Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CPU spiking to 100% and the computer cant cope with simple tasks

Started by Froots , Apr 26 2011 12:17 AM

  • Please log in to reply

#1
Froots
Posted 26 April 2011 - 12:17 AM

Froots

    New Member

  • Member
  • Pip
  • 9 posts
Hi Guys,

I have an Acer Aspire one (with android). For about the past 6 weeks i have been unable to use it properly as its gone really slow, to the extent that if i type something it takes around 40 seconds for the words to appear (using both the internet and word). I had google chrome installed but have since swapped it to Firefox to see if that helped, which it hasn't. I ran AVG but that didn't show anything up. The CPU usage is consistently spiking to 100% when there is nothing open......please help

Thank you

OTL logfile created on: 26/04/2011 06:37:19 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\LaunchXL-One1\Downloads
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 132.94 Gb Total Space | 85.29 Gb Free Space | 64.16% Space Free | Partition Type: NTFS
Drive D: | 4.00 Gb Total Space | 2.71 Gb Free Space | 67.66% Space Free | Partition Type: FAT32

Computer Name: LAUNCHXLONE1 | User Name: LaunchXL-One1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/26 06:37:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\LaunchXL-One1\Downloads\OTL.scr
PRC - [2011/04/26 06:31:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\LaunchXL-One1\Downloads\OTL.exe
PRC - [2011/03/18 18:53:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/01/11 00:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/07 02:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 16:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/11/30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 05:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/08/24 11:13:36 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
PRC - [2010/08/24 11:13:36 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
PRC - [2010/07/19 22:47:43 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
PRC - [2010/01/08 10:54:12 | 000,490,872 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Updater\iUpdate.exe
PRC - [2010/01/08 10:53:30 | 000,407,416 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Android Manager\iSync.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 22:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 22:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/30 22:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/07/10 23:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/07/10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/23 16:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\LaunchXL-One1\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/10/09 15:33:34 | 002,086,912 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2008/10/09 15:32:56 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/07/29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2006/11/03 12:28:22 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcgcoms.exe


========== Modules (SafeList) ==========

MOD - [2011/04/26 06:37:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\LaunchXL-One1\Downloads\OTL.scr
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/09/30 22:52:10 | 000,215,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\SysHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service)
SRV - [2011/02/10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/12/08 13:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/25 10:49:46 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/24 11:13:36 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe -- (EmmaDevMgmtSvc)
SRV - [2010/08/24 11:13:36 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe -- (EmmaUpdMgmtSvc)
SRV - [2009/09/30 22:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 10:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/10/09 15:32:56 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/11/03 12:28:22 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcgcoms.exe -- (dlcg_device)


========== Driver Services (SafeList) ==========

DRV - [2011/04/26 05:57:17 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC0B7E4C-3EDF-4CB9-A00F-E25C708A3F2D}\MpKsl52e092d5.sys -- (MpKsl52e092d5)
DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/10/24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/09/30 17:32:42 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/09/13 16:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 04:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 04:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 16:24:18 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 16:24:16 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 16:24:12 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009/09/21 03:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009/07/14 01:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/14 01:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/02 12:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 12:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 12:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2009/04/06 08:13:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/04/06 08:13:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2008/12/13 11:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/10/21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/10/21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/10/21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/10/21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/10/21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/10/21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/10/21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/10/09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 12:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/08 09:53:06 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\semcreserved.sys -- (SEMCReserved)
DRV - [2008/04/08 09:52:56 | 000,017,920 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\seu4scard.sys -- (Sony_EricssonWWSC)
DRV - [2008/04/08 09:52:20 | 000,338,048 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM)
DRV - [2008/04/08 09:52:16 | 000,344,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM)
DRV - [2008/04/08 09:52:14 | 000,024,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS)
DRV - [2008/04/08 09:52:12 | 000,345,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM)
DRV - [2008/04/08 09:52:10 | 000,382,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmdm2.sys -- (sembmdm2)
DRV - [2008/04/08 09:52:08 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmdfl2.sys -- (sembmdfl2)
DRV - [2008/04/08 09:52:00 | 000,338,048 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM)
DRV - [2008/04/08 09:51:58 | 000,260,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...84ww55w48623719
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...84ww55w48623719

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...84ww55w48623719
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...W&bmod=ACEU
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/02/05 20:47:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/02/05 20:47:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/31 15:42:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 01:22:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/03/24 01:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LaunchXL-One1\AppData\Roaming\Mozilla\Extensions
[2011/04/13 05:00:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LaunchXL-One1\AppData\Roaming\Mozilla\Firefox\Profiles\tjpec830.default\extensions
[2011/03/24 01:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/03/31 15:42:14 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\LAUNCHXL-ONE1\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TJPEC830.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\USERS\LAUNCHXL-ONE1\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TJPEC830.DEFAULT\EXTENSIONS\[email protected]
[2011/03/18 18:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe (Insyde Software Corp.)
O4 - HKLM..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe (Insyde Software Corp.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DriverFinder] File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{04e4afe8-92b5-11df-aca3-00030d000001}\Shell - "" = AutoRun
O33 - MountPoints2\{04e4afe8-92b5-11df-aca3-00030d000001}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{211b27fa-adf6-11df-adba-705ab60010e2}\Shell - "" = AutoRun
O33 - MountPoints2\{211b27fa-adf6-11df-adba-705ab60010e2}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{84d2d0e5-98d6-11df-a2ed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{84d2d0e5-98d6-11df-a2ed-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{97ea1be4-937f-11df-b32d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97ea1be4-937f-11df-b32d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/14 05:24:14 | 000,000,000 | ---D | C] -- C:\Users\LaunchXL-One1\Desktop\alex
[2009/10/29 18:52:19 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2006/11/03 12:28:22 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcgcoms.exe
[2006/11/03 12:28:22 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcgih.exe
[2006/11/03 12:28:20 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcgcfg.exe
[2006/10/11 19:01:40 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcgpmui.dll
[2006/10/11 18:59:56 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcgserv.dll
[2006/10/11 18:54:10 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcgcomm.dll
[2006/10/11 18:52:34 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcglmpm.dll
[2006/10/11 18:51:16 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcgiesc.dll
[2006/10/11 18:48:58 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcgpplc.dll
[2006/10/11 18:48:14 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcgcomc.dll
[2006/10/11 18:47:42 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcgprox.dll
[2006/10/11 18:41:42 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcginpa.dll
[2006/10/11 18:41:04 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcgusb1.dll
[2006/10/11 18:37:14 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcghbn3.dll

========== Files - Modified Within 30 Days ==========

[2011/04/26 06:09:24 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/26 06:09:24 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/26 06:05:08 | 000,633,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/26 06:05:08 | 000,112,456 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/26 06:02:30 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011/04/26 06:02:01 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/26 05:59:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/26 05:58:39 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/26 05:56:36 | 000,370,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/26 05:56:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/26 05:55:48 | 1602,703,360 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/25 20:58:15 | 000,000,069 | ---- | M] () -- C:\Windows\wininit.ini
[2011/04/25 20:27:42 | 000,000,065 | ---- | M] () -- C:\Windows\0
[2011/04/25 19:45:49 | 000,007,601 | ---- | M] () -- C:\Users\LaunchXL-One1\AppData\Local\Resmon.ResmonCfg
[2011/04/25 19:15:19 | 113,330,929 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/03/31 15:42:15 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk

========== Files Created - No Company Name ==========

[2011/04/26 06:02:30 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2011/04/26 06:02:01 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/04/25 20:58:15 | 000,000,069 | ---- | C] () -- C:\Windows\wininit.ini
[2011/03/24 01:23:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/14 15:05:26 | 000,007,601 | ---- | C] () -- C:\Users\LaunchXL-One1\AppData\Local\Resmon.ResmonCfg
[2010/06/01 07:04:07 | 000,010,752 | ---- | C] () -- C:\Users\LaunchXL-One1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/29 22:09:06 | 000,017,408 | ---- | C] () -- C:\Windows\System32\drivers\semcreserved.sys
[2010/05/11 18:46:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/06 18:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2009/12/03 02:17:04 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/12/03 02:17:04 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/12/03 02:17:04 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009/12/03 02:17:04 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/10/29 18:49:31 | 000,123,780 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT
[2009/10/29 18:49:31 | 000,001,496 | ---- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat
[2009/10/29 18:49:31 | 000,000,728 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2009/10/29 18:49:31 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2009/10/29 18:49:31 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009/10/29 18:49:31 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/10/29 18:49:31 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/10/29 18:49:31 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,370,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,633,464 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,112,456 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/09/22 14:21:34 | 000,127,092 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/08/20 16:45:46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2006/10/28 11:31:44 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcgcoin.dll
[2006/10/20 05:51:32 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcginsr.dll
[2006/10/20 05:51:18 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcgcur.dll
[2006/10/20 05:50:34 | 000,131,072 | ---- | C] () -- C:\Windows\System32\dlcgjswr.dll
[2006/10/20 05:45:26 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcginsb.dll
[2006/10/20 05:45:16 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcgcub.dll
[2006/10/20 05:45:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcgcu.dll
[2006/10/20 05:44:54 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlcgins.dll
[2006/10/20 05:42:56 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlcgutil.dll
[2006/09/06 06:27:28 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcgcfg.dll
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcgvs.dll
[2005/07/05 11:32:24 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcgcnv4.dll

========== LOP Check ==========

[2011/02/18 06:33:58 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\AVG10
[2010/05/30 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\DriverFinder
[2011/02/05 20:47:28 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\Local
[2010/09/20 15:43:45 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\Sony
[2010/07/19 22:47:44 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\T-Mobile
[2010/07/19 23:08:59 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\T-Mobile Internet Manager
[2010/08/21 19:56:05 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\Vodafone
[2011/03/14 02:16:24 | 000,000,000 | ---D | M] -- C:\Users\LaunchXL-One1\AppData\Roaming\Windows Live Writer
[2010/11/27 21:21:24 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
RKinner
Posted 30 April 2011 - 07:51 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
You are running two anti-viruses. MSSE and AVG 2011. This will slow a system down even worse.
Please uninstall AVG 2011. Then run the AVG removal tool:
http://download.avg....6_2011_1322.exe

ComboFix

:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable or Pause your Antivirus software when downloading or running Combofix. Open MSSE, settings tab, select real-time protection, and uncheck "turn on real-time protection"

Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on george and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Undisable MSSE.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Get SIW

http://www.snapfiles.com/get/siw.html

Run it and under Hardware look for Sensors. Click on Sensors and look in the right pane there should be some temperature readings. What are they? Watch your video for a little bit then look again. Are the temps going up?

Download

http://ad13.geekstogo.com/MBRCheck.exe

Save it and run it. It will produce a log MBRCheck(date).txt on your desktop. Copy and paste it into a reply.


1. Double-click My Computer, and then right-click the hard disk that you want to check.
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on My Computer and select Manage then Continue. Select the Event Viewer. Next select Windows Logs. Right click on System and Clear All Events, Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Start, All Programs, Accessories then right click on Command Prompt and select Run As Administrator. Type:

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP or continue).

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
Froots
Posted 15 May 2011 - 01:24 PM

Froots

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hi Ron,

Thank you for getting back to me - sorry my reply is so late but here are my results :)

Combi fix:
ComboFix 11-05-07.01 - LaunchXL-One1 08/05/2011 1:39.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.44.1033.18.2038.1244 [GMT 1:00]
Running from: c:\users\LaunchXL-One1\Desktop\george.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\LaunchXL-One1\AppData\Roaming\Local
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\4.ddi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\dpgyh32zoj6vp.avi.ddr
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_NEW.divx.ddr
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Being.Human.US.S01E01.There.Goes.the.Neighborhood.Part.1.of.2.HDTV.XviD-FQM_ns.avi.ddp
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\dpgyh32zoj6vp.avi.ddp
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_NEW.divx
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(2).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(3).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(4).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(5).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(6).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(7).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video(8).xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video.avi
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video.xvid
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video.xvid(2).ddp
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\video.xvid.ddp
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\video.avi.ddr
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\video.xvid(2).ddr
c:\users\LaunchXL-One1\AppData\Roaming\Local\Temp\DDM\Settings\video.xvid.ddr
.
----- BITS: Possible infected sites -----
.
hxxp://au.download.windowsupdate.com
.
((((((((((((((((((((((((( Files Created from 2011-04-08 to 2011-05-08 )))))))))))))))))))))))))))))))
.
.
2011-05-08 00:32 . 2011-05-08 00:35 -------- d-----w- C:\32788R22FWJFW
2011-05-08 00:25 . 2011-05-08 00:25 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EC25959-B312-4679-A7FC-24BEE32A8BB5}\MpKsl9e30b11d.sys
2011-05-07 23:55 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EC25959-B312-4679-A7FC-24BEE32A8BB5}\mpengine.dll
2011-04-30 01:57 . 2008-10-22 23:00 111928 ------w- c:\windows\system32\BRRBTOOL.EXE
2011-04-30 01:57 . 2007-01-15 23:00 24223 ------w- c:\windows\system32\brlm03a.dll
2011-04-30 01:57 . 2004-08-09 23:42 77824 ------w- c:\windows\system32\brlmw03a.dll
2011-04-30 01:57 . 2011-04-30 01:57 -------- d-----w- c:\program files\Brownie
2011-04-30 01:57 . 2006-12-21 10:23 176128 ------w- c:\windows\system32\BROSNMP.DLL
2011-04-30 01:55 . 2011-04-30 01:56 -------- d-----w- c:\program files\Brother
2011-04-30 01:55 . 2009-05-25 18:14 196608 ------w- c:\windows\system32\Pdrvinst.dll
2011-04-30 01:54 . 2004-04-18 22:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2011-04-30 01:54 . 2004-04-18 22:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2011-04-30 01:54 . 2004-04-18 22:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2011-04-30 01:54 . 2004-04-18 22:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2011-04-30 01:54 . 2004-04-18 22:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2011-04-30 01:54 . 2011-04-30 01:54 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2011-04-30 01:54 . 2011-04-30 01:54 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2011-04-25 18:33 . 2011-02-19 03:37 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-25 18:33 . 2011-02-19 05:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-25 18:31 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-25 18:31 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-25 18:31 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-25 18:31 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-25 18:31 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-25 18:31 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-25 18:30 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-25 18:30 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-25 18:30 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 18:30 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-05-12 21:40 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-19 05:33 . 2011-03-09 06:13 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 06:13 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 06:13 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-04-30 06:06 . 2011-03-24 00:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41 120104 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-29 39408]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-06-23 110592]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 703008]
"EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-18 1157128]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2010-01-08 407416]
"AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2009-08-16 505960]
"iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2010-01-08 490872]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"DataCardMonitor"="c:\program files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2010-07-19 253952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-10-09 2086912]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-10-29 708608]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-9-1 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl9e628ac7;MpKsl9e628ac7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AFC00B90-FCE7-4F21-B5B0-67A6BFCF5E5F}\MpKsl9e628ac7.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 135664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-04-06 13224]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 135664]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 MWLService;MyWinLocker Service;c:\program files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\DRIVERS\sembbus.sys [2008-04-08 260992]
R3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\DRIVERS\sembcard.sys [2008-04-08 338048]
R3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\DRIVERS\sembmdfl2.sys [2008-04-08 14976]
R3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\DRIVERS\sembmdm2.sys [2008-04-08 382080]
R3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sembmgmt.sys [2008-04-08 345216]
R3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\DRIVERS\sembnd5.sys [2008-04-08 24960]
R3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\DRIVERS\sembunic.sys [2008-04-08 344064]
R3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\DRIVERS\sembwwan.sys [2008-04-08 338048]
R3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\DRIVERS\semcreserved.sys [2008-04-08 17408]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 Sony_EricssonWWSC;Sony Ericsson PC SC Port;c:\windows\system32\DRIVERS\seu4scard.sys [2008-04-08 17920]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S1 MpKsl9e30b11d;MpKsl9e30b11d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EC25959-B312-4679-A7FC-24BEE32A8BB5}\MpKsl9e30b11d.sys [2011-05-08 28752]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 18992]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60976]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 EmmaDevMgmtSvc;Emma Device Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe [2010-08-24 306296]
S2 EmmaUpdMgmtSvc;Emma Update Management;c:\program files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe [2010-08-24 162936]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 727584]
S2 Greg_Service;GRegService;c:\program files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2008-08-11 12856]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-10-09 14336]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 12:40]
.
2011-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-11 12:40]
.
2011-02-13 c:\windows\Tasks\Norton Security Scan for LaunchXL-One1.job
- c:\program files\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-02-05 07:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/ig?brand=ACAW&amp;bmod=ACEU
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_one&r=27b505105925l0384ww55w48623719
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\users\LaunchXL-One1\AppData\Roaming\Mozilla\Firefox\Profiles\tjpec830.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-DriverFinder - c:\program files\DriverFinder\DriverFinder.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(348)
c:\program files\EgisTec\MyWinLocker 3\x86\psdprotect.dll
c:\program files\EgisTec\MyWinLocker 3\x86\sysenv.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcgcoms.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-05-08 02:00:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-08 01:00
.
Pre-Run: 91,122,032,640 bytes free
Post-Run: 92,439,908,352 bytes free
.
- - End Of File - - 703EEB353FCDE795A74DBE4EBB2229D2

Procept
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 54.97 0 K 12 K
procexp.exe 1336 37.13 13,300 K 26,564 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
Interrupts n/a 1.84 0 K 0 K Hardware Interrupts and DPCs
explorer.exe 348 1.61 29,068 K 37,224 K Windows Explorer Microsoft Corporation
firefox.exe 2208 1.15 197,920 K 217,452 K Firefox Mozilla Corporation
csrss.exe 500 1.04 9,272 K 8,336 K
lsass.exe 592 0.85 3,028 K 6,324 K Local Security Authority Process Microsoft Corporation
MsMpEng.exe 864 0.54 162,428 K 78,748 K Antimalware Service Executable Microsoft Corporation
System 4 0.54 44 K 1,124 K
svchost.exe 1052 0.09 18,468 K 26,520 K Host Process for Windows Services Microsoft Corporation
svchost.exe 796 0.06 2,752 K 4,944 K Host Process for Windows Services Microsoft Corporation
svchost.exe 716 0.06 3,240 K 6,060 K Host Process for Windows Services Microsoft Corporation
GregHSRW.exe 1900 0.05 1,112 K 3,188 K Global Registration Service Acer Incorporated
svchost.exe 1312 0.02 11,960 K 10,976 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1164 0.01 6,328 K 10,960 K Host Process for Windows Services Microsoft Corporation
wmpnetwk.exe 2768 0.01 5,864 K 5,268 K Windows Media Player Network Sharing Service Microsoft Corporation
SearchProtocolHost.exe 692 0.01 2,296 K 6,004 K
AppleMobileDeviceService.exe 1620 0.01 1,688 K 5,148 K MobileDeviceService Apple Inc.
SearchIndexer.exe 2860 0.01 45,608 K 28,592 K Microsoft Windows Search Indexer Microsoft Corporation
VMCService.exe 1440 < 0.01 14,512 K 11,528 K VMCService Vodafone
svchost.exe 992 < 0.01 62,740 K 66,124 K Host Process for Windows Services Microsoft Corporation
csrss.exe 448 < 0.01 2,556 K 3,764 K
spoolsv.exe 1484 < 0.01 5,788 K 10,760 K Spooler SubSystem App Microsoft Corporation
RS_Service.exe 272 < 0.01 796 K 2,124 K Raw Socket Service Acer Incorporated
wuauclt.exe 4092 1,276 K 4,820 K Windows Update Microsoft Corporation
WmiPrvSE.exe 2260 4,492 K 8,272 K
WmiPrvSE.exe 2720 1,856 K 4,604 K
winlogon.exe 580 1,632 K 4,032 K
wininit.exe 492 912 K 2,900 K
UpdaterService.exe 900 708 K 2,540 K Acer Update Service Acer
TrustedInstaller.exe 1424 3,544 K 7,896 K Windows Modules Installer Microsoft Corporation
taskhost.exe 2808 2,260 K 4,952 K Host Process for Windows Tasks Microsoft Corporation
taskhost.exe 3980 592 K 2,468 K
taskeng.exe 3092 1,012 K 3,608 K
svchost.exe 1512 4,372 K 8,064 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1536 11,312 K 8,208 K Host Process for Windows Services Microsoft Corporation
svchost.exe 948 14,548 K 13,496 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1672 1,028 K 3,172 K Host Process for Windows Services Microsoft Corporation
svchost.exe 504 1,256 K 3,600 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2456 2,276 K 4,080 K Host Process for Windows Services Microsoft Corporation
smss.exe 300 252 K 660 K
services.exe 548 4,520 K 5,804 K
SearchFilterHost.exe 2404 1,368 K 4,152 K
NisSrv.exe 3164 5,616 K 2,924 K Microsoft Network Inspection System Microsoft Corporation
msseces.exe 2420 5,248 K 13,304 K Microsoft Security Client User Interface Microsoft Corporation
mDNSResponder.exe 1648 1,536 K 4,108 K Bonjour Service Apple Inc.
lsm.exe 600 1,244 K 2,736 K
LMIGuardianSvc.exe 1980 1,032 K 3,616 K LMIGuardianSvc LogMeIn, Inc.
IAANTmon.exe 1344 1,524 K 4,184 K RAID Monitor Intel Corporation
explorer.exe 3392 20,000 K 23,516 K Windows Explorer Microsoft Corporation
ePowerSvc.exe 1804 1,112 K 2,928 K ePowerSvc Acer Incorporated
EmmaUpdateMgmt.exe 1780 624 K 1,716 K Emma Update Management Service Sony Ericsson Mobile Communications
EmmaDeviceMgmt.exe 1740 1,080 K 2,732 K Emma Device Management Service Sony Ericsson Mobile Communications
dwm.exe 2888 960 K 3,848 K Desktop Window Manager Microsoft Corporation
dlcgcoms.exe 1704 1,024 K 2,912 K Printer Communication System



Temperatures: My intel atom N27 starts at 35 and then spikes to 57 are using the lap top for a while - the apci stays at 27 and the WDC at 36





MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire one
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 161):
0x82050000 \SystemRoot\system32\ntoskrnl.exe
0x82019000 \SystemRoot\system32\halmacpi.dll
0x81DB2000 \SystemRoot\system32\kdcom.dll
0x88C0A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x88C82000 \SystemRoot\system32\PSHED.dll
0x88C93000 \SystemRoot\system32\BOOTVID.dll
0x88C9B000 \SystemRoot\system32\CLFS.SYS
0x88CDD000 \SystemRoot\system32\CI.dll
0x88D88000 \SystemRoot\system32\drivers\Wdf01000.sys
0x88DF9000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x88E07000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x88E4F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x88E58000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x88E60000 \SystemRoot\system32\DRIVERS\pci.sys
0x88E8A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x88E95000 \SystemRoot\System32\drivers\partmgr.sys
0x88EA6000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x88EAE000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x88EB9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x88EC9000 \SystemRoot\System32\drivers\volmgrx.sys
0x88F14000 \SystemRoot\system32\DRIVERS\intelide.sys
0x88F1B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x88F29000 \SystemRoot\System32\drivers\mountmgr.sys
0x89008000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x890E2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x890EB000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8910E000 \SystemRoot\system32\drivers\amdxata.sys
0x89117000 \SystemRoot\system32\drivers\fltmgr.sys
0x8914B000 \SystemRoot\system32\drivers\fileinfo.sys
0x8915C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8928B000 \SystemRoot\System32\Drivers\msrpc.sys
0x892B6000 \SystemRoot\System32\Drivers\ksecdd.sys
0x892C9000 \SystemRoot\System32\Drivers\cng.sys
0x89326000 \SystemRoot\System32\drivers\pcw.sys
0x89334000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8933D000 \SystemRoot\system32\drivers\ndis.sys
0x88F3F000 \SystemRoot\system32\drivers\NETIO.SYS
0x88F7D000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x88FA2000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x893F4000 \SystemRoot\System32\Drivers\spldr.sys
0x8941B000 \SystemRoot\System32\drivers\rdyboost.sys
0x89448000 \SystemRoot\System32\Drivers\mup.sys
0x89458000 \SystemRoot\System32\drivers\hwpolicy.sys
0x89460000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x89492000 \SystemRoot\system32\DRIVERS\disk.sys
0x894A3000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x894C8000 \SystemRoot\System32\Drivers\BtHidBus.sys
0x894CC000 \SystemRoot\system32\drivers\BMLoad.sys
0x895E9000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x89610000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
0x89618000 \SystemRoot\System32\Drivers\Null.SYS
0x8961F000 \SystemRoot\System32\Drivers\Beep.SYS
0x89626000 \SystemRoot\System32\drivers\vga.sys
0x89632000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89653000 \SystemRoot\System32\drivers\watchdog.sys
0x89660000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x89668000 \SystemRoot\system32\drivers\rdpencdd.sys
0x89670000 \SystemRoot\system32\drivers\rdprefmp.sys
0x89678000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89683000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89691000 \SystemRoot\System32\drivers\tcpip.sys
0x8D409000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D44A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D461000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8D46C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D49E000 \SystemRoot\system32\drivers\afd.sys
0x8D4F8000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8D4FF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8D51E000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8D52F000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D53D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8D550000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8D560000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8D5A1000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8D5AB000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
0x8D5BD000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
0x8D5C5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8D5CF000 \SystemRoot\System32\drivers\discache.sys
0x8D5DB000 \SystemRoot\System32\Drivers\dfsc.sys
0x8D5F3000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8D601000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8D622000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8DC1C000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8E125000 \SystemRoot\System32\Drivers\fastfat.SYS
0x8E14F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8E206000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8E23F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8E25E000 \SystemRoot\system32\DRIVERS\athr.sys
0x8E38B000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8E395000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8E3A5000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8E3B0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8DC00000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8DC0F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8D634000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8D64C000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8D656000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8D663000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8DC13000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8D69A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8D6A7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8D6B0000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8DC15000 \SystemRoot\system32\DRIVERS\lmimirr.sys
0x8D6BD000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8D6CF000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8D6E7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8D6F2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8D714000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8D72C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8D743000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8DC16000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8D75A000 \SystemRoot\system32\DRIVERS\ks.sys
0x8D78E000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8D79C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8D7E0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8F434000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8F6BC000 \SystemRoot\system32\drivers\portcls.sys
0x8F6EB000 \SystemRoot\system32\drivers\drmk.sys
0x8F704000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F711000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8F7EB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x8F400000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x897DA000 \SystemRoot\System32\Drivers\usbvideo.sys
0x90D80000 \SystemRoot\System32\win32k.sys
0x8F417000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F421000 \SystemRoot\system32\DRIVERS\monitor.sys
0x90FE0000 \SystemRoot\System32\TSDDD.dll
0x90C20000 \SystemRoot\System32\cdd.dll
0x90C40000 \SystemRoot\System32\ATMFD.DLL
0x89400000 \SystemRoot\system32\drivers\luafv.sys
0x894D2000 \SystemRoot\system32\drivers\WudfPf.sys
0x8D43A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x894EC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x89532000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x89542000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x89555000 \SystemRoot\system32\drivers\HTTP.sys
0x88FE1000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA7408000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA741A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA743D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA7478000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA74AB000 \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
0xA74AD000 \??\C:\Windows\system32\drivers\LMIRfsDriver.sys
0xA74B7000 \SystemRoot\system32\drivers\peauth.sys
0xA754E000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA7558000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA7579000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA7586000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA75D5000 \SystemRoot\System32\DRIVERS\srv.sys
0xA7627000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0xA7631000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0xA76AD000 \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5465207-3A1B-4AC0-BCDB-A493859E09DC}\MpKsla3a33bfa.sys
0xA76B3000 \??\C:\Users\LAUNCH~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys
0xA7721000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77200000 \Windows\System32\ntdll.dll
0x47750000 \Windows\System32\smss.exe
0x77440000 \Windows\System32\apisetschema.dll
0x00A20000 \Windows\System32\autochk.exe
0x773D0000 \Windows\System32\shlwapi.dll
0x77390000 \Windows\System32\ws2_32.dll
0x77130000 \Windows\System32\msctf.dll

Processes (total 88):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
448 csrss.exe
500 C:\Windows\System32\wininit.exe
512 csrss.exe
560 C:\Windows\System32\services.exe
576 C:\Windows\System32\lsass.exe
584 C:\Windows\System32\lsm.exe
612 C:\Windows\System32\winlogon.exe
732 C:\Windows\System32\svchost.exe
812 C:\Windows\System32\svchost.exe
860 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
960 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1184 C:\Windows\System32\svchost.exe
1296 C:\Windows\System32\svchost.exe
1568 C:\Windows\System32\spoolsv.exe
1604 C:\Windows\System32\svchost.exe
1632 C:\Windows\System32\svchost.exe
1704 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1744 C:\Program Files\Bonjour\mDNSResponder.exe
1768 C:\Windows\System32\svchost.exe
1796 C:\Windows\System32\dlcgcoms.exe
1836 C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
1880 C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
1900 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
1924 C:\Program Files\Acer\Registration\GregHSRW.exe
1976 C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
2028 C:\Program Files\Acer\Acer VCM\RS_Service.exe
356 C:\Windows\System32\svchost.exe
496 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
1096 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
1288 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
2320 WmiPrvSE.exe
2596 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
2604 C:\Windows\System32\taskhost.exe
2728 C:\Windows\System32\dwm.exe
2760 C:\Windows\explorer.exe
3068 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3080 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
3088 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
3104 C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
3116 C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
3484 C:\Windows\System32\SearchIndexer.exe
3592 C:\Windows\System32\igfxext.exe
3644 C:\Windows\System32\igfxsrvc.exe
3720 C:\Program Files\Launch Manager\LManager.exe
3740 C:\Windows\PLFSetI.exe
3756 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3780 C:\Windows\System32\wbem\unsecapp.exe
3812 C:\Program Files\Acer\Android Manager\iSync.exe
4036 WmiPrvSE.exe
4088 C:\Program Files\Acer\Updater\iUpdate.exe
2144 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
2240 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1940 C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
2388 C:\Windows\System32\igfxtray.exe
2384 C:\Windows\System32\hkcmd.exe
2568 C:\Windows\System32\igfxpers.exe
2532 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
2724 C:\Program Files\iTunes\iTunesHelper.exe
3016 C:\Program Files\Windows Media Player\wmpnetwk.exe
2960 C:\Program Files\Microsoft Security Client\msseces.exe
2084 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
3256 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
1476 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
3408 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3424 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3500 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
3020 C:\Program Files\Windows Sidebar\sidebar.exe
3752 C:\Users\LaunchXL-One1\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
3848 C:\Program Files\Acer\Acer VCM\AcerVCM.exe
3996 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
4296 C:\Program Files\iPod\bin\iPodService.exe
4680 C:\Program Files\Mozilla Firefox\firefox.exe
5944 C:\Windows\System32\wuauclt.exe
3416 C:\Program Files\Mozilla Firefox\plugin-container.exe
5560 C:\Windows\explorer.exe
1760 C:\Users\LaunchXL-One1\Desktop\siw.exe
1136 C:\Windows\System32\audiodg.exe
5760 C:\Windows\System32\SearchProtocolHost.exe
4976 C:\Windows\System32\SearchFilterHost.exe
3036 dllhost.exe
5184 dllhost.exe
3956 C:\Users\LaunchXL-One1\Downloads\MBRCheck.exe
3920 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`07076c00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000003`003ebe00 (FAT32)

PhysicalDrive0 Model Number: WDCWD1600BEVT-22ZCT0, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!



when i run vew it tells me if can find the file and would i like to create a new one - to which i say yes and nothing happens! does that mean im doing it wrong or that its all fine?
  • 0

#4
RKinner
Posted 15 May 2011 - 02:24 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I forgot to modify the VEW instructions for Win 7. You should right click on it and Run As Administrator. See if that helps.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply
Posted Image

Is it still running slow?

Can you run Process Explorer one more time and let it sit for a minute before you save the log? It looks like Process Explorer was still doing stuff when you saved the first time since it is the major user of the CPU.

Ron
  • 0

#5
Froots
Posted 16 May 2011 - 11:33 PM

Froots

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hey Ron,

Thank you for getting back to me ....all your requests are below ...but i would like to say that it is running and behaving much faster than it was. I can actually type this without it crashing which is amazing so thank you :)

VEW
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/05/2011 06:12:11

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/05/2011 02:41:43
Type: Error Category: 0
Event: 8032 Source: BROWSER
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A}. The backup browser is stopping.

Log: 'System' Date/Time: 17/05/2011 02:16:19
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom tcpipBM

Log: 'System' Date/Time: 17/05/2011 02:16:16
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 17/05/2011 01:52:31
Type: Error Category: 0
Event: 8032 Source: BROWSER
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A}. The backup browser is stopping.

Log: 'System' Date/Time: 17/05/2011 01:27:34
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.103.1763.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6802.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Log: 'System' Date/Time: 17/05/2011 01:27:34
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.103.1763.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6802.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Log: 'System' Date/Time: 17/05/2011 01:27:34
Type: Error Category: 0
Event: 2001 Source: Microsoft Antimalware
Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.103.1763.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6802.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Log: 'System' Date/Time: 17/05/2011 01:16:22
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom tcpipBM

Log: 'System' Date/Time: 17/05/2011 01:16:16
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Function Discovery Resource Publication service terminated with the following error: %%-2147014847

Log: 'System' Date/Time: 17/05/2011 01:16:14
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 12/05/2011 05:28:22
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: cdrom tcpipBM

Log: 'System' Date/Time: 12/05/2011 05:28:18
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/05/2011 02:40:59
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\KIM-PC on the network \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A}. Browser master: \\KIM-PC Network: \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A} This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 17/05/2011 02:15:21
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 17/05/2011 01:44:08
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\LOUISE-PC on the network \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A}. Browser master: \\LOUISE-PC Network: \Device\NetBT_Tcpip_{91CA2C7E-A23C-4160-9F14-0A517038221A} This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 15/05/2011 19:30:09
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 12/05/2011 04:24:13
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

ASWMBR - the fixmbr button was enabled

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Starter Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire one
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 161):
0x82050000 \SystemRoot\system32\ntoskrnl.exe
0x82019000 \SystemRoot\system32\halmacpi.dll
0x81DB2000 \SystemRoot\system32\kdcom.dll
0x88C0A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x88C82000 \SystemRoot\system32\PSHED.dll
0x88C93000 \SystemRoot\system32\BOOTVID.dll
0x88C9B000 \SystemRoot\system32\CLFS.SYS
0x88CDD000 \SystemRoot\system32\CI.dll
0x88D88000 \SystemRoot\system32\drivers\Wdf01000.sys
0x88DF9000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x88E07000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x88E4F000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x88E58000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x88E60000 \SystemRoot\system32\DRIVERS\pci.sys
0x88E8A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x88E95000 \SystemRoot\System32\drivers\partmgr.sys
0x88EA6000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x88EAE000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x88EB9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x88EC9000 \SystemRoot\System32\drivers\volmgrx.sys
0x88F14000 \SystemRoot\system32\DRIVERS\intelide.sys
0x88F1B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x88F29000 \SystemRoot\System32\drivers\mountmgr.sys
0x89008000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x890E2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x890EB000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8910E000 \SystemRoot\system32\drivers\amdxata.sys
0x89117000 \SystemRoot\system32\drivers\fltmgr.sys
0x8914B000 \SystemRoot\system32\drivers\fileinfo.sys
0x8915C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8928B000 \SystemRoot\System32\Drivers\msrpc.sys
0x892B6000 \SystemRoot\System32\Drivers\ksecdd.sys
0x892C9000 \SystemRoot\System32\Drivers\cng.sys
0x89326000 \SystemRoot\System32\drivers\pcw.sys
0x89334000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8933D000 \SystemRoot\system32\drivers\ndis.sys
0x88F3F000 \SystemRoot\system32\drivers\NETIO.SYS
0x88F7D000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x88FA2000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x893F4000 \SystemRoot\System32\Drivers\spldr.sys
0x8941B000 \SystemRoot\System32\drivers\rdyboost.sys
0x89448000 \SystemRoot\System32\Drivers\mup.sys
0x89458000 \SystemRoot\System32\drivers\hwpolicy.sys
0x89460000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x89492000 \SystemRoot\system32\DRIVERS\disk.sys
0x894A3000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x894C8000 \SystemRoot\System32\Drivers\BtHidBus.sys
0x894CC000 \SystemRoot\system32\drivers\BMLoad.sys
0x895E9000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x89610000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
0x89618000 \SystemRoot\System32\Drivers\Null.SYS
0x8961F000 \SystemRoot\System32\Drivers\Beep.SYS
0x89626000 \SystemRoot\System32\drivers\vga.sys
0x89632000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x89653000 \SystemRoot\System32\drivers\watchdog.sys
0x89660000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x89668000 \SystemRoot\system32\drivers\rdpencdd.sys
0x89670000 \SystemRoot\system32\drivers\rdprefmp.sys
0x89678000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89683000 \SystemRoot\System32\Drivers\Npfs.SYS
0x89691000 \SystemRoot\System32\drivers\tcpip.sys
0x8D409000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D44A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D461000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8D46C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D49E000 \SystemRoot\system32\drivers\afd.sys
0x8D4F8000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8D4FF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8D51E000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8D52F000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D53D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8D550000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8D560000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8D5A1000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8D5AB000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
0x8D5BD000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
0x8D5C5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8D5CF000 \SystemRoot\System32\drivers\discache.sys
0x8D5DB000 \SystemRoot\System32\Drivers\dfsc.sys
0x8D5F3000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8D601000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8D622000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8DC1C000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8E125000 \SystemRoot\System32\Drivers\fastfat.SYS
0x8E14F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8E206000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8E23F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8E25E000 \SystemRoot\system32\DRIVERS\athr.sys
0x8E38B000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x8E395000 \SystemRoot\system32\DRIVERS\L1C62x86.sys
0x8E3A5000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8E3B0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8DC00000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8DC0F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8D634000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8D64C000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x8D656000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8D663000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8DC13000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8D69A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8D6A7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8D6B0000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8DC15000 \SystemRoot\system32\DRIVERS\lmimirr.sys
0x8D6BD000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8D6CF000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8D6E7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8D6F2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8D714000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8D72C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8D743000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8DC16000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8D75A000 \SystemRoot\system32\DRIVERS\ks.sys
0x8D78E000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8D79C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8D7E0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8F434000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8F6BC000 \SystemRoot\system32\drivers\portcls.sys
0x8F6EB000 \SystemRoot\system32\drivers\drmk.sys
0x8F704000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F711000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x8F7EB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x8F400000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x897DA000 \SystemRoot\System32\Drivers\usbvideo.sys
0x90D80000 \SystemRoot\System32\win32k.sys
0x8F417000 \SystemRoot\System32\drivers\Dxapi.sys
0x8F421000 \SystemRoot\system32\DRIVERS\monitor.sys
0x90FE0000 \SystemRoot\System32\TSDDD.dll
0x90C20000 \SystemRoot\System32\cdd.dll
0x90C40000 \SystemRoot\System32\ATMFD.DLL
0x89400000 \SystemRoot\system32\drivers\luafv.sys
0x894D2000 \SystemRoot\system32\drivers\WudfPf.sys
0x8D43A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x894EC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x89532000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x89542000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x89555000 \SystemRoot\system32\drivers\HTTP.sys
0x88FE1000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA7408000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA741A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA743D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA7478000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA74AB000 \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
0xA74AD000 \??\C:\Windows\system32\drivers\LMIRfsDriver.sys
0xA74B7000 \SystemRoot\system32\drivers\peauth.sys
0xA754E000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA7558000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA7579000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA7586000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA75D5000 \SystemRoot\System32\DRIVERS\srv.sys
0xA7627000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0xA7631000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0xA76AD000 \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5465207-3A1B-4AC0-BCDB-A493859E09DC}\MpKsla3a33bfa.sys
0xA76B3000 \??\C:\Users\LAUNCH~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys
0xA7721000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77200000 \Windows\System32\ntdll.dll
0x47750000 \Windows\System32\smss.exe
0x77440000 \Windows\System32\apisetschema.dll
0x00A20000 \Windows\System32\autochk.exe
0x773D0000 \Windows\System32\shlwapi.dll
0x77390000 \Windows\System32\ws2_32.dll
0x77130000 \Windows\System32\msctf.dll

Processes (total 88):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
448 csrss.exe
500 C:\Windows\System32\wininit.exe
512 csrss.exe
560 C:\Windows\System32\services.exe
576 C:\Windows\System32\lsass.exe
584 C:\Windows\System32\lsm.exe
612 C:\Windows\System32\winlogon.exe
732 C:\Windows\System32\svchost.exe
812 C:\Windows\System32\svchost.exe
860 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
960 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1184 C:\Windows\System32\svchost.exe
1296 C:\Windows\System32\svchost.exe
1568 C:\Windows\System32\spoolsv.exe
1604 C:\Windows\System32\svchost.exe
1632 C:\Windows\System32\svchost.exe
1704 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1744 C:\Program Files\Bonjour\mDNSResponder.exe
1768 C:\Windows\System32\svchost.exe
1796 C:\Windows\System32\dlcgcoms.exe
1836 C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
1880 C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
1900 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
1924 C:\Program Files\Acer\Registration\GregHSRW.exe
1976 C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
2028 C:\Program Files\Acer\Acer VCM\RS_Service.exe
356 C:\Windows\System32\svchost.exe
496 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
1096 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
1288 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
2320 WmiPrvSE.exe
2596 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
2604 C:\Windows\System32\taskhost.exe
2728 C:\Windows\System32\dwm.exe
2760 C:\Windows\explorer.exe
3068 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
3080 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
3088 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
3104 C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
3116 C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
3484 C:\Windows\System32\SearchIndexer.exe
3592 C:\Windows\System32\igfxext.exe
3644 C:\Windows\System32\igfxsrvc.exe
3720 C:\Program Files\Launch Manager\LManager.exe
3740 C:\Windows\PLFSetI.exe
3756 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3780 C:\Windows\System32\wbem\unsecapp.exe
3812 C:\Program Files\Acer\Android Manager\iSync.exe
4036 WmiPrvSE.exe
4088 C:\Program Files\Acer\Updater\iUpdate.exe
2144 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
2240 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1940 C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
2388 C:\Windows\System32\igfxtray.exe
2384 C:\Windows\System32\hkcmd.exe
2568 C:\Windows\System32\igfxpers.exe
2532 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
2724 C:\Program Files\iTunes\iTunesHelper.exe
3016 C:\Program Files\Windows Media Player\wmpnetwk.exe
2960 C:\Program Files\Microsoft Security Client\msseces.exe
2084 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
3256 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
1476 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
3408 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3424 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3500 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
3020 C:\Program Files\Windows Sidebar\sidebar.exe
3752 C:\Users\LaunchXL-One1\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
3848 C:\Program Files\Acer\Acer VCM\AcerVCM.exe
3996 C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
4296 C:\Program Files\iPod\bin\iPodService.exe
4680 C:\Program Files\Mozilla Firefox\firefox.exe
5944 C:\Windows\System32\wuauclt.exe
3416 C:\Program Files\Mozilla Firefox\plugin-container.exe
5560 C:\Windows\explorer.exe
1760 C:\Users\LaunchXL-One1\Desktop\siw.exe
1136 C:\Windows\System32\audiodg.exe
5760 C:\Windows\System32\SearchProtocolHost.exe
4976 C:\Windows\System32\SearchFilterHost.exe
3036 dllhost.exe
5184 dllhost.exe
3956 C:\Users\LaunchXL-One1\Downloads\MBRCheck.exe
3920 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`07076c00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000003`003ebe00 (FAT32)

PhysicalDrive0 Model Number: WDCWD1600BEVT-22ZCT0, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

I let process explorer sit for about 5 mins, but it was still changing things around on the list - This is the log - would you like me to let it sit for longer??

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 28.57 0 K 12 K
sidebar.exe 3448 29.06 9,052 K 17,712 K Windows Desktop Gadgets Microsoft Corporation
procexp.exe 4128 18.66 14,156 K 25,580 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
svchost.exe 732 6.69 3,240 K 6,152 K Host Process for Windows Services Microsoft Corporation
PCCompanion.exe 3328 4.15 18,652 K 33,156 K Sony Ericsson PC Companion Sony Ericsson
Interrupts n/a 2.80 0 K 0 K Hardware Interrupts and DPCs
lsass.exe 576 1.94 3,096 K 6,528 K Local Security Authority Process Microsoft Corporation
csrss.exe 508 1.49 9,644 K 7,976 K
SynTPEnh.exe 3780 1.40 2,964 K 8,700 K Synaptics TouchPad Enhancements Synaptics Incorporated
firefox.exe 3896 0.97 153,616 K 173,864 K Firefox Mozilla Corporation
explorer.exe 2844 0.96 28,712 K 31,924 K Windows Explorer Microsoft Corporation
System 4 0.87 44 K 652 K
DDMService.exe 3076 0.43 5,884 K 3,212 K DivX Download Manager Service DivX, LLC
MsMpEng.exe 876 0.27 163,272 K 58,924 K Antimalware Service Executable Microsoft Corporation
ePowerEvent.exe 3100 0.20 824 K 3,516 K
ePowerTray.exe 3204 0.17 2,444 K 5,652 K ePowerTray Acer Incorporated
LManager.exe 3724 0.13 9,572 K 6,396 K
LogMeInSystray.exe 4092 0.09 3,648 K 8,600 K LogMeIn Desktop Application LogMeIn, Inc.
DivXUpdate.exe 760 0.05 4,880 K 12,604 K DivX Update
GregHSRW.exe 1952 0.04 1,092 K 3,504 K Global Registration Service Acer Incorporated
AcerVCM.exe 3140 0.03 1,752 K 6,192 K Acer VCM Acer Incorporated
PCCompanionInfo.exe 4052 0.03 1,896 K 5,416 K
iPodService.exe 4340 0.03 1,684 K 4,820 K iPodService Module (32-bit) Apple Inc.
csrss.exe 448 0.01 1,240 K 2,736 K
MobileConnect.exe 2592 0.01 29,884 K 30,824 K MobileConnect Vodafone
svchost.exe 1256 0.01 6,388 K 10,892 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1080 < 0.01 19,620 K 28,140 K Host Process for Windows Services Microsoft Corporation
wmpnetwk.exe 4204 < 0.01 5,764 K 5,408 K Windows Media Player Network Sharing Service Microsoft Corporation
svchost.exe 1436 < 0.01 10,104 K 10,020 K Host Process for Windows Services Microsoft Corporation
VMCService.exe 1364 < 0.01 14,796 K 13,432 K VMCService Vodafone
svchost.exe 1032 < 0.01 47,600 K 50,444 K Host Process for Windows Services Microsoft Corporation
AppleMobileDeviceService.exe 1712 < 0.01 1,696 K 5,176 K MobileDeviceService Apple Inc.
GoogleToolbarNotifier.exe 3192 < 0.01 3,032 K 1,632 K GoogleToolbarNotifier Google Inc.
explorer.exe 6032 < 0.01 19,432 K 21,944 K Windows Explorer Microsoft Corporation
iTunesHelper.exe 2680 < 0.01 4,904 K 10,188 K iTunesHelper Apple Inc.
RS_Service.exe 2040 < 0.01 800 K 2,268 K Raw Socket Service Acer Incorporated
spoolsv.exe 1544 < 0.01 6,400 K 8,044 K Spooler SubSystem App Microsoft Corporation
LMIGuardianSvc.exe 1996 < 0.01 2,012 K 4,376 K LMIGuardianSvc LogMeIn, Inc.
svchost.exe 1612 < 0.01 11,220 K 10,032 K Host Process for Windows Services Microsoft Corporation
ePowerSvc.exe 1924 < 0.01 1,464 K 4,528 K ePowerSvc Acer Incorporated
wuauclt.exe 5660 1,372 K 5,272 K Windows Update Microsoft Corporation
WmiPrvSE.exe 2452 4,776 K 7,532 K
WmiPrvSE.exe 3984 1,960 K 4,568 K
winlogon.exe 640 1,660 K 3,864 K
wininit.exe 500 900 K 2,940 K
UpdaterService.exe 444 704 K 2,548 K Acer Update Service Acer
unsecapp.exe 3736 1,116 K 4,256 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
taskhost.exe 2736 6,936 K 5,908 K Host Process for Windows Tasks Microsoft Corporation
SynTPHelper.exe 2320 708 K 2,844 K
svchost.exe 1588 4,936 K 8,516 K Host Process for Windows Services Microsoft Corporation
svchost.exe 972 15,648 K 13,840 K Host Process for Windows Services Microsoft Corporation
svchost.exe 812 3,584 K 5,824 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1792 952 K 3,160 K Host Process for Windows Services Microsoft Corporation
svchost.exe 460 1,176 K 3,600 K Host Process for Windows Services Microsoft Corporation
smss.exe 300 252 K 652 K
services.exe 556 4,416 K 6,224 K
SearchIndexer.exe 3536 34,152 K 10,904 K Microsoft Windows Search Indexer Microsoft Corporation
RtHDVCpl.exe 3180 8,004 K 6,228 K HD Audio Control Panel Realtek Semiconductor
plugin-container.exe 2884 10,588 K 14,408 K Plugin Container for Firefox Mozilla Corporation
PLFSetI.exe 3764 1,232 K 4,192 K DefaultSettingEXE MFC Application
ouc.exe 3388 348 K 1,508 K Online Update Clinet Huawei Technologies Co., Ltd.
notepad.exe 2468 1,156 K 5,356 K
NisSrv.exe 2536 5,564 K 2,152 K Microsoft Network Inspection System Microsoft Corporation
mwlDaemon.exe 3232 3,720 K 7,396 K MyWinLocker Egis Technology Inc.
msseces.exe 2920 4,520 K 9,552 K Microsoft Security Client User Interface Microsoft Corporation
mDNSResponder.exe 1772 1,564 K 4,228 K Bonjour Service Apple Inc.
lsm.exe 584 1,376 K 2,764 K
jusched.exe 3064 2,108 K 6,952 K Java™ Update Scheduler Sun Microsystems, Inc.
iUpdate.exe 4072 1,680 K 6,208 K Acer Updater for Android™ Insyde Software Corp.
iSync.exe 3884 2,504 K 5,980 K Sync Data Insyde Software Corp.
igfxtray.exe 2376 1,392 K 4,216 K igfxTray Module Intel Corporation
igfxsrvc.exe 3620 1,684 K 4,544 K igfxsrvc Module Intel Corporation
igfxpers.exe 2508 1,456 K 4,544 K persistence Module Intel Corporation
igfxext.exe 3568 1,148 K 3,832 K igfxext Module Intel Corporation
IAANTmon.exe 1216 1,612 K 4,372 K RAID Monitor Intel Corporation
IAAnotif.exe 3168 1,844 K 5,032 K Event Monitor User Notification Tool Intel Corporation
hkcmd.exe 2396 1,412 K 4,124 K hkcmd Module Intel Corporation
EmmaUpdateMgmt.exe 1900 624 K 1,712 K Emma Update Management Service Sony Ericsson Mobile Communications
EmmaDeviceMgmt.exe 1864 1,008 K 2,828 K Emma Device Management Service Sony Ericsson Mobile Communications
EgisUpdate.exe 3216 4,284 K 10,264 K EgisUpdate Release Application Egis Technology Inc.
dwm.exe 2820 1,088 K 4,052 K Desktop Window Manager Microsoft Corporation
dlcgcoms.exe 1824 1,044 K 3,032 K Printer Communication System
DataCardMonitor.exe 2236 1,140 K 4,800 K DataCardMonitor MFC Application Huawei Technologies Co., Ltd.
  • 0

#6
RKinner
Posted 17 May 2011 - 12:21 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Process Explorer is showing that sidebar.exe is eating up a lot of resources. Let's turn it off:

http://www.howtogeek...s-on-windows-7/

Start where it says:
"Disabling Sidebar/Desktop Gadgets in Windows 7"

Also uninstall
McAfee SiteAdvisor Service

Right click on My Computer and select Manage (Continue) then Services and Applications then Services. Find the
Function Discovery Resource Publication service and right click on it and then Properties. Change the Startup Type: from Automatic to Automatic (Delayed)

Apply. Try to START the service. Does it start or does it give you an error message?

Close the services window.

Let's turn off netbios. Unless you are part of a company you don't need it:

Click Start, and then click Network. (Or you can click Start, type ncpa.cpl into the search box, and press ENTER).
Click on the Network and Sharing Center, and then click Manage Network Connections.
Right click on the Local Area Connection or the connection you are using.
Select the Internet Protocol version 4 (TCP/IPv4)
Click the Advanced button under the General tab.
Click the WINS tab.
Uncheck the Enable NetBIOS Over TCP/IP button.
Click Ok.

I would also uninstall MSSE. It doesn't look like it's happy. Then replace it with the free Avast.
http://www.avast.com...ivirus-download

Download, Save, and right click and Run As Administrator.

Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows.

Run Process Explorer again and post the new log.

Also run VEW again as beofre and post the logs.

Could I see the log that aswMBR created?

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP