Code:
MiniToolBox
MiniToolBox by Farbar Version: 17-06-2016
Ran by wonderchu (administrator) on 10-10-2016 at 01:44:41
Running from "C:\Users\pap3r\Downloads"
Microsoft Windows 10 Home (X64)
Model: X555YA Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Qualcomm Atheros AR9485 Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-AO0K215
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F8-32-E4-C7-DE-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 12-52-CB-A1-3C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
Physical Address. . . . . . . . . : 30-52-CB-A1-3C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::41b3:fea1:e104:47b8%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 10 October 2016 01:10:53
Lease Expires . . . . . . . . . . : 11 October 2016 01:39:21
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 36721355
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9B-31-75-F8-32-E4-C7-DE-79
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{1D4D7630-6595-45FB-B203-8DCD99B921D3}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:20d9:3406:a317:6d02(Preferred)
Link-local IPv6 Address . . . . . : fe80::20d9:3406:a317:6d02%15(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 251658240
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9B-31-75-F8-32-E4-C7-DE-79
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: routerlogin.net
Address: 192.168.0.1
Name: google.com
Addresses: 2a00:1450:4009:809::200e
216.58.204.46
Pinging google.com [216.58.204.46] with 32 bytes of data:
Reply from 216.58.204.46: bytes=32 time=21ms TTL=52
Reply from 216.58.204.46: bytes=32 time=18ms TTL=52
Ping statistics for 216.58.204.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 21ms, Average = 19ms
Server: routerlogin.net
Address: 192.168.0.1
Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
98.138.253.109
206.190.36.45
98.139.183.24
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=112ms TTL=47
Reply from 98.139.183.24: bytes=32 time=113ms TTL=47
Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 112ms, Maximum = 113ms, Average = 112ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...f8 32 e4 c7 de 79 ......Realtek PCIe GBE Family Controller
8...12 52 cb a1 3c 9a ......Microsoft Wi-Fi Direct Virtual Adapter
3...30 52 cb a1 3c 9a ......Qualcomm Atheros AR9485 Wireless Network Adapter
1...........................Software Loopback Interface 1
5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.8 311
192.168.0.8 255.255.255.255 On-link 192.168.0.8 311
192.168.0.255 255.255.255.255 On-link 192.168.0.8 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.0.8 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.0.8 311
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 331 ::/0 On-link
1 331 ::1/128 On-link
15 331 2001::/32 On-link
15 331 2001:0:9d38:90d7:20d9:3406:a317:6d02/128
On-link
3 311 fe80::/64 On-link
15 331 fe80::/64 On-link
15 331 fe80::20d9:3406:a317:6d02/128
On-link
3 311 fe80::41b3:fea1:e104:47b8/128
On-link
1 331 ff00::/8 On-link
3 311 ff00::/8 On-link
15 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (10/09/2016 02:13:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-AO0K215)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/09/2016 02:13:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-AO0K215)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (10/09/2016 02:07:18 PM) (Source: Office 2016 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422302
Error: (10/09/2016 03:43:49 AM) (Source: ESENT) (User: )
Description: SettingSyncHost (7480) An attempt to open the file "C:\Users\pap3r\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (10/09/2016 03:43:49 AM) (Source: ESENT) (User: )
Description: SettingSyncHost (7480) An attempt to open the file "C:\Users\pap3r\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.edb" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1547
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1547
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/08/2016 02:23:21 PM) (Source: Office 2016 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422302
Error: (10/08/2016 02:20:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2093
System errors:
=============
Error: (10/10/2016 01:12:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/10/2016 01:12:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/10/2016 01:12:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/10/2016 01:10:52 AM) (Source: Service Control Manager) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (10/10/2016 01:10:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.
Error: (10/10/2016 12:56:06 AM) (Source: DCOM) (User: DESKTOP-AO0K215)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-AO0K215wonderchuS-1-5-21-3565229644-3584208663-2009711807-1001LocalHost (Using LRPC)Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (10/10/2016 12:56:06 AM) (Source: DCOM) (User: DESKTOP-AO0K215)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-AO0K215wonderchuS-1-5-21-3565229644-3584208663-2009711807-1001LocalHost (Using LRPC)Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (10/10/2016 12:31:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/10/2016 12:31:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/10/2016 12:30:57 AM) (Source: Service Control Manager) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Microsoft Office Sessions:
=========================
Error: (10/09/2016 02:13:29 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-AO0K215)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (10/09/2016 02:13:29 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DESKTOP-AO0K215)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (10/09/2016 02:07:18 PM) (Source: Office 2016 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422302
Error: (10/09/2016 03:43:49 AM) (Source: ESENT)(User: )
Description: SettingSyncHost7480C:\Users\pap3r\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (10/09/2016 03:43:49 AM) (Source: ESENT)(User: )
Description: SettingSyncHost7480C:\Users\pap3r\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1547
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1547
Error: (10/08/2016 05:17:18 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/08/2016 02:23:21 PM) (Source: Office 2016 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422302
Error: (10/08/2016 02:20:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2093
CodeIntegrity Errors:
===================================
Date: 2016-10-10 01:43:52.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-10 01:43:52.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-10 01:42:35.410
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-10 01:42:35.407
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:07:06.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:07:06.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:07:06.878
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:07:06.711
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:07:06.588
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-08 19:06:51.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37D6D928-E5B2-954B-8ED8-60FD8147FDC9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.83 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
FormatFactory 3.9.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.9.0.1 - Free Time)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 40.0.2308.81 (HKLM-x32\...\Opera 40.0.2308.81) (Version: 40.0.2308.81 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Generations (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Generations) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (HKLM-x32\...\{AC4F797F-F4E3-49BB-B4F7-31560EAE1CFE}) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.6.0.1 - )
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
========================= Devices: ================================
========================= Memory info: ===================================
Percentage of memory in use: 31%
Total physical RAM: 7093.95 MB
Available physical RAM: 4828.81 MB
Total Virtual: 8245.95 MB
Available Virtual: 6011.34 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:262.62 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:558.11 GB) NTFS
========================= Users: ========================================
User accounts for \\DESKTOP-AO0K215
Administrator DefaultAccount Guest
wonderchu
**** End of log ****
wireless test tool
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-AO0K215
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F8-32-E4-C7-DE-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 12-52-CB-A1-3C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR9485 Wireless Network Adapter
Physical Address. . . . . . . . . : 30-52-CB-A1-3C-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::41b3:fea1:e104:47b8%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 10 October 2016 01:10:53
Lease Expires . . . . . . . . . . : 11 October 2016 01:39:20
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 36721355
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9B-31-75-F8-32-E4-C7-DE-79
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{1D4D7630-6595-45FB-B203-8DCD99B921D3}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:20d9:3406:a317:6d02(Preferred)
Link-local IPv6 Address . . . . . : fe80::20d9:3406:a317:6d02%15(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 251658240
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-9B-31-75-F8-32-E4-C7-DE-79
NetBIOS over Tcpip. . . . . . . . : Disabled
Interface name : Wi-Fi
There are 1 networks currently visible.
SSID 1 : VM212872-2G
Network type : Infrastructure
Authentication : WPA2-Personal
Encryption : CCMP
BSSID 1 : e4:f4:c6:b2:a7:f8
Signal : 98%
Radio type : 802.11n
Channel : 11
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54
Profiles on interface Wi-Fi:
Group policy profiles (read only)
---------------------------------
<None>
User profiles
-------------
All User Profile : SAFreeWiFi
All User Profile : Howard Johnson WiFi
All User Profile : BW MarketCenter
All User Profile : attwifi
All User Profile : dublin 1 apartments
All User Profile : BTWifi-with-FON
All User Profile : VM212872-2G
Pinging 194.119.131.66 with 32 bytes of data:
Reply from 194.119.131.66: bytes=32 time=20ms TTL=57
Reply from 194.119.131.66: bytes=32 time=17ms TTL=57
Reply from 194.119.131.66: bytes=32 time=17ms TTL=57
Reply from 194.119.131.66: bytes=32 time=19ms TTL=57
Ping statistics for 194.119.131.66:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 20ms, Average = 18ms
Pinging plus.net [212.159.9.2] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 212.159.9.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Tracing route to cns1.uk.vianw.net [194.119.131.66]
over a maximum of 30 hops:
1 2 ms 2 ms 2 ms routerlogin.net [192.168.0.1]
2 11 ms 11 ms 11 ms cpc3-sutt4-2-0-gw.perr.cable.virginm.net [92.232.146.1]
3 10 ms 11 ms 15 ms perr-core-2b-ae14-703.network.virginmedia.net [80.1.68.162]
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 30 ms 19 ms 19 ms tele-ic-3-ae0-0.network.virginmedia.net [212.43.163.70]
8 23 ms 21 ms 19 ms g1-1-8-t40-br3.router.uk.clara.net [212.43.163.94]
9 18 ms 19 ms 19 ms tengige0-1-1-0-t6-ar14.router.uk.clara.net [195.157.3.110]
10 20 ms 19 ms 19 ms cns1.uk.vianw.net [194.119.131.66]
Trace complete.
These Windows services are started:
Adobe Acrobat Update Service
AMD External Events Utility
Apple Mobile Device Service
Application Information
AppX Deployment Service (AppXSVC)
ASLDR Service
Asus GiftBox Desktop
ATKGFNEX Service
Avast SecureLine
Background Tasks Infrastructure Service
Base Filtering Engine
Bonjour Service
CDPUserSvc_69fb8
Certificate Propagation
CNG Key Isolation
COM+ Event System
Computer Browser
Conexant Audio Message Service
Conexant SmartAudio service
Connected Devices Platform Service
Connected User Experiences and Telemetry
Contact Data_69fb8
CoreMessaging
Credential Manager
Cryptographic Services
Cyberlink RichVideo64 Service(CRVS)
DCOM Server Process Launcher
Device Association Service
DHCP Client
Diagnostic Policy Service
Diagnostic Service Host
Diagnostic System Host
Distributed Link Tracking Client
DNS Client
Function Discovery Provider Host
Function Discovery Resource Publication
GamesAppIntegrationService
HomeGroup Listener
HomeGroup Provider
IP Helper
iPod Service
Local Session Manager
Microsoft Office Click-to-Run Service
Network Connected Devices Auto-Setup
Network Connection Broker
Network Connections
Network List Service
Network Location Awareness
Network Store Interface Service
Peer Name Resolution Protocol
Peer Networking Grouping
Peer Networking Identity Manager
Plug and Play
Power
Print Spooler
Program Compatibility Assistant Service
Remote Procedure Call (RPC)
RPC Endpoint Mapper
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
SSDP Discovery
State Repository Service
Superfetch
Sync Host_69fb8
System Event Notification Service
System Events Broker
Task Scheduler
tbaseprovisioning
TCP/IP NetBIOS Helper
Themes
Tile Data model server
Time Broker
UPnP Device Host
User Data Access_69fb8
User Data Storage_69fb8
User Manager
User Profile Service
Windows Audio
Windows Audio Endpoint Builder
Windows Connect Now - Config Registrar
Windows Connection Manager
Windows Defender Network Inspection Service
Windows Defender Service
Windows Driver Foundation - User-mode Driver Framework
Windows Event Log
Windows Firewall
Windows Font Cache Service
Windows Image Acquisition (WIA)
Windows License Manager Service
Windows Management Instrumentation
Windows Media Player Network Sharing Service
Windows Push Notifications System Service
Windows Search
Windows Update
WinHTTP Web Proxy Auto-Discovery Service
WLAN AutoConfig
Workstation
The command completed successfully.
Microsoft Windows [Version 10.0.14393]
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 4 K
System 4 Services 0 30,352 K
smss.exe 412 Services 0 1,180 K
csrss.exe 544 Services 0 4,280 K
wininit.exe 664 Services 0 5,276 K
csrss.exe 680 Console 1 6,928 K
winlogon.exe 748 Console 1 9,112 K
services.exe 792 Services 0 7,476 K
lsass.exe 800 Services 0 16,084 K
svchost.exe 904 Services 0 24,432 K
svchost.exe 976 Services 0 11,464 K
dwm.exe 428 Console 1 43,308 K
svchost.exe 512 Services 0 53,172 K
svchost.exe 660 Services 0 94,468 K
svchost.exe 924 Services 0 28,868 K
svchost.exe 1032 Services 0 26,656 K
svchost.exe 1200 Services 0 30,488 K
svchost.exe 1308 Services 0 18,208 K
tbaseprovisioning.exe 1380 Services 0 33,764 K
atiesrxx.exe 1388 Services 0 5,504 K
atieclxx.exe 1432 Console 1 9,612 K
svchost.exe 1652 Services 0 10,100 K
svchost.exe 1752 Services 0 13,576 K
svchost.exe 1836 Services 0 16,612 K
AsLdrSrv.exe 1924 Services 0 5,504 K
GFNEXSrv.exe 1936 Services 0 3,396 K
spoolsv.exe 1576 Services 0 25,428 K
SearchIndexer.exe 1552 Services 0 32,860 K
svchost.exe 2088 Services 0 20,624 K
dasHost.exe 2248 Services 0 20,848 K
armsvc.exe 2392 Services 0 6,452 K
CxAudMsg64.exe 2400 Services 0 8,208 K
OfficeClickToRun.exe 2408 Services 0 33,460 K
ASUSGiftBoxDesktop.exe 2420 Services 0 6,448 K
AppleMobileDeviceService. 2428 Services 0 12,560 K
mDNSResponder.exe 2444 Services 0 6,580 K
svchost.exe 2500 Services 0 26,228 K
RichVideo64.exe 2644 Services 0 6,820 K
SASrv.exe 2760 Services 0 6,340 K
vpnsvc.exe 2768 Services 0 13,540 K
svchost.exe 2784 Services 0 21,352 K
svchost.exe 2792 Services 0 11,556 K
MsMpEng.exe 2812 Services 0 127,268 K
Memory Compression 2932 Services 0 2,064 K
svchost.exe 4548 Services 0 13,268 K
NisSrv.exe 5704 Services 0 13,160 K
dllhost.exe 5880 Services 0 6,520 K
HControl.exe 4636 Console 1 9,008 K
sihost.exe 812 Console 1 28,428 K
svchost.exe 2328 Console 1 28,364 K
USBChargerPlus.exe 1856 Console 1 468 K
taskhostw.exe 2196 Console 1 19,996 K
ACMON.exe 2104 Console 1 404 K
RuntimeBroker.exe 5404 Console 1 48,308 K
explorer.exe 6240 Console 1 138,984 K
DMedia.exe 6264 Console 1 7,408 K
ATKOSD2.exe 6260 Console 1 8,836 K
ShellExperienceHost.exe 6744 Console 1 64,684 K
SearchUI.exe 6968 Console 1 87,456 K
GoogleCrashHandler.exe 7000 Services 0 680 K
GoogleCrashHandler64.exe 7012 Services 0 144 K
SkypeHost.exe 5808 Console 1 264 K
AsusTPLoader.exe 3744 Console 1 608 K
AsusTPCenter.exe 1960 Console 1 1,156 K
AsusTPHelper.exe 7268 Console 1 372 K
CAudioFilterAgent64.exe 7372 Console 1 9,256 K
iTunesHelper.exe 7416 Console 1 15,340 K
MSASCuiL.exe 7456 Console 1 13,132 K
OneDrive.exe 7516 Console 1 35,380 K
chrome.exe 7524 Console 1 112,816 K
ScanToPCActivationApp.exe 7552 Console 1 13,960 K
secureline.exe 7592 Console 1 20,604 K
iPodService.exe 7664 Services 0 7,888 K
chrome.exe 7836 Console 1 8,136 K
chrome.exe 8012 Console 1 8,824 K
chrome.exe 8116 Console 1 41,928 K
chrome.exe 7176 Console 1 63,332 K
chrome.exe 7200 Console 1 55,288 K
HPNetworkCommunicator.exe 8360 Console 1 9,752 K
GamesAppIntegrationServic 8532 Services 0 7,560 K
SmartAudio.exe 9000 Console 1 74,964 K
wmpnetwk.exe 6436 Services 0 23,588 K
MpCmdRun.exe 7688 Services 0 11,456 K
ApplicationFrameHost.exe 5412 Console 1 27,252 K
SystemSettings.exe 10732 Console 1 41,868 K
WinStore.Mobile.exe 11068 Console 1 37,324 K
smartscreen.exe 8308 Console 1 23,344 K
audiodg.exe 10000 Services 0 24,660 K
svchost.exe 1800 Services 0 9,264 K
SearchProtocolHost.exe 5348 Services 0 9,588 K
wireless.exe 9400 Console 1 11,328 K
chrome.exe 9504 Console 1 15,716 K
SearchFilterHost.exe 10340 Services 0 7,192 K
cmd.exe 10692 Console 1 3,632 K
conhost.exe 10372 Console 1 11,504 K
tasklist.exe 9588 Console 1 8,032 K
WmiPrvSE.exe 11172 Services 0 8,572 K
MTU MediaSenseState Bytes In Bytes Out Interface
------ --------------- --------- --------- -------------
1500 1 109092749 19827840 Wi-Fi
1500 5 0 0 Ethernet
1500 5 0 0 Local Area Connection* 2
4294967295 1 0 217746 Loopback Pseudo-Interface 1
Querying active state...
TCP Global Parameters
----------------------------------------------
Receive-Side Scaling State : enabled
Chimney Offload State : disabled
NetDMA State : disabled
Direct Cache Access (DCA) : disabled
Receive Window Auto-Tuning Level : normal
Add-On Congestion Control Provider : none
ECN Capability : disabled
RFC 1323 Timestamps : disabled
Initial RTO : 3000
Receive Segment Coalescing State : disabled
Non Sack Rtt Resiliency : disabled
Max SYN Retransmissions : 2
TCP Fast Open : enabled
===========================================================================
Interface List
12...f8 32 e4 c7 de 79 ......Realtek PCIe GBE Family Controller
8...12 52 cb a1 3c 9a ......Microsoft Wi-Fi Direct Virtual Adapter
3...30 52 cb a1 3c 9a ......Qualcomm Atheros AR9485 Wireless Network Adapter
1...........................Software Loopback Interface 1
5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.8 311
192.168.0.8 255.255.255.255 On-link 192.168.0.8 311
192.168.0.255 255.255.255.255 On-link 192.168.0.8 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.0.8 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.0.8 311
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 331 ::/0 On-link
1 331 ::1/128 On-link
15 331 2001::/32 On-link
15 331 2001:0:9d38:90d7:20d9:3406:a317:6d02/128
On-link
3 311 fe80::/64 On-link
15 331 fe80::/64 On-link
15 331 fe80::20d9:3406:a317:6d02/128
On-link
3 311 fe80::41b3:fea1:e104:47b8/128
On-link
1 331 ff00::/8 On-link
3 311 ff00::/8 On-link
15 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 DESKTOP-AO0K215:0 LISTENING
RpcSs
[System]
TCP 0.0.0.0:445 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:554 DESKTOP-AO0K215:0 LISTENING
WMPNetworkSvc
[System]
TCP 0.0.0.0:2869 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:5357 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:8732 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:10243 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:49664 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:49665 DESKTOP-AO0K215:0 LISTENING
EventLog
[System]
TCP 0.0.0.0:49666 DESKTOP-AO0K215:0 LISTENING
Schedule
[System]
TCP 0.0.0.0:49667 DESKTOP-AO0K215:0 LISTENING
Spooler
[System]
TCP 0.0.0.0:49671 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 0.0.0.0:49672 DESKTOP-AO0K215:0 LISTENING
[System]
TCP 0.0.0.0:65530 DESKTOP-AO0K215:0 LISTENING
[GamesAppIntegrationService.exe]
TCP 127.0.0.1:5354 DESKTOP-AO0K215:0 LISTENING
Bonjour Service
[System]
TCP 127.0.0.1:5354 DESKTOP-AO0K215:49668 ESTABLISHED
Bonjour Service
[System]
TCP 127.0.0.1:5354 DESKTOP-AO0K215:49669 ESTABLISHED
Bonjour Service
[System]
TCP 127.0.0.1:7532 DESKTOP-AO0K215:0 LISTENING
[ASUSGIFTBOXDesktop.exe]
TCP 127.0.0.1:27015 DESKTOP-AO0K215:0 LISTENING
Apple Mobile Device Service
[System]
TCP 127.0.0.1:27015 DESKTOP-AO0K215:49834 ESTABLISHED
Apple Mobile Device Service
[System]
TCP 127.0.0.1:49668 DESKTOP-AO0K215:5354 ESTABLISHED
Apple Mobile Device Service
[System]
TCP 127.0.0.1:49669 DESKTOP-AO0K215:5354 ESTABLISHED
Apple Mobile Device Service
[System]
TCP 127.0.0.1:49834 DESKTOP-AO0K215:27015 ESTABLISHED
[System]
TCP 127.0.0.1:49887 DESKTOP-AO0K215:0 LISTENING
[SmartAudio.exe]
TCP 192.168.0.8:139 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP 192.168.0.8:34221 DESKTOP-AO0K215:0 LISTENING
[System]
TCP 192.168.0.8:49806 msnbot-191-232-139-125:https ESTABLISHED
ProfSvc
[System]
TCP 192.168.0.8:49824 msnbot-191-232-139-68:https ESTABLISHED
[System]
TCP 192.168.0.8:49861 msnbot-191-232-139-124:https ESTABLISHED
[OneDrive.exe]
TCP 192.168.0.8:49884 HP85B7B1:8080 ESTABLISHED
[System]
TCP 192.168.0.8:50069 91.190.218.21:https CLOSE_WAIT
[System]
TCP 192.168.0.8:50073 111.221.77.151:40029 ESTABLISHED
[System]
TCP 192.168.0.8:50086 91.190.217.47:12350 ESTABLISHED
[System]
TCP 192.168.0.8:50755 wo-in-f188:5228 ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50823 wn-in-f99:http CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50824 lhr35s04-in-f10:https TIME_WAIT
TCP 192.168.0.8:50827 wn-in-f99:https TIME_WAIT
TCP 192.168.0.8:50829 lhr25s13-in-f14:https TIME_WAIT
TCP 192.168.0.8:50837 lhr25s12-in-f14:https TIME_WAIT
TCP 192.168.0.8:50851 lhr25s12-in-f3:https TIME_WAIT
TCP 192.168.0.8:50853 wo-in-f95:http CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50860 lhr25s10-in-f3:http CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50866 lhr25s10-in-f3:http CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50867 lhr25s02-in-f110:https TIME_WAIT
TCP 192.168.0.8:50869 lhr25s10-in-f168:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50870 23.235.33.217:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50882 2.20.139.117:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50883 2.20.139.117:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50886 2.18.38.190:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50902 lhr25s12-in-f14:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50903 lhr25s10-in-f14:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50906 6a:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50907 routerlogin:49152 TIME_WAIT
TCP 192.168.0.8:50908 ip-68-71-251-224:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50909 ip-68-71-251-224:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50910 server-54-192-11-10:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50911 ec2-54-243-71-215:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50913 151.101.60.175:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50914 server-54-230-11-182:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50915 203:https CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50916 xx-fbcdn-shv-01-lhr3:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50917 74:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50918 spdc:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50919 spdc:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50920 edge-star-mini-shv-01-lhr3:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50921 lhr25s10-in-f14:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50922 ec2-23-23-134-255:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50923 151.101.60.175:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50925 104.130.251.2:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50926 185.33.222.93:http CLOSE_WAIT
[chrome.exe]
TCP 192.168.0.8:50927 wb-in-f156:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50928 ec2-54-236-87-23:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50929 lhr25s10-in-f4:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50930 104.239.245.27:http ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50931 lhr25s10-in-f3:https ESTABLISHED
[chrome.exe]
TCP 192.168.0.8:50934 ec2-54-171-4-29:http ESTABLISHED
[chrome.exe]
TCP [::]:135 DESKTOP-AO0K215:0 LISTENING
RpcSs
[System]
TCP [::]:445 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:554 DESKTOP-AO0K215:0 LISTENING
WMPNetworkSvc
[System]
TCP [::]:2869 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:3587 DESKTOP-AO0K215:0 LISTENING
p2psvc
[System]
TCP [::]:5357 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:8732 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:10243 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:49664 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:49665 DESKTOP-AO0K215:0 LISTENING
EventLog
[System]
TCP [::]:49666 DESKTOP-AO0K215:0 LISTENING
Schedule
[System]
TCP [::]:49667 DESKTOP-AO0K215:0 LISTENING
Spooler
[System]
TCP [::]:49671 DESKTOP-AO0K215:0 LISTENING
Can not obtain ownership information
TCP [::]:49672 DESKTOP-AO0K215:0 LISTENING
[System]
TCP [fe80::41b3:fea1:e104:47b8%3]:445 DESKTOP-AO0K215:49865 ESTABLISHED
Can not obtain ownership information
TCP [fe80::41b3:fea1:e104:47b8%3]:49865 DESKTOP-AO0K215:microsoft-ds ESTABLISHED
Can not obtain ownership information
UDP 0.0.0.0:3544 *:*
iphlpsvc
[System]
UDP 0.0.0.0:3702 *:*
FDResPub
[System]
UDP 0.0.0.0:3702 *:*
netprofm
[System]
UDP 0.0.0.0:3702 *:*
FDResPub
[System]
UDP 0.0.0.0:3702 *:*
[System]
UDP 0.0.0.0:3702 *:*
[System]
UDP 0.0.0.0:3702 *:*
netprofm
[System]
UDP 0.0.0.0:5004 *:*
WMPNetworkSvc
[System]
UDP 0.0.0.0:5005 *:*
WMPNetworkSvc
[System]
UDP 0.0.0.0:5050 *:*
CDPSvc
[System]
UDP 0.0.0.0:5353 *:*
Dnscache
[System]
UDP 0.0.0.0:5353 *:*
[chrome.exe]
UDP 0.0.0.0:5353 *:*
[chrome.exe]
UDP 0.0.0.0:5353 *:*
[chrome.exe]
UDP 0.0.0.0:5355 *:*
Dnscache
[System]
UDP 0.0.0.0:49666 *:*
Bonjour Service
[System]
UDP 0.0.0.0:50657 *:*
[System]
UDP 0.0.0.0:56493 *:*
[System]
UDP 0.0.0.0:58719 *:*
[GamesAppIntegrationService.exe]
UDP 0.0.0.0:63214 *:*
FDResPub
[System]
UDP 0.0.0.0:65493 *:*
[System]
UDP 0.0.0.0:65495 *:*
netprofm
[System]
UDP 127.0.0.1:1900 *:*
SSDPSRV
[System]
UDP 127.0.0.1:49664 *:*
Apple Mobile Device Service
[System]
UDP 127.0.0.1:49665 *:*
Apple Mobile Device Service
[System]
UDP 127.0.0.1:51734 *:*
[System]
UDP 127.0.0.1:51735 *:*
[System]
UDP 127.0.0.1:58718 *:*
[GamesAppIntegrationService.exe]
UDP 127.0.0.1:63219 *:*
SSDPSRV
[System]
UDP 192.168.0.8:137 *:*
Can not obtain ownership information
UDP 192.168.0.8:138 *:*
Can not obtain ownership information
UDP 192.168.0.8:1900 *:*
SSDPSRV
[System]
UDP 192.168.0.8:5353 *:*
Bonjour Service
[System]
UDP 192.168.0.8:34221 *:*
[System]
UDP 192.168.0.8:52217 *:*
iphlpsvc
[System]
UDP 192.168.0.8:56494 *:*
[System]
UDP 192.168.0.8:63218 *:*
SSDPSRV
[System]
UDP [::]:3540 *:*
PNRPsvc
[System]
UDP [::]:3702 *:*
FDResPub
[System]
UDP [::]:3702 *:*
netprofm
[System]
UDP [::]:3702 *:*
netprofm
[System]
UDP [::]:3702 *:*
FDResPub
[System]
UDP [::]:3702 *:*
[System]
UDP [::]:3702 *:*
[System]
UDP [::]:5004 *:*
WMPNetworkSvc
[System]
UDP [::]:5005 *:*
WMPNetworkSvc
[System]
UDP [::]:5353 *:*
[chrome.exe]
UDP [::]:5353 *:*
[chrome.exe]
UDP [::]:5353 *:*
Dnscache
[System]
UDP [::]:5355 *:*
Dnscache
[System]
UDP [::]:49667 *:*
Bonjour Service
[System]
UDP [::]:50657 *:*
[System]
UDP [::]:56493 *:*
[System]
UDP [::]:63215 *:*
FDResPub
[System]
UDP [::]:65494 *:*
[System]
UDP [::]:65496 *:*
netprofm
[System]
UDP [::1]:1900 *:*
SSDPSRV
[System]
UDP [::1]:5353 *:*
Bonjour Service
[System]
UDP [::1]:63217 *:*
SSDPSRV
[System]
UDP [fe80::41b3:fea1:e104:47b8%3]:1900 *:*
SSDPSRV
[System]
UDP [fe80::41b3:fea1:e104:47b8%3]:63216 *:*
SSDPSRV
[System]
Server: routerlogin.net
Address: 192.168.0.1
Name: portal.plus.net
Addresses: 212.159.9.2
212.159.8.2
Aliases: Plusnet Reliable
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
OneDrive REG_SZ "C:\Users\pap3r\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
GoogleChromeAutoLaunch_9FA56E821B93635CE065C9C6A497E541 REG_SZ "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HP Deskjet 3050A J611 series (NET) REG_SZ "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AQ583WC05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1