Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

low system memory

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
jrod123
Junior Member


Joined: 29 Apr 2016
Last Visit: 07 May 2016
Posts: 10

PostPosted: Fri Apr 29, 2016 10:45 am    Post subject: low system memory Reply with quote

Computer generally sluggish and get regular chrome crashes. Get system low memory error regularly.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20 BrowserJavaVersion: 10.55.2
Run by computer at 14:35:35 on 2016-04-29
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.3975.639 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition *Enabled/Outdated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Enabled/Outdated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\Av\avgrsa.exe
C:\Program Files (x86)\AVG\Av\avgcsrva.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Windows\system32\TODDSrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\TOSHIBA\Teco\TecoService.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\AVG\Av\avgnsa.exe
C:\Program Files (x86)\AVG\Av\avgemca.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\igfxEM.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
C:\Program Files\TOSHIBA\Teco\TecoResident.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\AVG\Av\avgmfapx.exe
C:\WINDOWS\system32\msiexec.exe
C:\Windows\System32\MsiExec.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\InstallAgent.exe
C:\WINDOWS\system32\taskeng.exe
C:\Users\computer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\LockAppHost.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://toshiba13.msn.com
uWindow Title = Internet Explorer provided by TOSHIBA
uDefault_Page_URL = hxxp://toshiba13.msn.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH39I620WB05YZ:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
uRun: [OneDrive] "C:\Users\computer\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRunOnce: [Uninstall C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
uRunOnce: [Uninstall C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
uRunOnce: [Uninstall C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
uRunOnce: [Uninstall C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\computer\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{56946475-687e-4b62-ab6e-0d6c642ea246} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{71d70b22-2f99-45b7-87db-14b0340ea665} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{71d70b22-2f99-45b7-87db-14b0340ea665} : DHCPNameServer = 192.168.1.254
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxp://toshiba13.msn.com
x64-mWindow Title = Internet Explorer provided by TOSHIBA
x64-mDefault_Page_URL = hxxp://toshiba13.msn.com
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\WINDOWS\System32\drivers\avgidsha.sys [2015-5-26 272304]
R0 Avgloga;AVG Logging Driver;C:\WINDOWS\System32\drivers\avgloga.sys [2015-8-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\WINDOWS\System32\drivers\avgmfx64.sys [2016-1-22 260528]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\WINDOWS\System32\drivers\avgrkx64.sys [2014-6-17 42416]
R0 Avguniva;AVG Universal Driver;C:\WINDOWS\System32\drivers\avguniva.sys [2016-1-8 23472]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\WINDOWS\System32\drivers\tos_sps64.sys [2013-9-10 499096]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 Avgdiska;AVG Disk Driver;C:\WINDOWS\System32\drivers\avgdiska.sys [2015-11-6 184240]
R1 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\System32\drivers\avgidsdrivera.sys [2014-7-21 315312]
R1 Avgldx64;AVG AVI Loader Driver;C:\WINDOWS\System32\drivers\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver;C:\WINDOWS\System32\drivers\avgwfpa.sys [2015-12-16 315840]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-19 77128]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R3 FwLnk;FwLnk Driver;C:\WINDOWS\System32\drivers\FwLnk.sys [2013-9-10 9216]
R3 HPMoA407;Mouse Suite Driver_A407 (WDF Version);C:\WINDOWS\System32\drivers\HPMoA407.sys [2015-9-19 25088]
R3 HPubA407;USB Mouse Low Filter Driver_A407 (WDF Version);C:\WINDOWS\System32\drivers\HPubA407.sys [2015-9-19 18944]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-26 38976]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-5-10 129224]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-7-3 410880]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 3445248]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-9-19 42696]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\WINDOWS\System32\drivers\avgboota.sys [2016-1-7 21632]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-20 117248]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-10-17 50240]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-17 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-17 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-2 238592]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-17 26112]
.
=============== Created Last 30 ================
.
2016-04-18 00:47:54 13018624 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-04-18 00:46:58 986976 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-04-18 00:45:59 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2016-04-18 00:44:51 176640 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2016-04-18 00:43:57 87040 ----a-w- C:\WINDOWS\SysWow64\MapsBtSvc.dll
2016-04-18 00:43:56 86528 ----a-w- C:\WINDOWS\System32\AppCapture.dll
2016-04-18 00:43:56 414720 ----a-w- C:\WINDOWS\System32\bcastdvr.exe
2016-04-18 00:43:56 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2016-04-18 00:43:56 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2016-04-18 00:43:55 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-04-18 00:43:54 235008 ----a-w- C:\WINDOWS\System32\MTF.dll
2016-04-18 00:43:54 162816 ----a-w- C:\WINDOWS\SysWow64\MTF.dll
.
==================== Find3M ====================
.
2016-04-06 18:32:08 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-04-06 18:32:08 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-04-02 04:13:14 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2016-04-02 04:10:46 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2016-04-02 04:10:39 374008 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2016-04-02 04:10:25 770640 ----a-w- C:\WINDOWS\System32\iuilp.dll
2016-04-02 03:30:16 151040 ----a-w- C:\WINDOWS\System32\VEStoreEventHandlers.dll
2016-04-02 03:29:38 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
2016-04-02 03:29:29 83968 ----a-w- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
2016-04-02 03:26:25 630272 ----a-w- C:\WINDOWS\System32\PhoneProviders.dll
2016-04-02 03:25:58 239104 ----a-w- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
2016-04-02 03:25:42 278528 ----a-w- C:\WINDOWS\System32\NotificationObjFactory.dll
2016-04-02 03:23:44 219648 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
2016-04-02 03:23:05 285696 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
2016-04-02 03:21:17 498688 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
2016-04-02 03:19:00 1054208 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2016-04-02 03:18:47 988160 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll
2016-04-02 03:15:47 1090048 ----a-w- C:\WINDOWS\System32\RDXService.dll
2016-04-02 03:14:35 3994624 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2016-04-02 03:09:17 1832448 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-04-02 03:08:48 2193408 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2016-04-02 03:07:41 2158592 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-04-02 03:07:22 3575296 ----a-w- C:\WINDOWS\System32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-02 03:03:52 4774912 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2016-04-02 03:00:39 1390080 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
2016-03-29 10:23:38 277856 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2016-03-29 10:22:12 874968 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-03-29 10:22:12 1030416 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-03-29 10:20:20 7474016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-03-29 10:20:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-03-29 10:20:19 1141504 ----a-w- C:\WINDOWS\System32\winload.exe
2016-03-29 10:20:17 2656952 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-29 10:18:46 2152280 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2016-03-29 10:15:23 100232 ----a-w- C:\WINDOWS\System32\omadmapi.dll
2016-03-29 10:05:03 1152864 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2016-03-29 10:02:09 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-03-29 10:02:02 334736 ----a-w- C:\WINDOWS\System32\policymanager.dll
2016-03-29 09:56:37 1297752 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-03-29 09:37:57 1862008 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-03-29 09:28:18 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-03-29 09:28:16 696664 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-03-29 09:25:23 58400 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
2016-03-29 09:25:13 258912 ----a-w- C:\WINDOWS\System32\drivers\ufx01000.sys
2016-03-29 09:19:37 296488 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2016-03-29 09:18:27 185184 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2016-03-29 09:17:08 300104 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-03-29 09:11:53 605440 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-03-29 09:11:27 74424 ----a-w- C:\WINDOWS\System32\easinvoker.exe
2016-03-29 09:10:44 110584 ----a-w- C:\WINDOWS\System32\srvcli.dll
2016-03-29 09:09:54 78040 ----a-w- C:\WINDOWS\System32\wkscli.dll
2016-03-29 09:08:38 358752 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2016-03-29 09:08:30 261376 ----a-w- C:\WINDOWS\System32\LsaIso.exe
2016-03-29 08:44:53 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-03-29 08:44:50 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-03-29 08:41:44 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
2016-03-29 08:41:04 630632 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2016-03-29 08:32:59 253088 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-03-29 08:26:48 73872 ----a-w- C:\WINDOWS\SysWow64\srvcli.dll
2016-03-29 08:26:06 2403680 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2016-03-29 08:26:01 1089888 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2016-03-29 08:25:44 56320 ----a-w- C:\WINDOWS\SysWow64\wkscli.dll
2016-03-29 08:24:25 294752 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2016-03-29 08:21:40 378208 ----a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2016-03-29 08:17:11 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-03-29 08:16:55 26112 ----a-w- C:\WINDOWS\System32\drivers\xinputhid.sys
2016-03-29 08:07:26 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2016-03-29 08:07:14 92160 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.V2.dll
2016-03-29 08:07:14 31232 ----a-w- C:\WINDOWS\System32\wsdchngr.dll
2016-03-29 08:07:09 34816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2016-03-29 08:06:14 12800 ----a-w- C:\WINDOWS\System32\oleacchooks.dll
2016-03-29 08:06:04 45568 ----a-w- C:\WINDOWS\System32\atmlib.dll
2016-03-29 08:05:52 38912 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcWinRT.dll
2016-03-29 08:02:38 118272 ----a-w- C:\WINDOWS\System32\fontsub.dll
2016-03-29 08:01:15 541304 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2016-03-29 08:00:51 69632 ----a-w- C:\WINDOWS\System32\fveskybackup.dll
2016-03-29 08:00:40 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-03-29 08:00:23 76800 ----a-w- C:\WINDOWS\System32\NetCfgNotifyObjectHost.exe
2016-03-29 07:59:20 27648 ----a-w- C:\WINDOWS\System32\LicenseManagerShellext.exe
2016-03-29 07:58:17 69632 ----a-w- C:\WINDOWS\System32\wininetlui.dll
2016-03-29 07:57:59 95744 ----a-w- C:\WINDOWS\System32\samlib.dll
2016-03-29 07:57:44 58368 ----a-w- C:\WINDOWS\System32\browcli.dll
2016-03-29 07:57:22 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2016-03-29 07:55:34 36352 ----a-w- C:\WINDOWS\System32\tbauth.dll
2016-03-29 07:55:29 83968 ----a-w- C:\WINDOWS\System32\drivers\serial.sys
2016-03-29 07:55:24 120320 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2016-03-29 07:54:03 147456 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2016-03-29 07:53:25 116224 ----a-w- C:\WINDOWS\System32\FontProvider.dll
2016-03-29 07:52:04 26112 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2016-03-29 07:51:53 167936 ----a-w- C:\WINDOWS\System32\dafBth.dll
2016-03-29 07:51:06 87040 ----a-w- C:\WINDOWS\System32\tzautoupdate.dll
2016-03-29 07:50:57 88576 ----a-w- C:\WINDOWS\System32\AppxSysprep.dll
2016-03-29 07:50:52 107520 ----a-w- C:\WINDOWS\System32\BdeHdCfgLib.dll
2016-03-29 07:50:25 66048 ----a-w- C:\WINDOWS\System32\OnDemandConnRouteHelper.dll
2016-03-29 07:50:15 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2016-03-29 07:50:11 33280 ----a-w- C:\WINDOWS\System32\wuautoappupdate.dll
2016-03-29 07:49:59 91136 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2016-03-29 07:48:58 144896 ----a-w- C:\WINDOWS\System32\Windows.Media.Devices.dll
2016-03-29 07:46:30 365568 ----a-w- C:\WINDOWS\System32\atmfd.dll
2016-03-29 07:46:28 134656 ----a-w- C:\WINDOWS\System32\browser.dll
2016-03-29 07:44:19 230400 ----a-w- C:\WINDOWS\System32\DAFWSD.dll
.
============= FINISH: 14:38:16.33 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 12/20/2015 4:23:05 AM
System Uptime: 4/25/2016 3:34:47 AM (107 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz | U3E1 | 1800/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 378.669 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP46: 3/22/2016 3:51:04 PM - Windows Update
RP47: 3/22/2016 3:52:15 PM - Windows Update
RP48: 3/25/2016 4:01:10 PM - Windows Update
RP49: 3/25/2016 4:01:46 PM - Windows Update
RP50: 3/29/2016 5:24:15 PM - Windows Update
RP51: 3/29/2016 5:25:03 PM - Windows Update
RP52: 4/2/2016 4:17:56 PM - Windows Update
RP53: 4/2/2016 4:18:49 PM - Windows Update
RP54: 4/7/2016 7:18:17 AM - Windows Update
RP55: 4/7/2016 7:19:15 AM - Windows Update
RP56: 4/10/2016 9:06:10 AM - Windows Update
RP57: 4/10/2016 9:06:58 AM - Windows Update
RP58: 4/17/2016 8:50:54 PM - Windows Update
RP59: 4/17/2016 8:52:04 PM - Windows Update
RP60: 4/23/2016 10:29:24 AM - Windows Update
RP61: 4/23/2016 10:30:39 AM - Windows Update
RP62: 4/27/2016 7:07:18 PM - Windows Update
RP63: 4/27/2016 7:08:35 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Reader XI MUI
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
ArcGIS Explorer Desktop
ArcGIS Explorer Desktop (32 bit)
AVG
AVG 2016
AVG Protection
AVG Zen
Bonjour
DTS Sound
ExpressVPN v3.535
FMW 1
Google Chrome
Google Earth
Google Earth Pro
Google Update Helper
HP Photosmart 7520 series Basic Device Software
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 55
Java Auto Updater
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft Office
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
MSXML 4.0 SP3 Parser (KB2758694)
Nitro Pro 9
OpenOffice 4.0.1
PlayReady PC Runtime amd64
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Realtek High Definition Audio Driver
Realtek USB Card Reader
Realtek WLAN Driver
Skype™ 7.0
Synaptics Pointing Device Driver
System Requirements Lab Detection
TOSHIBA Application Installer
TOSHIBA Audio Enhancement
TOSHIBA Battery Check Utility
TOSHIBA Desktop Assist
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA Password Utility
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA User's Guide
TOSHIBARegistration
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.3
Winamp
.
==== Event Viewer Messages From Past Week ========
.
4/29/2016 2:09:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.
4/29/2016 12:41:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-1Cool from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
4/28/2016 6:53:02 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Hewlett-Packard - Imaging, Other hardware - Null Fax - HP Photosmart 7520 series.
4/28/2016 6:52:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800F020B: Hewlett-Packard - Imaging, Other hardware - Null Print - HP Photosmart 7520 series.
4/25/2016 7:22:31 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
4/25/2016 7:22:31 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: App.AppX9s1cz53zc86xn39kwrb02jyft9ecn62r.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
4/25/2016 3:30:13 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_bb3a566 service, but this action failed with the following error: An instance of the service is already running.
4/25/2016 3:30:13 AM, Error: Service Control Manager [7023] - The User Data Access_bb3a566 service terminated with the following error: Illegal operation attempted on a registry key that has been marked for deletion.
4/25/2016 3:30:13 AM, Error: Service Control Manager [7023] - The Sync Host_bb3a566 service terminated with the following error: Access is denied.
4/25/2016 3:30:13 AM, Error: Service Control Manager [7023] - The Contact Data_bb3a566 service terminated with the following error: Access is denied.
4/25/2016 3:30:03 AM, Error: Service Control Manager [7031] - The User Data Storage_bb3a566 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/25/2016 3:30:03 AM, Error: Service Control Manager [7031] - The User Data Access_bb3a566 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/25/2016 3:30:03 AM, Error: Service Control Manager [7031] - The Sync Host_bb3a566 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/25/2016 3:30:03 AM, Error: Service Control Manager [7031] - The Contact Data_bb3a566 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/23/2016 10:19:04 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user lappy\computer SID (S-1-5-21-2241022025-1784234551-1865073859-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
4/23/2016 10:18:22 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80073CF9: Netflix.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 15 Jul 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Sun May 01, 2016 2:54 am    Post subject: Reply with quote

Duplicate post therefore closed.
http://spywarewarrior.com/viewtopic.php?t=35449
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group