Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC running slow for some reason.


  • Please log in to reply

#1
Izzy1665

Izzy1665

    Member

  • Member
  • PipPip
  • 82 posts

My PC has been running slower than normal for some reason over the last couple of weeks and these last 3 days it has become ever worse. I've run my antivirus as well as D/L'ing ADWCleaner and running it but not seeing any benefit.

 

In some cases, whatever browser I am using will stop working altogether. Facebook will run really slow, videos run real slow or appear to buffer while the audio continues to play.

 

 

Here are my FRST logs.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Bob (administrator) on LIVING-ROOM-PC (20-05-2018 20:55:17)
Running from C:\Users\Bob\Downloads
Loaded Profiles: Bob (Available Profiles: Bob)
Platform: Windows 10 Pro Version 1803 17134.48 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Alcatel-Lucent) C:\Program Files (x86)\ATT\8.5.1.16\ma\bin\MAHostService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Novawave Inc.) C:\Program Files\Novawave\Novabench\NovabenchService.exe
(Joyent, Inc) C:\Program Files (x86)\ATT\8.5.1.16\ma\bin\node.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21595.0_x64__8wekyb3d8bbwe\HxTsr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alcatel-Lucent) C:\Program Files\ATT\8.5.1.16\ma\bin\pcTrayApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Facebook) C:\Users\Bob\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Users\Bob\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [291568 2018-05-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-04-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ATT_McciTrayApp] => C:\Program Files\ATT\8.5.1.16\ma\bin\pcTrayApp.exe [2943488 2015-12-11] (Alcatel-Lucent)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1067024 2018-01-03] (The Eraser Project)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-110091273-928939627-1752962748-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334016 2018-05-10] (Piriform Ltd)
HKU\S-1-5-21-110091273-928939627-1752962748-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [18334016 2018-05-10] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2018-03-04]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-04-15]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Bob\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1387eb14-e241-4983-bf86-ea62a43c1f7d}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e00ed730-90de-4a70-a88b-77e8c02f3101}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-21] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-21] (Oracle Corporation)

Edge:
======
Edge Extension: (Honey) -> EdgeExtension_HoneyScienceCorporationHoney_cbe4c63gm1mzr => C:\Program Files\WindowsApps\HoneyScienceCorporation.Honey_10.7.2.0_neutral__cbe4c63gm1mzr [2018-05-17]

FireFox:
========
FF DefaultProfile: iewfce5i.default-1526099188072
FF ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\iewfce5i.default-1526099188072 [2018-05-20]
FF Extension: (Honey) - C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\iewfce5i.default-1526099188072\Extensions\[email protected] [2018-05-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-21] (Oracle Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.1 -> C:\Program Files (x86)\ATT\8.5.1.16\ma\bin\npMotive.dll [2015-12-11] (AT&T)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default [2018-05-20]
CHR Extension: (Docs) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-04]
CHR Extension: (Google Drive) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-04]
CHR Extension: (YouTube) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-04]
CHR Extension: (Honey) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-04]
CHR Extension: (AVG SafePrice) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (AT&T Extension) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\okccnkhldjgdpjclfpdnlhlofcpginnm [2018-03-30]
CHR Extension: (Gmail) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-11]
CHR HKLM\...\Chrome\Extension: [okccnkhldjgdpjclfpdnlhlofcpginnm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [okccnkhldjgdpjclfpdnlhlofcpginnm] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.5.1.16\ma\bin\MAHostService.exe [321024 2015-12-11] (Alcatel-Lucent) [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [318328 2018-05-17] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-17] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-04-17] (AVG Technologies CZ, s.r.o.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-17] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-11-14] (NVIDIA Corporation)
R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [1102848 2012-03-26] (Atheros Communications, Inc.) [File not signed]
R2 NovabenchService; C:\Program Files\Novawave\Novabench\NovabenchService.exe [323560 2018-03-28] (Novawave Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-11-14] (NVIDIA Corporation)
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-09] (Microsoft Corporation)
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [370176 2015-08-13] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [462336 2015-08-13] (Alcatel-Lucent) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5614592 2018-01-22] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-01] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-01] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [307928 2013-11-11] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-05-17] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-05-17] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [151504 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [103744 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78352 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-05-17] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-05-17] (AVG Technologies CZ, s.r.o.)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.sys [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.sys [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NovabenchDriver; C:\Program Files\Novawave\Novabench\NovabenchDriverWin10.sys [28216 2018-03-28] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-11-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2018-01-22] (AVG Netherlands B.V.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-01] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-01] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-01] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-20 20:55 - 2018-05-20 20:55 - 000016771 _____ C:\Users\Bob\Downloads\FRST.txt
2018-05-20 20:28 - 2018-05-20 20:28 - 002413056 _____ (Farbar) C:\Users\Bob\Downloads\FRST64.exe
2018-05-20 20:04 - 2018-05-20 20:04 - 000001828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2018-05-20 20:04 - 2018-05-20 20:04 - 000001816 _____ C:\Users\Public\Desktop\Eraser.lnk
2018-05-20 20:04 - 2018-05-20 20:04 - 000000000 ____D C:\Program Files\Eraser
2018-05-20 19:57 - 2018-05-20 20:02 - 009101000 _____ (The Eraser Project) C:\Users\Bob\Downloads\Eraser 6.2.0.2982.exe
2018-05-20 07:06 - 2018-05-20 03:25 - 000000000 ____D C:\Windows.old
2018-05-20 03:29 - 2018-05-20 03:29 - 000000000 ___HD C:\OneDriveTemp
2018-05-20 03:28 - 2018-05-20 03:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-20 03:26 - 2018-05-20 03:26 - 000000000 ____D C:\Users\Bob\AppData\Local\PackageStaging
2018-05-20 03:25 - 2018-05-20 03:25 - 000000020 ___SH C:\Users\Bob\ntuser.ini
2018-05-20 03:24 - 2018-05-20 19:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 03:24 - 2018-05-20 18:58 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A29677FF-757A-4AC8-8014-4228864E097C}
2018-05-20 03:24 - 2018-05-20 18:56 - 000004266 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-05-20 03:24 - 2018-05-20 03:28 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2018-05-20 03:24 - 2018-05-20 03:25 - 000003748 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-20 03:24 - 2018-05-20 03:25 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-05-20 03:24 - 2018-05-20 03:25 - 000003044 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-110091273-928939627-1752962748-1001
2018-05-20 03:24 - 2018-05-20 03:25 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-110091273-928939627-1752962748-1001
2018-05-20 03:24 - 2018-05-20 03:25 - 000002796 _____ C:\WINDOWS\System32\Tasks\update-sys
2018-05-20 03:24 - 2018-05-20 03:25 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-20 03:24 - 2018-05-20 03:24 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-20 03:24 - 2018-05-20 03:24 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-20 03:24 - 2018-05-20 03:24 - 000003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2018-05-20 03:24 - 2018-05-20 03:24 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-20 03:24 - 2018-05-20 03:24 - 000002038 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-05-20 03:24 - 2018-05-20 03:24 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2018-05-20 03:23 - 2018-05-20 03:24 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-05-20 03:23 - 2018-05-20 03:24 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-05-20 03:21 - 2018-05-20 19:56 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-20 03:12 - 2018-05-20 03:12 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-20 03:10 - 2018-05-20 19:48 - 000000000 ____D C:\Users\Bob
2018-05-20 03:10 - 2018-05-20 03:10 - 000000000 ____D C:\ProgramData\USOShared
2018-05-20 03:10 - 2018-04-11 19:34 - 000001105 _____ C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 03:10 - 2018-04-11 19:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-20 03:07 - 2018-05-20 19:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-20 03:07 - 2018-05-20 03:13 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-20 00:10 - 2018-05-17 10:02 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-05-20 00:10 - 2018-05-17 10:02 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-05-20 00:08 - 2018-05-17 10:02 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-05-20 00:07 - 2018-05-20 07:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-19 23:55 - 2018-05-20 00:06 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-19 23:44 - 2018-05-19 23:44 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-19 23:44 - 2018-05-19 23:44 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-19 23:43 - 2018-05-19 23:43 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-19 23:43 - 2018-05-19 23:43 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-19 23:43 - 2018-05-19 23:43 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-19 23:43 - 2018-05-19 23:43 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-19 23:43 - 2018-05-19 23:43 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-19 23:43 - 2018-05-19 23:43 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-19 23:43 - 2018-05-19 23:43 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-19 23:43 - 2018-05-19 23:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-19 23:43 - 2018-05-19 23:43 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-05-19 23:42 - 2018-05-19 23:42 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-19 23:42 - 2018-05-19 23:42 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-19 23:42 - 2018-05-19 23:42 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-19 23:42 - 2018-05-19 23:42 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-05-19 23:24 - 2018-05-19 23:24 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-19 23:24 - 2018-05-19 23:24 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-19 23:24 - 2018-05-19 23:24 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-19 23:24 - 2018-05-19 23:24 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-19 23:24 - 2018-05-19 23:24 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-19 23:24 - 2018-05-19 23:24 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-19 23:24 - 2018-05-19 23:24 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-19 23:24 - 2018-05-19 23:24 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-19 23:23 - 2018-05-19 23:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-19 23:23 - 2018-05-19 23:23 - 000000000 ____D C:\Program Files\MSBuild
2018-05-19 23:23 - 2018-05-19 23:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-05-19 23:23 - 2018-05-19 23:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-05-19 23:21 - 2018-05-19 23:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-19 23:21 - 2018-05-19 23:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-19 23:21 - 2018-05-19 23:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-19 23:21 - 2018-05-19 23:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-19 23:21 - 2018-05-19 23:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-19 23:21 - 2018-05-19 23:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-19 23:03 - 2018-05-19 23:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-19 22:50 - 2018-05-19 22:50 - 000000047 _____ C:\Users\Bob\Desktop\Card Rates.txt
2018-05-19 20:42 - 2018-05-20 18:58 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-19 13:10 - 2018-05-19 13:35 - 000000433 _____ C:\Users\Bob\Desktop\My concerts.txt
2018-05-18 22:33 - 2018-05-18 22:33 - 000034349 _____ C:\Users\Bob\Desktop\Facebook-Like-Button-big.jpeg
2018-05-17 10:02 - 2018-05-17 10:02 - 000001878 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-05-17 09:56 - 2018-05-17 09:56 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-14 20:05 - 2018-05-14 20:05 - 000000090 _____ C:\Users\Bob\Desktop\PWtxt.txt
2018-05-13 17:16 - 2018-05-13 17:18 - 000000000 ____D C:\Users\Bob\Desktop\New folder
2018-05-12 00:24 - 2018-05-12 00:24 - 000021720 _____ C:\Users\Bob\Desktop\bookmarks-2018-05-12.json
2018-05-05 15:33 - 2018-05-05 15:46 - 1515048215 _____ C:\Users\Bob\Downloads\facebook-BBQbyBob.zip
2018-05-03 21:41 - 2018-05-05 19:40 - 000000000 ____D C:\Users\Bob\AppData\Local\Jagex
2018-05-03 21:41 - 2018-05-05 19:40 - 000000000 ____D C:\ProgramData\Jagex
2018-05-03 21:41 - 2018-05-03 21:41 - 000000000 ____D C:\Users\Bob\AppData\Roaming\NVIDIA
2018-05-03 21:40 - 2018-05-03 21:40 - 004940656 _____ (Jagex Ltd ) C:\Users\Bob\Downloads\RuneScape-Setup.exe
2018-05-03 21:40 - 2018-05-03 21:40 - 000000177 _____ C:\Users\Public\Desktop\RuneScape Launcher.url
2018-05-03 21:40 - 2018-05-03 21:40 - 000000000 ____D C:\Program Files\Jagex
2018-04-30 18:02 - 2018-04-30 18:02 - 003934419 _____ C:\Users\Bob\Downloads\TWDrewards_Carl_Wallpaper.zip
2018-04-25 00:51 - 2018-04-25 00:51 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
2018-04-25 00:51 - 2018-04-25 00:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-25 00:48 - 2018-04-25 00:48 - 077738888 _____ (Microsoft Corporation) C:\Users\Bob\Downloads\ExcelViewer.exe
2018-04-25 00:48 - 2018-04-25 00:48 - 000000000 ____D C:\Program Files (x86)\MSECache
2018-04-25 00:45 - 2018-04-25 00:46 - 000050688 _____ C:\Users\Bob\Downloads\BBQ Catering Workbook.xls
2018-04-23 17:44 - 2018-04-23 17:44 - 000021324 _____ C:\Users\Bob\Desktop\bookmarks-2018-04-23.json
2018-04-21 14:36 - 2018-05-10 20:09 - 000000000 ____D C:\Users\Bob\Desktop\stylopics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-20 20:55 - 2018-04-04 00:46 - 000000000 ____D C:\FRST
2018-05-20 20:24 - 2018-04-03 22:04 - 000000000 ____D C:\Users\Bob\Downloads\Antivirus Programs
2018-05-20 20:24 - 2018-03-04 01:58 - 000000000 ____D C:\Users\Bob\AppData\LocalLow\Mozilla
2018-05-20 20:23 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-20 19:56 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-05-20 19:54 - 2018-03-04 00:53 - 000000000 ___RD C:\Users\Bob\OneDrive
2018-05-20 19:50 - 2018-03-28 00:00 - 000000000 ____D C:\Program Files (x86)\ATT
2018-05-20 19:48 - 2018-04-11 17:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-20 19:32 - 2018-04-03 22:05 - 000000000 ____D C:\AdwCleaner
2018-05-20 19:29 - 2018-03-04 21:53 - 000000000 ____D C:\Users\Bob\AppData\Local\PlaceholderTileLogoFolder
2018-05-20 19:26 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-20 18:57 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 07:06 - 2018-04-11 19:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-20 07:06 - 2018-04-11 19:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-20 07:06 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Help
2018-05-20 07:06 - 2018-04-04 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-20 07:06 - 2018-03-28 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATT
2018-05-20 07:06 - 2018-03-04 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2018-05-20 07:06 - 2018-03-04 01:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-20 07:06 - 2018-03-04 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA1100 Genie
2018-05-20 07:06 - 2018-03-03 22:29 - 000000000 ____D C:\Program Files\UNP
2018-05-20 07:06 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-20 03:45 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-20 03:43 - 2018-03-04 00:50 - 000000000 ____D C:\Users\Bob\AppData\Local\Packages
2018-05-20 03:42 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-05-20 03:26 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-20 03:26 - 2018-03-04 01:37 - 000000000 ___RD C:\Users\Bob\3D Objects
2018-05-20 03:26 - 2016-02-13 09:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-20 03:25 - 2018-04-11 17:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-20 03:24 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-20 03:19 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-20 03:18 - 2018-04-04 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-20 03:18 - 2018-03-04 01:28 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-20 03:16 - 2018-03-04 01:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-20 03:12 - 2018-04-15 17:15 - 000000000 ____D C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2018-05-20 03:10 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-20 03:09 - 2018-03-04 00:55 - 000000000 ____D C:\temp
2018-05-20 03:09 - 2018-03-03 22:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-20 03:08 - 2018-03-03 22:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-20 00:18 - 2018-04-11 19:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-20 00:08 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-19 23:48 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-19 23:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-19 23:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-05-19 23:47 - 2018-04-12 05:37 - 000000000 ____D C:\WINDOWS\Containers
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-19 23:47 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-19 23:47 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-19 23:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-19 20:32 - 2018-03-04 01:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-19 20:32 - 2018-03-04 01:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-18 14:16 - 2018-04-12 12:27 - 000000000 ____D C:\Users\Bob\AppData\Local\CrashDumps
2018-05-18 12:58 - 2018-03-04 01:58 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-15 22:24 - 2018-03-13 23:16 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-15 22:24 - 2018-03-04 02:10 - 000000000 ____D C:\ProgramData\AVG
2018-05-15 17:49 - 2018-03-04 21:20 - 000000416 _____ C:\WINDOWS\Tasks\update-sys.job
2018-05-15 17:49 - 2018-03-04 21:20 - 000000416 _____ C:\WINDOWS\Tasks\update-S-1-5-21-110091273-928939627-1752962748-1001.job
2018-05-12 00:26 - 2018-03-23 01:03 - 000000000 ____D C:\Users\Bob\Desktop\Old Firefox Data
2018-05-09 18:59 - 2018-03-04 02:21 - 000000042 _____ C:\Users\Bob\jagex_cl_oldschool_LIVE.dat
2018-05-09 18:58 - 2018-03-04 02:20 - 000000000 ____D C:\Users\Bob\OSBuddy
2018-05-08 19:48 - 2018-03-03 22:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-08 19:46 - 2018-03-03 22:49 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 19:46 - 2018-03-03 22:49 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-07 10:53 - 2018-03-04 21:52 - 000000000 ____D C:\Users\Bob\AppData\Local\ElevatedDiagnostics
2018-05-01 17:22 - 2018-04-11 19:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 17:22 - 2018-04-11 19:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-01 00:29 - 2018-03-28 15:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-04-21 19:57 - 2018-04-04 01:02 - 000000000 ____D C:\Program Files (x86)\Java
2018-04-21 19:55 - 2018-04-04 01:02 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2018-03-23 21:24 - 2018-03-23 21:24 - 000000017 _____ () C:\Users\Bob\AppData\Local\resmon.resmoncfg
2018-03-04 21:20 - 2018-03-04 21:20 - 000000003 _____ () C:\Users\Bob\AppData\Local\updater.log
2018-03-04 21:20 - 2018-03-04 21:20 - 000000425 _____ () C:\Users\Bob\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 03:07

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Bob (20-05-2018 20:56:04)
Running from C:\Users\Bob\Downloads
Windows 10 Pro Version 1803 17134.48 (X64) (2018-05-20 07:25:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-110091273-928939627-1752962748-500 - Administrator - Disabled)
Bob (S-1-5-21-110091273-928939627-1752962748-1001 - Administrator - Enabled) => C:\Users\Bob
DefaultAccount (S-1-5-21-110091273-928939627-1752962748-503 - Limited - Disabled)
Guest (S-1-5-21-110091273-928939627-1752962748-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-110091273-928939627-1752962748-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
AT&T Troubleshoot & Resolve (HKLM-x32\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.5.1.16 - AT&T)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.4.3056 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Eraser 6.2.0.2982 (HKLM\...\{DFCF78CC-3DAD-4C1E-8BC6-94DC5B73461E}) (Version: 6.2.2982 - The Eraser Project)
Facebook Gameroom 1.21.6663.39782 (HKLM-x32\...\{68176DF0-3139-406A-955D-E90916FB9EE8}) (Version: 1.21.6663.39782 - Facebook)
FMW 1 (HKLM\...\{DFA0CE4A-C162-40C1-A977-12E60098EB72}) (Version: 1.227.11 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-110091273-928939627-1752962748-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 2.2.0.1 - NETGEAR)
Novabench (HKLM\...\{2FAC7FB5-8FA6-46F2-826D-B2757EFC2E83}) (Version: 4.0.4 - Novawave Inc.)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{E345A108-D9E8-456B-9550-435132D5C9CE}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-05-17] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-05-17] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (The Eraser Project)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1568C8CB-4699-47F2-85FF-6775FC0F51CC} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {406087F9-818F-4AD3-BA4C-05255D7FD5B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-04] (Google Inc.)
Task: {505BC152-7781-4A1D-80A4-8C7179B99EB9} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-01-22] (AVG Technologies CZ, s.r.o.)
Task: {5967FD50-EF61-4F46-B2C2-7D48D25D8271} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7B6D3B6A-1B17-4517-AFDF-792758A6D30C} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation)
Task: {9E82F1DC-7939-4B6A-A861-64CB00471DE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-04] (Google Inc.)
Task: {9F419D81-4A68-4243-A5C9-11EC31AF7FAD} - System32\Tasks\update-S-1-5-21-110091273-928939627-1752962748-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {9FF858A6-AEA2-4707-8DFE-8C83093407FF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd)
Task: {B44C3BAB-0831-4417-A443-9CE3AD55398E} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {B8BCA3F2-8ECC-4AA6-BE4A-FBB6A4B30868} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {D3C35613-421B-4634-A028-CBC689B4CD30} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-05-17] (AVG Technologies CZ, s.r.o.)
Task: {DDE06B86-C55F-4D0F-A746-DBADF70C8E9C} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {E5B7F4E2-ADD9-44DB-A7F6-83E89BF94B1C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {F43BCF6A-6D01-4871-B79D-7D98AD832E22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd)
Task: {FC7AAA12-AD95-4C43-A622-A0688944F3D0} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-05-16] (AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-110091273-928939627-1752962748-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-03 22:22 - 2016-11-14 07:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-03-04 00:56 - 2013-11-11 19:10 - 000307928 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-11 19:35 - 2018-04-12 05:20 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-24 15:23 - 2018-04-24 15:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-24 15:23 - 2018-04-24 15:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-24 15:23 - 2018-04-24 15:24 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-24 15:23 - 2018-04-24 15:24 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-24 15:23 - 2018-04-24 15:24 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-04-16 17:11 - 2018-04-16 17:13 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-03-04 02:11 - 2018-03-04 02:12 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-03-04 02:11 - 2018-03-04 02:12 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-03-04 02:11 - 2018-03-04 02:12 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2018-03-03 23:11 - 2018-03-03 23:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-04 02:11 - 2018-03-04 02:12 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntPlat.dll
2018-03-04 00:56 - 2014-01-02 17:13 - 008266456 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2018-03-04 00:56 - 2013-10-15 13:29 - 000372736 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2015-12-07 19:44 - 2015-12-07 19:44 - 000270336 _____ () C:\Program Files (x86)\ATT\8.5.1.16\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2015-12-07 19:44 - 2015-12-07 19:44 - 000244736 _____ () C:\Program Files (x86)\ATT\8.5.1.16\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-04-24 08:55 - 2013-04-24 08:55 - 001581056 _____ () C:\Program Files (x86)\ATT\8.5.1.16\ma\node_modules\libxmljs\build\Release\xmljs.node
2015-12-07 19:44 - 2015-12-07 19:44 - 000237056 _____ () C:\Program Files (x86)\ATT\8.5.1.16\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2018-04-04 01:14 - 2016-11-14 08:30 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2018-03-13 23:16 - 2018-03-13 23:14 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-03-04 00:56 - 2013-11-01 21:31 - 000278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2018-03-04 02:13 - 2018-03-04 02:13 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2018-05-17 10:02 - 2018-05-17 10:02 - 000481008 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2018-03-27 10:25 - 2018-03-27 10:25 - 001184256 _____ () C:\Users\Bob\AppData\Local\Facebook\Games\CefSharp.Core.dll
2018-03-27 10:25 - 2018-03-27 10:25 - 071641088 _____ () C:\Users\Bob\AppData\Local\Facebook\Games\libcef.dll
2018-03-27 10:25 - 2018-03-27 10:25 - 000774656 _____ () C:\Users\Bob\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2018-03-27 10:25 - 2018-03-27 10:25 - 003149824 _____ () C:\Users\Bob\AppData\Local\Facebook\Games\libglesv2.dll
2018-03-27 10:25 - 2018-03-27 10:25 - 000078848 _____ () C:\Users\Bob\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [474]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-110091273-928939627-1752962748-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bob\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\24131584_1891126297602629_8616179405180199500_n.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7BD599DA-A477-4361-8587-CC6D2E1C20E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ABF490BB-0AB3-45E0-8B8E-B3FF9DAD76B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F9AACAF2-7FBB-4B6E-A868-632BF543302D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

20-05-2018 18:56:37 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2018 08:50:02 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Error: (05/20/2018 06:55:47 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (2868,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Error: (05/20/2018 06:55:47 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (2868,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Error: (05/20/2018 06:55:45 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (2868,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Error: (05/20/2018 03:23:13 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Error: (05/20/2018 03:23:13 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Error: (05/20/2018 03:23:13 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupArrivalEvent" whose target class "WSP_ReplicationGroupArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Error: (05/20/2018 03:23:13 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.


System errors:
=============
Error: (05/20/2018 07:53:12 PM) (Source: DCOM) (EventID: 10001) (User: LIVING-ROOM-PC)
Description: Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error:
"298"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 250 milliseconds: Restart the service.

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Novabench Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The pcCMService64 service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WSWNA1100 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AT&T Troubleshoot & Resolve service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (05/20/2018 07:35:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The pcCMService service terminated unexpectedly.  It has done this 1 time(s).


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 66%
Total physical RAM: 4094.49 MB
Available physical RAM: 1378.46 MB
Total Virtual: 5502.49 MB
Available Virtual: 2269.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.95 GB) (Free:879.63 GB) NTFS

\\?\Volume{9dabe905-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{9dabe905-0000-0000-0000-70c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9DABE905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

#3
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Thank you for the reply.

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    78.09    52 K    8 K    0            
procexp64.exe    6.29    106,420 K    69,704 K    13048    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
Interrupts    1.84    0 K    0 K    n/a    Hardware Interrupts and DPCs        
System    2.33    196 K    4,576 K    4            
dwm.exe    0.61    63,888 K    27,232 K    8    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    < 0.01    217,608 K    229,920 K    14208    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
OneDrive.exe    0.30    20,860 K    18,472 K    7580    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
AVGUI.exe    0.20    27,764 K    42,904 K    7820    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
svchost.exe    < 0.01    56,424 K    55,328 K    1432    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
TuneUpUtilitiesService64.exe    < 0.01    28,936 K    13,112 K    3272    AVG PC TuneUp Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
Eraser.exe        43,808 K    9,864 K    11176    Eraser    The Eraser Project    (Verified) Heidi Computers Ltd
csrss.exe    0.37    2,384 K    2,464 K    612    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
node.exe    0.13    52,860 K    28,780 K    3868    Evented I/O for V8 JavaScript    Joyent, Inc    (No signature was present in the subject) Joyent, Inc
firefox.exe    0.29    667,936 K    357,832 K    13028    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
FacebookGameroom.exe    0.06    38,948 K    19,952 K    7848    FacebookGameroom    Facebook    (Verified) Facebook
AVGSvc.exe    0.01    222,896 K    40,112 K    2360    AVG Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
explorer.exe    0.11    103,320 K    98,300 K    5720    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
WNA1100.exe    0.04    10,624 K    6,664 K    7716    Netgear        (Verified) NETGEAR
TuneUpUtilitiesApp64.exe    < 0.01    5,688 K    8,684 K    5148    AVG PC TuneUp    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
pcTrayApp.exe    0.02    4,384 K    7,588 K    7316    mcci+McciTrayApp    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
MAHostService.exe    0.04    1,508 K    1,168 K    1892    MAHostService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
aswidsagenta.exe    0.12    26,532 K    26,052 K    496    AVG Software Analyzer    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
svchost.exe    0.01    9,248 K    10,484 K    944    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    280,340 K    268,384 K    8900    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    0.03    2,972 K    3,088 K    980    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WifiSvc.exe    0.01    2,376 K    3,080 K    2248    Wifi Service        (Verified) NETGEAR
CCleaner64.exe    0.01    10,724 K    7,928 K    5952    CCleaner    Piriform Ltd    (Verified) Piriform Ltd
taskhostw.exe        8,744 K    9,080 K    5328    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
adb.exe    0.01    2,376 K    2,020 K    5272            (No signature was present in the subject)
NovabenchService.exe    0.01    21,500 K    8,984 K    3332    Novabench Service    Novawave Inc.    (Verified) Novawave Inc.
svchost.exe    < 0.01    7,128 K    9,472 K    1364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
avguix.exe    < 0.01    15,188 K    13,656 K    7328    AVG User Interface    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
svchost.exe        13,264 K    16,660 K    904    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    < 0.01    61,312 K    34,852 K    12848    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SearchIndexer.exe    0.01    40,636 K    20,544 K    2304    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
Lightshot.exe    < 0.01    17,884 K    24,476 K    7984    Lightshot    Skillbrains    (No signature was present in the subject) Skillbrains
dllhost.exe    < 0.01    3,768 K    10,444 K    5196    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
pcContextHookShim.exe    < 0.01    1,872 K    1,804 K    7620    mcci+McciContextHookShim    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
dllhost.exe    < 0.01    3,920 K    13,292 K    15016    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
MSASCuiL.exe    < 0.01    3,120 K    4,204 K    6600    Windows Defender notification icon    Microsoft Corporation    (Verified) Microsoft Windows
smartscreen.exe    < 0.01    13,712 K    27,596 K    96    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
lsass.exe    < 0.01    9,256 K    10,452 K    712    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,424 K    1,392 K    1444    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ss_conn_service.exe    < 0.01    2,264 K    1,580 K    9896    MSS CS Connectivity Service    DEVGURU Co., LTD.    (Verified) DEVGURU CO LTD
RuntimeBroker.exe        3,140 K    1,716 K    936    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
nvvsvc.exe    < 0.01    4,500 K    4,496 K    1492    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
jswpbapi.exe    < 0.01    1,760 K    2,340 K    3056    JumpStart PushButton Service    Atheros Communications, Inc.    (No signature was present in the subject) Atheros Communications, Inc.
csrss.exe    < 0.01    2,060 K    2,152 K    508    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,912 K    4,784 K    3560    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
XboxApp.exe    Suspended    22,540 K    1,000 K    3864            (No signature was present in the subject)
WmiPrvSE.exe        2,484 K    8,508 K    13288    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WinStore.App.exe    Suspended    30,988 K    1,492 K    2732    Store    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
winlogon.exe        2,832 K    4,300 K    688    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,288 K    1,088 K    588    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        5,964 K    3,424 K    3256    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SystemSettingsBroker.exe        5,556 K    7,980 K    5320    System Settings Broker    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    4,948 K    4,188 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    5,292 K    10,132 K    4184    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,064 K    11,688 K    8892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,120 K    7,816 K    1868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,184 K    14,072 K    5188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,708 K    5,288 K    1188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,420 K    12,672 K    2908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,268 K    2,988 K    2828    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,060 K    9,016 K    2144    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,456 K    3,660 K    3432    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,236 K    19,068 K    2900    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        13,064 K    6,904 K    1232    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    12,268 K    8,484 K    1084    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,716 K    7,004 K    1736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,352 K    2,496 K    4752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,772 K    5,292 K    4848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,788 K    2,304 K    1500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,532 K    4,920 K    2216    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,428 K    6,608 K    1896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,240 K    3,028 K    5412    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        16,620 K    14,356 K    2916    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,324 K    3,924 K    11032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,020 K    3,508 K    1464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,816 K    5,064 K    1396    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,940 K    9,040 K    2884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,444 K    6,456 K    2948    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,496 K    3,700 K    3776    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,264 K    4,912 K    1712    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,724 K    2,796 K    2892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,368 K    1,052 K    2996    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,404 K    6,000 K    3112    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,944 K    10,876 K    3016    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,400 K    1,328 K    3100    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,356 K    5,084 K    2368    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,688 K    1,104 K    2972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,036 K    8,972 K    5336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,708 K    3,656 K    2352    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,732 K    2,220 K    2072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,252 K    4,700 K    304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,372 K    4,656 K    2080    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,572 K    5,080 K    2044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,948 K    2,664 K    1784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,968 K    3,328 K    1788    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,792 K    2,932 K    1456    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,576 K    3,868 K    1652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,704 K    2,128 K    1108    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,472 K    3,604 K    1644    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,272 K    3,688 K    472    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,628 K    8,296 K    1116    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,068 K    1,092 K    832    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,140 K    2,488 K    4744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,908 K    5,452 K    1368    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,572 K    18,872 K    5204    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,100 K    2,068 K    5536    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,440 K    4,372 K    5756    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,448 K    1,912 K    4328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,292 K    3,220 K    7248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,388 K    6,260 K    8380    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    1,988 K    10816    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,876 K    3,044 K    8464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,460 K    4,048 K    11544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,628 K    2,660 K    7428    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,552 K    2,788 K    5604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,584 K    2,440 K    6532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,896 K    1,464 K    7500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,628 K    5,268 K    4964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        5,352 K    2,384 K    2788    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        560 K    428 K    380    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SkypeHost.exe    Suspended    41,684 K    16,168 K    9592    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        14,104 K    16,756 K    5176    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    79,692 K    33,392 K    5088    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        3,492 K    2,768 K    4112    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SettingSyncHost.exe        19,676 K    2,164 K    6856    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        5,124 K    4,908 K    652    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        4,628 K    6,776 K    2156    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    104,908 K    67,940 K    6200    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,056 K    21,684 K    6988    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        18,548 K    18,976 K    11428    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,436 K    2,040 K    6368    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        8,256 K    13,624 K    6268    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        12,516 K    25,228 K    6408    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,712 K    17,764 K    8684    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,168 K    6,512 K    13504    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,780 K    2,140 K    7680    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,888 K    3,548 K    12036    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        1,556 K    22,336 K    88            
procexp.exe        3,172 K    10,428 K    8268    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
pcCMService.exe        1,712 K    1,752 K    1964    mcci+McciCMService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
pcCMService.exe        1,644 K    1,940 K    3300    mcci+McciCMService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
OfficeHubTaskHost.exe    Suspended    8,904 K    488 K    10688    Office Hub Task Host    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
nvxdsync.exe        7,464 K    12,416 K    1484    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,456 K    4,256 K    1356    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        5,212 K    6,892 K    6844    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvNetworkService.exe        3,752 K    1,712 K    3324    NVIDIA Network Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvBackend.exe    < 0.01    12,976 K    8,808 K    5260    NVIDIA Backend    NVIDIA Corporation    (Verified) NVIDIA Corporation
MicrosoftEdgeCP.exe    Suspended    5,992 K    1,460 K    14040    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdgeCP.exe    Suspended    5,480 K    1,348 K    10372    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdgeCP.exe    Suspended    5,892 K    1,464 K    11000    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdgeCP.exe    Suspended    50,076 K    4,284 K    6220    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdge.exe    Suspended    28,692 K    2,996 K    14488    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
Microsoft.Photos.exe    Suspended    238,048 K    36,688 K    7544            (No signature was present in the subject)
Memory Compression    8.88    1,220 K    160,836 K    1588            
LockApp.exe    Suspended    18,612 K    23,456 K    3136    LockApp.exe    Microsoft Corporation    (Verified) Microsoft Windows
HxTsr.exe    Suspended    7,844 K    604 K    10588    Microsoft Outlook Communications    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
GfExperienceService.exe        3,796 K    2,348 K    3064    NVIDIA GeForce ExperienceService    NVIDIA Corporation    (Verified) NVIDIA Corporation
fontdrvhost.exe        6,764 K    4,032 K    808    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,560 K    1,220 K    816    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe    0.01    175,072 K    93,192 K    14664    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Facebook Gameroom Browser.exe        27,096 K    5,492 K    8604    Facebook Gameroom Browser    The CefSharp Authors    (Verified) Facebook
dllhost.exe        2,616 K    2,252 K    3396    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        7,224 K    11,232 K    3640    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe    0.06    33,076 K    8,588 K    5652    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,420 K    2,084 K    3876    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,500 K    2,456 K    8184    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
browser_broker.exe        1,988 K    1,816 K    15252    Browser_Broker    Microsoft Corporation    (Verified) Microsoft Windows
avgsvca.exe        7,612 K    13,160 K    2288    AVG Service Process    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
audiodg.exe        7,552 K    11,756 K    13580    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
ApplicationFrameHost.exe        20,176 K    14,188 K    7128    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

 

 

 

 

 

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                        88 N/A                                         
smss.exe                       380 N/A                                         
csrss.exe                      508 N/A                                         
wininit.exe                    588 N/A                                         
csrss.exe                      612 N/A                                         
services.exe                   652 N/A                                         
winlogon.exe                   688 N/A                                         
lsass.exe                      712 EFS, KeyIso, SamSs, VaultSvc                
fontdrvhost.exe                808 N/A                                         
fontdrvhost.exe                816 N/A                                         
svchost.exe                    832 PlugPlay                                    
svchost.exe                    904 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
svchost.exe                    944 RpcEptMapper, RpcSs                         
svchost.exe                    980 LSM                                         
dwm.exe                          8 N/A                                         
svchost.exe                    472 NcbService                                  
svchost.exe                    304 TimeBrokerSvc                               
svchost.exe                   1084 BFE, CoreMessagingRegistrar, mpssvc         
svchost.exe                   1108 hidserv                                     
svchost.exe                   1116 Schedule                                    
svchost.exe                   1188 ProfSvc                                     
svchost.exe                   1232 EventLog                                    
nvvsvc.exe                    1356 nvsvc                                       
svchost.exe                   1396 UserManager                                 
svchost.exe                   1432 SysMain                                     
svchost.exe                   1444 Themes                                      
svchost.exe                   1456 nsi                                         
svchost.exe                   1464 EventSystem                                 
nvxdsync.exe                  1484 N/A                                         
nvvsvc.exe                    1492 N/A                                         
Memory Compression            1588 N/A                                         
svchost.exe                   1644 Dhcp                                        
svchost.exe                   1652 lfsvc                                       
svchost.exe                   1712 SENS                                        
svchost.exe                   1784 AudioEndpointBuilder                        
svchost.exe                   1788 FontCache                                   
svchost.exe                   1868 NlaSvc                                      
svchost.exe                   1896 Dnscache                                    
svchost.exe                   2044 netprofm                                    
svchost.exe                   1736 Audiosrv                                    
svchost.exe                   2072 DusmSvc                                     
svchost.exe                   2080 Wcmsvc                                      
svchost.exe                   2144 StateRepository                             
svchost.exe                   2216 WinHttpAutoProxySvc                         
svchost.exe                   2328 WlanSvc                                     
svchost.exe                   2352 ShellHWDetection                            
AVGSvc.exe                    2360 AVG Antivirus                               
svchost.exe                   2368 LicenseManager                              
spoolsv.exe                   2788 Spooler                                     
svchost.exe                   2828 LanmanWorkstation                           
svchost.exe                   2884 CryptSvc                                    
svchost.exe                   2892 DeviceAssociationService                    
svchost.exe                   2900 DiagTrack                                   
svchost.exe                   2908 Winmgmt                                     
svchost.exe                   2916 DPS                                         
svchost.exe                   2948 osrss                                       
svchost.exe                   2972 SstpSvc                                     
svchost.exe                   2996 TrkWks                                      
svchost.exe                   3016 WpnService                                  
jswpbapi.exe                  3056 jswpbapi                                    
GfExperienceService.exe       3064 GfExperienceService                         
MAHostService.exe             1892 AT&T Troubleshoot & Resolve                 
SecurityHealthService.exe     2156 SecurityHealthService                       
pcCMService.exe               1964 pcCMService                                 
WifiSvc.exe                   2248 WSWNA1100                                   
avgsvca.exe                   2288 avgsvc                                      
svchost.exe                   3100 WdiServiceHost                              
svchost.exe                   3112 iphlpsvc                                    
TuneUpUtilitiesService64.     3272 TuneUp.UtilitiesSvc                         
pcCMService.exe               3300 pcCMService64                               
NvNetworkService.exe          3324 NvNetworkService                            
NovabenchService.exe          3332 NovabenchService                            
svchost.exe                   3432 LanmanServer                                
svchost.exe                   3560 RasMan                                      
dasHost.exe                   3640 N/A                                         
svchost.exe                   3776 SSDPSRV                                     
node.exe                      3868 N/A                                         
conhost.exe                   3876 N/A                                         
svchost.exe                   4752 Netman                                      
svchost.exe                   4848 wscsvc                                      
aswidsagenta.exe               496 avgbIDSAgent                                
svchost.exe                   4184 CDPSvc                                      
svchost.exe                   1364 DoSvc                                       
svchost.exe                   4744 StorSvc                                     
SgrmBroker.exe                4112 SgrmBroker                                  
svchost.exe                   1368 UsoSvc                                      
SearchIndexer.exe             2304 WSearch                                     
TuneUpUtilitiesApp64.exe      5148 N/A                                         
sihost.exe                    5176 N/A                                         
svchost.exe                   5188 CDPUserSvc_6af19                            
svchost.exe                   5204 WpnUserService_6af19                        
taskhostw.exe                 5328 N/A                                         
svchost.exe                   5336 TokenBroker                                 
svchost.exe                   5412 WdiSystemHost                               
svchost.exe                   5536 TabletInputService                          
ctfmon.exe                    5652 N/A                                         
explorer.exe                  5720 N/A                                         
ShellExperienceHost.exe       5088 N/A                                         
SearchUI.exe                  6200 N/A                                         
RuntimeBroker.exe             6268 N/A                                         
RuntimeBroker.exe             6408 N/A                                         
nvtray.exe                    6844 N/A                                         
SettingSyncHost.exe           6856 N/A                                         
RuntimeBroker.exe             6988 N/A                                         
NvBackend.exe                 5260 N/A                                         
MSASCuiL.exe                  6600 N/A                                         
pcTrayApp.exe                 7316 N/A                                         
avguix.exe                    7328 N/A                                         
OneDrive.exe                  7580 N/A                                         
pcContextHookShim.exe         7620 N/A                                         
WNA1100.exe                   7716 N/A                                         
AVGUI.exe                     7820 N/A                                         
FacebookGameroom.exe          7848 N/A                                         
Lightshot.exe                 7984 N/A                                         
conhost.exe                   8184 N/A                                         
CCleaner64.exe                5952 N/A                                         
svchost.exe                   5756 OneSyncSvc_6af19,                           
                                   PimIndexMaintenanceSvc_6af19,               
                                   UnistoreSvc_6af19, UserDataSvc_6af19        
svchost.exe                   4328 SEMgrSvc                                    
Facebook Gameroom Browser     8604 N/A                                         
svchost.exe                   8892 BITS                                        
svchost.exe                   7248 Appinfo                                     
svchost.exe                   8380 PcaSvc                                      
ApplicationFrameHost.exe      7128 N/A                                         
svchost.exe                  10816 SensorService                               
Eraser.exe                   11176 N/A                                         
WinStore.App.exe              2732 N/A                                         
RuntimeBroker.exe             6368 N/A                                         
taskhostw.exe                 3256 N/A                                         
LockApp.exe                   3136 N/A                                         
RuntimeBroker.exe             8684 N/A                                         
svchost.exe                   8464 NgcSvc                                      
svchost.exe                  11544 NgcCtnrSvc                                  
svchost.exe                   7428 DsSvc                                       
svchost.exe                   5604 stisvc                                      
svchost.exe                   1500 TapiSrv                                     
ss_conn_service.exe           9896 ss_conn_service                             
adb.exe                       5272 N/A                                         
SystemSettingsBroker.exe      5320 N/A                                         
svchost.exe                   6532 RmSvc                                       
svchost.exe                   7500 PrintWorkflowUserSvc_6af19                  
XboxApp.exe                   3864 N/A                                         
SkypeHost.exe                 9592 N/A                                         
RuntimeBroker.exe            13504 N/A                                         
dllhost.exe                   3396 N/A                                         
OfficeHubTaskHost.exe        10688 N/A                                         
RuntimeBroker.exe              936 N/A                                         
MicrosoftEdge.exe            14488 N/A                                         
browser_broker.exe           15252 N/A                                         
RuntimeBroker.exe             7680 N/A                                         
MicrosoftEdgeCP.exe          14040 N/A                                         
MicrosoftEdgeCP.exe          10372 N/A                                         
MicrosoftEdgeCP.exe          11000 N/A                                         
MicrosoftEdgeCP.exe           6220 N/A                                         
HxTsr.exe                    10588 N/A                                         
RuntimeBroker.exe            12036 N/A                                         
firefox.exe                   8900 N/A                                         
firefox.exe                  12848 N/A                                         
firefox.exe                  14664 N/A                                         
firefox.exe                  13028 N/A                                         
RuntimeBroker.exe            11428 N/A                                         
Microsoft.Photos.exe          7544 N/A                                         
svchost.exe                  11032 NcdAutoSetup                                
dllhost.exe                   5196 N/A                                         
svchost.exe                   4964 lmhosts                                     
firefox.exe                  14208 N/A                                         
dllhost.exe                  15016 N/A                                         
smartscreen.exe                 96 N/A                                         
audiodg.exe                  13580 N/A                                         
procexp.exe                   8268 N/A                                         
procexp64.exe                13048 N/A                                         
WmiPrvSE.exe                 13288 N/A                                         
SearchProtocolHost.exe       13380 N/A                                         
SearchFilterHost.exe         11568 N/A                                         
svchost.exe                  13840 AppXSvc                                     
backgroundTaskHost.exe       11108 N/A                                         
svchost.exe                  12128 camsvc                                      
cmd.exe                       9384 N/A                                         
conhost.exe                  10356 N/A                                         
tasklist.exe                  8472 N/A                                         
WmiPrvSE.exe                  1012 N/A                                         
 

 

 

 

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Speccy log?

 

Process Explorer shows:

 

Interrupts    1.84    0 K    0 K    n/a    Hardware Interrupts and DPCs

 

 

This should be under 1.4.  Doesn't sound like much but Interrupts are more powerful than you might think.

 

Let's try Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.51

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).  Let it run for at least 20 seconds.  Then hit the red box to stop it. 

 

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply. 


  • 0

#5
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I think I forgot to actually hit "Attach File" after browsing and finding the SPECCY txt file on the previous reply. It should be here this time.

 

 

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:45  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LIVING-ROOM-PC
OS version:                                           Windows 10 , 10.0, build: 17134 (x64)
Hardware:                                             G31M-ES2C, Gigabyte Technology Co., Ltd., G31M-S2C
CPU:                                                  GenuineIntel Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Logical processors:                                   2
Processor groups:                                     1
RAM:                                                  4094 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   30 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   9265.343336
Average measured interrupt to process latency (µs):   30.397603

Highest measured interrupt to DPC latency (µs):       8366.935449
Average measured interrupt to DPC latency (µs):       10.393628


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              56.5620
Driver with highest ISR routine execution time:       dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Highest reported total ISR routine time (%):          0.086461
Driver with highest ISR total time:                   dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Total time spent in ISRs (%)                          0.105969

ISR count (execution time <250 µs):                   10297
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              8366.6730
Driver with highest DPC routine execution time:       ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Highest reported total DPC routine time (%):          1.218364
Driver with highest DPC total execution time:         ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Total time spent in DPCs (%)                          1.849710

DPC count (execution time <250 µs):                   38539
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                92
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              188
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.


Process with highest pagefault count:                 none

Total number of hard pagefaults                       0
Hard pagefault count of hardest hit process:          0
Highest hard pagefault resolution time (µs):          0.0
Total time spent in hard pagefaults (%):              0.0
Number of processes hit:                              0


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.783478
CPU 0 ISR highest execution time (µs):                56.5620
CPU 0 ISR total execution time (s):                   0.095841
CPU 0 ISR count:                                      9992
CPU 0 DPC highest execution time (µs):                8288.5080
CPU 0 DPC total execution time (s):                   0.567221
CPU 0 DPC count:                                      35525
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       1.170954
CPU 1 ISR highest execution time (µs):                6.0360
CPU 1 ISR total execution time (s):                   0.000457
CPU 1 ISR count:                                      305
CPU 1 DPC highest execution time (µs):                8366.6730
CPU 1 DPC total execution time (s):                   1.113684
CPU 1 DPC count:                                      3387
_________________________________________________________________________________________________________
 

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

sc  stop  DPS

del  \WINDOWS\system32\SRU\SRUDB.dat

sc  start  DPS

 

DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)


Run Process Explorer as before and post the log.

 

Also run Latency Monitor again and post its log while in Latency Monitor, click on Drivers then on the DPC count column header so that the top of the column has the biggest numbers.  What are the top five drivers?  If you can a screenshot would be good.  (the snipping tool is useful)


  • 0

#7
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I hope i got everything you asked for.

 

After running the SFC command, I got the "Windows did not find any integrity violations" result so no Junk.txt file

 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 25/05/2018 11:47:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/05/2018 11:13:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/05/2018 3:23:24 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 26/05/2018 3:20:51 AM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "298" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Log: 'System' Date/Time: 25/05/2018 10:12:32 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 25/05/2018 7:49:03 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 24/05/2018 7:29:41 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 23/05/2018 3:52:20 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 23/05/2018 3:52:19 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 22/05/2018 9:00:08 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 22/05/2018 3:26:16 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LIVING-ROOM-PC\Bob SID (S-1-5-21-110091273-928939627-1752962748-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 22/05/2018 3:25:44 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Log: 'System' Date/Time: 20/05/2018 11:53:12 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "298" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The AVG PC TuneUp Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 250 milliseconds: Restart the service.

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Novabench Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The pcCMService64 service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The WSWNA1100 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The AT&T Troubleshoot & Resolve service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The pcCMService service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 20/05/2018 11:35:35 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The JumpStart Push-Button Service service terminated unexpectedly.  It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/05/2018 4:38:25 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 25/05/2018 3:15:16 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 23/05/2018 9:09:30 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 22/05/2018 3:25:35 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)

Log: 'System' Date/Time: 21/05/2018 10:02:01 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 25/05/2018 11:49:38 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/05/2018 3:22:49 AM
Type: Error Category: 3
Event: 455 Source: ESENT
DllHost (9692,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Bob\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Log: 'Application' Date/Time: 26/05/2018 3:22:49 AM
Type: Error Category: 1
Event: 490 Source: ESENT
DllHost (9692,R,98) WebCacheLocal: An attempt to open the file "C:\Users\Bob\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Log: 'Application' Date/Time: 26/05/2018 2:21:01 AM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 26/05/2018 1:21:00 AM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 26/05/2018 12:20:00 AM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 11:19:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 10:18:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 9:17:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 9:17:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 8:16:01 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 8:16:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 7:15:01 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 7:15:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 6:14:01 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 6:14:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 5:13:01 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 5:13:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 4:13:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 4:13:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

Log: 'Application' Date/Time: 25/05/2018 4:13:00 PM
Type: Error Category: 12
Event: 467 Source: ESENT
svchost (2916,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index UserIdTimeStamp of table {5C8CF1C7-7257-4F13-B223-970EF5939312} is corrupted (0).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/05/2018 3:18:46 AM
Type: Warning Category: 3
Event: 472 Source: ESENT
taskhostw (5216,R,98) WebCacheLocal: The shadow header page of file C:\Users\Bob\AppData\Local\Microsoft\Windows\WebCache\V01.chk was damaged. The primary header page (4096 bytes) was used instead.

Log: 'Application' Date/Time: 26/05/2018 3:02:55 AM
Type: Warning Category: 1
Event: 636 Source: ESENT
svchost (12872,D,35) SRUJet: Flush map file "C:\WINDOWS\system32\sru\SRUDB.jfm" will be deleted. Reason: CreateNew.

Log: 'Application' Date/Time: 26/05/2018 3:02:07 AM
Type: Warning Category: 1
Event: 636 Source: ESENT
svchost (2916,D,35) SRUJet: Flush map file "C:\WINDOWS\system32\sru\SRUDB.jfm" will be deleted. Reason: CreateNew.

Log: 'Application' Date/Time: 20/05/2018 11:26:00 PM
Type: Warning Category: 0
Event: 1534 Source: Microsoft-Windows-User Profiles Service
Profile notification of event Load for component {44BAF61B-E481-4305-9166-33B1FD3F4876} failed, error code is A required privilege is not held by the client. .   

Log: 'Application' Date/Time: 20/05/2018 11:15:16 PM
Type: Warning Category: 0
Event: 6006 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> took 77 second(s) to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 20/05/2018 11:14:59 PM
Type: Warning Category: 0
Event: 6005 Source: Microsoft-Windows-Winlogon
The winlogon notification subscriber <GPClient> is taking long time to handle the notification event (CreateSession).

Log: 'Application' Date/Time: 20/05/2018 7:26:41 AM
Type: Warning Category: 1
Event: 1008 Source: Microsoft-Windows-Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Index Version Upgrade}.


Log: 'Application' Date/Time: 20/05/2018 7:25:43 AM
Type: Warning Category: 0
Event: 1534 Source: Microsoft-Windows-User Profiles Service
Profile notification of event Load for component {44BAF61B-E481-4305-9166-33B1FD3F4876} failed, error code is A required privilege is not held by the client. .   

Log: 'Application' Date/Time: 20/05/2018 7:23:14 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:14 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:14 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:14 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, EventTracingManagement, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\EventTracingManagement to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:13 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:13 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace ROOT\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, ProfileAssociationProviderInterop, has been registered in the Windows Management Instrumentation namespace ROOT\Interop to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:12 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:11 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, AssignedAccess, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2\embedded to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:11 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Log: 'Application' Date/Time: 20/05/2018 7:23:11 AM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace ROOT\StandardCimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

 

 

 

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    76.17    52 K    8 K    0            
procexp64.exe    7.81    103,996 K    66,192 K    2672    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
pcTrayApp.exe    3.46    4,016 K    7,612 K    9012    mcci+McciTrayApp    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
svchost.exe    3.19    2,164 K    7,412 K    2936    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Interrupts    3.00    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    2.29    41,200 K    37,448 K    528    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
System    1.61    196 K    2,800 K    4            
firefox.exe    0.69    211,800 K    217,400 K    7812    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
csrss.exe    0.39    2,452 K    4,748 K    632    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AVGUI.exe    0.28    23,768 K    48,008 K    8288    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
firefox.exe    0.27    155,368 K    188,776 K    7852    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
TuneUpUtilitiesService64.exe    0.20    28,404 K    39,716 K    3688    AVG PC TuneUp Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
node.exe    0.17    35,600 K    28,164 K    3908    Evented I/O for V8 JavaScript    Joyent, Inc    (No signature was present in the subject) Joyent, Inc
FacebookGameroom.exe    0.16    26,732 K    48,976 K    640    FacebookGameroom    Facebook    (Verified) Facebook
explorer.exe    0.08    47,320 K    110,320 K    5432    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
MAHostService.exe    0.06    1,556 K    6,496 K    3216    MAHostService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
WNA1100.exe    0.05    10,932 K    30,732 K    8356    Netgear        (Verified) NETGEAR
NovabenchService.exe    0.02    20,556 K    21,272 K    3396    Novabench Service    Novawave Inc.    (Verified) Novawave Inc.
AVGSvc.exe    0.02    86,068 K    40,708 K    2644    AVG Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
CCleaner64.exe    0.01    8,456 K    17,384 K    9864    CCleaner    Piriform Ltd    (Verified) Piriform Ltd
firefox.exe    0.01    26,612 K    28,904 K    9016    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
WifiSvc.exe    0.01    2,272 K    6,888 K    3744    Wifi Service        (Verified) NETGEAR
lsass.exe    0.01    6,404 K    14,012 K    696    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
avguix.exe    < 0.01    10,728 K    29,464 K    8492    AVG User Interface    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
svchost.exe    < 0.01    4,228 K    14,932 K    1296    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
TuneUpUtilitiesApp64.exe    < 0.01    4,864 K    15,244 K    4400    AVG PC TuneUp    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
svchost.exe    < 0.01    61,632 K    67,552 K    1792    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    10,052 K    23,696 K    924    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
pcContextHookShim.exe    < 0.01    1,780 K    7,852 K    7876    mcci+McciContextHookShim    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
smartscreen.exe    < 0.01    13,700 K    27,892 K    2588    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
OneDrive.exe    < 0.01    13,816 K    40,704 K    7704    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
Lightshot.exe    < 0.01    7,296 K    10,556 K    8388    Lightshot    Skillbrains    (No signature was present in the subject) Skillbrains
svchost.exe    < 0.01    2,544 K    7,080 K    336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
aswidsagenta.exe    < 0.01    16,948 K    34,448 K    7148    AVG Software Analyzer    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
ss_conn_service.exe    < 0.01    2,072 K    5,064 K    3940    MSS CS Connectivity Service    DEVGURU Co., LTD.    (Verified) DEVGURU CO LTD
nvvsvc.exe    < 0.01    4,288 K    11,756 K    1784    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
csrss.exe    < 0.01    1,940 K    4,696 K    524    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
jswpbapi.exe    < 0.01    1,632 K    6,872 K    3272    JumpStart PushButton Service    Atheros Communications, Inc.    (No signature was present in the subject) Atheros Communications, Inc.
svchost.exe    < 0.01    3,504 K    10,288 K    4544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe        5,548 K    13,120 K    11232    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,584 K    8,820 K    9784    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        2,648 K    8,368 K    768    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,396 K    5,688 K    616    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        7,212 K    17,352 K    5216    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,668 K    11,320 K    2552    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,376 K    10,500 K    1664    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,204 K    11,700 K    1000    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,616 K    20,516 K    4528    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,772 K    20,352 K    7692    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,096 K    17,588 K    2504    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,136 K    7,776 K    1680    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,516 K    15,336 K    5808    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    6,996 K    3840    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        14,032 K    15,168 K    1324    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,120 K    12,572 K    2372    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,912 K    13,688 K    1076    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,392 K    7,992 K    3360    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,460 K    26,704 K    3240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        13,312 K    20,600 K    3256    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,188 K    8,776 K    1248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,124 K    13,684 K    1212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,964 K    6,184 K    3964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,332 K    5,520 K    1800    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,764 K    6,568 K    3472    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,348 K    12,192 K    3224    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,008 K    7,072 K    2200    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,628 K    6,300 K    1440    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,184 K    6,736 K    1480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,668 K    10,192 K    1280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,152 K    10,040 K    2336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,940 K    11,056 K    1168    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,860 K    34,100 K    5144    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,000 K    3,632 K    860    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,356 K    5,128 K    1084    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    8,840 K    1176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,644 K    5,660 K    1288    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,556 K    8,636 K    1376    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,932 K    7,044 K    1824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,940 K    8,396 K    1876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,092 K    9,072 K    1892    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,880 K    7,276 K    2088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,772 K    7,060 K    2096    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,212 K    15,164 K    2220    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,164 K    8,564 K    2284    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,780 K    5,988 K    2328    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,588 K    11,720 K    2460    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    11,000 K    2652    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,620 K    6,132 K    3012    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,152 K    10,004 K    3248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,616 K    6,000 K    3576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,900 K    6,756 K    3636    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,296 K    5,288 K    3676    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,268 K    18,160 K    3724    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,000 K    5,492 K    4040    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,344 K    5,152 K    4236    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,432 K    14,464 K    5436    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,776 K    7,504 K    5488    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,020 K    12,528 K    6124    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,564 K    6,940 K    6400    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,704 K    8,012 K    6500    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,632 K    8,580 K    6528    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,248 K    9,360 K    6612    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,648 K    9,496 K    6816    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,376 K    21,628 K    8300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,276 K    8,552 K    9052    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,764 K    14,828 K    7552    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,696 K    6,320 K    7968    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        5,304 K    11,640 K    2892    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        540 K    1,012 K    404    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SkypeHost.exe    Suspended    43,544 K    15,724 K    7412    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
SkypeHost.exe    Suspended    2,564 K    4,248 K    6656    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        5,708 K    22,652 K    3856    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    32,080 K    58,092 K    3752    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        2,336 K    4,212 K    8516    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SettingSyncHost.exe        5,808 K    3,756 K    8448    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        5,056 K    7,980 K    688    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        3,900 K    14,084 K    3608    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    98,416 K    84,616 K    5340    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe        22,556 K    26,052 K    6232    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,672 K    15,572 K    11128    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,424 K    25,944 K    6096    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,032 K    18,464 K    7612    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,700 K    6,452 K    8992    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,760 K    22,084 K    5284    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        4,872 K    33,208 K    88            
procexp.exe        3,236 K    10,496 K    8684    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
pcCMService.exe        1,652 K    7,212 K    3512    mcci+McciCMService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
pcCMService.exe        1,724 K    7,948 K    3524    mcci+McciCMService    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
nvxdsync.exe        6,392 K    16,788 K    1772    NVIDIA User Experience Driver Component    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvvsvc.exe        2,268 K    8,664 K    1628    NVIDIA Driver Helper Service, Version 342.01    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvtray.exe        3,616 K    12,296 K    2832    NVIDIA Settings    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvNetworkService.exe        3,572 K    8,816 K    3416    NVIDIA Network Service    NVIDIA Corporation    (Verified) NVIDIA Corporation
NvBackend.exe        7,908 K    17,412 K    3280    NVIDIA Backend    NVIDIA Corporation    (Verified) NVIDIA Corporation
notepad.exe        10,352 K    31,812 K    1048    Notepad    Microsoft Corporation    (Verified) Microsoft Windows
MSASCuiL.exe        1,928 K    8,792 K    8972    Windows Defender notification icon    Microsoft Corporation    (Verified) Microsoft Windows
Microsoft.Photos.exe    Suspended    28,092 K    6,244 K    10940            (No signature was present in the subject)
Memory Compression        244 K    83,176 K    1964            
HxTsr.exe    Suspended    7,040 K    23,044 K    7440    Microsoft Outlook Communications    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
GfExperienceService.exe        3,808 K    10,736 K    3264    NVIDIA GeForce ExperienceService    NVIDIA Corporation    (Verified) NVIDIA Corporation
fontdrvhost.exe        2,964 K    6,156 K    876    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,584 K    3,240 K    868    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        63,116 K    71,924 K    7392    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        199,636 K    205,100 K    8716    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        30,228 K    49,356 K    312    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Facebook Gameroom Browser.exe        26,292 K    26,120 K    11120    Facebook Gameroom Browser    The CefSharp Authors    (Verified) Facebook
dasHost.exe        5,468 K    13,600 K    2604    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        4,464 K    13,364 K    5532    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,460 K    5,716 K    4060    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,516 K    11,896 K    10176    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
avgsvca.exe        5,460 K    17,620 K    3232    AVG Service Process    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
audiodg.exe        6,600 K    12,164 K    1128    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows

 

 

 

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:21  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LIVING-ROOM-PC
OS version:                                           Windows 10 , 10.0, build: 17134 (x64)
Hardware:                                             G31M-ES2C, Gigabyte Technology Co., Ltd., G31M-S2C
CPU:                                                  GenuineIntel Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Logical processors:                                   2
Processor groups:                                     1
RAM:                                                  4094 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   30 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   5038.184042
Average measured interrupt to process latency (µs):   8.653364

Highest measured interrupt to DPC latency (µs):       1187.523190
Average measured interrupt to DPC latency (µs):       1.887141


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              53.3610
Driver with highest ISR routine execution time:       dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Highest reported total ISR routine time (%):          0.122422
Driver with highest ISR total time:                   dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Total time spent in ISRs (%)                          0.171770

ISR count (execution time <250 µs):                   10883
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              10060.7370
Driver with highest DPC routine execution time:       USBPORT.SYS - USB 1.1 & 2.0 Port Driver, Microsoft Corporation

Highest reported total DPC routine time (%):          1.538615
Driver with highest DPC total execution time:         ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Total time spent in DPCs (%)                          3.058895

DPC count (execution time <250 µs):                   22521
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                19
DPC count (execution time 1000-1999 µs):              86
DPC count (execution time 2000-3999 µs):              80
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.


Process with highest pagefault count:                 none

Total number of hard pagefaults                       0
Hard pagefault count of hardest hit process:          0
Highest hard pagefault resolution time (µs):          0.0
Total time spent in hard pagefaults (%):              0.0
Number of processes hit:                              0


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.821764
CPU 0 ISR highest execution time (µs):                53.3610
CPU 0 ISR total execution time (s):                   0.070848
CPU 0 ISR count:                                      10280
CPU 0 DPC highest execution time (µs):                10060.7370
CPU 0 DPC total execution time (s):                   0.620719
CPU 0 DPC count:                                      21122
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.722983
CPU 1 ISR highest execution time (µs):                39.7440
CPU 1 ISR total execution time (s):                   0.001456
CPU 1 ISR count:                                      603
CPU 1 DPC highest execution time (µs):                9995.0490
CPU 1 DPC total execution time (s):                   0.666892
CPU 1 DPC count:                                      1661
_________________________________________________________________________________________________________
 


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

In Latency Monitor, after it runs for 20 seconds and you stop it, click on Drivers, then on t the DPC count column header so that the top of the column has the biggest numbers (usually takes two clicks).  What are the top five items under Driver File?  You can make a screenshot instead.  (the snipping tool is useful for making screenshots)

 

lmd.JPG

 

Copy the next line:

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/


 
Right click in the Command Window and  Paste (or Edit then Paste) and the copied line should appear.  Hit Enter.
 
When the prompt returns, reboot.

Run VEW again as before.  Post both logs.

 

 

 

In the Search box type:  dxdiag

wait for it to find it.  Right click on dxdiag.exe and Run As Admin.
Yes
Once it finishes (green line in bottom left goes away)

Save All Information.  Point it at your desktop and it should save it as dxdiag.txt.

Exit

Double click on dxdiag.txt and copy and paste the text into a reply.


  • 0

#9
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Latency Monitor Screenshot

 

icvc5u.png

 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 26/05/2018 9:34:09 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/05/2018 11:45:08 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Delivery Optimization service hung on starting.

Log: 'System' Date/Time: 26/05/2018 11:42:37 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Log: 'System' Date/Time: 26/05/2018 11:42:37 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "298" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/05/2018 12:08:45 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 26/05/2018 9:34:09 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/05/2018 11:45:08 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Delivery Optimization service hung on starting.

Log: 'System' Date/Time: 26/05/2018 11:42:37 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Log: 'System' Date/Time: 26/05/2018 11:42:37 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "298" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/05/2018 12:08:45 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name pixel.ad.mlnadvertising.com timed out after none of the configured DNS servers responded.

 

 

------------------
System Information
------------------
      Time of this report: 5/26/2018, 21:40:24
             Machine name: LIVING-ROOM-PC
               Machine Id: {EFE94B23-AE75-4006-BF3F-9AC86AE64549}
         Operating System: Windows 10 Pro 64-bit (10.0, Build 17134) (17134.rs4_release.180410-1804)
                 Language: English (Regional Setting: English)
      System Manufacturer: Gigabyte Technology Co., Ltd.
             System Model: G31M-ES2C
                     BIOS: Award Modular BIOS v6.00PG (type: BIOS)
                Processor: Intel® Core™2 Duo CPU     E8400  @ 3.00GHz (2 CPUs), ~3.0GHz
                   Memory: 4096MB RAM
      Available OS Memory: 4094MB RAM
                Page File: 3112MB used, 2389MB available
              Windows Dir: C:\WINDOWS
          DirectX Version: DirectX 12
      DX Setup Parameters: Not found
         User DPI Setting: 96 DPI (100 percent)
       System DPI Setting: 96 DPI (100 percent)
          DWM DPI Scaling: Disabled
                 Miracast: Not Available
Microsoft Graphics Hybrid: Not Supported
           DxDiag Version: 10.00.17134.0001 64bit Unicode

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
          Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
           Card name: NVIDIA GeForce 8600 GTS
        Manufacturer: NVIDIA
           Chip type: GeForce 8600 GTS
            DAC type: Integrated RAMDAC
         Device Type: Full Device (POST)
          Device Key: Enum\PCI\VEN_10DE&DEV_0400&SUBSYS_09501462&REV_A1
       Device Status: 0180200A [DN_DRIVER_LOADED|DN_STARTED|DN_DISABLEABLE|DN_NT_ENUMERATOR|DN_NT_DRIVER]
 Device Problem Code: No Problem
 Driver Problem Code: Unknown
      Display Memory: 2279 MB
    Dedicated Memory: 232 MB
       Shared Memory: 2047 MB
        Current Mode: 1440 x 900 (32 bit) (60Hz)
         HDR Support: Not Supported
    Display Topology: Internal
 Display Color Space: DXGI_COLOR_SPACE_RGB_FULL_G22_NONE_P709
     Color Primaries: Red(0.640148,0.329602), Green(0.300305,0.600109), Blue(0.150891,0.060070), White Point(0.313977,0.329602)
   Display Luminance: Min Luminance = 0.500000, Max Luminance = 270.000000, MaxFullFrameLuminance = 270.000000
        Monitor Name: SyncMaster 953BW/953GW,SyncMaster Magic CX953BW/CX953GW(Digital)
       Monitor Model: SyncMaster
          Monitor Id: SAM0378
         Native Mode: 1440 x 900(p) (59.887Hz)
         Output Type: DVI
Monitor Capabilities: HDR Not Supported
Display Pixel Format: DISPLAYCONFIG_PIXELFORMAT_32BPP
      Advanced Color: Not Supported
         Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll
 Driver File Version: 21.21.0013.4201 (English)
      Driver Version: 21.21.13.4201
         DDI Version: 11.1
      Feature Levels: 10_0,9_3,9_2,9_1
        Driver Model: WDDM 1.2
 Graphics Preemption: DMA
  Compute Preemption: DMA
            Miracast: Not Supported
 Hybrid Graphics GPU: Not Applicable
      Power P-states: Not Applicable
      Virtualization: Not Supported
          Block List: No Blocks
  Catalog Attributes: N/A
   Driver Attributes: Final Retail
    Driver Date/Size: 11/13/2016 8:00:00 PM, 17722448 bytes
         WHQL Logo'd: Yes
     WHQL Date Stamp: Unknown
   Device Identifier: {D7B71E3E-4740-11CF-BB67-5D291BC2D835}
           Vendor ID: 0x10DE
           Device ID: 0x0400
           SubSys ID: 0x09501462
         Revision ID: 0x00A1
  Driver Strong Name: oem31.inf:0f066de38e492509:Section004:21.21.13.4201:pci\ven_10de&dev_0400
      Rank Of Driver: 00DA2001
         Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
         DXVA2 Modes: DXVA2_ModeMPEG2_IDCT  DXVA2_ModeVC1_IDCT  DXVA2_ModeWMV9_IDCT  DXVA2_ModeH264_VLD_NoFGT  
   Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
        D3D9 Overlay: Supported
             DXVA-HD: Supported
        DDraw Status: Enabled
          D3D Status: Enabled
          AGP Status: Enabled
       MPO MaxPlanes: 1
            MPO Caps: Not Supported
         MPO Stretch: Not Supported
     MPO Media Hints: Not Supported
         MPO Formats: Not Supported
    PanelFitter Caps: Not Supported
 PanelFitter Stretch: Not Supported

-------------
Sound Devices
-------------
            Description: Speakers (High Definition Audio Device)
 Default Sound Playback: Yes
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1458C603&REV_1000
        Manufacturer ID: 1
             Product ID: 65535
                   Type: WDM
            Driver Name: HdAudio.sys
         Driver Version: 10.00.17134.0001 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 4/28/2018 12:00:00 AM, 436736 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

            Description: Digital Audio (S/PDIF) (High Definition Audio Device)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1458C603&REV_1000
        Manufacturer ID: 1
             Product ID: 65535
                   Type: WDM
            Driver Name: HdAudio.sys
         Driver Version: 10.00.17134.0001 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 4/28/2018 12:00:00 AM, 436736 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

---------------------
Sound Capture Devices
---------------------
---------------------
Video Capture Devices
Number of Devices: 0
---------------------
-------------------
DirectInput Devices
-------------------
      Device Name: Mouse
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Keyboard
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: USB Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31C
        FF Driver: n/a

      Device Name: USB Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31C
        FF Driver: n/a

      Device Name: USB Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31C
        FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x27CA
| Matching Device ID: USB\ROOT_HUB
| Service: usbhub
| Driver: usbhub.sys, 4/11/2018 19:33:52, 514464 bytes
| Driver: usbd.sys, 4/11/2018 19:33:52, 32152 bytes
|
+-+ USB Composite Device
| | Vendor/Product ID: 0x046D, 0xC31C
| | Location: Port_#0002.Hub_#0003
| | Matching Device ID: USB\COMPOSITE
| | Service: usbccgp
| | Driver: usbccgp.sys, 4/11/2018 19:33:52, 168864 bytes
| |
| +-+ USB Input Device
| | | Vendor/Product ID: 0x046D, 0xC31C
| | | Location: 0000.001d.0002.002.000.000.000.000.000
| | | Matching Device ID: USB\Class_03&SubClass_01
| | | Service: HidUsb
| | | Driver: hidusb.sys, 4/11/2018 19:33:52, 42496 bytes
| | | Driver: hidclass.sys, 4/11/2018 19:33:52, 173568 bytes
| | | Driver: hidparse.sys, 4/11/2018 19:33:52, 46080 bytes
| | |
| | +-+ HID Keyboard Device
| | | | Vendor/Product ID: 0x046D, 0xC31C
| | | | Matching Device ID: HID_DEVICE_SYSTEM_KEYBOARD
| | | | Service: kbdhid
| | | | Driver: kbdhid.sys, 4/11/2018 19:33:52, 40448 bytes
| | | | Driver: kbdclass.sys, 4/11/2018 19:33:52, 63904 bytes
|
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x27CB
| Matching Device ID: USB\ROOT_HUB
| Service: usbhub
| Driver: usbhub.sys, 4/11/2018 19:33:52, 514464 bytes
| Driver: usbd.sys, 4/11/2018 19:33:52, 32152 bytes
|
+-+ USB Input Device
| | Vendor/Product ID: 0x0461, 0x4D22
| | Location: Port_#0002.Hub_#0004
| | Matching Device ID: USB\Class_03&SubClass_01
| | Service: HidUsb
| | Driver: hidusb.sys, 4/11/2018 19:33:52, 42496 bytes
| | Driver: hidclass.sys, 4/11/2018 19:33:52, 173568 bytes
| | Driver: hidparse.sys, 4/11/2018 19:33:52, 46080 bytes
| |
| +-+ HID-compliant mouse
| | | Vendor/Product ID: 0x0461, 0x4D22
| | | Matching Device ID: HID_DEVICE_SYSTEM_MOUSE
| | | Service: mouhid
| | | Driver: mouhid.sys, 4/11/2018 19:33:52, 33280 bytes
| | | Driver: mouclass.sys, 4/11/2018 19:33:52, 56728 bytes

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 897.3 GB
Total Space: 953.3 GB
File System: NTFS
      Model: TOSHIBA MK1002TSKB ATA Device

      Drive: D:
      Model: Optiarc DVD RW AD-7201A ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:48, 159744 bytes

--------------
System Devices
--------------
     Name: NVIDIA GeForce 8600 GTS
Device ID: PCI\VEN_10DE&DEV_0400&SUBSYS_09501462&REV_A1\4&27574D66&0&0008
   Driver: C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe, 21.21.0013.4201 (English), 12/9/2016 15:36:46, 461376 bytes
   Driver: C:\Program Files\NVIDIA Corporation\Drs\nvdrsdb.bin, 11/14/2016 08:30:58, 1238696 bytes
   Driver: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_5e2b734d2e5b2cfd\NvCplSetupInt.exe, 1.00.0005.0000 (English), 12/9/2016 15:18:26, 83498768 bytes
   Driver: C:\Program Files\NVIDIA Corporation\license.txt, 11/14/2016 08:30:58, 26629 bytes
   Driver: C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe, 1.01.5204.20580 (English), 12/9/2016 15:36:52, 859320 bytes
   Driver: C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe, 6.14.0013.4201 (English), 12/9/2016 15:38:42, 243264 bytes
   Driver: C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.1.pdf, 11/14/2016 08:30:58, 56689 bytes
   Driver: C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe, 8.17.0013.4201 (English), 12/9/2016 15:45:22, 354368 bytes
   Driver: C:\Program Files\NVIDIA Corporation\NVSMI\nvml.dll, 8.17.0013.4201 (English), 12/9/2016 15:45:48, 664640 bytes
   Driver: C:\Program Files\NVIDIA Corporation\OpenCL\OpenCL.dll, 1.00.0000.0000 (English), 12/9/2016 15:53:50, 76864 bytes
   Driver: C:\Program Files\NVIDIA Corporation\OpenCL\OpenCL64.dll, 1.00.0000.0000 (English), 12/9/2016 15:53:52, 91832 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys, 21.21.0013.4201 (English), 12/9/2016 15:45:46, 12914360 bytes
   Driver: C:\WINDOWS\system32\NvFBC64.dll, 6.14.0013.4201 (English), 12/9/2016 15:38:58, 919104 bytes
   Driver: C:\WINDOWS\system32\NvIFR64.dll, 6.14.0013.4201 (English), 12/9/2016 15:45:30, 960576 bytes
   Driver: C:\WINDOWS\system32\nvapi64.dll, 21.21.0013.4201 (English), 12/9/2016 15:58:26, 3245408 bytes
   Driver: C:\WINDOWS\system32\nvcompiler.dll, 8.17.0013.4201 (English), 12/9/2016 15:37:14, 23009344 bytes
   Driver: C:\WINDOWS\system32\nvcuda.dll, 8.17.0013.4201 (English), 12/9/2016 15:58:40, 13957376 bytes
   Driver: C:\WINDOWS\system32\nvcuvid.dll, 7.17.0013.4201 (English), 12/9/2016 15:38:38, 4262584 bytes
   Driver: C:\WINDOWS\system32\nvd3dumx.dll, 21.21.0013.4201 (English), 12/9/2016 15:58:50, 17722448 bytes
   Driver: C:\WINDOWS\system32\nvinfo.pb, 11/14/2016 08:30:58, 26157 bytes
   Driver: C:\WINDOWS\system32\nvoglv64.dll, 21.21.0013.4201 (English), 12/9/2016 15:46:16, 31532728 bytes
   Driver: C:\WINDOWS\system32\nvopencl.dll, 8.17.0013.4201 (English), 12/9/2016 15:58:58, 14046888 bytes
   Driver: C:\WINDOWS\system32\nvwgf2umx.dll, 21.21.0013.4201 (English), 12/9/2016 15:59:12, 18806712 bytes
   Driver: C:\WINDOWS\SysWow64\NvFBC.dll, 6.14.0013.4201 (English), 12/9/2016 15:38:56, 885824 bytes
   Driver: C:\WINDOWS\SysWow64\NvIFR.dll, 6.14.0013.4201 (English), 12/9/2016 15:45:30, 923200 bytes
   Driver: C:\WINDOWS\SysWow64\nvapi.dll, 21.21.0013.4201 (English), 12/9/2016 15:58:22, 2856736 bytes
   Driver: C:\WINDOWS\SysWow64\nvcompiler.dll, 8.17.0013.4201 (English), 12/9/2016 15:37:20, 15310400 bytes
   Driver: C:\WINDOWS\SysWow64\nvcuda.dll, 8.17.0013.4201 (English), 12/9/2016 15:58:34, 11315752 bytes
   Driver: C:\WINDOWS\SysWow64\nvcuvid.dll, 7.17.0013.4201 (English), 12/9/2016 15:38:34, 4004536 bytes
   Driver: C:\WINDOWS\SysWow64\nvd3dum.dll, 21.21.0013.4201 (English), 12/9/2016 15:58:44, 14634024 bytes
   Driver: C:\WINDOWS\SysWow64\nvoglv32.dll, 21.21.0013.4201 (English), 12/9/2016 15:45:58, 24217784 bytes
   Driver: C:\WINDOWS\SysWow64\nvopencl.dll, 8.17.0013.4201 (English), 12/9/2016 15:58:54, 11378672 bytes
   Driver: C:\WINDOWS\SysWow64\nvwgf2um.dll, 21.21.0013.4201 (English), 12/9/2016 15:59:06, 16279288 bytes
   Driver: C:\WINDOWS\system32\nvdispco6434201.dll, 2.00.0041.0004 (English), 12/9/2016 15:38:46, 1917640 bytes
   Driver: C:\WINDOWS\system32\nvdispgenco6434201.dll, 2.00.0020.0002 (English), 12/9/2016 15:18:20, 1566920 bytes

     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_8086&DEV_27D2&SUBSYS_50011458&REV_01\3&13C0B0C5&0&E1
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 375712 bytes

     Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Device ID: PCI\VEN_8086&DEV_27C8&SUBSYS_50041458&REV_01\3&13C0B0C5&0&E8
   Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 35328 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 412576 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 514464 bytes

     Name: LPC Controller
Device ID: PCI\VEN_8086&DEV_27B8&SUBSYS_50011458&REV_01\3&13C0B0C5&0&F8
   Driver: C:\WINDOWS\system32\DRIVERS\msisadrv.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 18848 bytes

     Name: Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0
Device ID: PCI\VEN_8086&DEV_27C0&SUBSYS_B0021458&REV_01\3&13C0B0C5&0&FA
   Driver: C:\WINDOWS\system32\DRIVERS\intelide.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 19360 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 53656 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 28568 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\ataport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 194976 bytes

     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_50001458&REV_E1\3&13C0B0C5&0&F0
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 375712 bytes

     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_8086&DEV_27D0&SUBSYS_50011458&REV_01\3&13C0B0C5&0&E0
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 375712 bytes

     Name: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Device ID: PCI\VEN_8086&DEV_27CC&SUBSYS_50061458&REV_01\3&13C0B0C5&0&EF
   Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 95648 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 412576 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 514464 bytes

     Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Device ID: PCI\VEN_8086&DEV_27CA&SUBSYS_50041458&REV_01\3&13C0B0C5&0&EA
   Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 35328 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 412576 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 514464 bytes

     Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Device ID: PCI\VEN_8086&DEV_27C9&SUBSYS_50041458&REV_01\3&13C0B0C5&0&E9
   Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 35328 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 412576 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 514464 bytes

     Name: CPU to IO Controller
Device ID: PCI\VEN_8086&DEV_29C0&SUBSYS_50001458&REV_10\3&13C0B0C5&0&00
   Driver: n/a

     Name: High Definition Audio Controller
Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_A0021458&REV_01\3&13C0B0C5&0&D8
   Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:45, 86016 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\drmk.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:46, 98304 bytes
   Driver: C:\WINDOWS\system32\DRIVERS\portcls.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:46, 379392 bytes

     Name: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_50011458&REV_01\3&13C0B0C5&0&FB
   Driver: n/a

     Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Device ID: PCI\VEN_8086&DEV_27CB&SUBSYS_50041458&REV_01\3&13C0B0C5&0&EB
   Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 35328 bytes
   Driver: C:\WINDOWS\system32\drivers\usbport.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 412576 bytes
   Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:52, 514464 bytes

     Name: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_E0001458&REV_02\4&15E70C52&0&00E1
   Driver: C:\WINDOWS\system32\DRIVERS\rt640x64.sys, 9.01.0406.2015 (English), 4/11/2018 19:33:49, 604160 bytes

     Name: PCI-to-PCI Bridge
Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_50001458&REV_10\3&13C0B0C5&0&08
   Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 10.00.17134.0001 (English), 4/11/2018 19:33:49, 375712 bytes

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,10.00.17134.0001
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,10.00.17134.0001
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,10.00.17134.0001
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,10.00.17134.0001
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,10.00.17134.0001
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,10.00.17134.0001
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,10.00.17134.0001
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,10.00.17134.0001
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,10.00.17134.0001
DV Muxer,0x00400000,0,0,qdv.dll,10.00.17134.0001
Color Space Converter,0x00400001,1,1,quartz.dll,10.00.17134.0001
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.17134.0001
AVI Splitter,0x00600000,1,1,quartz.dll,10.00.17134.0001
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,10.00.17134.0001
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,10.00.17134.0001
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,10.00.17134.0001
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,10.00.17134.0001
StreamBufferSink,0x00200000,0,0,sbe.dll,10.00.17134.0001
MJPEG Decompressor,0x00600000,1,1,quartz.dll,10.00.17134.0001
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,10.00.17134.0001
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,10.00.17134.0001
VBI Codec,0x00600000,1,4,VBICodec.ax,10.00.17134.0001
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,10.00.17134.0001
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,10.00.17134.0001
SBE2FileScan,0x00200000,0,0,sbe.dll,10.00.17134.0001
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,10.00.17134.0001
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,10.00.17134.0001
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,10.00.17134.0001
DV Splitter,0x00600000,1,2,qdv.dll,10.00.17134.0001
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,10.00.17134.0001
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,10.00.17134.0001
ACM Wrapper,0x00600000,1,1,quartz.dll,10.00.17134.0001
Video Renderer,0x00800001,1,0,quartz.dll,10.00.17134.0001
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,10.00.17134.0001
Line 21 Decoder,0x00600000,1,1,,
Video Port Manager,0x00600000,2,1,quartz.dll,10.00.17134.0001
Video Renderer,0x00400000,1,0,quartz.dll,10.00.17134.0001
VPS Decoder,0x00200000,0,0,WSTPager.ax,10.00.17134.0001
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.17134.0001
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,
File writer,0x00200000,1,0,qcap.dll,10.00.17134.0001
DVD Navigator,0x00200000,0,3,qdvd.dll,10.00.17134.0001
Overlay Mixer2,0x00200000,1,1,,
AVI Draw,0x00600064,9,1,quartz.dll,10.00.17134.0001
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,10.00.17134.0001
WST Pager,0x00200000,1,1,WSTPager.ax,10.00.17134.0001
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,10.00.17134.0001
DV Video Decoder,0x00800000,1,1,qdv.dll,10.00.17134.0001
SampleGrabber,0x00200000,1,1,qedit.dll,10.00.17134.0001
Null Renderer,0x00200000,1,0,qedit.dll,10.00.17134.0001
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,10.00.17134.0001
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,10.00.17134.0001
StreamBufferSource,0x00200000,0,0,sbe.dll,10.00.17134.0001
Smart Tee,0x00200000,1,2,qcap.dll,10.00.17134.0001
Overlay Mixer,0x00200000,0,0,,
AVI Decompressor,0x00600000,1,1,quartz.dll,10.00.17134.0001
AVI/WAV File Source,0x00400000,0,2,quartz.dll,10.00.17134.0001
Wave Parser,0x00400000,1,1,quartz.dll,10.00.17134.0001
MIDI Parser,0x00400000,1,1,quartz.dll,10.00.17134.0001
Multi-file Parser,0x00400000,1,1,quartz.dll,10.00.17134.0001
File stream renderer,0x00400000,1,1,quartz.dll,10.00.17134.0001
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,10.00.17134.0001
StreamBufferSink2,0x00200000,0,0,sbe.dll,10.00.17134.0001
AVI Mux,0x00200000,1,0,qcap.dll,10.00.17134.0001
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,10.00.17134.0001
File Source (Async.),0x00400000,0,1,quartz.dll,10.00.17134.0001
File Source (URL),0x00400000,0,1,quartz.dll,10.00.17134.0001
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,10.00.17134.0001
Enhanced Video Renderer,0x00200000,1,0,evr.dll,10.00.17134.0001
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,10.00.17134.0001
MPEG Video Decoder,0x40000001,1,1,quartz.dll,10.00.17134.0001

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,10.00.17134.0001

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,10.00.17134.0001
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,10.00.17134.0001
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,10.00.17134.0001
DV Video Encoder,0x00200000,0,0,qdv.dll,10.00.17134.0001
MJPEG Compressor,0x00200000,0,0,quartz.dll,10.00.17134.0001

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,10.00.17134.0001
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,10.00.17134.0001
IMA ADPCM,0x00200000,1,1,quartz.dll,10.00.17134.0001
PCM,0x00200000,1,1,quartz.dll,10.00.17134.0001
Microsoft ADPCM,0x00200000,1,1,quartz.dll,10.00.17134.0001
GSM 6.10,0x00200000,1,1,quartz.dll,10.00.17134.0001
CCITT A-Law,0x00200000,1,1,quartz.dll,10.00.17134.0001
CCITT u-Law,0x00200000,1,1,quartz.dll,10.00.17134.0001
MPEG Layer-3,0x00200000,1,1,quartz.dll,10.00.17134.0001

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,10.00.17134.0001
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,10.00.17134.0001
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,10.00.17134.0001

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,10.00.17134.0001
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,10.00.17134.0001

WDM Streaming Rendering Devices:
HD Audio Speaker,0x00200000,1,1,ksproxy.ax,10.00.17134.0001
HD Audio SPDIF out,0x00200000,1,1,ksproxy.ax,10.00.17134.0001

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.17134.0001
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.17134.0001
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.17134.0001
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,10.00.17134.0001
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,10.00.17134.0001

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,10.00.17134.0001

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,10.00.17134.0001
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,10.00.17134.0001

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,msvidctl.dll,6.05.17134.0001
Encrypt/Tag,0x00200000,0,0,,
PTFilter,0x00200000,0,0,,
XDS Codec,0x00200000,0,0,,

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,10.00.17134.0001

Audio Renderers:
Speakers (High Definition Audio Device),0x00200000,1,0,quartz.dll,10.00.17134.0001
Default DirectSound Device,0x00800000,1,0,quartz.dll,10.00.17134.0001
Default WaveOut Device,0x00200000,1,0,quartz.dll,10.00.17134.0001
DirectSound: Digital Audio (S/PDIF) (High Definition Audio Device),0x00200000,1,0,quartz.dll,10.00.17134.0001
DirectSound: Speakers (High Definition Audio Device),0x00200000,1,0,quartz.dll,10.00.17134.0001
Digital Audio (S/PDIF) (High Definition Audio Device),0x00200000,1,0,quartz.dll,10.00.17134.0001


----------------------------
Preferred DirectShow Filters
----------------------------

[HKEY_LOCAL_MACHINE\Software\Microsoft\DirectShow\Preferred]

<media subtype GUID>, [<filter friendly name>, ]<filter CLSID>

MEDIASUBTYPE_MPEG1Payload, MPEG Video Decoder, CLSID_CMpegVideoCodec
MEDIASUBTYPE_MPEG1Packet, MPEG Video Decoder, CLSID_CMpegVideoCodec
MEDIASUBTYPE_DVD_LPCM_AUDIO, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG2_AUDIO, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG2_VIDEO, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
{78766964-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{7634706D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_mp4s, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{6C737664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{64737664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{64697678-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{64687664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
{58564944-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
{5634504D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_MP4S, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMVR, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVP, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MJPG, MJPEG Decompressor, CLSID_MjpegDec
{44495658-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMVA, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mpg4, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MPG4, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_h264, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
MEDIASUBTYPE_H264, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
MEDIASUBTYPE_WMV3, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp43, Mpeg43 Decoder DMO, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_MP43, Mpeg43 Decoder DMO, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_m4s2, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WMV2, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MSS2, WMV Screen decoder DMO, CLSID_CMSSCDecMediaObject
MEDIASUBTYPE_M4S2, Mpeg4s Decoder DMO, CLSID_CMpeg4sDecMediaObject
MEDIASUBTYPE_WVP2, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp42, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MP42, Mpeg4 Decoder DMO, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_WMV1, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_MSS1, WMV Screen decoder DMO, CLSID_CMSSCDecMediaObject
MEDIASUBTYPE_WVC1, WMVideo Decoder DMO, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_AVC1, Microsoft DTV-DVD Video Decoder, CLSID_CMPEG2VidDecoderDS
{20637664-0000-0010-8000-00AA00389B71}, DV Video Decoder, CLSID_DVVideoCodec
MEDIASUBTYPE_MPEG_LOAS, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_MPEG_ADTS_AAC, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
MEDIASUBTYPE_WMAUDIO_LOSSLESS, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_WMAUDIO3, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
WMMEDIASUBTYPE_WMAudioV8, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_MSAUDIO1, WMAudio Decoder DMO, CLSID_CWMADecMediaObject
MEDIASUBTYPE_RAW_AAC1, Microsoft DTV-DVD Audio Decoder, CLSID_CMPEG2AudDecoderDS
WMMEDIASUBTYPE_MP3, MP3 Decoder DMO, CLSID_CMP3DecMediaObject
MEDIASUBTYPE_MPEG1AudioPayload, MPEG Audio Decoder, CLSID_CMpegAudioCodec
WMMEDIASUBTYPE_WMSP2, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
WMMEDIASUBTYPE_WMSP1, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject


---------------------------
Media Foundation Transforms
---------------------------

[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms]

<category>:
  <transform friendly name>, <transform CLSID>, <flags>, [<merit>, ]<file name>, <file version>

Video Decoders:
  Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}, 0x1, msmpeg2vdec.dll, 10.00.17134.0001
  DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}, 0x1, mfdvdec.dll, 10.00.17134.0001
  Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT, 0x1, mp4sdecd.dll, 10.00.17134.0001
  Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT, 0x1, msmpeg2vdec.dll, 10.00.17134.0001
  WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject, 0x1, wmvsdecd.dll, 10.00.17134.0001
  WMVideo Decoder MFT, CLSID_CWMVDecMediaObject, 0x1, wmvdecod.dll, 10.00.17134.0001
  MJPEG Decoder MFT, {CB17E772-E1CC-4633-8450-5617AF577905}, 0x1, mfmjpegdec.dll, 10.00.17134.0001
  Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject, 0x1, mp43decd.dll, 10.00.17134.0001
  Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}, 0x1, MSVP9DEC.dll, 10.00.17134.0001
  Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject, 0x1, mpg4decd.dll, 10.00.17134.0001
Video Encoders:
  H264 Encoder MFT, {6CA50344-051A-4DED-9779-A43305165E35}, 0x1, mfh264enc.dll, 10.00.17134.0001
  WMVideo8 Encoder MFT, CLSID_CWMVXEncMediaObject, 0x1, wmvxencd.dll, 10.00.17134.0001
  Microsoft MF VPX Encoder Transform, {AEB6C755-2546-4881-82CC-E15AE5EBFF3D}, 0x1, MSVPXENC.dll, 10.00.17134.0001
  H263 Encoder MFT, {BC47FCFE-98A0-4F27-BB07-698AF24F2B38}, 0x1, mfh263enc.dll, 10.00.17134.0001
  WMVideo9 Encoder MFT, CLSID_CWMV9EncMediaObject, 0x1, wmvencod.dll, 10.00.17134.0001
  Microsoft MPEG-2 Video Encoder MFT, {E6335F02-80B7-4DC4-ADFA-DFE7210D20D5}, 0x2, msmpeg2enc.dll, 10.00.17134.0001
Video Effects:
  Frame Rate Converter, CLSID_CFrameRateConvertDmo, 0x1, mfvdsp.dll, 10.00.17134.0001
  Resizer MFT, CLSID_CResizerDMO, 0x1, vidreszr.dll, 10.00.17134.0001
  VideoStabilization MFT, {51571744-7FE4-4FF2-A498-2DC34FF74F1B}, 0x1, MSVideoDSP.dll, 10.00.17134.0001
  Color Control, CLSID_CColorControlDmo, 0x1, mfvdsp.dll, 10.00.17134.0001
  Color Converter MFT, CLSID_CColorConvertDMO, 0x1, colorcnv.dll, 10.00.17134.0001
Video Processor:
  Microsoft Video Processor MFT, {88753B26-5B24-49BD-B2E7-0C445C78C982}, 0x1, msvproc.dll, 10.00.17134.0001
Audio Decoders:
  Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}, 0x1, DolbyDecMFT.dll, 10.00.17134.0001
  MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}, 0x1, MSAMRNBDecoder.dll, 10.00.17134.0001
  WMAudio Decoder MFT, CLSID_CWMADecMediaObject, 0x1, WMADMOD.DLL, 10.00.17134.0001
  Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT, 0x1, MSAudDecMFT.dll, 10.00.17134.0001
  A-law Wrapper MFT, {36CB6E0C-78C1-42B2-9943-846262F31786}, 0x1, mfcore.dll, 10.00.17134.0001
  GSM ACM Wrapper MFT, {4A76B469-7B66-4DD4-BA2D-DDF244C766DC}, 0x1, mfcore.dll, 10.00.17134.0001
  WMAPro over S/PDIF MFT, CLSID_CWMAudioSpdTxDMO, 0x1, WMADMOD.DLL, 10.00.17134.0001
  Microsoft Opus Audio Decoder MFT, {63E17C10-2D43-4C42-8FE3-8D8B63E46A6A}, 0x1, MSOpusDecoder.dll, 10.00.17134.0001
  Microsoft FLAC Audio Decoder MFT, {6B0B3E6B-A2C5-4514-8055-AFE8A95242D9}, 0x1, MSFlacDecoder.dll, 10.00.17134.0001
  Microsoft MPEG Audio Decoder MFT, {70707B39-B2CA-4015-ABEA-F8447D22D88B}, 0x1, MSAudDecMFT.dll, 10.00.17134.0001
  WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject, 0x1, WMSPDMOD.DLL, 10.00.17134.0001
  G711 Wrapper MFT, {92B66080-5E2D-449E-90C4-C41F268E5514}, 0x1, mfcore.dll, 10.00.17134.0001
  IMA ADPCM ACM Wrapper MFT, {A16E1BFF-A80D-48AD-AECD-A35C005685FE}, 0x1, mfcore.dll, 10.00.17134.0001
  MP3 Decoder MFT, CLSID_CMP3DecMediaObject, 0x1, mp3dmod.dll, 10.00.17134.0001
  Microsoft ALAC Audio Decoder MFT, {C0CD7D12-31FC-4BBC-B363-7322EE3E1879}, 0x1, MSAlacDecoder.dll, 10.00.17134.0001
  ADPCM ACM Wrapper MFT, {CA34FE0A-5722-43AD-AF23-05F7650257DD}, 0x1, mfcore.dll, 10.00.17134.0001
  Dolby TrueHD IEC-61937 converter MFT, {CF5EEEDF-0E92-4B3B-A161-BD0FFE545E4B}, 0x1, mfaudiocnv.dll, 10.00.17134.0001
  DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}, 0x1, mfaudiocnv.dll, 10.00.17134.0001
Audio Encoders:
  LPCM DVD-Audio MFT, {068A8476-9229-4CC0-9D49-2FC699DCD30A}, 0x1, mfaudiocnv.dll, 10.00.17134.0001
  MP3 Encoder ACM Wrapper MFT, {11103421-354C-4CCA-A7A3-1AFF9A5B6701}, 0x1, mfcore.dll, 10.00.17134.0001
  Microsoft FLAC Audio Encoder MFT, {128509E9-C44E-45DC-95E9-C255B8F466A6}, 0x1, MSFlacEncoder.dll, 10.00.17134.0001
  WM Speech Encoder DMO, CLSID_CWMSPEncMediaObject2, 0x1, WMSPDMOE.DLL, 10.00.17134.0001
  MS AMRNB Encoder MFT, {2FAE8AFE-04A3-423A-A814-85DB454712B0}, 0x1, MSAMRNBEncoder.dll, 10.00.17134.0001
  Microsoft MPEG-2 Audio Encoder MFT, {46A4DD5C-73F8-4304-94DF-308F760974F4}, 0x1, msmpeg2enc.dll, 10.00.17134.0001
  WMAudio Encoder MFT, CLSID_CWMAEncMediaObject, 0x1, WMADMOE.DLL, 10.00.17134.0001
  Microsoft AAC Audio Encoder MFT, {93AF0C51-2275-45D2-A35B-F2BA21CAED00}, 0x1, mfAACEnc.dll, 10.00.17134.0001
  Microsoft ALAC Audio Encoder MFT, {9AB6A28C-748E-4B6A-BFFF-CC443B8E8FB4}, 0x1, MSAlacEncoder.dll, 10.00.17134.0001
  Microsoft Dolby Digital Encoder MFT, {AC3315C9-F481-45D7-826C-0B406C1F64B8}, 0x1, msac3enc.dll, 10.00.17134.0001
Audio Effects:
  AEC, CLSID_CWMAudioAEC, 0x1, mfwmaaec.dll, 10.00.17134.0001
  Resampler MFT, CLSID_CResamplerMediaObject, 0x1, resampledmo.dll, 10.00.17134.0001
Multiplexers:
  Microsoft MPEG2 Multiplexer MFT, {AB300F71-01AB-46D2-AB6C-64906CB03258}, 0x2, mfmpeg2srcsnk.dll, 10.00.17134.0001
Others:
  Microsoft H264 Video Remux (MPEG2TSToMP4) MFT, {05A47EBB-8BF0-4CBF-AD2F-3B71D75866F5}, 0x1, msmpeg2vdec.dll, 10.00.17134.0001


--------------------------------------------
Media Foundation Enabled Hardware Categories
--------------------------------------------

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\HardwareMFT]



-------------------------------------
Media Foundation Byte Stream Handlers
-------------------------------------

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\ByteStreamHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\Preferred]

<file ext. or MIME type>, <handler CLSID>, <brief description>[, Preferred]

.3g2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.ac3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
.adt, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.adts, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
.am?, {EFE6208A-0A2C-49FA-8A01-3768B559B6DA}, MF AMRNB Media Source ByteStreamHandler
.amr, {EFE6208A-0A2C-49FA-8A01-3768B559B6DA}, MF AMRNB Media Source ByteStreamHandler, Preferred
.asf, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.avi, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
.dvr-ms, {65964407-A5D8-4060-85B0-1CCD63F768E2}, dvr-ms Byte Stream Handler, Preferred
.dvr-ms, {A8721937-E2FB-4D7A-A9EE-4EB08C890B6E}, MF SBE Source ByteStreamHandler
.ec3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
.flac, {0E41CFB8-0506-40F4-A516-77CC23642D91}, MF FLAC Media Source ByteStreamHandler, Preferred
.m2t, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.m2ts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.m4a, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.m4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mk3d, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mka, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mks, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mkv, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
.mod, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mov, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mp2v, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
.mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mp4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.mpa, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
.mpeg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mpg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.mts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.nsc, {B084785C-DDE0-4D30-8CA8-05A373E185BE}, NSC Byte Stream Handler, Preferred
.sami, {7A56C4CB-D678-4188-85A8-BA2EF68FA10D}, SAMI Byte Stream Handler, Preferred
.smi, {7A56C4CB-D678-4188-85A8-BA2EF68FA10D}, SAMI Byte Stream Handler, Preferred
.tod, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.ts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.tts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.uvu, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
.vob, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
.wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
.weba, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, WEBM Byte Stream Handler, Preferred
.webm, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, WEBM Byte Stream Handler, Preferred
.wm, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wma, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wmv, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
.wtv, {65964407-A5D8-4060-85B0-1CCD63F768E2}, WTV Byte Stream Handler, Preferred
audio/3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/3gpp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/aacp, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/eac3, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
audio/flac, {0E41CFB8-0506-40F4-A516-77CC23642D91}, MF FLAC Media Source ByteStreamHandler, Preferred
audio/L16, {3FFB3B8C-EB99-472B-8902-E1C1B05F07CF}, LPCM Byte Stream Handler, Preferred
audio/mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/MP4A-LATM, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/mpa, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mpeg, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/mpeg3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/vnd.dlna.adts, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/vnd.dolby.dd-raw, {46031BA1-083F-47D9-8369-23C92BDAB2FF}, AC-3 Byte Stream Handler, Preferred
audio/wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
audio/webm, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, WEBM Byte Stream Handler, Preferred
audio/x-aac, {926F41F7-003E-4382-9E84-9E953BE10562}, ADTS Byte Stream Handler, Preferred
audio/x-flac, {0E41CFB8-0506-40F4-A516-77CC23642D91}, MF FLAC Media Source ByteStreamHandler, Preferred
audio/x-m4a, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
audio/x-matroska, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
audio/x-mp3, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/x-mpeg, {A82E50BA-8E92-41EB-9DF2-433F50EC2993}, MP3 Byte Stream Handler, Preferred
audio/x-ms-wma, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
audio/x-wav, {42C9B9F5-16FC-47EF-AF22-DA05F7C842E3}, WAV Byte Stream Handler, Preferred
video/3gpp, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/3gpp2, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/avi, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
video/mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/mpeg, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
video/msvideo, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred
video/vnd.dece.mp4, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/vnd.dlna.mpeg-tts, {40871C59-AB40-471F-8DC3-1F259D862479}, MPEG2 Byte Stream Handler, Preferred
video/webm, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, WEBM Byte Stream Handler, Preferred
video/x-m4v, {271C3902-6095-4C45-A22F-20091816EE9E}, MPEG4 Byte Stream Handler, Preferred
video/x-matroska, {1F9A2C18-D89E-463E-B4F4-BB90152ACC64}, MKV Byte Stream Handler, Preferred
video/x-ms-asf, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-ms-wm, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-ms-wmv, {41457294-644C-4298-A28A-BD69F2C0CF3B}, ASF Byte Stream Handler, Preferred
video/x-msvideo, {7AFA253E-F823-42F6-A5D9-714BDE467412}, AVI Byte Stream Handler, Preferred


--------------------------------
Media Foundation Scheme Handlers
--------------------------------

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Foundation\SchemeHandlers]
[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\Preferred]

<URL type>, <handler CLSID>, <brief description>[, Preferred]

file:, {477EC299-1421-4BDD-971F-7CCB933F21AD}, File Scheme Handler, Preferred
http:, {44CB442B-9DA9-49DF-B3FD-023777B16E50}, Http Scheme Handler
http:, {9EC4B4F9-3029-45AD-947B-344DE2A249E2}, Urlmon Scheme Handler
http:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
httpd:, {44CB442B-9DA9-49DF-B3FD-023777B16E50}, Http Scheme Handler, Preferred
https:, {37A61C8B-7F8E-4D08-B12B-248D73E9AB4F}, Secure Http Scheme Handler, Preferred
httpsd:, {37A61C8B-7F8E-4D08-B12B-248D73E9AB4F}, Secure Http Scheme Handler, Preferred
httpt:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
httpu:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
mcast:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
mcrecv:, {FA6D33D4-9405-4BA5-9983-12604AC8E77A}, Miracast Sink Scheme Handler, Preferred
mms:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
ms-appdata:, {CFC81939-3886-4ACF-9692-DA58037AE716}, MsAppData Scheme Handler, Preferred
ms-appx-web:, {8DB0224B-3D65-4F6F-8E12-BEB4B78B8974}, MsAppxWeb Scheme Handler, Preferred
ms-appx:, {8DB0224B-3D65-4F6F-8E12-BEB4B78B8974}, MsAppx Scheme Handler, Preferred
ms-winsoundevent:, {F79A6BF9-7415-4CF3-AE10-4559509ABC3C}, Sound Event Scheme Handler, Preferred
rtsp:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
rtspt:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
rtspu:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred
sdp:, {E9F4EBAB-D97B-463E-A2B1-C54EE3F9414D}, Net Scheme Handler, Preferred


-------------------------------------
Preferred Media Foundation Transforms
-------------------------------------

[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms\Preferred]

<media subtype GUID>, [<transform friendly name>, ]<transform CLSID>

{E06D802C-DB46-11CF-B4D1-00805F6CBBEA}, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
MEDIASUBTYPE_DOLBY_DDPLUS, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
{00002000-0000-0010-8000-00AA00389B71}, Microsoft Dolby Digital Plus Decoder MFT, {177C0AFE-900B-48D4-9E4C-57ADD250B3D4}
{EB27CEC4-163E-4CA3-8B74-8E25F91B517E}, Dolby TrueHD IEC-61937 converter MFT, {CF5EEEDF-0E92-4B3B-A161-BD0FFE545E4B}
MFVideoFormat_MPEG2, Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}
{A61AC364-AD0E-4744-89FF-213CE0DF8804}, DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}
{A2E58EB7-0FA9-48BB-A40C-FA0E156D0645}, DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}
{7634706D-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
{73616D72-767A-494D-B478-F29D25DC9037}, MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}
MEDIASUBTYPE_mp4s, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MFVideoFormat_DVSL, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
MFVideoFormat_DVSD, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
MFVideoFormat_DVHD, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
{63616C61-0000-0010-8000-00AA00389B71}, Microsoft ALAC Audio Decoder MFT, {C0CD7D12-31FC-4BBC-B363-7322EE3E1879}
MFVideoFormat_MP4V, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MFVideoFormat_MP4S, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
{53314356-0000-0010-8000-00AA00389B71}, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVR, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_WMVP, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MJPG, MJPEG Decoder MFT, {CB17E772-E1CC-4633-8450-5617AF577905}
MEDIASUBTYPE_WMVA, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{3F40F4F0-5622-4FF8-B6D8-A17A584BEE5E}, Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT
MEDIASUBTYPE_mpg4, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MPG4, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MFVideoFormat_H264, Microsoft H264 Video Decoder MFT, CLSID_CMSH264DecoderMFT
MFVideoFormat_WMV3, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{33363248-0000-0010-8000-00AA00389B71}, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MEDIASUBTYPE_mp43, Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject
MFVideoFormat_MP43, Mpeg43 Decoder MFT, CLSID_CMpeg43DecMediaObject
MEDIASUBTYPE_m4s2, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MFVideoFormat_WMV2, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MSS2, WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject
MFVideoFormat_M4S2, Mpeg4s Decoder MFT, CLSID_CMpeg4sDecMFT
MEDIASUBTYPE_WVP2, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MEDIASUBTYPE_mp42, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MEDIASUBTYPE_MP42, Mpeg4 Decoder MFT, CLSID_CMpeg4DecMediaObject
MFVideoFormat_WMV1, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
MFVideoFormat_MSS1, WMV Screen decoder MFT, CLSID_CMSSCDecMediaObject
MFVideoFormat_MPG1, Microsoft MPEG Video Decoder MFT, {2D709E52-123F-49B5-9CBC-9AF5CDE28FB9}
MFVideoFormat_WVC1, WMVideo Decoder MFT, CLSID_CWMVDecMediaObject
{30395056-0000-0010-8000-00AA00389B71}, Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}
{30385056-0000-0010-8000-00AA00389B71}, Microsoft WebM MF VP8 Decoder Transform, {E3AAF548-C9A4-4C6E-234D-5ADA374B0000}
MFVideoFormat_DVC, DV Decoder MFT, {404A6DE5-D4D6-4260-9BC7-5A6CBD882432}
{0000F1AC-0000-0010-8000-00AA00389B71}, Microsoft FLAC Audio Decoder MFT, {6B0B3E6B-A2C5-4514-8055-AFE8A95242D9}
{00007361-0000-0010-8000-00AA00389B71}, MS AMRNB Decoder MFT, {265011AE-5481-4F77-A295-ABB6FFE8D63E}
{0000704F-0000-0010-8000-00AA00389B71}, Microsoft Opus Audio Decoder MFT, {63E17C10-2D43-4C42-8FE3-8D8B63E46A6A}
{00006C61-0000-0010-8000-00AA00389B71}, Microsoft ALAC Audio Decoder MFT, {C0CD7D12-31FC-4BBC-B363-7322EE3E1879}
{00002001-0000-0010-8000-00AA00389B71}, DTS IEC-61937 converter MFT, {D035E24C-C877-42D7-A795-2A8A339B472F}
MFAudioFormat_AAC, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
MFAudioFormat_ADTS, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
MFAudioFormat_WMAudio_Lossless, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MFAudioFormat_WMAudioV9, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MFAudioFormat_WMAudioV8, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MEDIASUBTYPE_MSAUDIO1, WMAudio Decoder MFT, CLSID_CWMADecMediaObject
MEDIASUBTYPE_RAW_AAC1, Microsoft AAC Audio Decoder MFT, CLSID_CMSAACDecMFT
MFAudioFormat_MP3, MP3 Decoder MFT, CLSID_CMP3DecMediaObject
MFAudioFormat_MPEG, Microsoft MPEG Audio Decoder MFT, {70707B39-B2CA-4015-ABEA-F8447D22D88B}
{00000031-0000-0010-8000-00AA00389B71}, GSM ACM Wrapper MFT, {4A76B469-7B66-4DD4-BA2D-DDF244C766DC}
{00000011-0000-0010-8000-00AA00389B71}, IMA ADPCM ACM Wrapper MFT, {A16E1BFF-A80D-48AD-AECD-A35C005685FE}
WMMEDIASUBTYPE_WMSP2, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
MFAudioFormat_MSP1, WMSpeech Decoder DMO, CLSID_CWMSPDecMediaObject
KSDATAFORMAT_SUBTYPE_MULAW, G711 Wrapper MFT, {92B66080-5E2D-449E-90C4-C41F268E5514}
{00000006-0000-0010-8000-00AA00389B71}, A-law Wrapper MFT, {36CB6E0C-78C1-42B2-9943-846262F31786}
KSDATAFORMAT_SUBTYPE_ADPCM, ADPCM ACM Wrapper MFT, {CA34FE0A-5722-43AD-AF23-05F7650257DD}


-------------------------------------
Disabled Media Foundation Transforms
-------------------------------------

[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\Transforms\DoNotUse]

<transform CLSID>



------------------------
Disabled Media Sources
------------------------

[HKEY_LOCAL_MACHINE\Software\Classes\MediaFoundation\MediaSources\DoNotUse]

<media source CLSID>


---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
  Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
  Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
  PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0

---------------
Diagnostics
---------------

Windows Error Reporting:
+++ WER0 +++:
Fault bucket 1878122469607715188, type 5
Event Name: MoAppHang
Response: Not available
Cab Id: 0

Problem signature:
P1: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
P2: praid:ContentProcess
P3: 11.0.17134.48
P4: 5ae3f17b
P5: 955e
P6: 2097152
P7:
P8:
P9:
P10:


+++ WER1 +++:
Fault bucket 1186989302643243234, type 5
Event Name: MpTelemetry
Response: Not available
Cab Id: 0

Problem signature:
P1: unspecified
P2: HardeningTelemetry
P3: HardeningTelemetryDisableAS
P4: 4.14.17639.18041
P5: unspecified
P6: unspecified
P7: unspecified
P8:
P9:
P10:


+++ WER2 +++:
Fault bucket 2126744786721917166, type 5
Event Name: MpTelemetry
Response: Not available
Cab Id: 0

Problem signature:
P1: unspecified
P2: HardeningTelemetry
P3: HardeningTelemetryDisableAV
P4: 4.14.17639.18041
P5: unspecified
P6: unspecified
P7: unspecified
P8:
P9:
P10:


+++ WER3 +++:
Fault bucket , type 0
Event Name: MpTelemetry
Response: Not available
Cab Id: 0

Problem signature:
P1: unspecified
P2: HardeningTelemetry
P3: HardeningTelemetryDisableAS
P4: 4.14.17639.18041
P5: unspecified
P6: unspecified
P7: unspecified
P8:
P9:
P10:


+++ WER4 +++:
Fault bucket , type 0
Event Name: MpTelemetry
Response: Not available
Cab Id: 0

Problem signature:
P1: unspecified
P2: HardeningTelemetry
P3: HardeningTelemetryDisableAV
P4: 4.14.17639.18041
P5: unspecified
P6: unspecified
P7: unspecified
P8:
P9:
P10:


+++ WER5 +++:
No Data
+++ WER6 +++:
No Data
+++ WER7 +++:
No Data
+++ WER8 +++:
No Data
+++ WER9 +++:
No Data
 

 

 

 

 

 


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Go in to Control Panel, Power Options,

Show Additional Plans then Select

High Performance.

 

Then

 

Try WhySoSlow:

The Download is on

http://www.resplendence.com/downloads

Look under System Monitoring Tools for WhySoSlow 1.0  then click on


Download free home edition

Save the file then right click and Run As Admin.  Follow the prompts. Let it run for a minute (watch the Time Running indication at the bottom) then hit Analyze

Then when a new window appears hit Analyze again.   Once the report appears scroll down and see if it complains about anything.  You can Save the report but it saves as WhySoSlowOutput.htm which the forum won't let you attach.  You can either zip it up or rename it to WhySoSlowOutput.txt then attach it.


  • 0

Advertisements


#11
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Ok, switched over to High Performance mode.

 

Hope this zipped file works for you, I had to Google how to do it in Win10, I haven't zipped a file since the old WinZip days when I was using maaaayyybe Win2000  LOL.

 

 

Attached Files


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

In an elevated command prompt type:

 

start msconfig

 

hit Enter

 

under the General tab select Diagnostic Startup then OK and reboot.

 

Run Process Explorer as before and post the log.


  • 0

#13
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    89.52    52 K    8 K    0            
procexp64.exe    6.36    21,872 K    51,260 K    4156    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    1.18    35,484 K    40,648 K    496    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    0.51    0 K    0 K    n/a    Hardware Interrupts and DPCs        
System    0.32    204 K    10,888 K    4            
MsMpEng.exe    0.35    127,208 K    111,596 K    4052    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
csrss.exe    0.17    2,276 K    4,960 K    640    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
FacebookGameroom.exe    0.20    28,472 K    57,324 K    3228    FacebookGameroom    Facebook    (Verified) Facebook
AVGUI.exe    0.13    17,260 K    16,280 K    1816    AVG Antivirus    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
explorer.exe    0.93    44,780 K    95,964 K    2788    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
pcTrayApp.exe    0.02    3,168 K    6,828 K    3372    mcci+McciTrayApp    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
services.exe    0.02    3,424 K    7,688 K    692    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AVGSvc.exe    0.06    77,384 K    40,216 K    1312    AVG Service    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
WNA1100.exe    0.01    2,804 K    8,908 K    3564    Netgear        (Verified) NETGEAR
CCleaner64.exe    0.01    8,344 K    16,896 K    3752    CCleaner    Piriform Ltd    (Verified) Piriform Ltd
avguix.exe    0.01    11,856 K    29,016 K    1500    AVG User Interface    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
Lightshot.exe    < 0.01    9,940 K    14,936 K    3984    Lightshot    Skillbrains    (No signature was present in the subject) Skillbrains
OneDrive.exe    < 0.01    10,680 K    36,044 K    2456    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    3,652 K    10,452 K    5032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,116 K    21,732 K    872    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
notepad.exe    < 0.01    3,156 K    15,160 K    4760    Notepad    Microsoft Corporation    (Verified) Microsoft Windows
pcContextHookShim.exe    < 0.01    1,756 K    8,440 K    2096    mcci+McciContextHookShim    Alcatel-Lucent    (No signature was present in the subject) Alcatel-Lucent
aswidsagenta.exe    0.06    15,656 K    31,288 K    2088    AVG Software Analyzer    AVG Technologies CZ, s.r.o.    (Verified) AVG Netherlands B.V.
winlogon.exe        2,380 K    10,188 K    756    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,604 K    6,596 K    624    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Video.UI.exe    Suspended    25,452 K    43,480 K    3952            (No signature was present in the subject)
taskhostw.exe    0.09    6,632 K    20,208 K    2472    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.03    4,740 K    10,356 K    964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,108 K    7,692 K    1008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,084 K    8,784 K    1172    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,944 K    11,596 K    2660    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,740 K    9,596 K    1696    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,236 K    12,876 K    2392    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,576 K    11,336 K    4668    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,048 K    11,368 K    1164    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,608 K    9,036 K    1300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,772 K    28,940 K    2416    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,264 K    14,756 K    1076    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,648 K    10,524 K    1144    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,760 K    10,048 K    4384    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,660 K    6,168 K    1504    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,976 K    7,540 K    536    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,072 K    7,240 K    1468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,752 K    8,124 K    1872    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,040 K    7,496 K    2828    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smss.exe        524 K    1,172 K    408    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smartscreen.exe        16,636 K    26,196 K    3504    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
SkypeHost.exe    Suspended    2,980 K    14,404 K    3492    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        5,680 K    23,540 K    2400    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    33,584 K    72,924 K    520    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        1,540 K    4,392 K    712    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        2,692 K    11,424 K    1480    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    59,060 K    108,080 K    3220    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,156 K    25,784 K    3144    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,988 K    7,148 K    5088    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        3,644 K    15,756 K    3864    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,064 K    14,748 K    3416    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,232 K    8,436 K    4324    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,720 K    6,444 K    4300    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
Registry        4,396 K    32,252 K    88            
procexp.exe        3,184 K    10,172 K    3936    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
NvBackend.exe    0.01    7,484 K    16,964 K    1228    NVIDIA Backend    NVIDIA Corporation    (Verified) NVIDIA Corporation
NisSrv.exe        9,128 K    10,180 K    3624    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
lsass.exe        3,496 K    11,924 K    700    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
HxTsr.exe    Suspended    5,232 K    22,408 K    3884    Microsoft Outlook Communications    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
fontdrvhost.exe    < 0.01    2,008 K    5,820 K    888    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,384 K    3,720 K    880    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
Facebook Gameroom Browser.exe        26,260 K    31,220 K    5028    Facebook Gameroom Browser    The CefSharp Authors    (Verified) Facebook
csrss.exe        1,784 K    4,900 K    532    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher

 


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,885 posts
  • MVP

Looks a lot better. 

 

Interrupts    0.51    0 K    0 K    n/a    Hardware Interrupts and DPCs       

 

 

Go back into MSCONFIG.

Under the General tab, check Selective Startup.  Uncheck Load Startup Items. Apply

Under Services tab, click on Hide all Microsoft Services then uncheck everything.  Apply.  

Reboot

 

Run Process Explorer again and look at Interrupts.   Is it still down around 0.51?  (or at least under 1.0?)  If it is then go back into MSCONFIG and Under Services tab, recheck about 1/2 of the services you unchecked.  Apply and reboot.

If Interrupts jumps up then one of the titems you checked is at fault.  Go back and try to isolate it to a single service by unchecking 1/2  of those you just rechecked.  Repeat until you find the culprit.

 

It checking all of the services has no effect or only a small effect then go to Startup and click on the link to Task Manager.  They have made it harder now.  You have to select an item then Disable (or Enable) one at a time then do the next.  Do about 1/2 then reboot.

 

Any luck? 


  • 0

#15
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

It still jumps back and forth from just above and below .51. I turned on just those entries that had to do with my AVG Antivirus and reran the Process Explorer. The majority of the jumping stays below in the .30 - .40 range now. I didn't see anything in that list of services that seemed important enough to turn back on right away.

What do you think?

2v19obd.png


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP