75 MB
svchost.exe
Process ID 8100
User demozast
Domain Kirks
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 748
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 54 MB
svchost.exe
Process ID 8944
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 35 MB
svchost.exe
Process ID 760
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 868
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.24 MB
Peak Memory Usage 9.40 MB
svchost.exe
Process ID 456
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 70 MB
Peak Memory Usage 101 MB
svchost.exe
Process ID 432
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 24 MB
svchost.exe
Process ID 1076
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 29 MB
svchost.exe
Process ID 1208
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 72 MB
svchost.exe
Process ID 1048
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.33 MB
Peak Memory Usage 7.40 MB
svchost.exe
Process ID 1232
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 47 MB
Peak Memory Usage 276 MB
svchost.exe
Process ID 1424
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.95 MB
Peak Memory Usage 7.66 MB
svchost.exe
Process ID 1504
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.09 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 1628
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 1324
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.94 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 2196
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 2.99 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 2220
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 28 MB
System
Process ID 4
Memory Usage 16 MB
Peak Memory Usage 16 MB
System Idle Process
Process ID 0
SystemSettings.exe
Process ID 3352
User demozast
Domain Kirks
Path C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Memory Usage 74 MB
Peak Memory Usage 95 MB
taskhostw.exe
Process ID 3068
User demozast
Domain Kirks
Path C:\Windows\System32\taskhostw.exe
Memory Usage 13 MB
Peak Memory Usage 19 MB
wininit.exe
Process ID 604
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wininit.exe
Memory Usage 2.53 MB
Peak Memory Usage 5.06 MB
winlogon.exe
Process ID 1716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\winlogon.exe
Memory Usage 5.08 MB
Peak Memory Usage 13 MB
WmiApSrv.exe
Process ID 9100
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiApSrv.exe
Memory Usage 7.84 MB
Peak Memory Usage 7.84 MB
WmiPrvSE.exe
Process ID 6276
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 24 MB
Peak Memory Usage 24 MB
WmiPrvSE.exe
Process ID 1908
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 23 MB
Peak Memory Usage 24 MB
WUDFHost.exe
Process ID 5764
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 3.00 MB
Peak Memory Usage 8.45 MB
YCMMirage.exe
Process ID 6952
User demozast
Domain Kirks
Path C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Memory Usage 3.68 MB
Peak Memory Usage 9.10 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Block Microsoft accounts Not Defined
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Machine account lockout threshold Not Defined
Interactive logon: Machine inactivity limit Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session Not Defined
Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Restrict clients allowed to make remote calls to SAM
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network security: Allow PKU2U authentication requests to this computer to use online identities.
 
Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Not Defined
Recovery console: Allow floppy copy and access to all drives and all folders Not Defined
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Not Defined
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fixed Feature Button
ACPI Power Button
AMD E1-1200 APU with Radeon HD Graphics
AMD E1-1200 APU with Radeon HD Graphics
High precision event timer
Motherboard resources
System board
PCI Express Root Complex
AMD SMBus
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI-to-PCI Bridge
System board
PCI standard host CPU bridge
Motherboard resources
AMD Radeon HD 7310 Graphics
Generic PnP Monitor
Standard SATA AHCI Controller
hp DVD A DS8A8SH
ST3500413AS
Standard OpenHCD USB Host Controller
USB Root Hub
USB Composite Device
USB Input Device
HID Keyboard Device
USB Input Device
HID-compliant consumer control device
HID-compliant system controller
USB Input Device
HID-compliant device
HID-compliant mouse
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Composite Device
HP High Definition 1MP Webcam
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
OLYMPUS VR340,D750 USB Device
High Definition Audio Controller
Realtek High Definition Audio
Microphone (Realtek High Definition Audio)
Speakers (Realtek High Definition Audio)
PCI standard ISA bridge
Direct memory access controller
Microsoft ACPI-Compliant Embedded Controller
Motherboard resources
Motherboard resources
Motherboard resources
Numeric data processor
Programmable interrupt controller
System CMOS/real time clock
System speaker
System timer
Standard OpenHCD USB Host Controller
USB Root Hub
PCI-to-PCI Bridge
Ralink RT5390R 802.11bgn Wi-Fi Adapter
Microsoft Wi-Fi Direct Virtual Adapter
PCI-to-PCI Bridge
Realtek PCIe FE Family Controller
PCI-to-PCI Bridge
Realtek PCIE CardReader
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
CPU
AMD E1-1200
Cores 2
Threads 2
Name AMD E1-1200
Code Name Zacate
Package Socket FT1 BGA
Technology 40nm
Specification AMD E1-1200 APU with Radeon HD Graphics
Family F
Extended Family 14
Model 2
Extended Model 2
Stepping 0
Revision ON-C0
Instructions MMX (+), SSE, SSE2, SSE3, SSSE3, SSE4A, AMD 64, NX, VMX
Virtualization Supported, Enabled
Hyperthreading Not supported
Stock Core Speed 1400 MHz
Stock Bus Speed 100 MHz
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2 x 512 KBytes
Cores
Core 0
Core Speed 777.7 MHz
Multiplier x 7.78
Bus Speed 100.0 MHz
Threads APIC ID: 0
Core 1
Core Speed 777.7 MHz
Multiplier x 7.78
Bus Speed 100.0 MHz
Threads APIC ID: 1
RAM
Memory slots
Total memory slots 2
Used memory slots 1
Free memory slots 1
Memory
Type DDR3
Size 4096 MBytes
DRAM Frequency 533.3 MHz
CAS# Latency (CL) 7 clocks
RAS# to CAS# Delay (tRCD) 7 clocks
RAS# Precharge (tRP) 7 clocks
Cycle Time (tRAS) 19 clocks
Bank Cycle Time (tRC) 26 clocks
Physical Memory
Memory Usage 56 %
Total Physical 3.57 GB
Available Physical 1.55 GB
Total Virtual 4.20 GB
Available Virtual 1.76 GB
SPD
Number Of SPD Modules 1
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Samsung
Max Bandwidth PC3-12800 (800 MHz)
Part Number M471B5273CH0-CK0
Serial Number 2541500039
Week/year 27 / 12
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 22
Voltage 1.500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 26
Voltage 1.500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.500 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1.500 V
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 27
tRC 37
Voltage 1.500 V
JEDEC #7
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 39
Voltage 1.500 V
Motherboard
Manufacturer Quanta
Model 2AF5 (P0)
Version 011
Chipset Vendor AMD
Chipset Model K12 IMC
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model SB850
Southbridge Revision 40
BIOS
Brand AMI
Version 8.03
Date 9/4/2012
PCI Data
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x16
Slot Designation J6B2
Characteristics 3.3V, Shared, PME
Slot Number 0
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J6B1
Characteristics 3.3V, Shared, PME
Slot Number 1
Slot PCI-E
Slot Type PCI-E
Slot Usage In Use
Data lanes x1
Slot Designation J6D1
Characteristics 3.3V, Shared, PME
Slot Number 2
Graphics
Monitor
Name HP Omni / Pro on AMD Radeon HD 7310 Graphics
Current Resolution 1600x900 pixels
Work Resolution 1600x860 pixels
State Enabled, Primary
Monitor Width 1600
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI AMD Radeon HD 7310 Graphics
Manufacturer ATI
Model AMD Radeon HD 7310 Graphics
GPU Wrestler
Device ID 1002-9809
Subvendor HP (103C)
Current Performance Level Level 0
Current GPU Clock 280 MHz
Current Memory Clock 533 MHz
Current Shader Clock 533 MHz
Voltage 0.850 V
Die Size 59 mm²
Transistors 59 M
Release Date Jun 2012
DirectX Support 11.0
GPU Clock 500.0 MHz
Temperature 53 °C
Core Voltage 0.850 V
Driver version 15.201.1151.0
ROPs 4
Shaders 80 unified
Memory Type DDR3
Memory 384 MB
Bus Width System
Pixel Fillrate 2.0 GPixels/s
Texture Fillrate 4.0 GTexels/s
Bandwidth 8.5 GB/s
Count of performance levels : 2
Level 1 - "Perf Level 0"
GPU Clock 280 MHz
Shader Clock 533 MHz
Level 2 - "Perf Level 1"
GPU Clock 500 MHz
Shader Clock 533 MHz
Storage
Hard drives
ST3500413AS
Manufacturer Seagate
Form Factor 3.5"
Heads 16
Cylinders 60,801
Tracks 15,504,255
Sectors 976,768,065
SATA type SATA-III 6.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number Z2AYVLDN
Firmware Version Number HP64
LBA Size 48-bit LBA
Power On Count 969 times
Power On Time 999.8 days
Speed 7200 RPM
Features S.M.A.R.T., NCQ
Max. Transfer Mode SATA III 6.0Gb/s
Used Transfer Mode SATA II 3.0Gb/s
Interface SATA
Capacity 465 GB
Real size 500,107,862,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 37 °C
Temperature Range OK (less than 50 °C)
S.M.A.R.T attributes
01
Attribute name Read Error Rate
Real value 0
Current 117
Worst 99
Threshold 6
Raw Value 00071E380A
Status Good
03
Attribute name Spin-Up Time
Real value 0 ms
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
04
Attribute name Start/Stop Count
Real value 967
Current 100
Worst 100
Threshold 20
Raw Value 00000003C7
Status Good
05
Attribute name Reallocated Sectors Count
Real value 13
Current 100
Worst 100
Threshold 36
Raw Value 000000000D
Status Good
07
Attribute name Seek Error Rate
Real value 0
Current 84
Worst 60
Threshold 30
Raw Value 000F06AEBB
Status Good
09
Attribute name Power-On Hours (POH)
Real value 999d 19h
Current 73
Worst 73
Threshold 0
Raw Value 0000005DBB
Status Good
0A
Attribute name Spin Retry Count
Real value 0
Current 100
Worst 100
Threshold 97
Raw Value 0000000000
Status Good
0C
Attribute name Device Power Cycle Count
Real value 969
Current 100
Worst 100
Threshold 20
Raw Value 00000003C9
Status Good
B4
Attribute name Reserved Block Count
Real value 280
Current 100
Worst 100
Threshold 0
Raw Value 0000000118
Status Good
B7
Attribute name SATA Downshift Error Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
B8
Attribute name End-to-End error / IOEDC
Real value 0
Current 100
Worst 100
Threshold 97
Raw Value 0000000000
Status Good
BB
Attribute name Reported Uncorrectable Errors
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BC
Attribute name Command Timeout
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BD
Attribute name High Fly Writes (WDC)
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BE
Attribute name Airflow Temperature
Real value 36 °C
Current 64
Worst 57
Threshold 45
Raw Value 0024170024
Status Good
C2
Attribute name Temperature
Real value 36 °C
Current 36
Worst 43
Threshold 0
Raw Value 0000000024
Status Good
C3
Attribute name Hardware ECC Recovered
Real value 0
Current 45
Worst 21
Threshold 0
Raw Value 00071E380A
Status Good
C4
Attribute name Reallocation Event Count
Real value 13
Current 100
Worst 100
Threshold 36
Raw Value 000000000D
Status Good
C5
Attribute name Current Pending Sector Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
C6
Attribute name Uncorrectable Sector Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
C7
Attribute name UltraDMA CRC Error Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
Partition 0
Partition ID Disk #0, Partition #0
File System NTFS
Volume Serial Number DEF0AE86
Size 1022 MB
Used Space 351 MB (34%)
Free Space 671 MB (66%)
Partition 1
Partition ID Disk #0, Partition #1
Size 360 MB
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter C:
File System NTFS
Volume Serial Number 6A69516E
Size 444 GB
Used Space 45 GB (10%)
Free Space 398 GB (90%)
Partition 3
Partition ID Disk #0, Partition #3
File System NTFS
Volume Serial Number 6C1EFEC1
Size 449 MB
Used Space 326 MB (72%)
Free Space 123 MB (28%)
Partition 4
Partition ID Disk #0, Partition #4
Disk Letter D:
File System NTFS
Volume Serial Number E07C58C1
Size 19.8 GB
Used Space 17.3 GB (87%)
Free Space 2.47 GB (13%)
Flash drives
OLYMPUS VR340,D750 USB Device
Interface USB
Capacity 14.8 GB
Real size 15,931,539,456 bytes
RAID Type None
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #1, Partition #0
Disk Letter G:
File System FAT32
Volume Serial Number 36653163
Size 14.8 GB
Used Space 14.8 MB (0%)
Free Space 14.8 GB (100%)
Optical Drives
hp DVD A  DS8A8SH
Media Type DVD Writer
Name hp DVD A DS8A8SH
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 0
Status OK
Audio
Sound Card
Realtek High Definition Audio
Playback Device
Speakers (Realtek High Definition Audio)
Recording Device
Microphone (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Vendor Lite-On Technology Corp
Location USB Input Device
Driver
Date 6-21-2006
Version 10.0.14393.206
File C:\WINDOWS\system32\DRIVERS\kbdhid.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Unknown
Location USB Input Device
Driver
Date 6-21-2006
Version 10.0.14393.0
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
EPSON XP-400 Series
Device Kind Printer
Device Name EPSON XP-400 Series
Vendor EPSON
Location EPSONC26C6C (XP-400 Series)
Driver
Date 12-18-2013
Version 7.2.0.0
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IMAIIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IDSPIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IJBCIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ICONIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAUDIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IEPEIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IREDIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_GATO46.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IVIFIBE.VIF
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUICIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUIRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUI1IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FUIXIBE.XML
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FUIXIBA.XML
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FCF0IBE.CFG
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FCF0IBA.CFG
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FCF0IBE.DEV
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IGRCIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IPRUIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IPREIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FPI1IBE.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILMWIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILC1IBE.LMC
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILC2IBE.LMC
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FHLDRIBE.CHM
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\EPSET32.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\EPSET64.DLL
File C:\WINDOWS\system32\spool\drivers\color\Epson IJ Printer 07.icc
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHM0IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IMW0IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHT0IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ISR0IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHBRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHUTIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHUTIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHSRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBA7IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBA7IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBL6IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBL6IBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBEWIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBEWIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FERSIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IERSIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\ENAGENT.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\ENSETAG6.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBIDIBE.LMD
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBA7IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBA7IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBL6IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBL6IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBEWIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IBEWIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FERSIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IERSIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBIDIBA.LMD
File C:\WINDOWS\system32\E_ILMIBE.DLL
File C:\WINDOWS\system32\E_ID4BIBE.DLL
File C:\WINDOWS\system32\E_ILMIBA.DLL
File C:\WINDOWS\system32\E_ID4BIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBE.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IARNIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASKIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAIRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAPRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IATIIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IABRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASRIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBCSIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAIFIBE.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IGEPIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASOIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_S50RPB.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FHLIAIBE.CHM
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FINVIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FINVIBE.CFG
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILGRIBE.DLL
File C:\WINDOWS\system32\E_GCINST.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUCIBE.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IURIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUWIBE.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_UPEULA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IVIFIBE.ESI
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IMAIIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IDSPIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IJBCIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ICONIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAUDIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IEPEIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IREDIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IVIFIBA.VIF
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUICIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUIRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUI1IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FCF0IBA.DEV
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IGRCIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IPRUIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IPREIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FPI1IBA.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILMWIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILC1IBA.LMC
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILC2IBA.LMC
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FHLDRIBA.CHM
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\OSASOI.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\OSASOI.CFG
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\OSASOI_A.CFG
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHM0IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IMW0IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHT0IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ISR0IBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHBRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHUTIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHUTIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IHSRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBA.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IINSIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IARNIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASKIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAIRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAPRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IATIIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IABRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_FBCSIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IAIFIBA.DAT
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IGEPIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IASOIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_ILGRIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUCIBA.EXE
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IURIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IUWIBA.DLL
File C:\WINDOWS\system32\spool\DRIVERS\x64\{988816D1-6115-40A4-9550-F7443B6A8CC1}\E_IVIFIBA.ESI
WSD Scan Device
Device Kind Camera/scanner
Device Name WSD Scan Device
Vendor Unknown
Comment EPSONC26C6C (XP-400 Series)
Location http://[fe80::a6ee:57ff:fec2:6c6c%10]:80/WSD/DEVICE
Driver
Date 6-21-2006
Version 10.0.14393.0
File C:\WINDOWS\system32\DRIVERS\WSDScan.sys
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Chicony Electronics Co Ltd
Comment HP High Definition 1MP Webcam
Location USB Composite Device
Driver
Date 6-21-2006
Version 10.0.14393.82
File C:\WINDOWS\system32\drivers\usbvideo.sys
VR340,D750      
Device Kind Portable Device
Device Name VR340,D750
Vendor OLYMPUS
Comment G:\
Location Volume
Driver
Date 6-21-2006
Version 10.0.14393.0
File C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
Printers
EPSONC26C6C (XP-400 Series)
Printer Port WSD-a71a239d-5b62-49dd-8cc9-3f3cc8d82db5.006b
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 360 * 360 dpi Color
Status Unknown
Driver
Driver Name EPSON XP-400 Series (v5.10)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IMAIIBE.DLL
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
HP ePrint
Printer Port LPT1:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 4294967294 dpi Color
Status Unknown
Driver
Driver Name HP ePrint (v1.04)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\MXDWDRV.DLL
Microsoft Print to PDF
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft Print To PDF (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_7b3eed059f4c3e41\Amd64\mxdwdrv.dll
Microsoft XPS Document Writer
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer v4 (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_7b3eed059f4c3e41\Amd64\mxdwdrv.dll
XP-400 Series(Network) (Default Printer)
Printer Port EPC26C6C:XP-400 SERIES
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 360 * 360 dpi Color
Status Unknown
Driver
Driver Name EPSON XP-400 Series (v5.10)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IMAIIBE.DLL
Network
You are connected to the internet
Connected through Ralink RT5390R 802.11bgn Wi-Fi Adapter
IP Address 192.168.0.20
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 192.168.0.1
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 24.220.139.153
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 878 Bps
Computer Name
NetBIOS Name KIRKS
DNS Name Kirks
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain Kirks
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 12
Wi-Fi ()
SSID
Frequency 2462000 kHz
Channel Number 11
Name No name
Signal Strength/Quality 40
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (Angel)
SSID Angel
Frequency 2437000 kHz
Channel Number 6
Name Angel
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (BiermanAppraisals)
SSID BiermanAppraisals
Frequency 2462000 kHz
Channel Number 11
Name BiermanAppraisals
Signal Strength/Quality 42
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (BusyRabbit)
SSID BusyRabbit
Frequency 2412000 kHz
Channel Number 1
Name BusyRabbit
Signal Strength/Quality 54
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (BusyRabbit-guest)
SSID BusyRabbit-guest
Frequency 2412000 kHz
Channel Number 1
Name BusyRabbit-guest
Signal Strength/Quality 50
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (CGNM-66A8)
SSID CGNM-66A8
Frequency 2462000 kHz
Channel Number 11
Name CGNM-66A8
Signal Strength/Quality 90
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (CenturyLink1263)
SSID CenturyLink1263
Frequency 2412000 kHz
Channel Number 1
Name CenturyLink1263
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (LamarPlant)
SSID LamarPlant
Frequency 2412000 kHz
Channel Number 1
Name LamarPlant
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (NETGEAR77)
SSID NETGEAR77
Frequency 2462000 kHz
Channel Number 11
Name NETGEAR77
Signal Strength/Quality 50
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (TP-LINK_D202)
SSID TP-LINK_D202
Frequency 2442000 kHz
Channel Number 7
Name TP-LINK_D202
Signal Strength/Quality 36
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Tennant)
SSID Tennant
Frequency 2412000 kHz
Channel Number 1
Name Tennant
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Weig)
SSID Weig
Frequency 2437000 kHz
Channel Number 6
Name Weig
Signal Strength/Quality 40
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Enabled
Ralink RT5390R 802.11bgn Wi-Fi Adapter
Connection-specific DNS Suffix hitronhub.home
Connection Name Wi-Fi
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address 68-94-23-53-53-13
IP Address 192.168.0.20
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
DHCP 192.168.0.1
DNS Server 192.168.0.1
Realtek PCIe FE Family Controller
Connection Name Ethernet
DHCP enabled Yes
MAC Address 08-9E-01-41-FC-37
Network Shares
Users C:\Users
Current TCP Connections
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (1220)
Local 0.0.0.0:2968 LISTEN
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1544)
Local 192.168.0.20:62302 ESTABLISHED Remote 68.232.32.220:1935 (Querying... )
Local 192.168.0.20:62364 ESTABLISHED Remote 172.217.1.198:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62367 FIN-WAIT-1 Remote 151.101.32.64:80 (Querying... ) (HTTP)
Local 192.168.0.20:62368 ESTABLISHED Remote 151.101.32.64:80 (Querying... ) (HTTP)
Local 192.168.0.20:62370 ESTABLISHED Remote 23.62.185.197:80 (Querying... ) (HTTP)
Local 192.168.0.20:62371 ESTABLISHED Remote 169.54.129.23:80 (Querying... ) (HTTP)
Local 192.168.0.20:62373 ESTABLISHED Remote 169.54.129.23:80 (Querying... ) (HTTP)
Local 192.168.0.20:62376 ESTABLISHED Remote 24.220.112.178:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62377 ESTABLISHED Remote 151.101.32.64:80 (Querying... ) (HTTP)
Local 192.168.0.20:62378 ESTABLISHED Remote 151.101.32.64:80 (Querying... ) (HTTP)
Local 192.168.0.20:62382 ESTABLISHED Remote 216.58.217.130:80 (Querying... ) (HTTP)
Local 192.168.0.20:62387 CLOSE-WAIT Remote 198.232.125.83:80 (Querying... ) (HTTP)
Local 192.168.0.20:62403 ESTABLISHED Remote 23.204.248.158:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62410 ESTABLISHED Remote 52.24.222.139:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62122 ESTABLISHED Remote 199.16.156.21:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62416 ESTABLISHED Remote 69.172.216.55:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62418 ESTABLISHED Remote 204.154.111.224:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62419 ESTABLISHED Remote 204.154.111.224:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62424 CLOSE-WAIT Remote 169.54.251.164:80 (Querying... ) (HTTP)
Local 192.168.0.20:62425 CLOSE-WAIT Remote 169.54.251.164:80 (Querying... ) (HTTP)
Local 192.168.0.20:62429 ESTABLISHED Remote 31.13.74.36:443 (Querying... ) (HTTPS)
C:\Windows\explorer.exe (7012)
Local 192.168.0.20:61140 ESTABLISHED Remote 65.52.108.183:443 (Querying... ) (HTTPS)
EKAiOHostService.exe (2296)
Local 0.0.0.0:9322 LISTEN
lsass.exe (676)
Local 0.0.0.0:49673 LISTEN
services.exe (668)
Local 0.0.0.0:49684 LISTEN
spoolsv.exe (1704)
Local 0.0.0.0:49667 LISTEN
svchost.exe (1232)
Local 0.0.0.0:49666 LISTEN
Local 192.168.0.20:61150 ESTABLISHED Remote 65.52.108.195:443 (Querying... ) (HTTPS)
svchost.exe (432)
Local 0.0.0.0:49665 LISTEN
svchost.exe (868)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 192.168.0.20:62010 TIME-WAIT Remote 23.235.33.196:80 (Querying... ) (HTTP)
Local 192.168.0.20:62406 TIME-WAIT Remote 23.204.248.158:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62398 TIME-WAIT Remote 23.204.242.177:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62173 TIME-WAIT Remote 161.170.236.122:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62385 TIME-WAIT Remote 198.232.125.83:80 (Querying... ) (HTTP)
Local 192.168.0.20:62379 TIME-WAIT Remote 151.101.32.64:80 (Querying... ) (HTTP)
Local 192.168.0.20:62333 TIME-WAIT Remote 24.220.113.50:80 (Querying... ) (HTTP)
Local 192.168.0.20:62315 TIME-WAIT Remote 162.248.16.53:80 (Querying... ) (HTTP)
Local 192.168.0.20:62038 TIME-WAIT Remote 24.220.113.26:80 (Querying... ) (HTTP)
Local 192.168.0.20:62040 TIME-WAIT Remote 151.101.32.134:80 (Querying... ) (HTTP)
Local 192.168.0.20:62045 TIME-WAIT Remote 151.101.32.68:80 (Querying... ) (HTTP)
Local 192.168.0.20:62093 TIME-WAIT Remote 162.248.16.50:80 (Querying... ) (HTTP)
Local 192.168.0.20:62102 TIME-WAIT Remote 162.248.16.53:80 (Querying... ) (HTTP)
Local 192.168.0.20:62113 TIME-WAIT Remote 151.101.32.67:80 (Querying... ) (HTTP)
Local 192.168.0.20:62115 TIME-WAIT Remote 23.204.157.249:80 (Querying... ) (HTTP)
Local 192.168.0.20:62255 TIME-WAIT Remote 173.241.244.199:443 (Querying... ) (HTTPS)
Local 192.168.0.20:62133 TIME-WAIT Remote 204.11.109.68:80 (Querying... ) (HTTP)
Local 192.168.0.20:62140 TIME-WAIT Remote 23.204.238.108:80 (Querying... ) (HTTP)
Local 192.168.0.20:62143 TIME-WAIT Remote 173.193.244.52:80 (Querying... ) (HTTP)
Local 192.168.0.20:62148 TIME-WAIT Remote 23.204.157.249:80 (Querying... ) (HTTP)
Local 192.168.0.20:62150 TIME-WAIT Remote 23.204.157.249:80 (Querying... ) (HTTP)
Local 192.168.0.20:62411 TIME-WAIT Remote 69.172.216.55:443 (Querying... ) (HTTPS)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 192.168.0.20:139 (NetBIOS session service) LISTEN
wininit.exe (604)
Local 0.0.0.0:49664 LISTEN
Generated with Speccy v1.30.730
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 74.34 0 K 4 K 0
procexp64.exe 12.25 18,968 K 50,272 K 8580 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
dwm.exe 3.42 57,228 K 31,820 K 7552
Interrupts 2.85 0 K 0 K n/a Hardware Interrupts and DPCs
YCMMirage.exe 2.73 2,460 K 3,176 K 6952 YouCam Mirage CyberLink
csrss.exe 1.60 3,676 K 3,120 K 6184
System 0.80 164 K 16,084 K 4
chrome.exe 0.63 125,868 K 159,324 K 4880 Google Chrome Google Inc.
chrome.exe 0.60 83,728 K 114,516 K 1544 Google Chrome Google Inc.
MsMpEng.exe 0.33 144,700 K 91,256 K 2428 Antimalware Service Executable Microsoft Corporation
explorer.exe 0.13 35,720 K 25,700 K 1028 Windows Explorer Microsoft Corporation
explorer.exe 0.12 55,380 K 84,092 K 7012 Windows Explorer Microsoft Corporation
MOM.exe 0.04 24,568 K 4,896 K 5708 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
svchost.exe 0.04 19,692 K 21,480 K 748 Host Process for Windows Services Microsoft Corporation
EEventManager.exe 0.03 3,064 K 4,144 K 1220 EEventManager Application SEIKO EPSON CORPORATION
eEBSvc.exe 0.02 4,804 K 1,468 K 2244 eEBAPI Core Process module SEIKO EPSON CORPORATION
CLMLSvc_P2G8.exe 0.02 2,576 K 2,692 K 1100 CyberLink MediaLibray Service CyberLink
EKAiOHostService.exe 0.02 20,896 K 14,988 K 2296 EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company
svchost.exe 0.01 11,048 K 14,856 K 760 Host Process for Windows Services Microsoft Corporation
EKPrinterSDK.exe 0.01 2,012 K 2,360 K 2308 Status Monitor SDK for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build) Eastman Kodak Company
chrome.exe 0.01 35,312 K 44,756 K 4512 Google Chrome Google Inc.
WmiPrvSE.exe < 0.01 24,460 K 32,380 K 1908
HPSA_Service.exe < 0.01 27,224 K 5,916 K 3040 HP Support Assistant Service Hewlett-Packard Company
csrss.exe < 0.01 1,788 K 3,788 K 512
ApplicationFrameHost.exe < 0.01 7,068 K 13,676 K 9084 Application Frame Host Microsoft Corporation
WUDFHost.exe 1,948 K 3,044 K 5764
WmiPrvSE.exe 9,756 K 22,732 K 6276
winlogon.exe 2,288 K 5,168 K 1716
wininit.exe 1,116 K 2,504 K 604
taskhostw.exe 7,224 K 13,940 K 3068 Host Process for Windows Tasks Microsoft Corporation
SystemSettings.exe Suspended 37,208 K 40,848 K 3352 Settings Microsoft Corporation
svchost.exe 69,676 K 71,456 K 456 Host Process for Windows Services Microsoft Corporation
svchost.exe 6,068 K 8,460 K 868 Host Process for Windows Services Microsoft Corporation
svchost.exe 40,128 K 44,328 K 1232 Host Process for Windows Services Microsoft Corporation
svchost.exe 11,412 K 16,696 K 1208 Host Process for Windows Services Microsoft Corporation
svchost.exe 15,264 K 16,348 K 432 Host Process for Windows Services Microsoft Corporation
svchost.exe 2,608 K 6,144 K 1424 Host Process for Windows Services Microsoft Corporation
svchost.exe 3,896 K 7,224 K 2252 Host Process for Windows Services Microsoft Corporation
svchost.exe 13,544 K 17,272 K 1076 Host Process for Windows Services Microsoft Corporation
svchost.exe 4,720 K 5,344 K 1628 Host Process for Windows Services Microsoft Corporation
svchost.exe 4,104 K 5,240 K 1504 Host Process for Windows Services Microsoft Corporation
svchost.exe 7,232 K 15,196 K 2420 Host Process for Windows Services Microsoft Corporation
svchost.exe 6,672 K 17,728 K 8100 Host Process for Windows Services Microsoft Corporation
svchost.exe 4,904 K 10,220 K 1324 Host Process for Windows Services Microsoft Corporation
svchost.exe 10,080 K 18,384 K 2220 Host Process for Windows Services Microsoft Corporation
svchost.exe 4,008 K 3,060 K 2196 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,832 K 7,132 K 1048 Host Process for Windows Services Microsoft Corporation
svchost.exe 1,660 K 3,768 K 1496 Host Process for Windows Services Microsoft Corporation
spoolsv.exe 11,664 K 17,900 K 1704 Spooler SubSystem App Microsoft Corporation
smss.exe 400 K 516 K 364
SkypeHost.exe Suspended 4,712 K 10,580 K 4816 Microsoft Skype Preview Microsoft Corporation
sihost.exe 5,556 K 14,964 K 1648 Shell Infrastructure Host Microsoft Corporation
ShellExperienceHost.exe Suspended 56,084 K 36,808 K 4828 Windows Shell Experience Host Microsoft Corporation
services.exe 3,456 K 6,208 K 668
SearchUI.exe Suspended 60,876 K 37,808 K 9020 Search and Cortana application Microsoft Corporation
SearchIndexer.exe 26,088 K 21,944 K 2320 Microsoft Windows Search Indexer Microsoft Corporation
RuntimeBroker.exe 11,668 K 26,948 K 3388 Runtime Broker Microsoft Corporation
RtkNGUI64.exe 3,792 K 3,676 K 7624 Realtek HD Audio Manager Realtek Semiconductor
RIconMan.exe 2,032 K 2,400 K 2080 Realtek Card Reader Patch Tool. Realsil Microelectronics Inc.
procexp.exe 2,768 K 9,916 K 4720 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
OneDrive.exe 6,992 K 8,568 K 6292 Microsoft OneDrive Microsoft Corporation
NisSrv.exe 20,532 K 13,800 K 4008 Microsoft Network Realtime Inspection Service Microsoft Corporation
MSASCuiL.exe 3,508 K 3,628 K 1452 Windows Defender notification icon Microsoft Corporation
MpCmdRun.exe 3,316 K 7,532 K 7736
Memory Compression 256 K 58,028 K 2592
lsass.exe 6,196 K 9,584 K 676 Local Security Authority Process Microsoft Corporation
Fuel.Service.exe 1,676 K 2,708 K 2180 AMD Fuel Service Advanced Micro Devices, Inc.
fontdrvhost.exe 824 K 3,180 K 4188
FacebookUpdate.exe 1,916 K 1,908 K 7952 Facebook Installer Facebook Inc.
escsvc64.exe 1,468 K 1,176 K 3028 Epson Scanner Service (64bit) Seiko Epson Corporation
dllhost.exe 1,728 K 9,600 K 5680 COM Surrogate Microsoft Corporation
dasHost.exe 4,084 K 7,904 K 1928
chrome.exe 1,984 K 7,468 K 7124 Google Chrome Google Inc.
chrome.exe 1,864 K 8,200 K 8288 Google Chrome Google Inc.
CCC.exe 69,708 K 12,180 K 6604 Catalyst Control Center: Host application Advanced Micro Devices Inc.
audiodg.exe 8,840 K 13,228 K 4176
atiesrxx.exe 1,336 K 1,424 K 1160 AMD External Events Service Module AMD
atieclxx.exe 2,148 K 3,452 K 4572
AERTSr64.exe 576 K 760 K 2172 Andrea filters APO access service (64-bit) Andrea Electronics Corporation
 

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

The reason the command prompt failed is you did not use an elevated command prompt.  

 

You also did not follow instructions on Process Explorer (you didn't turn on verification) or on Speccy (you did not remove the serial number and you did not attach the file) Please try to follow my instructions.

 

I don't like the looks of your hard drive.  It's a Seagate and like all Seagates it's throwing a lot of errors.  You should replace it before it fails completely.  I prefer Western Digital Blacks.  They are faster and last longer.

 

Your WiFi is running on Ch 11 and there are 3 other routers running on the same channel so you may be getting some interference.  Let's see what speeds you are getting:

 

 

Go to http://www.speedtest.net/and click on Begin Test
 
When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
 
 
Your major problem is probably a bad driver.  If you look at Process Explorer you will see:
 
Interrupts 2.85 0 K 0 K n/a Hardware Interrupts and DPCs

 

 

This value is usually less that 1 and should never be more than 1.5.  Yours is very high.  This has a very large impact on performance. Go to your PC Maker's Support website and see if they have any newer drivers for you.  If they do, download and install then reboot and run another Process Explorer log and post it.  
 
Let's also run Dxdiag.
 
Open an ELEVATED Command Prompt.  This is critical.  If you do not know how please read:
 
 
Type:
 
dxdiag
 
hit Enter.
 
 

Make sure it has the box in front of

Check for  WHQL digital signatures

checked.

 

Click on Run 64 bit dxdiag.  It will close and reopen.

 

When it finishes its test (the green line near the bottom left will disappear)

 

Hit Save All Information

 

Note where it saves it or change it to save to your desktop.

 

The default file name is DxDiag.txt

 

Open DxDiag.txt by double clicking and then copy and paste the text to a replay.


  • 0

#5
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Lets see if this helps :)

 

 

5890787049.png

 

 

 

------------------
System Information
------------------
      Time of this report: 12/18/2016, 09:48:03
             Machine name: KIRKS
               Machine Id: {96599B05-0C45-4DBD-B725-45712D17A707}
         Operating System: Windows 10 Home 64-bit (10.0, Build 14393) (14393.rs1_release_inmarket.161208-2252)
                 Language: English (Regional Setting: English)
      System Manufacturer: Hewlett-Packard
             System Model: 120-1333w
                     BIOS: 8.03
                Processor: AMD E1-1200 APU with Radeon™ HD Graphics (2 CPUs), ~1.4GHz
                   Memory: 4096MB RAM
      Available OS Memory: 3660MB RAM
                Page File: 2956MB used, 1343MB available
              Windows Dir: C:\WINDOWS
          DirectX Version: DirectX 12
      DX Setup Parameters: Not found
         User DPI Setting: Using System DPI
       System DPI Setting: 96 DPI (100 percent)
          DWM DPI Scaling: Disabled
                 Miracast: Not Available
Microsoft Graphics Hybrid: Not Supported
           DxDiag Version: 10.00.14393.0000 64bit Unicode
 
------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
          Input Tab: No problems found.
 
--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)
 
---------------
Display Devices
---------------
          Card name: AMD Radeon HD 7310 Graphics
       Manufacturer: Advanced Micro Devices, Inc.
          Chip type: AMD Radeon Graphics Processor (0x9809)
           DAC type: Internal DAC(400MHz)
        Device Type: Full Device
         Device Key: Enum\PCI\VEN_1002&DEV_9809&SUBSYS_2AF5103C&REV_00
      Device Status: 0180200A [DN_DRIVER_LOADED|DN_STARTED|DN_DISABLEABLE|DN_NT_ENUMERATOR|DN_NT_DRIVER] 
Device Problem Code: No Problem
Driver Problem Code: Unknown
     Display Memory: 2037 MB
   Dedicated Memory: 373 MB
      Shared Memory: 1664 MB
       Current Mode: 1600 x 900 (32 bit) (60Hz)
       Monitor Name: Generic PnP Monitor
      Monitor Model: HP Omni / Pro
         Monitor Id: HWP4218
        Native Mode: 1600 x 900(p) (60.000Hz)
        Output Type: Internal
        Driver Name: aticfx64.dll,aticfx64.dll,aticfx64.dll
Driver File Version: 8.17.0010.1404 (English)
     Driver Version: 15.201.1151.0
        DDI Version: 11.1
     Feature Levels: 11_0,10_1,10_0,9_3,9_2,9_1
       Driver Model: WDDM 1.2
Graphics Preemption: DMA
 Compute Preemption: DMA
           Miracast: Not Supported by Graphics driver
Hybrid Graphics GPU: Not Applicable
     Power P-states: Not Applicable
  Driver Attributes: Final Retail
   Driver Date/Size: 8/20/2015 6:00:00 PM, 1479808 bytes
        WHQL Logo'd: Yes
    WHQL Date Stamp: Unknown
  Device Identifier: {D7B71EE2-DB49-11CF-F076-FF0ABEC2C535}
          Vendor ID: 0x1002
          Device ID: 0x9809
          SubSys ID: 0x2AF5103C
        Revision ID: 0x0000
 Driver Strong Name: oem2.inf:cb0ae4146300e347:ati2mtag_Wrestler:15.201.1151.0:pci\ven_1002&dev_9809
     Rank Of Driver: 00DA2001
        Video Accel: ModeMPEG2_A ModeMPEG2_C 
        DXVA2 Modes: DXVA2_ModeMPEG2_VLD  DXVA2_ModeMPEG2_IDCT  DXVA2_ModeH264_VLD_NoFGT  DXVA2_ModeVC1_VLD  DXVA2_ModeMPEG4pt2_VLD_AdvSimple_NoGMC  
   Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
       D3D9 Overlay: Not Supported
            DXVA-HD: Not Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled
           MPO Caps: Not Supported
        MPO Stretch: Not Supported
    MPO Media Hints: Not Supported
        MPO Formats: Not Supported
 
-------------
Sound Devices
-------------
            Description: Speakers (Realtek High Definition Audio)
 Default Sound Playback: Yes
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_103C2AF5&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.6675 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 7/3/2012 12:00:00 AM, 4074256 bytes
            Other Files: 
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
 
---------------------
Sound Capture Devices
---------------------
            Description: Microphone (Realtek High Definition Audio)
  Default Sound Capture: Yes
  Default Voice Capture: Yes
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.6675 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/3/2012 20:55:04, 4074256 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF
 
---------------------
Video Capture Devices
Number of Devices: 1
---------------------
           FriendlyName: HP High Definition 1MP Webcam
               Location: Back
           SymbolicLink: \\?\usb#vid_04f2&pid_b34a&mi_00#6&f00fa88&0&0000#{e5323777-f976-4f5b-9b55-b94699c46e44}\global
           Manufacturer: Microsoft
             HardwareID: USB\VID_04F2&PID_B34A&REV_5364&MI_00,USB\VID_04F2&PID_B34A&MI_00
             DriverDesc: USB Video Device
         DriverProvider: Microsoft
          DriverVersion: 10.0.14393.82
      DriverDateEnglish: 6/21/2006 00:00:00
    DriverDateLocalized: 6/21/2006 12:00:00 AM
                Service: usbvideo
                  Class: Image
          DevNodeStatus: 180200A[DN_DRIVER_LOADED|DN_STARTED|DN_DISABLEABLE|DN_NT_ENUMERATOR|DN_NT_DRIVER]
            ContainerId: {00000000-0000-0000-FFFF-FFFFFFFFFFFF}
            ProblemCode: No Problem
  BusReportedDeviceDesc: HP High Definition 1MP Webcam
                 Parent: USB\VID_04F2&PID_B34A\5&2a9b8b10&0&4
      DriverProblemDesc: n/a
           UpperFilters: n/a
           LowerFilters: n/a
                  Stack: \Driver\ksthunk,\Driver\usbvideo,\Driver\ACPI,\Driver\usbccgp
      ContainerCategory: Imaging
 
-------------------
DirectInput Devices
-------------------
      Device Name: Mouse
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a
 
      Device Name: Keyboard
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a
 
      Device Name: USB Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04CA, 0x004B
        FF Driver: n/a
 
      Device Name: USB Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04CA, 0x004B
        FF Driver: n/a
 
      Device Name: 2.4G Wireless Mouse
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04F3, 0x02F4
        FF Driver: n/a
 
Poll w/ Interrupt: No
 
-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x1002, 0x4397
| Matching Device ID: USB\ROOT_HUB
| Service: usbhub
| Driver: usbhub.sys, 7/16/2016 05:41:55, 501088 bytes
| Driver: usbd.sys, 7/16/2016 05:41:55, 32608 bytes
+-+ USB Composite Device
| | Vendor/Product ID: 0x04CA, 0x004B
| | Location: Port_#0002.Hub_#0001
| | Matching Device ID: USB\COMPOSITE
| | Service: usbccgp
| | Driver: usbccgp.sys, 7/16/2016 05:41:55, 169312 bytes
| | 
| +-+ USB Input Device
| | | Vendor/Product ID: 0x04CA, 0x004B
| | | Location: 0000.0012.0000.002.000.000.000.000.000
| | | Matching Device ID: USB\Class_03&SubClass_01
| | | Service: HidUsb
| | | Driver: hidusb.sys, 8/5/2016 21:47:49, 38400 bytes
| | | Driver: hidclass.sys, 10/14/2016 21:55:50, 156672 bytes
| | | Driver: hidparse.sys, 8/5/2016 21:46:37, 40960 bytes
| | | 
| | +-+ HID Keyboard Device
| | | | Vendor/Product ID: 0x04CA, 0x004B
| | | | Matching Device ID: HID_DEVICE_SYSTEM_KEYBOARD
| | | | Service: kbdhid
| | | | Driver: kbdhid.sys, 9/15/2016 10:43:23, 39424 bytes
| | | | Driver: kbdclass.sys, 7/16/2016 05:41:54, 62304 bytes
| | 
+-+ USB Input Device
| | Vendor/Product ID: 0x04F3, 0x02F4
| | Location: Port_#0005.Hub_#0001
| | Matching Device ID: USB\Class_03&SubClass_01
| | Service: HidUsb
| | Driver: hidusb.sys, 8/5/2016 21:47:49, 38400 bytes
| | Driver: hidclass.sys, 10/14/2016 21:55:50, 156672 bytes
| | Driver: hidparse.sys, 8/5/2016 21:46:37, 40960 bytes
| | 
| +-+ HID-compliant mouse
| | | Vendor/Product ID: 0x04F3, 0x02F4
| | | Matching Device ID: HID_DEVICE_SYSTEM_MOUSE
| | | Service: mouhid
| | | Driver: mouhid.sys, 7/16/2016 05:41:54, 32256 bytes
| | | Driver: mouclass.sys, 7/16/2016 05:41:54, 59232 bytes
 
----------------
Gameport Devices
----------------
 
------------
PS/2 Devices
------------
 
------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 408.5 GB
Total Space: 454.7 GB
File System: NTFS
      Model: ST3500413AS
 
      Drive: D:
 Free Space: 2.5 GB
Total Space: 20.3 GB
File System: NTFS
      Model: ST3500413AS
 
      Drive: E:
      Model: hp DVD A  DS8A8SH
     Driver: c:\windows\system32\drivers\cdrom.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:53, 173056 bytes
 
--------------
System Devices
--------------
     Name: AMD SMBus
Device ID: PCI\VEN_1002&DEV_4385&SUBSYS_2AF5103C&REV_42\3&11583659&0&A0
   Driver: n/a
 
     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_1002&DEV_43A0&SUBSYS_00001002&REV_00\3&11583659&0&A8
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.14393.0479 (English), 11/11/2016 04:00:00, 335712 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1703&SUBSYS_00000000&REV_00\3&11583659&0&C3
   Driver: n/a
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1700&SUBSYS_00000000&REV_43\3&11583659&0&C0
   Driver: n/a
 
     Name: AMD Radeon HD 7310 Graphics
Device ID: PCI\VEN_1002&DEV_9809&SUBSYS_2AF5103C&REV_00\3&11583659&0&08
   Driver: C:\WINDOWS\system32\DRIVERS\atikmdag.sys, 8.01.0001.1500 (English), 10/21/2015 02:14:48, 21648880 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\ati2erec.dll, 1.00.0000.0024 (English), 10/21/2015 02:14:42, 52208 bytes
   Driver: C:\WINDOWS\system32\atiumd64.dll, 9.14.0010.1128 (English), 10/21/2015 02:14:56, 8864920 bytes
   Driver: C:\WINDOWS\system32\atiumd6a.dll, 8.14.0010.0513 (English), 10/21/2015 02:14:56, 8982432 bytes
   Driver: C:\WINDOWS\system32\atitmm64.dll, 6.14.0011.0025 (English), 10/21/2015 02:14:46, 199664 bytes
   Driver: C:\WINDOWS\system32\amdpcom64.dll, 8.14.0010.0023 (English), 10/21/2015 02:14:54, 88000 bytes
   Driver: C:\WINDOWS\system32\atimpc64.dll, 8.14.0010.0023 (English), 10/21/2015 02:14:54, 88000 bytes
   Driver: C:\WINDOWS\system32\atiadlxx.dll, 7.15.0020.1301 (English), 10/21/2015 02:14:44, 1256424 bytes
   Driver: C:\WINDOWS\system32\atiumd6a.cap, 8/22/2015 01:55:34, 3437632 bytes
   Driver: C:\WINDOWS\system32\atimuixx.dll, 6.14.0010.1002 (English), 10/21/2015 02:14:46, 38384 bytes
   Driver: C:\WINDOWS\system32\atiapfxx.exe, 6.14.0010.1001 (English), 10/21/2015 02:14:44, 375792 bytes
   Driver: C:\WINDOWS\system32\ativvsva.dat, 8/22/2015 01:54:10, 157144 bytes
   Driver: C:\WINDOWS\system32\ativvsvl.dat, 8/22/2015 01:54:10, 204952 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_cik.dat, 5/29/2015 01:00:42, 234420 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_cik_nd.dat, 5/29/2015 00:58:32, 232752 bytes
   Driver: C:\WINDOWS\system32\ativce02.dat, 7/24/2015 21:44:06, 100816 bytes
   Driver: C:\WINDOWS\system32\amdmmcl6.dll, 1.06.0000.0000 (English), 10/21/2015 02:14:42, 59368 bytes
   Driver: C:\WINDOWS\system32\atiesrxx.exe, 6.14.0011.1199 (English), 10/21/2015 02:14:46, 255472 bytes
   Driver: C:\WINDOWS\system32\atieclxx.exe, 6.14.0011.1199 (English), 10/21/2015 02:14:46, 683504 bytes
   Driver: C:\WINDOWS\system32\atidemgy.dll, 4.05.5711.37472 (English), 10/21/2015 02:14:46, 451048 bytes
   Driver: C:\WINDOWS\system32\atio6axx.dll, 6.14.0010.13399 (English), 10/21/2015 02:14:48, 30776304 bytes
   Driver: C:\WINDOWS\system32\aticalrt64.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:46, 71152 bytes
   Driver: C:\WINDOWS\system32\aticalcl64.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:44, 64496 bytes
   Driver: C:\WINDOWS\system32\aticaldd64.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:46, 15725552 bytes
   Driver: C:\WINDOWS\system32\atiapfxx.blb, 8/22/2015 01:53:34, 662392 bytes
   Driver: C:\WINDOWS\system32\amdmiracast.dll, 10/21/2015 02:14:54, 471312 bytes
   Driver: C:\WINDOWS\system32\amdhdl64.dll, 10/21/2015 02:14:42, 143344 bytes
   Driver: C:\WINDOWS\system32\hsa-thunk64.dll, 10/21/2015 02:14:48, 111600 bytes
   Driver: C:\WINDOWS\system32\amdmantle64.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:42, 6686192 bytes
   Driver: C:\WINDOWS\system32\mantle64.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:48, 136176 bytes
   Driver: C:\WINDOWS\system32\mantleaxl64.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:48, 103408 bytes
   Driver: C:\WINDOWS\system32\ativce03.dat, 7/30/2015 22:00:06, 177344 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_vi.dat, 5/29/2015 01:10:58, 322868 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_vi_nd.dat, 5/29/2015 01:08:18, 321200 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_cz_nd.dat, 5/29/2015 01:21:32, 255808 bytes
   Driver: C:\WINDOWS\system32\amde31a.dat, 7/30/2015 21:58:04, 175648 bytes
   Driver: C:\WINDOWS\system32\detoured.dll, 2.01.0000.0207 (English), 10/21/2015 02:14:48, 12784 bytes
   Driver: C:\WINDOWS\system32\amdgfxinfo64.dll, 10/21/2015 02:14:42, 213488 bytes
   Driver: C:\WINDOWS\system32\atieah64.exe, 10/21/2015 02:14:46, 168944 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_FJ.dat, 5/29/2015 01:17:24, 250884 bytes
   Driver: C:\WINDOWS\system32\ativvaxy_FJ_nd.dat, 5/29/2015 01:15:12, 249088 bytes
   Driver: C:\WINDOWS\system32\amdocl12cl64.dll, 0.08.0000.0000 (English), 10/21/2015 02:14:46, 27544560 bytes
   Driver: C:\WINDOWS\system32\amdicdxx.dat, 7/23/2015 11:52:32, 833800 bytes
   Driver: C:\WINDOWS\system32\atiicdxx.dat, 11/6/2014 10:53:26, 737410 bytes
   Driver: C:\WINDOWS\system32\amdlvr64.dll, 1.00.0003.0008 (English), 10/21/2015 02:14:42, 631280 bytes
   Driver: C:\WINDOWS\system32\atidxx64.dll, 8.17.0010.0625 (English), 10/21/2015 02:14:56, 12088000 bytes
   Driver: C:\WINDOWS\SysWOW64\atiumdag.dll, 9.14.0010.1128 (English), 10/21/2015 02:14:56, 7482560 bytes
   Driver: C:\WINDOWS\SysWOW64\atiumdva.dll, 8.14.0010.0513 (English), 10/21/2015 02:14:56, 8009360 bytes
   Driver: C:\WINDOWS\SysWOW64\amdpcom32.dll, 8.14.0010.0023 (English), 10/21/2015 02:14:54, 81160 bytes
   Driver: C:\WINDOWS\SysWOW64\atimpc32.dll, 8.14.0010.0023 (English), 10/21/2015 02:14:54, 81160 bytes
   Driver: C:\WINDOWS\SysWOW64\atiadlxy.dll, 7.15.0020.1301 (English), 10/21/2015 02:14:44, 935408 bytes
   Driver: C:\WINDOWS\SysWOW64\atiadlxx.dll, 7.15.0020.1301 (English), 10/21/2015 02:14:44, 935408 bytes
   Driver: C:\WINDOWS\SysWOW64\atiumdva.cap, 8/22/2015 01:50:46, 3471376 bytes
   Driver: C:\WINDOWS\SysWOW64\ativvsva.dat, 8/22/2015 01:54:10, 157144 bytes
   Driver: C:\WINDOWS\SysWOW64\ativvsvl.dat, 8/22/2015 01:54:10, 204952 bytes
   Driver: C:\WINDOWS\SysWOW64\amdmmcl.dll, 1.06.0000.0000 (English), 10/21/2015 02:14:42, 48112 bytes
   Driver: C:\WINDOWS\SysWOW64\atioglxx.dll, 6.14.0010.13399 (English), 10/21/2015 02:14:48, 25320432 bytes
   Driver: C:\WINDOWS\SysWOW64\atidxx32.dll, 8.17.0010.0625 (English), 10/21/2015 02:14:56, 10211016 bytes
   Driver: C:\WINDOWS\SysWOW64\aticalrt.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:46, 60912 bytes
   Driver: C:\WINDOWS\SysWOW64\aticalcl.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:44, 57840 bytes
   Driver: C:\WINDOWS\SysWOW64\aticaldd.dll, 6.14.0010.1848 (English), 10/21/2015 02:14:46, 14310896 bytes
   Driver: C:\WINDOWS\SysWOW64\atiapfxx.blb, 8/22/2015 01:53:34, 662392 bytes
   Driver: C:\WINDOWS\SysWOW64\amdhdl32.dll, 10/21/2015 02:14:42, 132080 bytes
   Driver: C:\WINDOWS\SysWOW64\hsa-thunk.dll, 10/21/2015 02:14:48, 111088 bytes
   Driver: C:\WINDOWS\SysWOW64\amdmantle32.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:42, 5216240 bytes
   Driver: C:\WINDOWS\SysWOW64\mantle32.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:48, 122344 bytes
   Driver: C:\WINDOWS\SysWOW64\mantleaxl32.dll, 9.01.0010.0083 (English), 10/21/2015 02:14:48, 96752 bytes
   Driver: C:\WINDOWS\SysWOW64\detoured.dll, 2.01.0000.0207 (English), 10/21/2015 02:14:46, 12784 bytes
   Driver: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll, 10/21/2015 02:14:42, 198632 bytes
   Driver: C:\WINDOWS\SysWOW64\atieah32.exe, 10/21/2015 02:14:46, 152560 bytes
   Driver: C:\WINDOWS\SysWOW64\amdocl12cl.dll, 0.08.0000.0000 (English), 10/21/2015 02:14:46, 22327280 bytes
   Driver: C:\WINDOWS\SysWOW64\amdlvr32.dll, 1.00.0003.0008 (English), 10/21/2015 02:14:42, 524272 bytes
   Driver: C:\WINDOWS\system32\ATIODCLI.exe, 1.00.0000.0001 (English), 10/21/2015 02:14:46, 59888 bytes
   Driver: C:\WINDOWS\system32\ATIODE.exe, 1.00.0000.0001 (English), 10/21/2015 02:14:46, 341488 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\atikmpag.sys, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 674288 bytes
   Driver: C:\WINDOWS\system32\atiu9p64.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:54, 130072 bytes
   Driver: C:\WINDOWS\system32\atiuxp64.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:56, 162232 bytes
   Driver: C:\WINDOWS\system32\atig6txx.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 165360 bytes
   Driver: C:\WINDOWS\system32\atiglpxx.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 78320 bytes
   Driver: C:\WINDOWS\system32\aticfx64.dll, 8.17.0010.1404 (English), 10/21/2015 02:14:54, 1479808 bytes
   Driver: C:\WINDOWS\SysWOW64\aticfx32.dll, 8.17.0010.1404 (English), 10/21/2015 02:14:54, 1223552 bytes
   Driver: C:\Program Files\AMD\CCC2\Install\ccc2_install.exe, 8.97.0100.0300 (English), 10/21/2015 02:15:04, 96550952 bytes
   Driver: C:\WINDOWS\system32\OpenCL.dll, 2.00.0004.0000 (English), 10/21/2015 02:14:42, 73712 bytes
   Driver: C:\WINDOWS\system32\amdocl64.dll, 10.00.1800.0011 (English), 10/21/2015 02:14:48, 47794160 bytes
   Driver: C:\WINDOWS\system32\amdocl_as64.exe, 10/21/2015 02:14:44, 1196032 bytes
   Driver: C:\WINDOWS\system32\amdocl_ld64.exe, 10/21/2015 02:14:44, 1070592 bytes
   Driver: C:\WINDOWS\system32\clinfo.exe, 10/21/2015 02:14:48, 243688 bytes
   Driver: C:\WINDOWS\SysWOW64\OpenCL.dll, 2.00.0004.0000 (English), 10/21/2015 02:14:42, 68080 bytes
   Driver: C:\WINDOWS\SysWOW64\amdocl.dll, 10.00.1800.0011 (English), 10/21/2015 02:14:46, 39721456 bytes
   Driver: C:\WINDOWS\SysWOW64\amdocl_as32.exe, 10/21/2015 02:14:44, 1004024 bytes
   Driver: C:\WINDOWS\SysWOW64\amdocl_ld32.exe, 10/21/2015 02:14:42, 807424 bytes
   Driver: C:\Program Files\AMD\amdkmpfd\amdkmpfd.sbz, 8.14.0001.6028 (English), 10/21/2015 02:14:42, 73968 bytes
   Driver: C:\Program Files\AMD\amdkmpfd\amdkmpfd.ibz, 2/12/2015 19:38:04, 1988 bytes
   Driver: C:\Program Files\AMD\amdkmpfd\amdkmpfd.cbz, 5/28/2015 19:21:02, 9788 bytes
   Driver: C:\WINDOWS\system32\atig6pxx.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 83952 bytes
   Driver: C:\WINDOWS\SysWOW64\atiu9pag.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:56, 112360 bytes
   Driver: C:\WINDOWS\SysWOW64\atiuxpag.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:56, 143056 bytes
   Driver: C:\WINDOWS\SysWOW64\atigktxx.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 150512 bytes
   Driver: C:\WINDOWS\SysWOW64\atiglpxx.dll, 8.14.0001.6463 (English), 10/21/2015 02:14:46, 78320 bytes
   Driver: C:\WINDOWS\system32\coinst_15.20.dll, 1.00.0005.0009 (English), 10/21/2015 02:14:48, 874480 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1510&SUBSYS_15101022&REV_00\3&11583659&0&00
   Driver: n/a
 
     Name: Realtek PCIE CardReader
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_2AF5103C&REV_01\4&EDB6346&0&00AA
   Driver: C:\WINDOWS\system32\DRIVERS\RtsPStor.sys, 6.03.9600.28156 (English), 6/3/2015 07:41:50, 374016 bytes
   Driver: C:\WINDOWS\SysWOW64\sda\SDRTCPRM.dll, 1.22.9600.0000 (English), 6/3/2015 07:44:26, 141568 bytes
   Driver: C:\WINDOWS\SysWOW64\RsCRIcon.dll, 1.10.0000.0000 (English), 6/3/2015 07:41:52, 9898752 bytes
   Driver: C:\WINDOWS\system32\RtCRX64.dll, 1.11.9600.0000 (Chinese (Simplified)), 6/3/2015 07:41:50, 91904 bytes
 
     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_1002&DEV_4384&SUBSYS_00000000&REV_40\3&11583659&0&A4
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.14393.0479 (English), 11/11/2016 04:00:00, 335712 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1701&SUBSYS_00000000&REV_00\3&11583659&0&C1
   Driver: n/a
 
     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_1002&DEV_43A1&SUBSYS_00001002&REV_00\3&11583659&0&A9
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.14393.0479 (English), 11/11/2016 04:00:00, 335712 bytes
 
     Name: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2AF5103C&REV_05\4&186C6B44&0&00A9
   Driver: C:\WINDOWS\system32\DRIVERS\rt640x64.sys, 9.01.0404.2015 (English), 7/16/2016 05:41:53, 589824 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1704&SUBSYS_00000000&REV_00\3&11583659&0&C4
   Driver: n/a
 
     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_2AF5103C&REV_00\3&11583659&0&B2
   Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 96096 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_2AF5103C&REV_00\3&11583659&0&9A
   Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 96096 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_2AF5103C&REV_00\3&11583659&0&92
   Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 96096 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1718&SUBSYS_00000000&REV_00\3&11583659&0&C5
   Driver: n/a
 
     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4399&SUBSYS_2AF5103C&REV_00\3&11583659&0&A5
   Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 30208 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: Ralink RT5390R 802.11bgn Wi-Fi Adapter
Device ID: PCI\VEN_1814&DEV_539B&SUBSYS_18ED103C&REV_00\4&2DDBB3B7&0&00A8
   Driver: C:\WINDOWS\system32\DRIVERS\netr28x.sys, 5.00.0057.0000 (English), 6/12/2015 04:59:24, 2554528 bytes
   Driver: C:\WINDOWS\system32\RaCoInstx.dll, 1.00.0012.0003 (English), 6/12/2015 05:03:10, 343712 bytes
   Driver: C:\WINDOWS\system32\RaCoInst.dat, 6/12/2015 04:57:00, 16103 bytes
 
     Name: Standard SATA AHCI Controller
Device ID: PCI\VEN_1002&DEV_4391&SUBSYS_2AF5103C&REV_40\3&11583659&0&88
   Driver: C:\WINDOWS\system32\DRIVERS\storahci.sys, 10.00.14393.0206 (English), 9/15/2016 11:15:56, 130912 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1702&SUBSYS_00000000&REV_00\3&11583659&0&C2
   Driver: n/a
 
     Name: PCI standard ISA bridge
Device ID: PCI\VEN_1002&DEV_439D&SUBSYS_2AF5103C&REV_40\3&11583659&0&A3
   Driver: C:\WINDOWS\system32\DRIVERS\msisadrv.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:53, 18784 bytes
 
     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_1002&DEV_43A2&SUBSYS_00001002&REV_00\3&11583659&0&AA
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.14393.0479 (English), 11/11/2016 04:00:00, 335712 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1716&SUBSYS_00000000&REV_00\3&11583659&0&C6
   Driver: n/a
 
     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_2AF5103C&REV_00\3&11583659&0&B0
   Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 30208 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_2AF5103C&REV_00\3&11583659&0&98
   Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 30208 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_2AF5103C&REV_00\3&11583659&0&90
   Driver: C:\WINDOWS\system32\drivers\usbohci.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 30208 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 455520 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:55, 501088 bytes
 
     Name: High Definition Audio Controller
Device ID: PCI\VEN_1002&DEV_4383&SUBSYS_2AF5103C&REV_40\3&11583659&0&A2
   Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:52, 83456 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\drmk.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:52, 97280 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\portcls.sys, 10.00.14393.0000 (English), 7/16/2016 05:41:52, 366592 bytes
 
     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1719&SUBSYS_00000000&REV_00\3&11583659&0&C7
   Driver: n/a
 
------------------
DirectShow Filters
------------------
 
DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,10.00.14393.0000
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,10.00.14393.0000
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,10.00.14393.0000
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,10.00.14393.0000
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,10.00.14393.0000
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,10.00.14393.0000
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,10.00.14393.0000
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,10.00.14393.0000
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,10.00.14393.0000
DV Muxer,0x00400000,0,0,qdv.dll,10.00.14393.0000
Color Space Converter,0x00400001,1,1,quartz.dll,10.00.14393.0000
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.14393.0000
AVI Splitter,0x00600000,1,1,quartz.dll,10.00.14393.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,10.00.14393.0000
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,10.00.14393.0206
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,10.00.14393.0479
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,10.00.14393.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,10.00.14393.0206
MJPEG Decompressor,0x00600000,1,1,quartz.dll,10.00.14393.0000
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,10.00.14393.0000
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,10.00.14393.0000
VBI Codec,0x00600000,1,4,VBICodec.ax,10.00.14393.0000
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,10.00.14393.0000
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,10.00.14393.0000
SBE2FileScan,0x00200000,0,0,sbe.dll,10.00.14393.0206
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,10.00.14393.0000
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,10.00.14393.0000
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,10.00.14393.0000
DV Splitter,0x00600000,1,2,qdv.dll,10.00.14393.0000
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,10.00.14393.0000
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,10.00.14393.0000
ACM Wrapper,0x00600000,1,1,quartz.dll,10.00.14393.0000
Video Renderer,0x00800001,1,0,quartz.dll,10.00.14393.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,10.00.14393.0206
Line 21 Decoder,0x00600000,1,1,,
Video Port Manager,0x00600000,2,1,quartz.dll,10.00.14393.0000
Video Renderer,0x00400000,1,0,quartz.dll,10.00.14393.0000
VPS Decoder,0x00200000,0,0,WSTPager.ax,10.00.14393.0000
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.14393.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,
File writer,0x00200000,1,0,qcap.dll,10.00.14393.0000
DVD Navigator,0x00200000,0,3,qdvd.dll,10.00.14393.0000
Overlay Mixer2,0x00200000,1,1,,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,10.00.14393.0000
WST Pager,0x00200000,1,1,WSTPager.ax,10.00.14393.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,10.00.14393.0000
DV Video Decoder,0x00800000,1,1,qdv.dll,10.00.14393.0000
SampleGrabber,0x00200000,1,1,qedit.dll,10.00.14393.0206
Null Renderer,0x00200000,1,0,qedit.dll,10.00.14393.0206
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,10.00.14393.0000
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,10.00.14393.0206
StreamBufferSource,0x00200000,0,0,sbe.dll,10.00.14393.0206
Smart Tee,0x00200000,1,2,qcap.dll,10.00.14393.0000
Overlay Mixer,0x00200000,0,0,,
AVI Decompressor,0x00600000,1,1,quartz.dll,10.00.14393.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,10.00.14393.0000
Wave Parser,0x00400000,1,1,quartz.dll,10.00.14393.0000
MIDI Parser,0x00400000,1,1,quartz.dll,10.00.14393.0000
Multi-file Parser,0x00400000,1,1,quartz.dll,10.00.14393.0000
File stream renderer,0x00400000,1,1,quartz.dll,10.00.14393.0000
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,10.00.14393.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,10.00.14393.0206
AVI Mux,0x00200000,1,0,qcap.dll,10.00.14393.0000
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,10.00.14393.0000
File Source (Async.),0x00400000,0,1,quartz.dll,10.00.14393.0000
File Source (URL),0x00400000,0,1,quartz.dll,10.00.14393.0000
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,10.00.14393.0000
Enhanced Video Renderer,0x00200000,1,0,evr.dll,10.00.14393.0187
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,10.00.14393.0000
MPEG Video Decoder,0x40000001,1,1,quartz.dll,10.00.14393.0000
 
WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,10.00.14393.0000
 
Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,10.00.14393.0000
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,10.00.14393.0000
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,10.00.14393.0000
DV Video Encoder,0x00200000,0,0,qdv.dll,10.00.14393.0000
MJPEG Compressor,0x00200000,0,0,quartz.dll,10.00.14393.0000
 
Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,10.00.14393.0000
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,10.00.14393.0000
IMA ADPCM,0x00200000,1,1,quartz.dll,10.00.14393.0000
PCM,0x00200000,1,1,quartz.dll,10.00.14393.0000
Microsoft ADPCM,0x00200000,1,1,quartz.dll,10.00.14393.0000
GSM 6.10,0x00200000,1,1,quartz.dll,10.00.14393.0000
CCITT A-Law,0x00200000,1,1,quartz.dll,10.00.14393.0000
CCITT u-Law,0x00200000,1,1,quartz.dll,10.00.14393.0000
MPEG Layer-3,0x00200000,1,1,quartz.dll,10.00.14393.0000
 
Audio Capture Sources:
Microphone (Realtek High Definition Audio),0x00200000,0,0,qcap.dll,10.00.14393.0000
 
PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,10.00.14393.0351
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,10.00.14393.0351
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,10.00.14393.0351
 
Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,10.00.14393.0000
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,10.00.14393.0000
 
WDM Streaming Capture Devices:
HP High Definition 1MP Webcam,0x00200000,1,2,ksproxy.ax,10.00.14393.0000
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,10.00.14393.0000
Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,10.00.14393.0000
 
WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,10.00.14393.0000
 
BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.14393.0000
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.14393.0000
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.14393.0000
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.14393.0000
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,10.00.14393.0000
 
Video Capture Sources:
HP High Definition 1MP Webcam,0x00200000,1,2,ksproxy.ax,10.00.14393.0000
 
Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,10.00.14393.0000
 
BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,10.00.14393.0000
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,10.00.14393.0000
 
BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,10.00.14393.0351
Encrypt/Tag,0x00200000,0,0,EncDec.dll,10.00.14393.0351
PTFilter,0x00200000,0,0,EncDec.dll,10.00.14393.0351
XDS Codec,0x00200000,0,0,EncDec.dll,10.00.14393.0351
 
WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,10.00.14393.0000
 
Audio Renderers:
Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,10.00.14393.0000
Default DirectSound Device,0x00800000,1,0,quartz.dll,10.00.14393.0000
Default WaveOut Device,0x00200000,1,0,quartz.dll,10.00.14393.0000
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,10.00.14393.0000
 
 
----------------------------
Preferred DirectShow Filters
----------------------------
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\DirectShow\Preferred]
 
<media subtype GUID>, [<filter friendly name>, ]<filter CLSID>
 
MEDIASUBTYPE_MPEG1Payload, MPEG Video Decoder, CLSID_CMpegVideoCodec
MEDIASUBTYPE_MPEG1Packet, MPEG Video Decoder, CLSID_CMpegVideoCodec
MEDIASUBTYPE_DVD_LPCM_AUDIO, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG2_AUDIO, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG2_VIDEO, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
{78766964-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{7634706D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_mp4s, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{6C737664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{64737664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{64697678-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{64687664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{58564944-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{5634504D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_MP4S, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMVR, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVP, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MJPG, MJPEG Decompressor, CLSID_MjpegDec
{44495658-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMVA, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mpg4, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MPG4, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_h264, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
MEDIASUBTYPE_H264, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
MEDIASUBTYPE_WMV3, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp43, Mpeg43 Decoder DMO, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_MP43, Mpeg43 Decoder DMO, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_m4s2, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMV2, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MSS2, WMV Screen decoder DMO, CLSID_CMSSCDecMediaObject
MEDIASUBTYPE_M4S2, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WVP2, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp42, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MP42, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_WMV1, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MSS1, WMV Screen decoder DMO, CLSID_CMSSCDecMediaObject
MEDIASUBTYPE_WVC1, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_AVC1, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
{20637664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
MEDIASUBTYPE_MPEG_LOAS, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG_ADTS_AAC, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_WMAUDIO_LOSSLESS, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_WMAUDIO3, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
WMMEDIASUBTYPE_WMAudioV8, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_MSAUDIO1, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_RAW_AAC1, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
WMMEDIASUBTYPE_MP3, MP3 Decoder DMO, CLSID_CMP3DecMediaObject
MEDIASUBTYPE_MPEG1AudioPayload, MPEG Audio Decoder, CLSID_CMpegAudioCodec
WMMEDIASUBTYPE_WMSP2, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
WMMEDIASUBTYPE_WMSP1, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
 
 
---------------------------
Media Foundation Transforms
---------------------------
 
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms]
 
<category>:
  <transform friendly name>, <transform CLSID>, <flags>, [<merit>, ]<file name>, <file version>
 
Video Decoders:
  Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}, 0x1, msmpeg2vdec.dll, 10.00.14393.0479
  DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}, 0x1, mfdvdec.dll, 10.00.14393.0000
  Microsoft H265 Video Decoder MFT, {420A51A3-D605-430C-B4FC-45274FA6C562}, 0x1, hevcdecoder.dll, 10.00.14393.0479
  Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT, 0x1, mp4sdecd.dll, 10.00.14393.0000
  Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT, 0x1, msmpeg2vdec.dll, 10.00.14393.0479
  WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject, 0x1, wmvsdecd.dll, 10.00.14393.0000
  WMVideo Decoder MFT, CLSID_CWMVDecMediaObject, 0x1, wmvdecod.dll, 10.00.14393.0000
  MJPEG Decoder MFT, {CB17E772-E1CC-4633-8450-5617AF577905}, 0x1, mfmjpegdec.dll, 10.00.14393.0000
  Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject, 0x1, mp43decd.dll, 10.00.14393.0000
  Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}, 0x1, MSVP9DEC.dll, 10.00.14393.0000
  Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject, 0x1, mpg4decd.dll, 10.00.14393.0000
Video Encoders:
  H264 Encoder MFT, {6CA50344-051A-4DED-9779-A43305165E35}, 0x1, mfh264enc.dll, 10.00.14393.0000
  WMVideo8 Encoder MFT, CLSID_CWMVXEncMediaObject, 0x1, wmvxencd.dll, 10.00.14393.0000
  Microsoft MF VPX Encoder Transform, {AEB6C755-2546-4881-82CC-E15AE5EBFF3D}, 0x1, MSVPXENC.dll, 10.00.14393.0206
  H263 Encoder MFT, {BC47FCFE-98A0-4F27-BB07-698AF24F2B38}, 0x1, mfh263enc.dll, 10.00.14393.0000
  WMVideo9 Encoder MFT, CLSID_CWMV9EncMediaObject, 0x1, wmvencod.dll, 10.00.14393.0000
  Microsoft MPEG-2 Video Encoder MFT, {E6335F02-80B7-4DC4-ADFA-DFE7210D20D5}, 0x2, msmpeg2enc.dll, 10.00.14393.0000
  H265 Encoder MFT, {F2F84074-8BCA-40BD-9159-E880F673DD3B}, 0x1, mfh265enc.dll, 10.00.14393.0000
Video Effects:
  Frame Rate Converter, CLSID_CFrameRateConvertDmo, 0x1, mfvdsp.dll, 10.00.14393.0000
  Resizer MFT, CLSID_CResizerDMO, 0x1, vidreszr.dll, 10.00.14393.0000
  VideoStabilization MFT, {51571744-7FE4-4FF2-A498-2DC34FF74F1B}, 0x1, MSVideoDSP.dll, 10.00.14393.0206
  Color Control, CLSID_CColorControlDmo, 0x1, mfvdsp.dll, 10.00.14393.0000
  Color Converter MFT, CLSID_CColorConvertDMO, 0x1, colorcnv.dll, 10.00.14393.0000
Video Processor:
  Microsoft Video Processor MFT, {88753B26-5B24-49BD-B2E7-0C445C78C982}, 0x1, msvproc.dll, 10.00.14393.0351
Audio Decoders:
  Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}, 0x1, DolbyDecMFT.dll, 10.00.14393.0351
  MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}, 0x1, MSAMRNBDecoder.dll, 10.00.14393.0000
  WMAudio Decoder MFT, CLSID_CWMADecMediaObject, 0x1, WMADMOD.DLL, 10.00.14393.0000
  Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT, 0x1, MSAudDecMFT.dll, 10.00.14393.0206
  A-law Wrapper MFT, {36CB6E0C-78C1-42B2-9943-846262F31786}, 0x1, mfcore.dll, 10.00.14393.0479
  GSM ACM Wrapper MFT, {4A76B469-7B66-4DD4-BA2D-DDF244C766DC}, 0x1, mfcore.dll, 10.00.14393.0479
  WMAPro over S/PDIF MFT, CLSID_CWMAudioSpdTxDMO, 0x1, WMADMOD.DLL, 10.00.14393.0000
  Microsoft Opus Audio Decoder MFT, {63E17C10-2D43-4C42-8FE3-8D8B63E46A6A}, 0x1, MSOpusDecoder.dll, 10.00.14393.0000
  Microsoft FLAC Audio Decoder MFT, {6B0B3E6B-A2C5-4514-8055-AFE8A95242D9}, 0x1, MSFlacDecoder.dll, 10.00.14393.0000
  Microsoft MPEG Audio Decoder MFT, {70707B39-B2CA-4015-ABEA-F8447D22D88B}, 0x1, MSAudDecMFT.dll, 10.00.14393.0206
  WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject, 0x1, WMSPDMOD.DLL, 10.00.14393.0000
  G711 Wrapper MFT, {92B66080-5E2D-449E-90C4-C41F268E5514}, 0x1, mfcore.dll, 10.00.14393.0479
  IMA ADPCM ACM Wrapper MFT, {A16E1BFF-A80D-48AD-AECD-A35C005685FE}, 0x1, mfcore.dll, 10.00.14393.0479
  MP3 Decoder MFT, CLSID_CMP3DecMediaObject, 0x1, mp3dmod.dll, 10.00.14393.0000
  Microsoft ALAC Audio Decoder MFT, {C0CD7D12-31FC-4BBC-B363-7322EE3E1879}, 0x1, MSAlacDecoder.dll, 10.00.14393.0000
  ADPCM ACM Wrapper MFT, {CA34FE0A-5722-43AD-AF23-05F7650257DD}, 0x1, mfcore.dll, 10.00.14393.0479
  Dolby TrueHD IEC-61937 converter MFT, {CF5EEEDF-0E92-4B3B-A161-BD0FFE545E4B}, 0x1, mfaudiocnv.dll, 10.00.14393.0479
  DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}, 0x1, mfaudiocnv.dll, 10.00.14393.0479
Audio Encoders:
  LPCM DVD-Audio MFT, {068A8476-9229-4CC0-9D49-2FC699DCD30A}, 0x1, mfaudiocnv.dll, 10.00.14393.0479
  MP3 Encoder ACM Wrapper MFT, {11103421-354C-4CCA-A7A3-1AFF9A5B6701}, 0x1, mfcore.dll, 10.00.14393.0479
  Microsoft FLAC Audio Encoder MFT, {128509E9-C44E-45DC-95E9-C255B8F466A6}, 0x1, MSFlacEncoder.dll, 10.00.14393.0000
  WM Speech Encoder DMO, CLSID_CWMSPEncMediaObject2, 0x1, WMSPDMOE.DLL, 10.00.14393.0000
  MS AMRNB Encoder MFT, {2FAE8AFE-04A3-423A-A814-85DB454712B0}, 0x1, MSAMRNBEncoder.dll, 10.00.14393.0000
  Microsoft MPEG-2 Audio Encoder MFT, {46A4DD5C-73F8-4304-94DF-308F760974F4}, 0x1, msmpeg2enc.dll, 10.00.14393.0000
  WMAudio Encoder MFT, CLSID_CWMAEncMediaObject, 0x1, WMADMOE.DLL, 10.00.14393.0000
  Microsoft AAC Audio Encoder MFT, {93AF0C51-2275-45D2-A35B-F2BA21CAED00}, 0x1, mfAACEnc.dll, 10.00.14393.0000
  Microsoft ALAC Audio Encoder MFT, {9AB6A28C-748E-4B6A-BFFF-CC443B8E8FB4}, 0x1, MSAlacEncoder.dll, 10.00.14393.0000
  Microsoft Dolby Digital Encoder MFT, {AC3315C9-F481-45D7-826C-0B406C1F64B8}, 0x1, msac3enc.dll, 10.00.14393.0206
Audio Effects:
  AEC, CLSID_CWMAudioAEC, 0x1, mfwmaaec.dll, 10.00.14393.0000
  Resampler MFT, CLSID_CResamplerMediaObject, 0x1, resampledmo.dll, 10.00.14393.0000
Multiplexers:
  Microsoft MPEG2 Multiplexer MFT, {AB300F71-01AB-46D2-AB6C-64906CB03258}, 0x2, mfmpeg2srcsnk.dll, 10.00.14393.0206
Others:
  Microsoft H264 Video Remux (MPEG2TSToMP4) MFT, {05A47EBB-8BF0-4CBF-AD2F-3B71D75866F5}, 0x1, msmpeg2vdec.dll, 10.00.14393.0479
 
 
--------------------------------------------
Media Foundation Enabled Hardware Categories
--------------------------------------------
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\HardwareMFT]
 
EnableEncoders = 1
EnableVideoProcessors = 1
EnableDecoders = 1
 
 
-------------------------------------
Media Foundation Byte Stream Handlers
-------------------------------------
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\ByteStreamHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\Preferred]
 
<file ext. or MIME type>, <handler CLSID>, <brief description>[, Preferred]
 
.3g2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.ac3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
.adt, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.adts, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.am?, {EFE6208A-0A2C-49FA-8A01-3768B559B6DA}, MF AMRNB Media Source ByteStreamHandler
.amr, {EFE6208A-0A2C-49FA-8A01-3768B559B6DA}, MF AMRNB Media Source ByteStreamHandler, Preferred
.asf, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.avi, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
.dvr-ms, {65964407-A5D8-4060-85B0-1CCD63F768E2}, dvr-ms Byte Stream Handler, Preferred
.dvr-ms, {A8721937-E2FB-4D7A-A9EE-4EB08C890B6E}, MF SBE Source ByteStreamHandler
.ec3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
.flac, {0E41CFB8-0506-40F4-A516-77CC23642D91}, MF FLAC Media Source ByteStreamHandler, Preferred
.m2t, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.m2ts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.m4a, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.m4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mk3d, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mka, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mks, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mkv, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mod, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mov, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mp2v, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
.mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mp4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mpa, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
.mpeg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mpg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.nsc, {B084785C-DDE0-4D30-8CA8-05A373E185BE}, NSC Byte Stream Handler, Preferred
.sami, {7A56C4CB-D678-4188-85A8-BA2EF68FA10D}, SAMI Byte Stream Handler, Preferred
.smi, {7A56C4CB-D678-4188-85A8-BA2EF68FA10D}, SAMI Byte Stream Handler, Preferred
.tod, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.ts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.tts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.uvu, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.vob, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
.wm, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wma, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wmv, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wtv, {65964407-A5D8-4060-85B0-1CCD63F768E2}, WTV Byte Stream Handler, Preferred
audio/3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/3gpp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/aacp, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/eac3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
audio/L16, {3FFB3B8C-EB99-472B-8902-E1C1B05F07CF}, LPCM Byte Stream Handler, Preferred
audio/mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/MP4A-LATM, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/mpa, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mpeg, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mpeg3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/vnd.dlna.adts, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/vnd.dolby.dd-raw, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
audio/wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
audio/x-aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/x-m4a, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/x-matroska, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
audio/x-mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/x-mpeg, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/x-ms-wma, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
audio/x-wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
video/3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/3gpp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/avi, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
video/mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/mpeg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
video/msvideo, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
video/vnd.dece.mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/vnd.dlna.mpeg-tts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
video/x-m4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/x-matroska, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
video/x-ms-asf, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-ms-wm, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-ms-wmv, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-msvideo, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
 
 
--------------------------------
Media Foundation Scheme Handlers
--------------------------------
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\SchemeHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\Preferred]
 
<URL type>, <handler CLSID>, <brief description>[, Preferred]
 
file:, {477EC299-1421-4BDD-971F-7CCB933F21AD}, File Scheme Handler, Preferred
http:, {44CB442B-9DA9-49DF-B3FD-023777B16E50}, Http Scheme Handler
http:, {9EC4B4F9-3029-45AD-947B-344DE2A249E2}, Urlmon Scheme Handler
http:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
httpd:, {44CB442B-9DA9-49DF-B3FD-023777B16E50}, Http Scheme Handler, Preferred
httpnd:, {2EEEED04-0908-4CDB-AF8F-AC5B768A34C9}, Drm Scheme Handler, Preferred
https:, {37A61C8B-7F8E-4D08-B12B-248D73E9AB4F}, Secure Http Scheme Handler, Preferred
httpsd:, {37A61C8B-7F8E-4D08-B12B-248D73E9AB4F}, Secure Http Scheme Handler, Preferred
httpt:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
httpu:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
mcast:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
mcrecv:, {FA6D33D4-9405-4BA5-9983-12604AC8E77A}, Miracast Sink Scheme Handler, Preferred
mms:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
ms-appdata:, {CFC81939-3886-4ACF-9692-DA58037AE716}, MsAppData Scheme Handler, Preferred
ms-appx-web:, {8DB0224B-3D65-4F6F-8E12-BEB4B78B8974}, MsAppxWeb Scheme Handler, Preferred
ms-appx:, {8DB0224B-3D65-4F6F-8E12-BEB4B78B8974}, MsAppx Scheme Handler, Preferred
ms-winsoundevent:, {F79A6BF9-7415-4CF3-AE10-4559509ABC3C}, Sound Event Scheme Handler, Preferred
rtsp:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
rtspt:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
rtspu:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
sdp:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
 
 
-------------------------------------
Preferred Media Foundation Transforms
-------------------------------------
 
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms\Preferred]
 
<media subtype GUID>, [<transform friendly name>, ]<transform CLSID>
 
{EB27CEC4-163E-4CA3-8B74-8E25F91B517E}, Dolby TrueHD IEC-61937 converter MFT, {CF5EEEDF-0E92-4B3B-A161-BD0FFE545E4B}
{E06D802C-DB46-11CF-B4D1-00805F6CBBEA}, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
MFVideoFormat_MPEG2, Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}
MEDIASUBTYPE_DOLBY_DDPLUS, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
{A2E58EB7-0FA9-48BB-A40C-FA0E156D0645}, DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}
{7634706D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
{73616D72-767A-494D-B478-F29D25DC9037}, MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}
MEDIASUBTYPE_mp4s, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MFVideoFormat_DVSL, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
MFVideoFormat_DVSD, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
MFVideoFormat_DVHD, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
MFVideoFormat_MP4V, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
{53564548-0000-0010-8000-00AA00389B71}, Microsoft H265 Video Decoder MFT, {420A51A3-D605-430C-B4FC-45274FA6C562}
MFVideoFormat_MP4S, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
{53314356-0000-0010-8000-00AA00389B71}, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVR, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVP, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MJPG, MJPEG Decoder MFT, {CB17E772-E1CC-4633-8450-5617AF577905}
{43564548-0000-0010-8000-00AA00389B71}, Microsoft H265 Video Decoder MFT, {420A51A3-D605-430C-B4FC-45274FA6C562}
MEDIASUBTYPE_WMVA, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{3F40F4F0-5622-4FF8-B6D8-A17A584BEE5E}, Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT
MEDIASUBTYPE_mpg4, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MPG4, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MFVideoFormat_H264, Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT
MFVideoFormat_WMV3, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{33363248-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MEDIASUBTYPE_mp43, Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject
MFVideoFormat_MP43, Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_m4s2, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MFVideoFormat_WMV2, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MSS2, WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject
MFVideoFormat_M4S2, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MEDIASUBTYPE_WVP2, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp42, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MP42, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MFVideoFormat_WMV1, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MSS1, WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject
MFVideoFormat_MPG1, Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}
MFVideoFormat_WVC1, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{30395056-0000-0010-8000-00AA00389B71}, Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}
{30385056-0000-0010-8000-00AA00389B71}, Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}
MFVideoFormat_DVC, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
{0000F1AC-0000-0010-8000-00AA00389B71}, Microsoft FLAC Audio Decoder MFT, {6B0B3E6B-A2C5-4514-8055-AFE8A95242D9}
{00007361-0000-0010-8000-00AA00389B71}, MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}
{0000704F-0000-0010-8000-00AA00389B71}, Microsoft Opus Audio Decoder MFT, {63E17C10-2D43-4C42-8FE3-8D8B63E46A6A}
{00006C61-0000-0010-8000-00AA00389B71}, Microsoft ALAC Audio Decoder MFT, {C0CD7D12-31FC-4BBC-B363-7322EE3E1879}
{00002001-0000-0010-8000-00AA00389B71}, DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}
{00002000-0000-0010-8000-00AA00389B71}, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
MFAudioFormat_AAC, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
{00001600-0000-0100-0800-000aa00389b71}, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
MFAudioFormat_WMAudio_Lossless, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MFAudioFormat_WMAudioV9, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MFAudioFormat_WMAudioV8, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MEDIASUBTYPE_MSAUDIO1, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MEDIASUBTYPE_RAW_AAC1, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
MFAudioFormat_MP3, MP3 Decoder MFT, CLSID_CMP3DecMediaObject
MFAudioFormat_MPEG, Microsoft MPEG Audio Decoder MFT, {70707B39-B2CA-4015-ABEA-F8447D22D88B}
{00000031-0000-0010-8000-00AA00389B71}, GSM ACM Wrapper MFT, {4A76B469-7B66-4DD4-BA2D-DDF244C766DC}
{00000011-0000-0010-8000-00AA00389B71}, IMA ADPCM ACM Wrapper MFT, {A16E1BFF-A80D-48AD-AECD-A35C005685FE}
WMMEDIASUBTYPE_WMSP2, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
MFAudioFormat_MSP1, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
KSDATAFORMAT_SUBTYPE_MULAW, G711 Wrapper MFT, {92B66080-5E2D-449E-90C4-C41F268E5514}
{00000006-0000-0010-8000-00AA00389B71}, A-law Wrapper MFT, {36CB6E0C-78C1-42B2-9943-846262F31786}
KSDATAFORMAT_SUBTYPE_ADPCM, ADPCM ACM Wrapper MFT, {CA34FE0A-5722-43AD-AF23-05F7650257DD}
 
 
-------------------------------------
Disabled Media Foundation Transforms
-------------------------------------
 
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms\DoNotUse]
 
<transform CLSID>
 
 
 
------------------------
Disabled Media Sources
------------------------
 
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\DoNotUse]
 
<media source CLSID>
 
 
---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality) 
  Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
  Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
  PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0
 
---------------
Diagnostics
---------------
 
Windows Error Reporting:
+++ WER0 +++:
Fault bucket -907262690, type 1
 
Event Name: APPCRASH
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: OLYMPUS Viewer 2.exe
 
P2: 1.4.3.2
 
P3: 50ee6181
 
P4: MFC80U.DLL
 
P5: 8.0.50727.6195
 
P6: 4dcdece0
 
P7: c0000005
 
P8: 000e8d14
 
P9: 
 
P10: 
 
 
 
 
+++ WER1 +++:
Fault bucket , type 0
 
Event Name: LiveKernelEvent
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: ab
 
P2: 1
 
P3: 1a0
 
P4: 180
 
P5: 300000003
 
P6: 10_0_14393
 
P7: 0_0
 
P8: 768_1
 
P9: 
 
P10: 
 
 
 
 
+++ WER2 +++:
Fault bucket , type 0
 
Event Name: LiveKernelEvent
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: ab
 
P2: 1
 
P3: 1a0
 
P4: 180
 
P5: 300000003
 
P6: 10_0_14393
 
P7: 0_0
 
P8: 768_1
 
P9: 
 
P10: 
 
 
 
 
+++ WER3 +++:
Fault bucket 127715350453, type 5
 
Event Name: WindowsUpdateFailure3
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: 10.0.14393.479
 
P2: 80246013
 
P3: 6D629889-8D3F-4F26-929A-E08B8F363F49
 
P4: Install
 
P5: 101
 
P6: 0
 
P7: 80246013
 
P8: UpdateOrchestrator
 
P9: {7971F918-A847-4430-9279-4A52D1EFE18D}
 
P10: 0
 
 
 
 
+++ WER4 +++:
Fault bucket , type 0
 
Event Name: WindowsUpdateFailure3
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: 10.0.14393.479
 
P2: 80246013
 
P3: 6D629889-8D3F-4F26-929A-E08B8F363F49
 
P4: Install
 
P5: 101
 
P6: 0
 
P7: 80246013
 
P8: UpdateOrchestrator
 
P9: {7971F918-A847-4430-9279-4A52D1EFE18D}
 
P10: 0
 
 
 
 
+++ WER5 +++:
Fault bucket , type 0
 
Event Name: WindowsUpdateFailure3
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: 10.0.14393.479
 
P2: 80246013
 
P3: 6D629889-8D3F-4F26-929A-E08B8F363F49
 
P4: Install
 
P5: 101
 
P6: 0
 
P7: 80246013
 
P8: UpdateOrchestrator
 
P9: {7971F918-A847-4430-9279-4A52D1EFE18D}
 
P10: 0
 
 
 
 
+++ WER6 +++:
Fault bucket 129165134996, type 5
 
Event Name: RADAR_PRE_LEAK_WOW64
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: mbam.exe
 
P2: 2.3.173.0
 
P3: 10.0.14393.2.0.0
 
P4: 
 
P5: 
 
P6: 
 
P7: 
 
P8: 
 
P9: 
 
P10: 
 
 
 
 
+++ WER7 +++:
Fault bucket 120622581923, type 4
 
Event Name: APPCRASH
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: svchost.exe_ProfSvc
 
P2: 10.0.14393.0
 
P3: 57899b1c
 
P4: combase.dll
 
P5: 10.0.14393.479
 
P6: 582589b6
 
P7: c0000005
 
P8: 00000000000b071c
 
P9: 
 
P10: 
 
 
 
 
+++ WER8 +++:
Fault bucket 127695235272, type 5
 
Event Name: MpTelemetry
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: Windows Defender (77BDAF73-B396-481F-9042-AD358843EC24)
 
P2: 4.10.14393.0
 
P3: TimeOut
 
P4: 1.1.13303.0
 
P5: fixed
 
P6: 2 / 2049+
 
P7: 5 / not boot
 
P8: 
 
P9: 
 
P10: 
 
 
 
 
+++ WER9 +++:
Fault bucket 127695235272, type 5
 
Event Name: MpTelemetry
 
Response: Not available
 
Cab Id: 0
 
 
 
Problem signature:
 
P1: Windows Defender (77BDAF73-B396-481F-9042-AD358843EC24)
 
P2: 4.10.14393.0
 
P3: TimeOut
 
P4: 1.1.13303.0
 
P5: fixed
 
P6: 2 / 2049+
 
P7: 5 / not boot
 
P8: 
 
P9: 
 
P10: 

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Is the network speed about what you pay for?

 

DxDiag doesn't see any problems.  You are using an older driver.  It's important with Win 10 to have the latest.  If HP does not offer any updates sometimes if you search for Windows Update and hit Enter to bring up the Windows Update screen there will be some optional updates available.  These sometimes are new drivers.  

 

What make & model do you have?


  • 0

#7
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Sorry for the delay.  I believe I pay for a 50mbps or 60 mbps internet, but I'm on wireless so I know it drops a bunch.

 

I have an HP OMNI 120 All in one


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Can you look on the back of the PC and find the full part number?  When I look on HP they have a 4 digit number after omni 120

I looked at a few of them but most did not have win 10 drivers so we may have to go directly to the vendors

 

If you download inssider

 

http://www.majorgeek...s/inssider.html

 

(Click on one of the links [email protected] links and the download will start.  Do not fill out any forms.)

 

Double click to install it. Then run it by right click and Run As Admni.

 

It will show you a graph in the bottom right that has your signal in blue and competing signals in orange and yellow.  It may also recommend a different channel which might have less interference.

 

Moving to a different channel (by logging on to your router) can drastically improve performance.


  • 0

#9
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Model is 1333W.  Our internet provider came by and did some thing to the modem.  There was some firmware update my modem didnt accept they said.  I ran the speed test again and it gained a small amount on this computer.  When using my girlfriends Dell laptop it is almost 3 times faster.  I'm guessing the drivers in this may be too old for win 10?

 

inSSIDer says it needed a registration key to run


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Found another older version of inssider which does not need a key:

 

http://www.techspot....6-inssider.html

 

HP only offers the original drivers for 8.0 and I don't even see one for the wireless.

 

Process Explorer is an easy method of detecting a bad driver.

 

This line:

 

Interrupts 2.85 0 K 0 K n/a Hardware Interrupts and DPCs

shows a bad driver.  2.85 is much too big.  We want a number under 1.5

 

I would look for a new wireless driver to start with.  That's been the most common problem with win 10.  

 

This driver is a bit newer than the wired driver HP offers so perhaps it will be better:

 

ftp://ftp.hp.com/pub/softpaq/sp71501-72000/sp71571​.exe

 

After you install it and reboot, run a new process explorer log and let's see if Interrupts is down any.


  • 0

#11
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Ran my speed test again and am getting 34Mbps.  I looked and I am paying for 75Mbps.  My girlfriends computer was set up right next to mine and she was pulling in 70Mbps so it's definitely just this machine.
 
Heres what I get.
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 83.98 0 K 4 K 0
procexp64.exe 8.10 19,696 K 50,440 K 5928 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
YCMMirage.exe 2.54 2,180 K 2,944 K 5888 YouCam Mirage CyberLink (Verified) CyberLink
Interrupts 1.20 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 1.14 22,184 K 28,308 K 996
System 0.95 140 K 4,180 K 4
csrss.exe 0.47 2,416 K 6,504 K 616
MsMpEng.exe 0.43 115,836 K 98,440 K 2292 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
WMIADAP.exe 0.26 2,088 K 7,636 K 7032
chrome.exe 0.24 55,384 K 101,220 K 5688 Google Chrome Google Inc. (Verified) Google Inc
explorer.exe 0.13 32,268 K 71,716 K 4384 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.12 5,720 K 13,340 K 3108 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.12 33,064 K 58,484 K 484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.11 11,564 K 27,056 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
MOM.exe 0.05 24,304 K 3,620 K 3960 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
EEventManager.exe 0.03 3,368 K 12,672 K 5388 EEventManager Application SEIKO EPSON CORPORATION (Verified) SEIKO EPSON Corporation
RIconMan.exe 0.03 2,016 K 8,468 K 5484 Realtek Card Reader Patch Tool. Realsil Microelectronics Inc. (No signature was present in the subject) Realsil Microelectronics Inc.
svchost.exe 0.02 52,884 K 63,320 K 480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
HPSA_Service.exe 0.02 28,408 K 24,260 K 4948
CLMLSvc_P2G8.exe 0.02 2,628 K 10,976 K 1400 CyberLink MediaLibray Service CyberLink (Verified) CyberLink
chrome.exe 0.01 29,440 K 39,908 K 6120 Google Chrome Google Inc. (Verified) Google Inc
eEBSvc.exe 0.01 4,804 K 7,800 K 2128 eEBAPI Core Process module SEIKO EPSON CORPORATION (No signature was present in the subject) SEIKO EPSON CORPORATION
svchost.exe 0.01 11,644 K 26,424 K 760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
CCC.exe 0.01 72,272 K 4,928 K 796 Catalyst Control Center: Host application Advanced Micro Devices Inc. (Verified) Advanced Micro Devices
csrss.exe < 0.01 1,388 K 4,176 K 504
svchost.exe < 0.01 17,416 K 27,472 K 776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 2,620 K 9,304 K 2032
WmiPrvSE.exe 2,072 K 8,476 K 7072
winlogon.exe 2,088 K 9,420 K 924
wininit.exe 1,188 K 5,188 K 604
taskhostw.exe 6,008 K 17,624 K 3092 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,996 K 13,396 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,596 K 15,004 K 1676 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,724 K 10,208 K 832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,872 K 23,924 K 2076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,600 K 17,708 K 1252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,348 K 22,332 K 2284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,708 K 28,796 K 528 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,404 K 12,844 K 2068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,952 K 18,612 K 4076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,232 K 9,224 K 1488 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,452 K 10,636 K 5132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,964 K 10,560 K 1544 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,664 K 6,992 K 1508 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 8,240 K 20,112 K 1788 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 428 K 1,212 K 360
smartscreen.exe 8,276 K 14,384 K 5584 SmartScreen Microsoft Corporation (Verified) Microsoft Windows
SkypeHost.exe Suspended 4,732 K 11,992 K 6244 Microsoft Skype Preview Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 5,108 K 19,652 K 4044 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe 29,864 K 55,624 K 4772 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
services.exe 3,944 K 7,380 K 668
SearchUI.exe Suspended 58,120 K 89,320 K 4972 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 15,296 K 14,064 K 1424 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 24,556 K 39,892 K 4144 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 3,884 K 11,628 K 5668 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,764 K 9,596 K 5628 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
OneDrive.exe 7,128 K 29,400 K 5804 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
NisSrv.exe 16,280 K 13,512 K 4232 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
MSASCuiL.exe 3,768 K 13,204 K 5712 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
MpCmdRun.exe 3,020 K 10,696 K 192
Memory Compression 72 K 20,648 K 2416
lsass.exe 5,244 K 14,088 K 676 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
LocationNotificationWindows.exe 1,392 K 6,908 K 8036 Location Notification Microsoft Corporation (Verified) Microsoft Windows
Fuel.Service.exe 1,752 K 7,520 K 1924 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
FacebookUpdate.exe 1,988 K 1,772 K 5796 Facebook Installer Facebook Inc. (Verified) Facebook
escsvc64.exe 1,460 K 7,240 K 2892 Epson Scanner Service (64bit) Seiko Epson Corporation (Verified) SEIKO EPSON Corporation
EKPrinterSDK.exe 2,096 K 8,104 K 2172 Status Monitor SDK for KODAK AiO Printer (32-Bit Intel® Pentium™ 4 Optimized Build) Eastman Kodak Company (Verified) Eastman Kodak Company
EKAiOHostService.exe 17,460 K 26,876 K 2152 EKAiOHostService Module for Kodak AiO Printers Eastman Kodak Company (Verified) Eastman Kodak Company
dasHost.exe 4,444 K 13,552 K 1952
chrome.exe 56,884 K 72,060 K 5640 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,032 K 8,104 K 5832 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,844 K 8,876 K 6016 Google Chrome Google Inc. (Verified) Google Inc
backgroundTaskHost.exe Suspended 28,700 K 36,452 K 5420 Background Task Host Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 8,868 K 12,776 K 5592
atiesrxx.exe 1,244 K 5,436 K 1332 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,328 K 9,412 K 1404
AERTSr64.exe 628 K 2,984 K 1276 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

This looks a lot better:

 

Interrupts 1.20 

 

so we are making some progress.  Did you run the speedtest after updating the driver?

 

Have you tried the new version of inssider (actually an older version but it shouldn't need a key.  Probably best to uninstall the first version before trying this one.

 

 


  • 0

#13
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

My speeds jumped from 29 Mbps to 34.  I ran the inssider but didn't really know what to do with it once it ran.  I have a modem that will change channels to find the optimal channel automatically.

 

Is there a way to take Windows 10 off and go back to Windows 8?  Would that help me out?


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Modems which claim to pick the optimal channel are common.  Modems where that actually works are rare.

 

Can you attach a screenshot of the inssider output?

 

http://www.howtogeek...-in-windows-10/

 

To Attach a file: More Reply Options, Choose File, Open, Attach This File

 

Start up process explorer again and find

 

YCMMirage.exe

 

Right click on it and Suspend 

 

Then create a new log and post it.

 

Reverting back to Win 8 is probably not a good idea.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP