Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HP Notebook needs reanimation

Started by Fidel Castro , Aug 04 2015 10:06 AM

slow windows 10 hp pavilion dm1 help problem

Page 4 of 10
2
3
4
5
6

Please log in to reply

#46
Fidel Castro

Posted 11 August 2015 - 01:01 PM

Member

Topic Starter
Member
162 posts

I'm at home now but I'm still not able to download the TouchPad driver. I thought it's because of the connection but it's not.

On HP website, there are 2 ways of downloading. The first is to use some HP Manager (HP Download and Install Assistant) and download/install through it (recommended) and the other one is directly downloading it.

When trying to download using HP Manager, it fails every time. I've tried many times but I get the same error every time:

If I try to directly download it, the webpage opens saying the following: "Not Found. The requested URL /pub/softpaq/sp56501-57000/sp56999.exe was not found on this server."

So it seems there is something wrong on the HP's side when this driver is concerned.

I have downloaded the graphical driver and some others (LAN/Wifi) etc.

#47
RKinner

Posted 11 August 2015 - 01:49 PM

Malware Expert

Expert
24,625 posts

I found a forum post where someone else complained about it and HP supposedly fixed it but it's been removed again so try the older version of the touchpad driver. It at least will download.

#48
Fidel Castro

Posted 11 August 2015 - 01:54 PM

Member

Topic Starter
Member
162 posts

Where can I find an older version?

On their website, only the newest ones are listed for download on the page I'm checking out (for my notebook specifically).

#49
Fidel Castro

Posted 11 August 2015 - 02:11 PM

Member

Topic Starter
Member
162 posts

Alright, I found the older version (15.3.12.1) compared to the newest one (16.0.1.0.) which is obviously missing from the website.

Once I download it and install it, you want me to run 'procexp'? Something else?

On a side note... I got an offer for a very small (and probably not so great) SSD of 64GB only. Do you think it would speed up the notebook at all having in mind it would mostly be for the OS? I guess the boot would be faster but I don't really care about that. Not sure how many programs I'd be able to have there and if it would improve the performance of the videos because that's the main concern for me right now.

I think this is the one: http://www.adata.com...ecification/181

I didn't even check if I can fit it there (it's downloading now and I don't want to interrupt it by opening the battery/cover) but I was just wondering...

#50
RKinner

Posted 11 August 2015 - 02:36 PM

Malware Expert

Expert
24,625 posts

Yes run Process Explorer after you install each driver.

I've heard that with an SSD you need to load them from Windows disk rather than just clone them but have never worked with them so I don't know. Wouldn't give you much room for data tho.

#51
Fidel Castro

Posted 11 August 2015 - 03:16 PM

Member

Topic Starter
Member
162 posts

It looks like I already have a newer version of the TouchPad driver. Not sure if it's the newest one but seems like it's newer than the one I downloaded and tried installing. (version 15.3.12.1)

#52
Fidel Castro

Posted 11 August 2015 - 04:54 PM

Member

Topic Starter
Member
162 posts

I've installed most of the other updates line LAN, Wifi etc.

The graphical was also installed but there were some errors during installation. At the end it said that the driver has been installed but there were some components missing from the update or something like that.

Anyways, I've rebooted the notebook after all that and run procexp. Seems like the Interrupts when down, at least a bit.

Here is the result:

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
TrustedInstaller.exe    36.02    14.480 K    21.168 K    1180    Windows Modules Installer    Microsoft Corporation
System Idle Process    28.24    0 K    24 K    0        
System    10.47    48 K    688 K    4        
procexp.exe    9.62    19.708 K    34.152 K    2764    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com
svchost.exe    4.70    178.436 K    115.120 K    1036    Host Process for Windows Services    Microsoft Corporation
firefox.exe    2.55    311.392 K    309.276 K    2972    Firefox    Mozilla Corporation
svchost.exe    2.29    62.044 K    69.548 K    960    Host Process for Windows Services    Microsoft Corporation
SearchIndexer.exe    1.98    27.644 K    22.344 K    3068    Microsoft Windows Search Indexer    Microsoft Corporation
SearchProtocolHost.exe    1.38    2.632 K    5.592 K    3892    Microsoft Windows Search Protocol Host    Microsoft Corporation
Interrupts    1.18    0 K    0 K    n/a    Hardware Interrupts and DPCs    
csrss.exe    0.35    9.968 K    9.400 K    492    Client Server Runtime Process    Microsoft Corporation
explorer.exe    0.30    25.260 K    36.116 K    2936    Windows Explorer    Microsoft Corporation
svchost.exe    0.27    3.032 K    6.116 K    784    Host Process for Windows Services    Microsoft Corporation
lsass.exe    0.19    4.024 K    10.316 K    548    Local Security Authority Process    Microsoft Corporation
WMIADAP.exe    0.16    2.076 K    5.148 K    3724    WMI Reverse Performance Adapter Maintenance Utility    Microsoft Corporation
dwm.exe    0.10    1.200 K    4.608 K    2960    Desktop Window Manager    Microsoft Corporation
svchost.exe    0.09    5.220 K    9.700 K    1708    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.04    12.864 K    13.604 K    1376    Host Process for Windows Services    Microsoft Corporation
wmpnetwk.exe    0.01    11.580 K    4.380 K    3744    Windows Media Player Network Sharing Service    Microsoft Corporation
taskhost.exe    0.01    5.848 K    8.372 K    2872    Host Process for Windows Tasks    Microsoft Corporation
HPSupportSolutionsFrameworkService.exe    0.01    27.576 K    35.832 K    3616    HP Support Solutions Framework Service    Hewlett-Packard Company
svchost.exe    0.01    6.684 K    12.364 K    1000    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.01    1.280 K    4.032 K    1660    Host Process for Windows Services    Microsoft Corporation
wlanext.exe    < 0.01    1.256 K    4.020 K    1456    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation
WLIDSVC.EXE    < 0.01    4.464 K    10.808 K    1880    Microsoft® Windows Live ID Service    Microsoft Corp.
svchost.exe    < 0.01    8.588 K    10.088 K    3548    Host Process for Windows Services    Microsoft Corporation
csrss.exe    < 0.01    1.356 K    3.516 K    416    Client Server Runtime Process    Microsoft Corporation
SynTPEnh.exe    < 0.01    7.284 K    9.728 K    3208    Synaptics TouchPad Enhancements    Synaptics Incorporated
WmiPrvSE.exe        4.056 K    7.500 K    2900    WMI Provider Host    Microsoft Corporation
WmiPrvSE.exe        2.180 K    5.148 K    4032    WMI Provider Host    Microsoft Corporation
WLIDSVCM.EXE        644 K    2.432 K    808    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
winlogon.exe        1.788 K    5.472 K    696    Windows Logon Application    Microsoft Corporation
wininit.exe        1.024 K    3.480 K    484    Windows Start-Up Application    Microsoft Corporation
SynTPHelper.exe        604 K    2.528 K    3304    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        3.080 K    7.168 K    688    Host Process for Windows Services    Microsoft Corporation
svchost.exe        45.196 K    34.172 K    992    Host Process for Windows Services    Microsoft Corporation
svchost.exe        14.836 K    15.756 K    924    Host Process for Windows Services    Microsoft Corporation
svchost.exe        11.304 K    11.088 K    1536    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.804 K    4.568 K    2128    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.300 K    4.368 K    1804    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.736 K    7.860 K    1672    Host Process for Windows Services    Microsoft Corporation
spoolsv.exe        5.020 K    9.660 K    1496    Spooler SubSystem App    Microsoft Corporation
smss.exe        260 K    792 K    340    Windows Session Manager    Microsoft Corporation
services.exe        3.808 K    6.804 K    532    Services and Controller app    Microsoft Corporation
SearchFilterHost.exe        1.044 K    3.588 K    3940    Microsoft Windows Search Filter Host    Microsoft Corporation
mscorsvw.exe        4.220 K    7.148 K    2580    .NET Runtime Optimization Service    Microsoft Corporation
lsm.exe        1.272 K    3.028 K    556    Local Session Manager Service    Microsoft Corporation
dllhost.exe        1.444 K    4.844 K    1264    COM Surrogate    Microsoft Corporation
conhost.exe        496 K    2.140 K    1504    Console Window Host    Microsoft Corporation
atiesrxx.exe        880 K    3.120 K    876    AMD External Events Service Module    AMD
atieclxx.exe        1.496 K    5.136 K    2644    AMD External Events Client Module    AMD
alg.exe        1.056 K    3.816 K    2056    Application Layer Gateway Service    Microsoft Corporation

I also tried using an external mouse with the TouchPad disabled. Didn't notice much difference. (rebooted the notebook after the change)

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    36.77    0 K    24 K    0        
svchost.exe    26.81    47.484 K    49.860 K    2012    Host Process for Windows Services    Microsoft Corporation
System    10.46    48 K    708 K    4        
procexp.exe    9.71    20.252 K    33.740 K    2232    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com
firefox.exe    4.01    328.596 K    328.056 K    4004    Firefox    Mozilla Corporation
svchost.exe    3.26    8.640 K    10.168 K    3460    Host Process for Windows Services    Microsoft Corporation
SearchFilterHost.exe    3.05    3.208 K    6.804 K    3660    Microsoft Windows Search Filter Host    Microsoft Corporation
SearchIndexer.exe    1.67    24.684 K    17.628 K    3092    Microsoft Windows Search Indexer    Microsoft Corporation
SearchProtocolHost.exe    1.48    2.648 K    5.808 K    3304    Microsoft Windows Search Protocol Host    Microsoft Corporation
Interrupts    1.17    0 K    0 K    n/a    Hardware Interrupts and DPCs    
lsass.exe    0.39    3.784 K    10.160 K    556    Local Security Authority Process    Microsoft Corporation
csrss.exe    0.34    9.956 K    10.768 K    492    Client Server Runtime Process    Microsoft Corporation
WMIADAP.exe    0.24    1.452 K    4.160 K    2036    WMI Reverse Performance Adapter Maintenance Utility    Microsoft Corporation
dwm.exe    0.15    1.224 K    4.632 K    2452    Desktop Window Manager    Microsoft Corporation
svchost.exe    0.13    15.440 K    16.732 K    904    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.11    5.540 K    10.184 K    1684    Host Process for Windows Services    Microsoft Corporation
explorer.exe    0.09    24.800 K    36.712 K    2492    Windows Explorer    Microsoft Corporation
svchost.exe    0.05    2.808 K    5.888 K    776    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.03    34.912 K    38.644 K    1076    Host Process for Windows Services    Microsoft Corporation
HPSupportSolutionsFrameworkService.exe    0.02    32.176 K    40.524 K    3364    HP Support Solutions Framework Service    Hewlett-Packard Company
svchost.exe    0.02    6.920 K    12.568 K    1052    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.01    10.684 K    11.256 K    1556    Host Process for Windows Services    Microsoft Corporation
taskhost.exe    0.01    5.844 K    8.000 K    2340    Host Process for Windows Tasks    Microsoft Corporation
wmpnetwk.exe    < 0.01    9.276 K    21.856 K    3192    Windows Media Player Network Sharing Service    Microsoft Corporation
svchost.exe    < 0.01    12.752 K    13.224 K    1260    Host Process for Windows Services    Microsoft Corporation
csrss.exe    < 0.01    1.300 K    3.488 K    392    Client Server Runtime Process    Microsoft Corporation
WLIDSVC.EXE    < 0.01    4.512 K    10.792 K    1908    Microsoft® Windows Live ID Service    Microsoft Corp.
SynTPEnh.exe    < 0.01    7.732 K    10.744 K    2708    Synaptics TouchPad Enhancements    Synaptics Incorporated
WmiPrvSE.exe        5.200 K    9.640 K    2308    WMI Provider Host    Microsoft Corporation
WmiPrvSE.exe        2.284 K    5.232 K    3664    WMI Provider Host    Microsoft Corporation
WLIDSVCM.EXE        636 K    2.432 K    768    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
wlanext.exe        1.260 K    4.008 K    1400    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation
winlogon.exe        1.784 K    5.512 K    596    Windows Logon Application    Microsoft Corporation
wininit.exe        980 K    3.424 K    484    Windows Start-Up Application    Microsoft Corporation
VSSVC.exe        1.568 K    5.208 K    2840    Microsoft® Volume Shadow Copy Service    Microsoft Corporation
SynTPHelper.exe        608 K    2.528 K    2956    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        2.776 K    6.856 K    708    Host Process for Windows Services    Microsoft Corporation
svchost.exe        49.912 K    57.784 K    948    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.256 K    4.032 K    1336    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.288 K    4.312 K    1808    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.800 K    7.952 K    1632    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.088 K    3.912 K    2180    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.796 K    4.552 K    2188    Host Process for Windows Services    Microsoft Corporation
sppsvc.exe        2.016 K    6.984 K    1448    Microsoft Software Protection Platform Service    Microsoft Corporation
spoolsv.exe        5.508 K    10.100 K    1520    Spooler SubSystem App    Microsoft Corporation
smss.exe        256 K    792 K    268    Windows Session Manager    Microsoft Corporation
services.exe        3.832 K    6.800 K    532    Services and Controller app    Microsoft Corporation
mscorsvw.exe        3.156 K    4.608 K    2888    .NET Runtime Optimization Service    Microsoft Corporation
lsm.exe        1.272 K    3.060 K    564    Local Session Manager Service    Microsoft Corporation
dllhost.exe        1.416 K    4.832 K    3888    COM Surrogate    Microsoft Corporation
conhost.exe        492 K    2.136 K    1412    Console Window Host    Microsoft Corporation
audiodg.exe        16.100 K    15.284 K    1124    Windows Audio Device Graph Isolation     Microsoft Corporation
atiesrxx.exe        860 K    3.132 K    832    AMD External Events Service Module    AMD
atieclxx.exe        1.524 K    5.172 K    1236    AMD External Events Client Module    AMD
alg.exe        1.052 K    3.804 K    1596    Application Layer Gateway Service    Microsoft Corporation

#53
RKinner

Posted 11 August 2015 - 05:20 PM

Malware Expert

Expert
24,625 posts

Interrupts is now good in both logs so updating the drivers helped. In the first one the trustedinstaller was doing something and eating up a lot of CPU time. In the second one of the many svchost.exe was at fault. Run it again and if SVCHOST is still using a lot of CPU, hover over it and it should tell you what services are involved.

#54
Fidel Castro

Posted 11 August 2015 - 06:43 PM

Member

Topic Starter
Member
162 posts

Well, I guess I tried to get the SVCHOST info only... Not sure if that's what you were looking for...

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    72.63    0 K    24 K    0        
System    12.74    48 K    716 K    4        
csrss.exe    0.35    10.112 K    11.048 K    492    Client Server Runtime Process    Microsoft Corporation
explorer.exe    0.08    25.572 K    37.752 K    2492    Windows Explorer    Microsoft Corporation
svchost.exe    0.04    5.584 K    10.032 K    1684    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.04    66.536 K    74.704 K    948    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.02    44.448 K    14.560 K    2012    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.02    6.968 K    12.616 K    1052    Host Process for Windows Services    Microsoft Corporation
SearchIndexer.exe    0.02    47.248 K    42.276 K    3092    Microsoft Windows Search Indexer    Microsoft Corporation
svchost.exe    0.02    19.448 K    32.484 K    1076    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.02    10.572 K    11.364 K    1556    Host Process for Windows Services    Microsoft Corporation
taskhost.exe    0.01    5.888 K    8.244 K    2340    Host Process for Windows Tasks    Microsoft Corporation
svchost.exe    0.01    1.284 K    4.040 K    1336    Host Process for Windows Services    Microsoft Corporation
svchost.exe    < 0.01    12.480 K    13.080 K    1260    Host Process for Windows Services    Microsoft Corporation
HPSupportSolutionsFrameworkService.exe    < 0.01    32.108 K    40.524 K    3364    HP Support Solutions Framework Service    Hewlett-Packard Company
csrss.exe    < 0.01    1.436 K    3.384 K    392    Client Server Runtime Process    Microsoft Corporation
WLIDSVC.EXE    < 0.01    4.500 K    10.728 K    1908    Microsoft® Windows Live ID Service    Microsoft Corp.
wmpnetwk.exe        9.200 K    8.008 K    3192    Windows Media Player Network Sharing Service    Microsoft Corporation
WLIDSVCM.EXE        636 K    2.376 K    768    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
winlogon.exe        1.784 K    5.532 K    596    Windows Logon Application    Microsoft Corporation
wininit.exe        980 K    3.416 K    484    Windows Start-Up Application    Microsoft Corporation
SynTPHelper.exe        608 K    2.504 K    2956    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        9.460 K    11.268 K    3460    Host Process for Windows Services    Microsoft Corporation
svchost.exe        2.740 K    6.860 K    708    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.196 K    6.264 K    776    Host Process for Windows Services    Microsoft Corporation
svchost.exe        13.964 K    15.224 K    904    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.288 K    4.352 K    1808    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.796 K    4.548 K    2188    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.900 K    8.096 K    1632    Host Process for Windows Services    Microsoft Corporation
spoolsv.exe        5.508 K    10.084 K    1520    Spooler SubSystem App    Microsoft Corporation
services.exe        4.024 K    6.888 K    532    Services and Controller app    Microsoft Corporation
lsm.exe        1.300 K    3.072 K    564    Local Session Manager Service    Microsoft Corporation
lsass.exe        3.776 K    10.176 K    556    Local Security Authority Process    Microsoft Corporation
atiesrxx.exe        860 K    3.088 K    832    AMD External Events Service Module    AMD
atieclxx.exe        1.524 K    5.080 K    1236    AMD External Events Client Module    AMD
alg.exe        1.052 K    3.804 K    1596    Application Layer Gateway Service    Microsoft Corporation

And here is the screenshot few seconds later..

#55
RKinner

Posted 11 August 2015 - 06:55 PM

Malware Expert

Expert
24,625 posts

This time svchost is not the problem. Instead System is using too much CPU. Open it up by clicking on the + in front of it. What is using the CPU?

#56
Fidel Castro

Posted 11 August 2015 - 07:00 PM

Member

Topic Starter
Member
162 posts

Here it is in plain text:

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    70.34    0 K    24 K    0        
System    11.53    48 K    720 K    4        
procexp.exe    10.64    12.008 K    19.668 K    3688    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com
firefox.exe    5.45    340.084 K    346.068 K    4004    Firefox    Mozilla Corporation
Interrupts    1.00    0 K    0 K    n/a    Hardware Interrupts and DPCs    
csrss.exe    0.50    10.144 K    11.308 K    492    Client Server Runtime Process    Microsoft Corporation
dwm.exe    0.16    1.224 K    4.624 K    2452    Desktop Window Manager    Microsoft Corporation
explorer.exe    0.14    33.920 K    51.028 K    2492    Windows Explorer    Microsoft Corporation
svchost.exe    0.13    5.448 K    9.984 K    1684    Host Process for Windows Services    Microsoft Corporation
HPSupportSolutionsFrameworkService.exe    0.05    32.128 K    40.544 K    3364    HP Support Solutions Framework Service    Hewlett-Packard Company
SearchIndexer.exe    0.01    45.336 K    42.544 K    3092    Microsoft Windows Search Indexer    Microsoft Corporation
svchost.exe    0.01    6.944 K    12.628 K    1052    Host Process for Windows Services    Microsoft Corporation
taskhost.exe    0.01    5.888 K    8.384 K    2340    Host Process for Windows Tasks    Microsoft Corporation
svchost.exe    0.01    21.328 K    34.276 K    1076    Host Process for Windows Services    Microsoft Corporation
wmpnetwk.exe    0.01    9.260 K    8.112 K    3192    Windows Media Player Network Sharing Service    Microsoft Corporation
WLIDSVC.EXE    < 0.01    4.500 K    10.728 K    1908    Microsoft® Windows Live ID Service    Microsoft Corp.
svchost.exe    < 0.01    69.572 K    77.316 K    948    Host Process for Windows Services    Microsoft Corporation
svchost.exe    < 0.01    12.508 K    13.104 K    1260    Host Process for Windows Services    Microsoft Corporation
csrss.exe    < 0.01    1.436 K    3.396 K    392    Client Server Runtime Process    Microsoft Corporation
SynTPEnh.exe    < 0.01    8.036 K    11.288 K    2708    Synaptics TouchPad Enhancements    Synaptics Incorporated
WmiPrvSE.exe        1.888 K    4.752 K    720    WMI Provider Host    Microsoft Corporation
WLIDSVCM.EXE        636 K    2.376 K    768    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
wlanext.exe        1.284 K    4.016 K    1400    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation
winlogon.exe        1.784 K    5.532 K    596    Windows Logon Application    Microsoft Corporation
wininit.exe        980 K    3.416 K    484    Windows Start-Up Application    Microsoft Corporation
SynTPHelper.exe        608 K    2.508 K    2956    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        9.524 K    11.348 K    3460    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.284 K    4.040 K    1336    Host Process for Windows Services    Microsoft Corporation
svchost.exe        2.776 K    6.896 K    708    Host Process for Windows Services    Microsoft Corporation
svchost.exe        14.024 K    15.276 K    904    Host Process for Windows Services    Microsoft Corporation
svchost.exe        10.572 K    11.376 K    1556    Host Process for Windows Services    Microsoft Corporation
svchost.exe        3.172 K    6.264 K    776    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.412 K    4.896 K    1808    Host Process for Windows Services    Microsoft Corporation
svchost.exe        44.512 K    23.604 K    2012    Host Process for Windows Services    Microsoft Corporation
svchost.exe        4.120 K    8.132 K    1632    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.796 K    4.548 K    2188    Host Process for Windows Services    Microsoft Corporation
spoolsv.exe        5.508 K    10.084 K    1520    Spooler SubSystem App    Microsoft Corporation
smss.exe        256 K    784 K    268    Windows Session Manager    Microsoft Corporation
services.exe        4.024 K    6.904 K    532    Services and Controller app    Microsoft Corporation
mspaint.exe        55.324 K    72.288 K    1740    Paint    Microsoft Corporation
lsm.exe        1.348 K    3.064 K    564    Local Session Manager Service    Microsoft Corporation
lsass.exe        4.252 K    10.880 K    556    Local Security Authority Process    Microsoft Corporation
dllhost.exe        1.416 K    4.832 K    3888    COM Surrogate    Microsoft Corporation
conhost.exe        492 K    2.112 K    1412    Console Window Host    Microsoft Corporation
CEPServiceManager.exe        2.480 K    5.760 K    892    Adobe CEP Service Manager    Adobe Systems Incorporated
atiesrxx.exe        860 K    3.088 K    832    AMD External Events Service Module    AMD
atieclxx.exe        1.524 K    5.080 K    1236    AMD External Events Client Module    AMD
alg.exe        1.052 K    3.804 K    1596    Application Layer Gateway Service    Microsoft Corporation

And partial screenshot if it's easier for you to see..

Edited by Fidel Castro, 11 August 2015 - 07:01 PM.

#57
RKinner

Posted 11 August 2015 - 07:16 PM

Malware Expert

Expert
24,625 posts

On mine I see something like this:

Process   PID   CPU   Private Bytes   Working Set   Description   Company Name
System Idle Process   0   91.33   0 K   24 K
procexp64.exe   9096   2.60   28,924 K   45,768 K   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
waterfox.exe   10656   1.37   878,388 K   909,252 K   Waterfox   Waterfox
Interrupts   n/a   1.26   0 K   0 K   Hardware Interrupts and DPCs
Picasa3.exe   10012   0.56   77,904 K   87,528 K   Picasa   Google Inc.
Garmin.Cartography.MapUpdate.CoreService.exe   1392   0.47   33,132 K   48,220 K   Garmin Core Update Service   Garmin Ltd or its subsidiaries
System   4   0.46   784 K   32,772 K

You see System is only .46 not 12. Something is not right.

If you hit the Space Bar, things will stop jumping. If you select System then File, Save As. SAVE It will save a file called system.txt. Let me see that.

#58
Fidel Castro

Posted 11 August 2015 - 07:19 PM

Member

Topic Starter
Member
162 posts

This is the same one, just the way you told me (it was paused from the previous post)

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    39.87    0 K    24 K    0        
System    11.74    64 K    8.604 K    4        
Interrupts    1.92    0 K    0 K    n/a    Hardware Interrupts and DPCs    
csrss.exe    0.47    10.144 K    10.728 K    492    Client Server Runtime Process    Microsoft Corporation
explorer.exe    0.06    33.812 K    51.032 K    2492    Windows Explorer    Microsoft Corporation
csrss.exe    0.01    1.436 K    3.468 K    392    Client Server Runtime Process    Microsoft Corporation
winlogon.exe        1.784 K    5.532 K    596    Windows Logon Application    Microsoft Corporation
wininit.exe        980 K    3.416 K    484    Windows Start-Up Application    Microsoft Corporation
SynTPHelper.exe        608 K    2.508 K    2956    Synaptics Pointing Device Helper    Synaptics Incorporated
smss.exe        256 K    784 K    268    Windows Session Manager    Microsoft Corporation
GWX.exe        2.356 K    1.024 K    3636    GWX    Microsoft Corporation

#59
Fidel Castro

Posted 11 August 2015 - 07:23 PM

Member

Topic Starter
Member
162 posts

And since you posted yours, here's mine (from my main computer) where plenty of things (many unnecessary ones) are running...

Process CPU Private Bytes Working Set PID Description Company Name
System Idle Process 89.35 0 K 24 K 0 
System 0.25 128 K 1.008 K 4 
 Interrupts 0.64 0 K 0 K n/a Hardware Interrupts and DPCs 
 smss.exe 736 K 1.400 K 352 Windows Session Manager Microsoft Corporation
csrss.exe < 0.01 3.040 K 5.536 K 536 Client Server Runtime Process Microsoft Corporation
wininit.exe 2.216 K 5.340 K 692 Windows Start-Up Application Microsoft Corporation
csrss.exe 0.13 4.340 K 17.380 K 700 Client Server Runtime Process Microsoft Corporation
winlogon.exe 3.884 K 8.568 K 776 Windows Logon Application Microsoft Corporation
explorer.exe 0.01 104.664 K 121.428 K 1868 Windows Explorer Microsoft Corporation
igfxEM.exe 6.184 K 12.216 K 3940 igfxEM Module Intel Corporation
NvBackend.exe < 0.01 15.904 K 23.332 K 1648 NVIDIA Backend NVIDIA Corporation
ApCent.exe 1.07 61.508 K 63.196 K 4940 ApCent 
SBXFIMB3.exe 79.112 K 74.872 K 4848 Sound Blaster X-Fi MB3 Creative Technology Ltd
iusb3mon.exe < 0.01 2.516 K 6.484 K 4968 iusb3mon Intel Corporation
AdobeARM.exe 4.820 K 14.160 K 4856 Adobe Reader and Acrobat Manager Adobe Systems Incorporated
HD-Agent.exe 0.02 33.592 K 31.092 K 1980 BlueStacks Agent BlueStack Systems, Inc.
hpwuschd2.exe 1.344 K 4.172 K 4756 hpwuSchd Application Hewlett-Packard
vmware-tray.exe 1.836 K 5.664 K 4924 VMware Tray Process VMware, Inc.
thermald.exe 0.26 28.120 K 35.684 K 6420 thermald GIGA-BYTE TECHNOLOGY CO., LTD.
RPMDaemon.exe 6.524 K 12.664 K 6676 Smart Recovery Daemon Gigabyte Technology CO.
IAStorIcon.exe 24.980 K 32.288 K 5712 IAStorIcon Intel Corporation

#60
RKinner

Posted 11 August 2015 - 08:16 PM

Malware Expert

Expert
24,625 posts

If you click on System it will open a new window at the bottom which shows the details of System process. Then When you File, Save As, Save it saves it as system.txt. This is mine (check out the new stuff on the bottom):

Process   PID   CPU   Private Bytes   Working Set   Description   Company Name
System Idle Process   0   85.43   0 K   24 K
WmiPrvSE.exe   4156       8,448 K   16,168 K   WMI Provider Host   Microsoft Corporation
procexp64.exe   11268   3.74   32,672 K   50,400 K   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
waterfox.exe   10656   3.47   922,924 K   954,012 K   Waterfox   Waterfox
Interrupts   n/a   0.96   0 K   0 K   Hardware Interrupts and DPCs
Picasa3.exe   10012   0.58   77,904 K   87,528 K   Picasa   Google Inc.
ExpressTray.exe   3024   0.43   76,364 K   65,044 K   Express Tray   Garmin Ltd or its subsidiaries
svchost.exe   1100   0.01   21,940 K   37,244 K   Host Process for Windows Services   Microsoft Corporation
System   4   0.48   784 K   32,772 K
csrss.exe   668   0.30   10,124 K   14,796 K   Client Server Runtime Process   Microsoft Corporation
taskmgr.exe   9708   0.28   2,696 K   9,260 K   Windows Task Manager   Microsoft Corporation
svchost.exe   5972   0.16   63,160 K   62,180 K   Host Process for Windows Services   Microsoft Corporation
explorer.exe   2176   1.19   73,404 K   106,684 K   Windows Explorer   Microsoft Corporation
iexplore.exe   8936   0.10   74,144 K   91,396 K   Internet Explorer   Microsoft Corporation
CCC.exe   4672   0.08   96,152 K   20,000 K   Catalyst Control Center: Host application   ATI Technologies Inc.
ABService.exe   2040   < 0.01   4,444 K   8,484 K   AOMEI Backupper Schedule task service   AOMEI Tech Co., Ltd.
AvastSvc.exe   1640   0.07   300,236 K   43,324 K   avast! Service   Avast Software s.r.o.
AvastUI.exe   3144   0.06   24,904 K   25,548 K   avast! Antivirus   Avast Software s.r.o.
MOM.exe   4480   0.04   38,320 K   5,288 K   Catalyst Control Center: Monitoring program   Advanced Micro Devices Inc.
PDFProFiltSrvPP.exe   2064   0.03   1,188 K   3,600 K   PDFPro IFilter Service   Nuance Communications, Inc.
lsass.exe   728   0.01   4,672 K   11,992 K   Local Security Authority Process   Microsoft Corporation
lsm.exe   736       2,564 K   4,312 K   Local Session Manager Service   Microsoft Corporation
dllhost.exe   3440   0.02   8,040 K   12,644 K   COM Surrogate   Microsoft Corporation
iexplore.exe   9952   0.01   8,320 K   27,448 K   Internet Explorer   Microsoft Corporation
schedhlp.exe   2528       1,124 K   3,988 K   Seagate Scheduler Helper   Seagate
soffice.bin   4312   0.01   73,392 K   134,108 K   OpenOffice 4.0.1   Apache Software Foundation
DiscWizardMonitor.exe   3884   0.05   3,600 K   5,972 K   Seagate DiscWizard Monitor   Seagate
svchost.exe   1388   < 0.01   5,516 K   9,992 K   Host Process for Windows Services   Microsoft Corporation
BrYNSvc.exe   2708   0.07   5,116 K   10,172 K   BrYNCSvc   Brother Industries, Ltd.
unchecky_bg.exe   3500   < 0.01   1,100 K   5,476 K   Unchecky Background Process   RaMMicHaeL
CouponPrinterService.exe   3620   < 0.01   3,544 K   10,124 K   Coupon Printer Service   Coupons.com Inc.
svchost.exe   784   < 0.01   203,528 K   213,100 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   672   0.01   12,568 K   21,344 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   1472   0.10   17,096 K   19,684 K   Host Process for Windows Services   Microsoft Corporation
spoolsv.exe   1740   < 0.01   9,880 K   17,592 K   Spooler SubSystem App   Microsoft Corporation
conhost.exe   12028   < 0.01   1,292 K   4,400 K   Console Window Host   Microsoft Corporation
notepad.exe   8376   < 0.01   16,824 K   31,716 K   Notepad   Microsoft Corporation
notepad.exe   11976   < 0.01   1,548 K   5,488 K   Notepad   Microsoft Corporation
notepad.exe   3004   < 0.01   1,648 K   5,824 K   Notepad   Microsoft Corporation
PresentationFontCache.exe   4364   < 0.01   27,008 K   19,132 K   PresentationFontCache.exe   Microsoft Corporation
winlogon.exe   468       2,884 K   7,384 K   Windows Logon Application   Microsoft Corporation
wininit.exe   656       1,548 K   4,476 K   Windows Start-Up Application   Microsoft Corporation
unsecapp.exe   4112       1,760 K   5,932 K   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation
unchecky_svc.exe   6092       2,508 K   5,776 K   Unchecky Service   RaMMicHaeL
TeamViewer_Service.exe   2236       4,944 K   12,772 K   TeamViewer 10   TeamViewer GmbH
svchost.exe   1208       3,300 K   7,296 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   596   0.03   24,512 K   21,644 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   1776       11,652 K   14,144 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   848   0.02   4,448 K   9,576 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   940   0.05   4,624 K   8,320 K   Host Process for Windows Services   Microsoft Corporation
svchost.exe   796       2,504 K   7,264 K   Host Process for Windows Services   Microsoft Corporation
soffice.exe   3420       1,732 K   5,220 K   OpenOffice 4.0.1   Apache Software Foundation
smss.exe   452       468 K   1,120 K   Windows Session Manager   Microsoft Corporation
sesvc.exe   2088       28,780 K   21,588 K   ShadowExplorer   www.shadowexplorer.com
services.exe   704   0.02   5,292 K   9,012 K   Services and Controller app   Microsoft Corporation
SearchIndexer.exe   3796       45,284 K   30,940 K   Microsoft Windows Search Indexer   Microsoft Corporation
schedul2.exe   2164       2,064 K   5,620 K   Seagate Scheduler 2   Seagate
scalc.exe   2084       956 K   3,324 K   OpenOffice Calc   Apache Software Foundation
RAVCpl64.exe   1324       8,976 K   10,448 K   Realtek HD Audio Manager   Realtek Semiconductor
procexp.exe   11128       2,020 K   6,892 K   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
pptd40nt.exe   1688       1,340 K   4,208 K   PaperPort Print to Desktop for NT   Nuance Communications, Inc.
pdfPro5Hook.exe   3756       1,424 K   4,756 K   PdfCreateHook Application   Nuance Communications, Inc.
mDNSResponder.exe   1156       2,528 K   5,744 K   Bonjour Service   Apple Inc.
jusched.exe   3248       4,188 K   11,872 K   Java Update Scheduler   Oracle Corporation
ISUSPM.exe   3824       9,164 K   26,784 K   Acresso Software Manager   Acresso Corporation
GoogleUpdate.exe   3716       2,148 K   652 K   Google Installer   Google Inc.
Garmin.Cartography.MapUpdate.CoreService.exe   1392       33,132 K   48,220 K   Garmin Core Update Service   Garmin Ltd or its subsidiaries
explorer.exe   2832       28,380 K   42,968 K   Windows Explorer   Microsoft Corporation
dwm.exe   3384       1,732 K   6,276 K   Desktop Window Manager   Microsoft Corporation
csrss.exe   576   < 0.01   2,180 K   4,632 K   Client Server Runtime Process   Microsoft Corporation
cmd.exe   11568       2,224 K   3,160 K   Windows Command Processor   Microsoft Corporation
BrCtrlCntr.exe   1068       1,908 K   7,020 K   ControlCenter Main Process   Brother Industries, Ltd.
BrCcUxSys.exe   3176       1,628 K   6,060 K   ControlCenter UX System   Brother Industries, Ltd.
atiesrxx.exe   988       1,428 K   4,208 K   AMD External Events Service Module   AMD
atieclxx.exe   1364       1,964 K   5,740 K   AMD External Events Client Module   AMD
armsvc.exe   1888       1,176 K   3,868 K   Adobe Acrobat Update Service   Adobe Systems Incorporated
agent.exe   2732       4,484 K   11,644 K   Acresso Software Manager Agent   Acresso Corporation
AERTSr64.exe   1908       996 K   2,636 K   Andrea filters APO access service (64-bit)   Andrea Electronics Corporation

Process: System Pid: 4

Type   Name
ALPC Port   \PowerMonitorPort
ALPC Port   \PowerPort
ALPC Port   \SeRmCommandPort
Desktop   \Disconnect
Desktop   \Disconnect
Directory   \GLOBAL??
Directory   \Device\Harddisk0
Directory   \Windows\WindowStations
Directory   \Sessions\1\Windows\WindowStations
Directory   \Sessions\0\DosDevices\00000000-000003e4
Directory   \Sessions\0\DosDevices\00000000-000003e5
Directory   \Sessions\0\DosDevices\00000000-0006cc89
Directory   \Device\Http
Directory   \Device\ammntdev
Directory   \Sessions\0\DosDevices\00000000-0006ccae
Event   \EFSInitEvent
Event   \UniqueSessionIdEvent
Event   \UniqueInteractiveSessionIdEvent
Event   \Sessions\1\BaseNamedObjects\EventShutDownCSRSS
Event   \BaseNamedObjects\aswstmbfeevnt
Event   \BaseNamedObjects\aswstmbferefresh
Event   \KernelObjects\LowMemoryCondition
Event   \LanmanServerAnnounceEvent
File   C:\Windows\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
File   C:\Windows\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
File   \Device\Tcp
File   C:\Windows\System32\config\SYSTEM.LOG2
File   C:\Windows\System32\config\RegBack\SYSTEM
File   \clfs
File   C:\Windows\System32\config\SOFTWARE.LOG2
File   C:\Windows\System32\config\RegBack\DEFAULT
File   X:\$Extend\$RmMetadata\$TxfLog\$TxfLog.blf
File   C:\Windows\System32\config\SOFTWARE
File   X:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000001
File   \clfs
File   \clfs
File   \Device\Mup
File   \clfs
File   \clfs
File   X:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000002
File   C:\Windows\System32\config\RegBack\SOFTWARE
File   \clfs
File   X:\$Extend\$RmMetadata\$Txf
File   C:\Windows\System32\config\SYSTEM.LOG1
File   C:\Windows\System32\config\DEFAULT
File   C:\Windows\System32\wdi\LogFiles\WdiContextLog.etl.002
File   C:\Windows\System32\config\SYSTEM
File   C:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000002
File   C:\$Extend\$RmMetadata\$TxfLog\$TxfLog.blf
File   C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
File   \clfs
File   C:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00000000000000000001
File   C:\Windows\System32\config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
File   \clfs
File   C:\$Extend\$RmMetadata\$Txf
File   \clfs
File   \clfs
File   \clfs
File   C:\Windows\System32\config\SOFTWARE.LOG1
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
File   C:\System Volume Information\{34631cf6-09ab-11e5-9f9f-60eb69f488ad}{3808876b-c176-4e48-b7ae-04046e6cc752}
File   \clfs
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
File   C:\Windows\bootstat.dat
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
File   \Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD
File   \Device\HarddiskVolume2\EFI\Microsoft\Boot\BCD.LOG
File   \Device\KsecDD
File   C:\Windows\System32\config\DEFAULT.LOG1
File   C:\pagefile.sys
File   C:\Windows\System32\config\DEFAULT.LOG2
File   C:\Windows\System32\en-US\win32k.sys.mui
File   C:\Windows\ehome\malgunmc.ttf
File   C:\Windows\ehome\WTVGOTHIC-S.ttc
File   C:\Windows\ehome\malgunmc.ttf
File   C:\Windows\ehome\WTVGOTHIC-S.ttc
File   C:\Windows\System32\config\SECURITY
File   C:\Windows\System32\config\RegBack\SECURITY
File   C:\Windows\System32\config\SECURITY.LOG1
File   C:\Windows\System32\config\SECURITY.LOG2
File   C:\Program Files (x86)\Nuance\PaperPort\bin\Resource\fonts\zdingbats.ttf
File   C:\Windows\System32\config\RegBack\SAM
File   C:\Windows\System32\config\SAM
File   C:\Windows\System32\config\SAM.LOG1
File   C:\Windows\System32\config\SAM.LOG2
File   \Device\HarddiskVolume3
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{b9206c4a-884b-11e4-84ee-806e6f6e6963}.TM.blf
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{b9206c4a-884b-11e4-84ee-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
File   C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{b9206c4a-884b-11e4-84ee-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
File   \clfs
File   \clfs
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{b9206c4e-884b-11e4-84ee-60eb69f488ad}.TM.blf
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{b9206c4e-884b-11e4-84ee-60eb69f488ad}.TMContainer00000000000000000001.regtrans-ms
File   C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{b9206c4e-884b-11e4-84ee-60eb69f488ad}.TMContainer00000000000000000002.regtrans-ms
File   \clfs
File   \clfs
File   C:\Program Files (x86)\Nuance\PaperPort\bin\Resource\fonts\zdingbats.ttf
File   \Device\Tcp
File   \Device\Tcp
File   C:\Windows\CSC\v2.0.6
File   C:\Windows\CSC
File   C:\Windows\CSC\v2.0.6\temp
File   \Device\HarddiskVolume3?
File   C:\Windows\CSC\v2.0.6\pq
File   C:\Windows\CSC\v2.0.6\namespace
File   \Device\HarddiskVolume3?
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   C:\Windows\System32\drivers\en-US\ntfs.sys.mui
File   \Device\Tcp
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat{80577e3d-bc95-11e4-9384-60eb69f488ad}.TMContainer00000000000000000002.regtrans-ms
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \clfs
File   \Device\Tcp
File   \Device\Tcp
File   \clfs
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   C:\Users\Ron\ntuser.dat.LOG2
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat{80577e3d-bc95-11e4-9384-60eb69f488ad}.TM.blf
File   C:\Users\Ron\ntuser.dat
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
File   C:\Users\Ron\ntuser.dat{7f81c707-bc92-11e4-a6df-60eb69f488ad}.TMContainer00000000000000000001.regtrans-ms
File   C:\Users\Ron\ntuser.dat{7f81c707-bc92-11e4-a6df-60eb69f488ad}.TMContainer00000000000000000002.regtrans-ms
File   C:\Users\Ron\ntuser.dat{7f81c707-bc92-11e4-a6df-60eb69f488ad}.TM.blf
File   \clfs
File   C:\Users\Ron\ntuser.dat.LOG1
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Mup
File   \Device\Mup
File   C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Bold.ttf
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NamedPipe\
File   \Device\NamedPipe\
File   \Device\Tcp
File   \Device\aswSnx
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   C:\Windows\System32\wfp\wfpdiag.etl
File   \Device\Tcp
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2
File   C:\Users\Ron\AppData\Local\Temp\acrord32_sbx\[email protected]
File   \Device\Tcp
File   \clfs
File   \Device\Tcp
File   C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Italic.ttf
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat{80577e3d-bc95-11e4-9384-60eb69f488ad}.TMContainer00000000000000000001.regtrans-ms
File   \Device\Udp
File   C:\Users\Ron\AppData\Local\Microsoft\Windows\UsrClass.dat
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   C:\System Volume Information\Syscache.hve.LOG1
File   \Device\Tcp
File   C:\System Volume Information\Syscache.hve
File   C:\System Volume Information\Syscache.hve.LOG2
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Light.ttf
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   C:\ProgramData\AVAST Software\Avast\Fonts\RobotoCondensed-Regular.ttf
File   C:\ProgramData\AVAST Software\Avast\Fonts\OpenSans-Regular.ttf
File   C:\ProgramData\AVAST Software\Avast\Fonts\RobotoCondensed-Bold.ttf
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\HarddiskVolume3
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   C:\Users\Ron\AppData\Local\Temp\acrord32_sbx\[email protected]
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Udp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\NetBT_Tcpip_{BC84A6B9-5917-4C43-BB0C-677211465A7A}
File   \Device\Tcp
File   \Device\Tcp
File   C:\Users\Ron\AppData\Local\Temp\acrord32_sbx\[email protected]
File   C:\Users\Ron\AppData\Local\Temp\acrord32_sbx\[email protected]
File   C:\Windows\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
File   C:\Windows\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.3.regtrans-ms
File   C:\Windows\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
File   \clfs
File   C:\Windows\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
File   C:\Windows\System32\config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
File   C:\Users\Ron\AppData\Local\Temp\acrord32_sbx\[email protected]
File   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTNT Kernel Logger.etl
FilterConnectionPort   \SnxVlabCommPort
FilterConnectionPort   \SnxCommPort
FilterConnectionPort   \aswFsBlkPort
FilterConnectionPort   \aswPort
Key   HKLM\SYSTEM\ControlSet001\Control\hivelist
Key   \REGISTRY
Key   HKLM\HARDWARE\DESCRIPTION\System\MultifunctionAdapter
Key   HKLM\SYSTEM\ControlSet001\Control\SESSION MANAGER\MEMORY MANAGEMENT\PrefetchParameters
Key   HKLM\SYSTEM\ControlSet001\Control\ProductOptions
Key   HKLM\SYSTEM\Setup
Key   HKLM\SYSTEM\ControlSet001
Key   HKLM\SYSTEM\ControlSet001\Enum
Key   HKLM\SYSTEM\ControlSet001\Control\CLASS
Key   HKLM\SYSTEM\ControlSet001\services
Key   HKLM\SYSTEM\ControlSet001\Control\WMI\Security
Key   HKLM\SYSTEM\ControlSet001\services\aswSnx
Key   HKLM\SYSTEM\ControlSet001\services\aswSP
Key   HKLM\SYSTEM\ControlSet001\Control\FileSystem
Key   HKLM\SYSTEM\ControlSet001\Control\Lsa
Key   HKLM\SYSTEM\ControlSet001\Control\Lsa
Key   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Key   HKLM\SYSTEM\ControlSet001\services\TCPIP6\Parameters
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 1
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 2
Key   HKLM\SYSTEM\ControlSet001\Control\PCW\Security
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0
Key   HKLM\SYSTEM\ControlSet001\services\Disk
Key   HKLM\SYSTEM\ControlSet001
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 3
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 4
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 5
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 6
Key   HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 7
Key   HKLM\SYSTEM\ControlSet001\Control\FileSystem
Key   HKLM\SYSTEM\ControlSet001\Policies
Key   HKLM\SYSTEM\RNG
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\23
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\1
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\131
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\24
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\6
Key   HKLM\SYSTEM\ControlSet001\services\NDIS\IfTypes\71
Key   HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\Order
Key   HKLM\SYSTEM\ControlSet001\services\Mup
Key   HKLM\SYSTEM\ControlSet001\Control\CLASS\{4D36E972-E325-11CE-BFC1-08002BE10318}\0001
Key   HKLM\SYSTEM\ControlSet001\services\NDProxy
Key   HKLM\SYSTEM\ControlSet001\Control\CLASS\{4D36E972-E325-11CE-BFC1-08002BE10318}\0000
Key   HKLM\SOFTWARE\Policies\Microsoft\Windows
Key   HKLM\SYSTEM\ControlSet001\Control\DeviceClasses\{28d78fad-5a12-11d1-ae5b-0000f803a8c2}\##?#USB#VID_04F9&PID_0331&MI_00#6&16ff43d0&5&0000#{28d78fad-5a12-11d1-ae5b-0000f803a8c2}\#\Device Parameters
Key   HKLM\SYSTEM\ControlSet001\Control\SESSION MANAGER\Quota System
Key   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine
Key   HKLM\SYSTEM\ControlSet001\services\NativeWifiP
Key   HKLM\SYSTEM\ControlSet001\services\NativeWifiP\Parameters
Key   HKLM\SYSTEM\ControlSet001\services\NativeWifiP\Parameters\Adapters
Key   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine
Key   HKLM\SYSTEM\WPA\8DEC0AF1-0341-4b93-85CD-72606C2DF94C-5P-22
Key   HKLM\SYSTEM\ControlSet001\services\HTTP\Parameters\UrlAclInfo
Key   HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}
Key   HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters
Key   HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{CD92F713-932C-408C-8949-BB093689FC55}
Key   HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{BC84A6B9-5917-4C43-BB0C-677211465A7A}
Key   HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\PersistentRoutes
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}\DefaultObjectStore\IndexTable
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}\DefaultObjectStore\LruList
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}\DefaultObjectStore\ObjectTable
Key   HKLM\SYSTEM\ControlSet001\services\NativeWifiP\Parameters\Adapters\{BC84A6B9-5917-4C43-BB0C-677211465A7A}\ExtSTA
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}\DefaultObjectStore
Key   HKLM\SYSTEM\ControlSet001\services\NativeWifiP\Parameters\Adapters\{BC84A6B9-5917-4C43-BB0C-677211465A7A}\ExtSTAMib
Key   \REGISTRY\A\{1FCA8D79-39FF-11E5-9029-60EB69F488AD}\DefaultObjectStore\IndexTable\FileIdIndex-{db706c49-4a85-4a06-afee-b494c1a7a51a}
Process   System(4)
Process   smss.exe(452)
Process   System(4)
Process   GoogleUpdate.exe(3716)
Process   svchost.exe(672)
Process   wininit.exe(656)
Process   lsass.exe(728)
Process   lsass.exe(728)
Process   lsass.exe(728)
Process   lsass.exe(728)
Process   services.exe(704)
Process   services.exe(704)
Process   lsm.exe(736)
Process   svchost.exe(848)
Process   svchost.exe(940)
Process   services.exe(704)
Process   svchost.exe(848)
Process   svchost.exe(848)
Process   svchost.exe(940)
Process   atiesrxx.exe(988)
Process   atiesrxx.exe(988)
Process   winlogon.exe(468)
Process   svchost.exe(596)
Process   svchost.exe(784)
Process   svchost.exe(596)
Process   svchost.exe(596)
Process   svchost.exe(1100)
Process   svchost.exe(596)
Process   svchost.exe(672)
Process   svchost.exe(784)
Process   svchost.exe(784)
Process   svchost.exe(784)
Process   svchost.exe(1208)
Process   svchost.exe(672)
Process   svchost.exe(784)
Process   explorer.exe(2832)
Process   svchost.exe(1472)
Process   atieclxx.exe(1364)
Process   svchost.exe(672)
Process   atieclxx.exe(1364)
Process   RAVCpl64.exe(1324)
Process   svchost.exe(672)
Process   DiscWizardMonitor.exe(3884)
Process   svchost.exe(672)
Process   agent.exe(2732)
Process   soffice.bin(4312)
Process   ExpressTray.exe(3024)
Process   jusched.exe(3248)
Process   AvastSvc.exe(1640)
Process   AvastSvc.exe(1640)
Process   AvastSvc.exe(1640)
Process   svchost.exe(1100)
Process   spoolsv.exe(1740)
Process   spoolsv.exe(1740)
Process   svchost.exe(1776)
Process   sesvc.exe(2088)
Process   svchost.exe(1776)
Process   svchost.exe(1472)
Process   AERTSr64.exe(1908)
Process   armsvc.exe(1888)
Process   armsvc.exe(1888)
Process   ABService.exe(2040)
Process   ABService.exe(2040)
Process   AERTSr64.exe(1908)
Process   mDNSResponder.exe(1156)
Process   svchost.exe(1388)
Process   mDNSResponder.exe(1156)
Process   Garmin.Cartography.MapUpdate.CoreService.exe(1392)
Process   Garmin.Cartography.MapUpdate.CoreService.exe(1392)
Process   svchost.exe(1776)
Process   Garmin.Cartography.MapUpdate.CoreService.exe(1392)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   svchost.exe(1388)
Process   PDFProFiltSrvPP.exe(2064)
Process   svchost.exe(784)
Process   PDFProFiltSrvPP.exe(2064)
Process   schedul2.exe(2164)
Process   schedul2.exe(2164)
Process   TeamViewer_Service.exe(2236)
Process   svchost.exe(672)
Process   svchost.exe(784)
Process   svchost.exe(1100)
Process   svchost.exe(672)
Process   TeamViewer_Service.exe(2236)
Process   spoolsv.exe(1740)
Process   spoolsv.exe(1740)
Process   svchost.exe(672)
Process   spoolsv.exe(1740)
Process   services.exe(704)
Process   svchost.exe(672)
Process   sesvc.exe(2088)
Process   unchecky_bg.exe(3500)
Process   CouponPrinterService.exe(3620)
Process   svchost.exe(596)
Process   SearchIndexer.exe(3796)
Process   svchost.exe(672)
Process   explorer.exe(2176)
Process   AvastUI.exe(3144)
Process   RAVCpl64.exe(1324)
Process   MOM.exe(4480)
Process   svchost.exe(5972)
Process   ISUSPM.exe(3824)
Process   schedhlp.exe(2528)
Process   jusched.exe(3248)
Process   ISUSPM.exe(3824)
Process   svchost.exe(1388)
Process   PresentationFontCache.exe(4364)
Process   svchost.exe(672)
Process   jusched.exe(3248)
Process   svchost.exe(672)
Process   unchecky_svc.exe(6092)
Process   AvastUI.exe(3144)
Process   CCC.exe(4672)
Process   WmiPrvSE.exe(4156)
Process   dwm.exe(3384)
Process   ExpressTray.exe(3024)
Process   BrYNSvc.exe(2708)
Process   svchost.exe(672)
Process   schedhlp.exe(2528)
Process   BrYNSvc.exe(2708)
Process   explorer.exe(2176)
Process   svchost.exe(672)
Process   svchost.exe(672)
Process   svchost.exe(672)
Process   CouponPrinterService.exe(3620)
Process   svchost.exe(672)
Process   DiscWizardMonitor.exe(3884)
Process   AvastUI.exe(3144)
Process   svchost.exe(796)
Process   svchost.exe(672)
Process   pptd40nt.exe(1688)
Process   svchost.exe(672)
Process   CCC.exe(4672)
Process   pptd40nt.exe(1688)
Process   ExpressTray.exe(3024)
Process   CCC.exe(4672)
Process   PresentationFontCache.exe(4364)
Process   BrCcUxSys.exe(3176)
Process   unsecapp.exe(4112)
Process   MOM.exe(4480)
Process   agent.exe(2732)
Process   svchost.exe(1100)
Process   dllhost.exe(3440)
Process   svchost.exe(672)
Process   ISUSPM.exe(3824)
Process   soffice.bin(4312)
Process   svchost.exe(1472)
Process   soffice.bin(4312)
Process   notepad.exe(8376)
Process   iexplore.exe(9952)
Process   Picasa3.exe(10012)
Process   procexp64.exe(11268)
Process   iexplore.exe(8936)
Process   iexplore.exe(8936)
Process   waterfox.exe(10656)
Process   procexp64.exe(11268)
Process   taskmgr.exe(9708)
Process   svchost.exe(784)
Process   iexplore.exe(9952)
Process   waterfox.exe(10656)
Process   Picasa3.exe(10012)
Process   Picasa3.exe(10012)
Section   \Win32kCrossSessionGlobals
Section   \Device\PhysicalMemory
Session   \KernelObjects\Session0
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Session   \KernelObjects\Session1
Thread   System(4): 160
Thread   System(4): 512
Thread   System(4): 684
Thread   System(4): 1220
Thread   System(4): 1224
Thread   System(4): 1732
Thread   System(4): 1728
Thread   System(4): 1736
Thread   System(4): 1808
Thread   System(4): 1828
Thread   System(4): 1788
Thread   System(4): 3860
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\NETWORK SERVICE:3e4
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\NETWORK SERVICE:3e4
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\ANONYMOUS LOGON:26398
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\ANONYMOUS LOGON:3e6
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   NT AUTHORITY\LOCAL SERVICE:3e5
Token   NT AUTHORITY\SYSTEM:3e7
Token   OneGuy\Ron:6ccae

Page 4 of 10
2
3
4
5
6

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: slow, windows 10, hp pavilion dm1, help, problem

Security → Virus, Spyware, Malware Removal → Having Powersheel.exe Issues ... Need fixlist.txt Started by raj0171 , 19 Mar 2024 Virus, HELP, Malwarebytes	5 replies 2,670 views	DR M 06 Apr 2024
Hardware → Hardware, Components and Peripherals → Recover the hard drive Started by Andrew Board , 16 Jan 2024 data recovery, hard drive, help and 1 more...	2 replies 668 views	phillpower2 16 Jan 2024
Answered Operating Systems → Windows 11 → System Crash, Sluggish Performance Afterwards Started by Solice93 , 29 Oct 2023 crash, software, game, slow and 4 more...	6 replies 1,209 views	Solice93 29 Oct 2023
Security → Virus, Spyware, Malware Removal → Help getting started checking laptop for malware [Solved] Started by triedeverything , 12 Apr 2023 help, malware, spyware 1 2	Hot 19 replies 5,789 views	DR M 16 Apr 2023
Hardware → Networking → Weird recurring disconnect issue - Windows 10 Started by Rickie , 27 Dec 2022 windows 10, wireless, ethernet and 2 more...	12 replies 4,167 views	Rickie 11 Jan 2023