Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 running at 100% CPU usage


  • This topic is locked This topic is locked

#16
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Funny. Do this:

  • Please download RegQuery by Noviciate to your desktop.
  • Copy the following registry keypath (one line each time) by highlighting the text and pressing CTRL and C at the same time.

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  • Right click on RegQuery.exe icon on your desktop and click on Run as administrator
  • Paste the text you have copied using CRTL and V, into the textbox
  • Click the Query button
  • A Notepad file will open. Please paste the contents for each query in your next reply
  • You may now close the RegQuery program

  • 0

Advertisements


#17
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Windows Defender"="C:\\Program Files\\Windows Defender\\MSASCui.exe -hide"
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"MobileConnect"="%programfiles%\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe /silent"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"vmware-tray"="\"C:\\Program Files\\VMware\\VMware Workstation\\vmware-tray.exe\""
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"NeroFilterCheck"="C:\\Windows\\system32\\NeroCheck.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"Conime"="%windir%\\system32\\conime.exe"

--------------------------------


Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"
"Apoint"="C:\\Program Files\\DellTPad\\Apoint.exe"
"Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"
"ADAiO2StatusMonitor"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\ADAiO2MUI.exe"
"Run StartupMonitor"="StartupMonitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@=""
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@=""
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@=""
"Installed"="1"
  • 0

#18
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
conime.exe is Microsoft Console IME (Input Method Editor). It executes whenever a command prompt is opened.

It seems legit file so I will not remove it. Actually what problems with your computer you have at a moment?
  • 0

#19
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
The laptop sounds like a hoover, very noisy. and the cpu usage will jump to 100% and stay there for hours even with nothing running.
I just opened tuneup proccess manager and it jumped to 100% with tuneup using 46%. and only 640 megabytes being used out of a 2 gig total.
Im baffled.
If you want a closer look I can run teamviewer and pm you the details?
  • 0

#20
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
I'm sorry to hear that and understand your frustration but from logs it looks like your problems with computer are not malware related.

Please do the following:

Step 1

  • Please download Speccy from here install and run it.
  • Wait a few minutes then click File menu then Save as Text file... and save report to your desktop.
  • Please attach that report in your next reply.

How to add an attachment to a new topic or reply

Step 2

Please download SINO by Artellos.
  • Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
  • Then please check the following checkboxes:

    System Info
    Services
    Boot Check
    Tasklist
    Startup Items
    Event Log

  • Once checked, hit the Run Scan! button and wait for the program to finish the scan.
  • A notepad window will pop up. Please copy all of the content into your next reply.
Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.
  • 0

#21
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Summary
Operating System
MS Windows 7 Ultimate 32-bit SP1
CPU
AMD Turion 64 Mobile TK-55 67 °C
Tyler 65nm Technology
RAM
2.0GB Dual-Channel DDR2 @ 159MHz (5-5-5-15)
Motherboard
Dell Inc. (Microprocessor) 74 °C
Graphics
Generic PnP Monitor ([email protected])
ATI Radeon X1200 Series (Dell)
Hard Drives
78GB TOSHIBA TOSHIBA MK8037GSX ATA Device (SATA) 40 °C
Optical Drives
MagicISO Virtual DVD-ROM0000
TSSTcorp DVD+-RW TS-L632H ATA Device
Audio
High Definition Audio Device
Operating System
MS Windows 7 Ultimate 32-bit SP1
Installation Date: 11 April 2010, 15:59
Serial Number: XXXXXXXXXXXXXXXXXXXXXX
Windows Security Center
User Account Control (UAC) Enabled
Notify level 1 - Rare Notify
Firewall Enabled
Windows Update
AutoUpdate Notify prior to download
Windows Defender
Windows Defender Enabled
TimeZone
TimeZone GMT
TimeZone GMT 0 Hours
Language English
Country Ireland
Currency €
Date Format dd/MM/yyyy
Time Format HH:mm:ss
Power Profile
Active power scheme Home/Office Desk
Hibernation Disabled
Scheduler
22/05/2011 23:02 GoogleUpdateTaskMachineUA
23/05/2011 07:02 GoogleUpdateTaskMachineCore
23/05/2011 10:00 Java Update Scheduler
27/05/2011 17:15 1-Click Maintenance
Disabled TuneUpUtilities_Task_BkGndMaintenance2011
Hotfixes
19/05/2011 Update for Windows 7 (KB2534366)
19/05/2011 Windows Malicious Software Removal Tool - May 2011 (KB890830)
19/05/2011 Update for Windows 7 (KB2534366)
19/05/2011 Update for Windows 7 (KB2533552)
06/05/2011 Update for Windows 7 (KB2492386)
06/05/2011 Update for Windows 7 (KB2506928)
06/05/2011 Update for Windows 7 (KB982018)
06/05/2011 Update for Windows 7 (KB2522422)
06/05/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
06/05/2011 Update for Windows 7 (KB2515325)
21/04/2011 Windows Internet Explorer 9 for Windows 7
15/04/2011 Security Update for Windows 7 (KB2508429)
15/04/2011 Security Update for Windows 7 (KB2510531)
15/04/2011 Security Update for Windows 7 (KB2509553)
15/04/2011 Security Update for Windows 7 (KB2507618)
15/04/2011 Update for Windows 7 (KB2524375)
15/04/2011 Security Update for Windows 7 (KB2506223)
15/04/2011 Security Update for Windows 7 (KB2491683)
15/04/2011 Update for Windows 7 (KB2511250)
15/04/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708)
15/04/2011 Security Update for Windows 7 (KB2503658)
15/04/2011 Windows Malicious Software Removal Tool - April 2011 (KB890830)
15/04/2011 Security Update for Windows 7 (KB2506212)
15/04/2011 Security Update for Windows 7 (KB2511455)
15/04/2011 Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2446710)
15/04/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB2508272)
15/04/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2497640)
15/04/2011 Security Update for Windows 7 (KB2508429)
15/04/2011 Security Update for .NET Framework 3.5.1 on Windows 7 SP1 x86 (KB2446710)
15/04/2011 Security Update for Windows 7 (KB2511455)
15/04/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2446708)
15/04/2011 Security Update for Windows 7 (KB2506223)
15/04/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB2508272)
15/04/2011 Security Update for Windows 7 (KB2506212)
15/04/2011 Update for Windows 7 (KB2524375)
15/04/2011 Security Update for Windows 7 (KB2509553)
15/04/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2497640)
15/04/2011 Security Update for Windows 7 (KB2503658)
17/03/2011 Windows Malicious Software Removal Tool - March 2011 (KB890830)
17/03/2011 Update for Windows 7 (KB2505438)
17/03/2011 Security Update for Windows 7 (KB2479943)
24/02/2011 Windows 7 Service Pack 1 (KB976932)
24/02/2011 Windows 7 Service Pack 1 (KB976932)
24/02/2011 Windows 7 Service Pack 1 (KB976932)
24/02/2011 Windows 7 Service Pack 1 (KB976932)
24/02/2011 Windows 7 Service Pack 1 (KB976932)
23/02/2011 Update for Windows 7 (KB2484033)
23/02/2011 Update for Windows 7 (KB2387530)
23/02/2011 Update for Windows 7 (KB2484033)
23/02/2011 Update for Windows 7 (KB2484033)
23/02/2011 Update for Windows 7 (KB2387530)
23/02/2011 Update for Windows 7 (KB2484033)
23/02/2011 Update for Windows 7 (KB2387530)
23/02/2011 Update for Windows 7 (KB2484033)
23/02/2011 Update for Windows 7 (KB2387530)
14/02/2011 Security Update for Windows 7 (KB2479628)
14/02/2011 Security Update for Windows 7 (KB2425227)
14/02/2011 Security Update for Windows 7 (KB2475792)
14/02/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2482017)
14/02/2011 Windows Malicious Software Removal Tool - February 2011 (KB890830)
14/02/2011 Security Update for Windows 7 (KB2485376)
14/02/2011 Security Update for Windows 7 (KB2393802)
14/02/2011 Update for Windows 7 (KB2454826)
14/02/2011 Update for Windows 7 (KB2467023)
14/02/2011 Update for Windows 7 (KB2502285)
15/01/2011 Update for Windows 7 (KB976902)
15/01/2011 Windows Malicious Software Removal Tool - January 2011 (KB890830)
15/01/2011 Security Update for Windows 7 (KB2419640)
05/01/2011 Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB954430)
05/01/2011 Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB973688)
16/12/2010 Security Update for Windows 7 (KB2423089)
16/12/2010 Update for Windows 7 (KB2443685)
16/12/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2416400)
16/12/2010 Security Update for Windows 7 (KB2305420)
16/12/2010 Security Update for Windows 7 (KB2296199)
16/12/2010 Security Update for Windows 7 (KB2385678)
16/12/2010 Security Update for Windows 7 (KB2442962)
16/12/2010 Update for Windows 7 (KB982110)
16/12/2010 Update for Internet Explorer for Windows 7 (KB2467659)
16/12/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2447568)
16/12/2010 Windows Malicious Software Removal Tool - December 2010 (KB890830)
16/12/2010 Security Update for Windows 7 (KB2436673)
20/11/2010 Windows Malicious Software Removal Tool - November 2010 (KB890830)
27/10/2010 Update for Windows 7 (KB2249857)
27/10/2010 Cumulative Update for Media Center for Windows 7 (KB2284742)
27/10/2010 Update for Windows 7 (KB2388210)
27/10/2010 Update for Windows 7 (KB2249857)
27/10/2010 Update for Windows 7 (KB976902)
14/10/2010 Security Update for Windows 7 (KB979687)
14/10/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2360131)
14/10/2010 Security Update for Windows 7 (KB982132)
14/10/2010 Security Update for Windows 7 (KB2207566)
14/10/2010 Security Update for Windows 7 (KB2296011)
14/10/2010 Security Update for Windows 7 (KB2387149)
14/10/2010 Security Update for Windows 7 (KB2378111)
14/10/2010 Security Update for Windows 7 (KB981957)
14/10/2010 Update for Windows 7 (KB2345886)
14/10/2010 Windows Malicious Software Removal Tool - October 2010 (KB890830)
14/10/2010 Security Update for Windows 7 (KB2281679)
14/10/2010 Security Update for Windows 7 (KB979688)
14/10/2010 Update for Internet Explorer 8 for Windows 7 (KB2398632)
07/10/2010 Security Update for Windows 7 (KB2347290)
07/10/2010 Update for Windows 7 (KB2158563)
07/10/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB2183461)
07/10/2010 Security Update for Microsoft .NET Framework 3.5.1 and Windows 7 x86 (KB2416471)
07/10/2010 Windows Malicious Software Removal Tool - September 2010 (KB890830)
07/10/2010 Microsoft .NET Framework 4 Client Profile for Windows 7 x86 (KB982670)
07/10/2010 Update for Windows 7 (KB976422)
07/10/2010 Update for Windows 7 (KB979538)
07/10/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2362765)
11/09/2010 Update for Windows 7 (KB971033)
06/09/2010 Security Update for Windows 7 (KB978886)
06/09/2010 Security Update for .NET Framework 3.5.1 on Windows 7 x86 (KB983590)
06/09/2010 Microsoft .NET Framework 3.5 SP1 Update for Windows 7 x86 (KB982526)
06/09/2010 Security Update for Windows 7 (KB982665)
06/09/2010 Security Update for Windows 7 (KB982799)
06/09/2010 Security Update for Windows 7 (KB2079403)
06/09/2010 Update for Windows 7 (KB980846)
06/09/2010 Update for Windows 7 (KB2272691)
06/09/2010 Security Update for Windows 7 (KB982214)
06/09/2010 Cumulative Update for Media Center for Windows 7 (KB981078)
06/09/2010 Security Update for Windows 7 (KB977165)
06/09/2010 Security Update for Windows 7 (KB981852)
06/09/2010 Security Update for Windows 7 (KB2286198)
06/09/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB982664)
06/09/2010 Security Update for Windows 7 (KB980436)
06/09/2010 Security Update for Windows 7 (KB2160329)
15/06/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB982632)
15/06/2010 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB980195)
15/06/2010 Security Update for Windows 7 (KB979559)
15/06/2010 Security Update for Windows 7 (KB979482)
15/06/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB982381)
15/06/2010 Windows Malicious Software Removal Tool - June 2010 (KB890830)
15/06/2010 Update for Windows 7 (KB981793)
15/06/2010 Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 x86 (KB979916)
15/06/2010 Security Update for Windows 7 (KB980218)
15/06/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB982632)
15/06/2010 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB980195)
15/06/2010 Security Update for Windows 7 (KB979482)
15/06/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB982381)
15/06/2010 Update for Windows 7 (KB981793)
15/06/2010 Security Update for Windows 7 (KB979559)
15/06/2010 Security Update for Windows 7 (KB980218)
15/06/2010 Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 x86 (KB979916)
20/05/2010 Update for Windows 7 (KB971033)
12/05/2010 Windows Malicious Software Removal Tool - May 2010 (KB890830)
12/05/2010 Security Update for Windows 7 (KB978542)
29/04/2010 Update for Windows 7 (KB975496)
29/04/2010 Update for Windows 7 (KB980408)
17/04/2010 Broadcom driver update for Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
16/04/2010 Microsoft Browser Choice Screen Update for EEA Users of Windows 7 (KB976002)
15/04/2010 Definition Update for Windows Defender - KB915597 (Definition 1.79.1918.0)
14/04/2010 Security Update for Windows 7 (KB975467)
14/04/2010 Security Update for Windows 7 (KB978601)
14/04/2010 Cumulative Security Update for Internet Explorer 8 for Windows 7 (KB980182)
14/04/2010 Windows Malicious Software Removal Tool - April 2010 (KB890830)
14/04/2010 Update for Windows 7 (KB977074)
14/04/2010 Update for Windows 7 (KB976264)
14/04/2010 Security Update for Windows 7 (KB974571)
14/04/2010 Update for Windows 7 (KB974431)
14/04/2010 Update for Windows 7 (KB976662)
14/04/2010 Security Update for Windows 7 (KB971468)
14/04/2010 Security Update for Windows 7 (KB972270)
14/04/2010 Security Update for Windows 7 (KB975560)
14/04/2010 Security Update for Windows 7 (KB979683)
14/04/2010 Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB980302)
14/04/2010 Cumulative Update for Media Center for Windows 7 (KB977863)
14/04/2010 Update for Windows 7 (KB979306)
14/04/2010 Security Update for Windows 7 (KB981332)
14/04/2010 Update for Rights Management Services Client for Windows 7 (KB979099)
14/04/2010 Security Update for Windows 7 (KB979309)
14/04/2010 Cumulative Security Update for ActiveX Killbits for Windows 7 (KB978262)
14/04/2010 Security Update for Windows 7 (KB980232)
Battery
AC line Online
Battery full time Unknown
Battery Charge % 96 %
Battery State Unknown status
Amount of time remaining (sec) Unknown
Services
Running Advent AIO Network Discovery Service
Running Application Experience
Running Application Information
Running Ati External Event Utility
Running avast! Antivirus
Running Base Filtering Engine
Running Certificate Propagation
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Dell Internal Network Card Power Management
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Listener
Running HomeGroup Provider
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running MBAMService
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Offline Files
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Plug and Play
Running PnP-X IP Bus Enumerator
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Desktop Configuration
Running Remote Desktop Services
Running Remote Desktop Services UserMode Port Redirector
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running SBSD Security Center Service
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running TuneUp Program Statistics Service
Running TuneUp Theme Extension
Running TuneUp Utilities Service
Running UPnP Device Host
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Time
Running Windows Update
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Running Yahoo! Updater
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Apple Mobile Device
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped Background Intelligent Transfer Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Bonjour Service
Stopped BranchCache
Stopped BWMeter Connections Service
Stopped COM+ System Application
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped FsUsbExService
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped Hotspot Shield Monitoring Service
Stopped Hotspot Shield Routing Service
Stopped Hotspot Shield Service
Stopped Hotspot Shield Tray Service
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped iPod Service
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Parental Controls
Stopped Performance Logs & Alerts
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped ServiceLayer
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped TuneUp Drive Defrag Service
Stopped Virtual Disk
Stopped VMware Agent Service
Stopped Vodafone Mobile Connect Service
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Search
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WWAN AutoConfig
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
AMD Athlon™ 64 X2 Dual-Core Processor TK-55
AMD Athlon™ 64 X2 Dual-Core Processor TK-55
ACPI Thermal Zone
System board
ACPI Lid
ACPI Power Button
ACPI Sleep Button
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Microsoft ACPI-Compliant Control Method Battery
Microsoft Windows Management Interface for ACPI
PCI bus
PCI standard host CPU bridge
ATI I/O Communications Processor SMBus Controller
AMD HyperTransport™ Configuration
AMD Address Map Configuration
AMD DRAM and HyperTransport™ Trace Mode Configuration
AMD Miscellaneous Configuration
System board
System board
PCI standard PCI-to-PCI bridge
ATI Radeon X1200 Series
Generic PnP Monitor
PCI standard PCI-to-PCI bridge
Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
Microsoft Virtual WiFi Miniport Adapter
PCI standard PCI-to-PCI bridge
Broadcom NetXtreme 57xx Gigabit Controller
Standard Dual Channel PCI IDE Controller
ATA Channel 1
ATA Channel 0
TOSHIBA MK8037GSX ATA Device
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard Dual Channel PCI IDE Controller
ATA Channel 1
ATA Channel 0
TSSTcorp DVD+-RW TS-L632H ATA Device
High Definition Audio Controller
High Definition Audio Device
HDA CX11270 Soft Modem
ATI I/O Communications Processor LPC Controller
Dell Touchpad
Standard PS/2 Keyboard
System CMOS/real time clock
System timer
System speaker
System board
Direct memory access controller
Numeric data processor
High precision event timer
Communications Port (COM1)
System board
ATI I/O Communications Processor PCI Bus Controller
O2Micro OZ711EZ1/MZ1 MemoryCardBus Controller
1394 OHCI Compliant Host Controller
CPU
AMD Turion 64 Mobile TK-55
Cores 2
Threads 2
Name AMD Turion 64 Mobile TK-55
Code Name Tyler
Package Socket S1 (638)
Technology 65nm
Specification AMD Athlon™ 64 X2 Dual-Core Processor TK-55
Family F
Extended Family F
Model 8
Extended Model 68
Stepping 1
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, AMD 64
Virtualization Supported, Disabled
Hyperthreading Not supported
Bus Speed 199.6 MHz
Rated Bus Speed 798.5 MHz
Stock Core Speed 1800 MHz
Stock Bus Speed 200 MHz
Average Temperature 67 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 256 KBytes
Core 0
Core Speed 798.4 MHz
Multiplier x 4.0
Bus Speed 199.6 MHz
Rated Bus Speed 798.5 MHz
Temperature 65 °C
Thread 1
APIC ID 0
Core 1
Core Speed 798.4 MHz
Multiplier x 4.0
Bus Speed 199.6 MHz
Rated Bus Speed 798.5 MHz
Temperature 69 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 159.7 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 21 clocks
Command Rate (CR) 2T
Physical Memory
Memory Usage 57 %
Total Physical 1.87 GB
Available Physical 819 MB
Total Virtual 1.99 GB
Available Virtual 1.87 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T2953EZ3-CE6
Serial Number 3137BA8B
Week/year 37 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T2953EZ3-CE6
Serial Number 3137BA56
Week/year 37 / 07
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Dell Inc.
Chipset Vendor ATI
Chipset Model RS690/RS690M
Chipset Revision 00
Southbridge Vendor ATI
Southbridge Model SB600
Southbridge Revision 00
System Temperature 74 °C
BIOS
Brand Dell Inc.
Version A09
Date 02/21/2010
Graphics
Monitor
Name Generic PnP Monitor on ATI Radeon X1200 Series
Current Resolution 1280x800 pixels
Work Resolution 1280x760 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI Radeon X1200 Series
GPU RS690M
Device ID 1002-791F
Subvendor Dell (1028)
Current Performance Level Level 1
Die Size 49 nm?
Release Date Feb 28, 2007
DirectX Support 9.0b
DirectX Shader Model 2.0
OpenGL Support 2.0
Bios Core Clock 400.00
Bios Mem Clock 400.00
Driver atiumdag.dll
Driver version 8.14.10.0647
ROPs 4
Shaders Vertex 4/Pixel 4
Memory Type System
Count of performance levels : 1
Level 0
Hard Drives
TOSHIBA MK8037GSX ATA Device
Manufacturer TOSHIBA
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA/ATAPI-7
48-bit LBA Supported
Serial Number X73FTRZ9T
Interface SATA
Capacity 78GB
Real size 80,026,361,856 bytes
S.M.A.R.T
01 Read Error Rate 100 (100 worst) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 100 (100) Data 000000042B
04 Start/Stop Count 100 (100) Data 0000000313
05 Reallocated Sectors Count 100 (100) Data 0000000018
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 091 (091) Data 0000000E7A
0A Spin Retry Count 115 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 0000000305
C0 Power-off Retract Count 100 (100) Data 0000000004
C1 Load/Unload Cycle Count 096 (096) Data 000000C349
C2 Temperature 100 (100) Data 0000010028
C4 Reallocation Event Count 100 (100) Data 0000000018
C5 Current Pending Sector Count 100 (100) Data 0000000029
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000007
DC Disk Shift 100 (100) Data 00000000A1
DE Loaded Hours 094 (094) Data 0000000AE8
DF Load/Unload Retry Count 100 (100) Data 0000000000
E0 Load Friction 100 (100) Data 0000000000
E2 Load 'In'-time 100 (100) Data 0000000142
F0 Head Flying Hours 100 (100) Data 0000000000
Temperature 40 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 100 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number E216A004
Size 74GB
Used Space 48GB (64%)
Free Space 26.8GB (36%)
Optical Drives
MagicISO Virtual DVD-ROM0000
Media Type DVD-ROM
Name MagicISO Virtual DVD-ROM0000
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive F:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 4
SCSI Target Id 0
Status OK
TSSTcorp DVD+-RW TS-L632H ATA Device
Media Type DVD Writer
Name TSSTcorp DVD+-RW TS-L632H ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 2
SCSI Target Id 0
Status OK
Audio
Sound Card
High Definition Audio Device
Playback Device
Speakers (High Definition Audio Device)
Recording Devices
Line In (High Definition Audio Device)
Microphone (High Definition Audio Device) (default)
Speaker Configuration
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Dell Touchpad
Device Kind Mouse
Device Name Dell Touchpad
Location plugged into PS/2 mouse port
Driver
Date 8-24-2007
Version 7.1.102.7
File C:\Windows\system32\DRIVERS\Apfiltr.sys
File C:\Windows\system32\Vxdif.dll
File C:\Program Files\DellTPad\Apoint.exe
File C:\Program Files\DellTPad\ApntEx.exe
File C:\Program Files\DellTPad\Apoint.dll
File C:\Program Files\DellTPad\Elprop.dll
File C:\Program Files\DellTPad\EzAuto.dll
File C:\Program Files\DellTPad\Uninstap.exe
File C:\Program Files\DellTPad\ApInst.dll
File C:\Program Files\DellTPad\hidfind.exe
File C:\Program Files\DellTPad\ApMsgFwd.exe
File C:\Program Files\DellTPad\ApMouCpl.dll
File C:\Program Files\DellTPad\DellTPad.exe
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\WdfCoInstaller01005.dll
ADVENT PREMIUM WiFi AIO AWP10 - WIFI
Device Kind Camera/scanner
Device Name ADVENT PREMIUM WiFi AIO AWP10 - WIFI
Driver
Date 9-24-2010
Version 1.1.15.0
File C:\Windows\system32\advent\ad_aio2esp\adAIO2wia2Drv.dll
File C:\Windows\system32\advent\ad_aio2esp\adAIO2WiaShellExt.dll
File C:\Windows\system32\advent\ad_aio2esp\adAIO2WiaShellExtRes.dll
File C:\Windows\system32\drivers\serscan.sys
File C:\Windows\system32\adAIO2WiaCoInst.dll
File C:\Windows\system32\adAIO2WiaCoInstRes.dll
ADVENT PREMIUM WiFi AIO AWP10 - WIFI
Device Kind Camera/scanner
Device Name ADVENT PREMIUM WiFi AIO AWP10 - WIFI
Driver
Date 9-24-2010
Version 1.1.15.0
File C:\Windows\system32\advent\ad_aio2esp\adAIO2wia2Drv.dll
File C:\Windows\system32\advent\ad_aio2esp\adAIO2WiaShellExt.dll
File C:\Windows\system32\advent\ad_aio2esp\adAIO2WiaShellExtRes.dll
File C:\Windows\system32\drivers\serscan.sys
File C:\Windows\system32\adAIO2WiaCoInst.dll
File C:\Windows\system32\adAIO2WiaCoInstRes.dll
Network
You are connected to the internet
Connected through Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 192.168.1.1
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 178.167.214.110
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name VMW4R3-PC
DNS Name VMw4r3-PC
Domain Name VMw4r3-PC
Remote Desktop
Console
State Active
Domain VMw4r3-PC
RDP-Tcp
State Listen
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (3-Connect-5503)
SSID 3-Connect-5503
Name No name
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
Media Sharing Enabled
Adapters List
Anchorfree HSS Adapter
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Microsoft Virtual WiFi Miniport Adapter
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
IP Address 192.168.1.103
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Network Shares
Users C:\Users
ADVENT PREMIUM WiFi AIO AWP10 ADVENT PREMIUM WiFi AIO AWP10,LocalsplOnly



------------------------------------------------------




System Investigator by Olrik
Log Created On: 2307_22-05-2011
SINO Version: 3.1.0.0

Total RAM: 1918 MB | Free RAM: 791 MB | Pagefile Size: 1918 MB
C: | 27433 MB out of 76216 MB Free | Local Fixed Disk
D: | None | CD-ROM Disc
F: | None | CD-ROM Disc

<<<< System Information >>>>

Computer Name: VMW4R3-PC
Username: VMw4r3
Language Setting: ENI
Windows Directory: C:\Windows
Windows Version: Windows 7 Service Pack 1
UAC Status: On
Windows Mode: Normal

<<<< Tasklist >>>>

[System Idle Process] - Process ID: 0
[System] - Process ID: 4
[smss.exe] - Process ID: 304
[C:\Windows\system32\csrss.exe] - Process ID: 404
[C:\Windows\system32\wininit.exe] - Process ID: 476
[C:\Windows\system32\csrss.exe] - Process ID: 492
[C:\Windows\system32\services.exe] - Process ID: 536
[C:\Windows\system32\winlogon.exe] - Process ID: 568
[C:\Windows\system32\lsass.exe] - Process ID: 596
[C:\Windows\system32\lsm.exe] - Process ID: 604
[C:\Windows\system32\svchost.exe] - Process ID: 712
[C:\Windows\system32\svchost.exe] - Process ID: 800
[C:\Windows\system32\Ati2evxx.exe] - Process ID: 848
[C:\Windows\System32\svchost.exe] - Process ID: 916
[C:\Windows\System32\svchost.exe] - Process ID: 976
[C:\Windows\system32\svchost.exe] - Process ID: 1008
[C:\Windows\system32\svchost.exe] - Process ID: 1164
[C:\Windows\system32\svchost.exe] - Process ID: 1364
[C:\Windows\system32\Ati2evxx.exe] - Process ID: 1448
[C:\Program Files\Alwil Software\Avast5\AvastSvc.exe] - Process ID: 1536
[C:\Windows\System32\spoolsv.exe] - Process ID: 1872
[C:\Windows\system32\svchost.exe] - Process ID: 1908
[C:\Program Files\Advent\AIO\Center\ADAIOHostService.exe] - Process ID: 1988
[C:\Windows\system32\taskhost.exe] - Process ID: 368
[C:\Windows\system32\Dwm.exe] - Process ID: 784
[C:\Program Files\DellTPad\Apoint.exe] - Process ID: 2080
[C:\Program Files\Alwil Software\Avast5\AvastUI.exe] - Process ID: 2088
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe] - Process ID: 2104
[C:\Windows\System32\spool\drivers\w32x86\3\ADAiO2MUI.exe] - Process ID: 2112
[C:\Program Files\Dell\QuickSet\quickset.exe] - Process ID: 2292
[C:\Windows\system32\svchost.exe] - Process ID: 2580
[C:\Windows\System32\TUProgSt.exe] - Process ID: 2628
[C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe] - Process ID: 2680
[C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe] - Process ID: 2772
[C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe] - Process ID: 2920
[C:\Program Files\Dell\QuickSet\NicConfigSvc.exe] - Process ID: 3012
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe] - Process ID: 3164
[C:\Windows\system32\wbem\wmiprvse.exe] - Process ID: 3544
[C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe] - Process ID: 3652
[C:\Windows\system32\svchost.exe] - Process ID: 3912
[C:\Windows\system32\svchost.exe] - Process ID: 2508
[C:\Program Files\DellTPad\ApMsgFwd.exe] - Process ID: 3864
[C:\Windows\System32\svchost.exe] - Process ID: 2064
[C:\Program Files\DellTPad\HidFind.exe] - Process ID: 4264
[C:\Program Files\Windows Media Player\wmpnetwk.exe] - Process ID: 4428
[C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe] - Process ID: 5892
[C:\Windows\Explorer.exe] - Process ID: 1508
[C:\Users\VMw4r3\AppData\Local\Mozilla Firefox\firefox.exe] - Process ID: 5848
[C:\Users\VMw4r3\AppData\Local\Mozilla Firefox\plugin-container.exe] - Process ID: 3068
[C:\Users\VMw4r3\AppData\Local\Mozilla Firefox\plugin-container.exe] - Process ID: 1880
[C:\Windows\explorer.exe] - Process ID: 7288
[C:\Windows\system32\wbem\wmiprvse.exe] - Process ID: 6172
[C:\Windows\system32\wbem\wmiprvse.exe] - Process ID: 6468
[C:\Windows\system32\NOTEPAD.EXE] - Process ID: 8028
[C:\Windows\system32\taskeng.exe] - Process ID: 1252
[audiodg.exe] - Process ID: 6812
[C:\Users\VMw4r3\AppData\Local\Temp\SINO\SINO.exe] - Process ID: 6316

<<<< Startup Items >>>>

[ERUNT AutoBackup.lnk] - <Startup> - C:\Program Files\ERUNT\AUTOBACK.EXE
[QuickSet.lnk] - <Common Startup> - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe
[StartCCC] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
[Apoint] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\DellTPad\Apoint.exe
[Malwarebytes' Anti-Malware] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
[ADAiO2StatusMonitor] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Windows\system32\spool\DRIVERS\W32X86\3\ADAiO2MUI.exe
[Run StartupMonitor] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - StartupMonitor.exe
[Bandwidth Monitor Pro] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe" /minimized

<<<< MS Services >>>>

Application Experience (AeLookupSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Application Information (Appinfo) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Audio Endpoint Builder (AudioEndpointBuilder) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Windows Audio (Audiosrv) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Base Filtering Engine (BFE) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Computer Browser (Browser) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Certificate Propagation (CertPropSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Cryptographic Services (CryptSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkService
Offline Files (CscService) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
DCOM Server Process Launcher (DcomLaunch) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
DHCP Client (Dhcp) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
DNS Client (Dnscache) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkService
Diagnostic Policy Service (DPS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Extensible Authentication Protocol (EapHost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Windows Event Log (eventlog) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
COM+ Event System (EventSystem) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Function Discovery Provider Host (fdPHost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Function Discovery Resource Publication (FDResPub) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Windows Font Cache Service (FontCache) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Group Policy Client (gpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
HomeGroup Listener (HomeGroupListener) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
HomeGroup Provider (HomeGroupProvider) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
IKE and AuthIP IPsec Keying Modules (IKEEXT) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
PnP-X IP Bus Enumerator (IPBusEnum) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
IP Helper (iphlpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetSvcs
CNG Key Isolation (KeyIso) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Server (LanmanServer) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Workstation (LanmanWorkstation) - Running [Auto | Stoppable | Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
TCP/IP NetBIOS Helper (lmhosts) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Multimedia Class Scheduler (MMCSS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Firewall (MpsSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Network Connections (Netman) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Network List Service (netprofm) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalService
Network Location Awareness (NlaSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Network Store Interface Service (nsi) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Peer Networking Identity Manager (p2pimsvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Peer Networking Grouping (p2psvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Program Compatibility Assistant Service (PcaSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Plug and Play (PlugPlay) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
Peer Name Resolution Protocol (PNRPsvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
IPsec Policy Agent (PolicyAgent) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Power (Power) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k DcomLaunch
User Profile Service (ProfSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Remote Access Connection Manager (RasMan) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
RPC Endpoint Mapper (RpcEptMapper) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k RPCSS
Remote Procedure Call (RPC) (RpcSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k rpcss
Security Accounts Manager (SamSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Task Scheduler (Schedule) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
System Event Notification Service (SENS) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Remote Desktop Configuration (SessionEnv) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Shell Hardware Detection (ShellHWDetection) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Print Spooler (Spooler) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\spoolsv.exe
SSDP Discovery (SSDPSRV) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Secure Socket Tunneling Protocol Service (SstpSvc) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Image Acquisition (WIA) (StiSvc) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k imgsvc
Superfetch (SysMain) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Telephony (TapiSrv) - Running [Manual | Stoppable | Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Remote Desktop Services (TermService) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Themes (Themes) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Distributed Link Tracking Client (TrkWks) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Remote Desktop Services UserMode Port Redirector (UmRdpService) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
UPnP Device Host (upnphost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Desktop Window Manager Session Manager (UxSms) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Windows Time (W32Time) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Diagnostic Service Host (WdiServiceHost) - Running [Manual | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalService
Windows Management Instrumentation (Winmgmt) - Running [Auto | Stoppable | Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
WLAN AutoConfig (Wlansvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Windows Media Player Network Sharing Service (WMPNetworkSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
Security Center (wscsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Windows Update (wuauserv) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework (wudfsvc) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Application Layer Gateway Service (ALG) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\alg.exe
Application Identity (AppIDSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Application Management (AppMgmt) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
ActiveX Installer (AxInstSV) (AxInstSV) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k AxInstSVGroup
BitLocker Drive Encryption Service (BDESVC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Background Intelligent Transfer Service (BITS) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Bonjour Service (Bonjour Service) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\Bonjour\mDNSResponder.exe"
Bluetooth Support Service (bthserv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k bthsvcs
Microsoft .NET Framework NGEN v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
COM+ System Application (COMSysApp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Disk Defragmenter (defragsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k defragsvc
Wired AutoConfig (dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Encrypting File System (EFS) (EFS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\lsass.exe
Windows Media Center Receiver Service (ehRecvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\ehome\ehRecvr.exe
Windows Media Center Scheduler Service (ehSched) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\ehome\ehsched.exe
Fax (Fax) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\fxssvc.exe
Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Human Interface Device Access (hidserv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Health Key and Certificate Management (hkmsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Windows CardSpace (idsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
KtmRm for Distributed Transaction Coordinator (KtmRm) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
Link-Layer Topology Discovery Mapper (lltdsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalService
Media Center Extender Service (Mcx2Svc) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Distributed Transaction Coordinator (MSDTC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\msdtc.exe
Microsoft iSCSI Initiator Service (MSiSCSI) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Installer (msiserver) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\msiexec.exe /V
Network Access Protection Agent (napagent) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
Netlogon (Netlogon) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Net.Tcp Port Sharing Service (NetTcpPortSharing) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
BranchCache (PeerDistSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k PeerDist
Performance Logs & Alerts (pla) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
PNRP Machine Name Publication Service (PNRPAutoReg) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServicePeerNet
Protected Storage (ProtectedStorage) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Quality Windows Audio Video Experience (QWAVE) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Remote Access Auto Connection Manager (RasAuto) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Routing and Remote Access (RemoteAccess) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Remote Registry (RemoteRegistry) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k regsvc
Remote Procedure Call (RPC) Locator (RpcLocator) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\locator.exe
Smart Card (SCardSvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Smart Card Removal Policy (SCPolicySvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Windows Backup (SDRSVC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k SDRSVC
Secondary Logon (seclogon) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k netsvcs
Adaptive Brightness (SensrSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Internet Connection Sharing (ICS) (SharedAccess) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
SNMP Trap (SNMPTRAP) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\snmptrap.exe
Software Protection (sppsvc) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\system32\sppsvc.exe
SPP Notification Service (sppuinotify) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Microsoft Software Shadow Copy Provider (swprv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k swprv
Tablet PC Input Service (TabletInputService) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
TPM Base Services (TBS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
Thread Ordering Server (THREADORDER) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Modules Installer (TrustedInstaller) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\servicing\TrustedInstaller.exe
Interactive Services Detection (UI0Detect) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\UI0Detect.exe
Credential Manager (VaultSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\lsass.exe
Virtual Disk (vds) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\vds.exe
Volume Shadow Copy (VSS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\vssvc.exe
Block Level Backup Engine Service (wbengine) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Windows\system32\wbengine.exe"
Windows Biometric Service (WbioSrvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k WbioSvcGroup
Windows Connect Now - Config Registrar (wcncsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
Windows Color System (WcsPlugInService) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k wcssvc
Diagnostic System Host (WdiSystemHost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
WebClient (WebClient) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Event Collector (Wecsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k NetworkService
Problem Reports and Solutions Control Panel Support (wercplsupport) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Windows Error Reporting Service (WerSvc) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k WerSvcGroup
Windows Defender (WinDefend) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k secsvcs
WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalService
Windows Remote Management (WS-Management) (WinRM) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k NetworkService
WMI Performance Adapter (wmiApSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\wbem\WmiApSrv.exe
Parental Controls (WPCSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Portable Device Enumerator Service (WPDBusEnum) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Windows Search (WSearch) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\system32\SearchIndexer.exe /Embedding
WWAN AutoConfig (WwanSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

<<<< Non-MS Services >>>>

Advent AIO Network Discovery Service (Advent AIO Network Discovery Service) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Advent\AIO\Center\ADAIOHostService.exe
Ati External Event Utility (Ati External Event Utility) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\system32\Ati2evxx.exe
avast! Antivirus (avast! Antivirus) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
MBAMService (MBAMService) - Running [Auto | Not_Stoppable | Not_Pausable] - "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
Dell Internal Network Card Power Management (nicconfigsvc) - Running [Auto | Stoppable | Pausable] - "C:\Program Files\Dell\QuickSet\NicConfigSvc.exe"
SBSD Security Center Service (SBSDWSCService) - Running [Auto | Stoppable | Pausable] - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\TUProgSt.exe
TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe"
TuneUp Theme Extension (UxTuneUp) - Running [Auto | Stoppable | Not_Pausable] - C:\Windows\System32\svchost.exe -k netsvcs
Yahoo! Updater (YahooAUService) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"
Apple Mobile Device (Apple Mobile Device) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
BWMeter Connections Service (BWMeterConSvc) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\BWMeter\BWMeterConSvc.exe"
Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
FsUsbExService (FsUsbExService) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Windows\system32\FsUsbExService.Exe
Google Update Service (gupdate) (gupdate) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Program Files\Google\Update\GoogleUpdate.exe /svc
Google Update Service (gupdatem) (gupdatem) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
Hotspot Shield Service (hshld) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
Hotspot Shield Routing Service (HssSrv) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
Hotspot Shield Tray Service (HssTrayService) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
Hotspot Shield Monitoring Service (HssWd) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS
iPod Service (iPod Service) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\iPod\bin\iPodService.exe"
ServiceLayer (ServiceLayer) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"
TuneUp Drive Defrag Service (TuneUp.Defrag) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\System32\TuneUpDefragService.exe
VMware Agent Service (ufad-ws60) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml
Vodafone Mobile Connect Service (VMCService) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
Windows Activation Technologies Service (WatAdminSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Windows\system32\Wat\WatAdminSvc.exe

<<<< bcdedit >>>>


Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {9584d492-45c3-11df-aa56-e04deca8bc73}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
osdevice partition=C:
systemroot \Windows
resumeobject {9584d492-45c3-11df-aa56-e04deca8bc73}
nx OptIn

<<<< Last 5 Application Errors or Warnings >>>>

Computer Name: VMw4r3-PC | ID: 63 | Source: SideBySide | Type: Error | Date: 22-5-11 16:21:20 | Log: Application
Message: Activation context generation failed for "c:\program files\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot - search & destroy\DelZip179.dll" on line 8.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


Computer Name: VMw4r3-PC | ID: 1530 | Source: Microsoft-Windows-User Profiles Service | Type: Warning | Date: 21-5-11 15:39:33 | Log: Application
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.



DETAIL -

4 user registry handles leaked from \Registry\User\S-1-5-21-3787302479-1792056733-934747533-1000:
Process 2656 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2656 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2656 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 3788 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000



Computer Name: VMw4r3-PC | ID: 1530 | [color="#CC6600"]Source: Microsoft-Windows-User Profiles Service[/color] | Type: Warning | Date: 20-5-11 19:10:58 | Log: Application
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.



DETAIL -

7 user registry handles leaked from \Registry\User\S-1-5-21-3787302479-1792056733-934747533-1000:
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 2136 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000



[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 1530[/color] | [color="#CC6600"]Source: Microsoft-Windows-User Profiles Service[/color] | Type: Warning | Date: 20-5-11 18:4:29 | Log: Application
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.



DETAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-3787302479-1792056733-934747533-1000_Classes:
Process 3628 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000_CLASSES



[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 1530[/color] | [color="#CC6600"]Source: Microsoft-Windows-User Profiles Service[/color] | Type: Warning | Date: 20-5-11 18:4:27 | Log: Application
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.



DETAIL -

9 user registry handles leaked from \Registry\User\S-1-5-21-3787302479-1792056733-934747533-1000:
Process 4520 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 4804 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 3892 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 732 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 3468 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 5604 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 5604 (\Device\HarddiskVolume2\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000
Process 1036 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000\Software\Microsoft\SystemCertificates\Root
Process 5784 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-3787302479-1792056733-934747533-1000\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\Joystick\Winmm



[color="#FF0000"]<<<< Last 5 System Errors or Warnings >>>>[/color]

[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 1014[/color] | [color="#CC6600"]Source: Microsoft-Windows-DNS-Client[/color] | Type: Warning | Date: 22-5-11 19:19:44 | Log: System
Message: Name resolution for the name www.wiretrip.net timed out after none of the configured DNS servers responded.


[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 7[/color] | [color="#CC6600"]Source: Disk[/color] | Type: Error | Date: 22-5-11 16:15:54 | Log: System
Message: The device, \Device\Harddisk0\DR0, has a bad block.


[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 7[/color] | [color="#CC6600"]Source: Disk[/color] | Type: Error | Date: 22-5-11 16:15:50 | Log: System
Message: The device, \Device\Harddisk0\DR0, has a bad block.


[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 7[/color] | [color="#CC6600"]Source: Disk[/color] | Type: Error | Date: 22-5-11 16:15:43 | Log: System
Message: The device, \Device\Harddisk0\DR0, has a bad block.


[color="#0000FF"]Computer Name: VMw4r3-PC[/color] | [color="#CC6600"]ID: 7[/color] | [color="#CC6600"]Source: Disk[/color] | Type: Error | Date: 22-5-11 16:15:40 | Log: System
Message: The device, \Device\Harddisk0\DR0, has a bad block.


[color="#FF0000"]<<<< Special Events >>>>[/color]

There were no special events found



------ End of File ------
  • 0

#22
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
These temperatures are way too high:

AMD Turion 64 Mobile TK-55 67 °C
Dell Inc. (Microprocessor) 74 °C


This is also a bad sign:

Message: The device, \Device\Harddisk0\DR0, has a bad block.


I would recommend you to create a new thread in the hardware forum and post the link here. I will then get one of the Techs to look at it for you.
  • 0

#23
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thanks for all your help Render.

Will post tomorrow in that.

cheers.
  • 0

#24
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
You are welcome.

Please follow these steps to clean up our tools and logs:

Removing the tools we used:

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")

Posted Image

  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

NEXT...

OTL Clean-Up:

  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.
  • 0

#25
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
I just got a warning from startupMonitor

-----------------------------------------------
The program

Conime

has registered the executable

%windir%\system32\conime.exe

Do you wish to allow this change?

Yes / No

-----------------------------------------------------------------------

I just checked the system32 directory and the file doesn't exist. I also have "show hidden files, folders and drives selected in folder options.

I posted a new thread in the hardware section. http://www.geekstogo...-100-cpu-usage/

Thank for helping.
  • 0

Advertisements


#26
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

Just went through your thread one more time add this jumped out:

Drive C: | 74.43 Gb Total Space | 28.35 Gb Free Space | 38.09% Space Free | Partition Type: NTFS

Autoscan: completed 7 minutes ago (events: 2, objects: 6407, time: 00:07:44)
20/05/2011 22:22:39 Task started
20/05/2011 22:30:23 Task completed


Please repeat that scan once again and make sure to select all option down to Computer included.

Download fresh AVPTool from Here to your desktop

Run the program you have just downloaded to your desktop (it will be randomly named )

We will run a virus scan only
  • On the first tab select all elements down to including Computer and then select start scan (1)
  • Once it has finished select report (2) and post that.

Posted Image

  • Please be patient as this scan could take a long time to complete.
  • Click on Exit to uninstall AVP tool. You may need to restart your computer after that.

  • 0

#27
gary1210

gary1210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Its scanning now but its gonint to take awhile. Only 2% complete after 15 minutes.

I only have a c:\ drive no other partitians.
1 dvd drive d:\
a virtual dvd drive F:\

heres a screen shot

Posted Image
  • 0

#28
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Yep. It should take a couple of hours.
  • 0

#29
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP