Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Anti virus / malware programs won't run updates


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

OK.  Reboot and after a few minutes run a new process explorer log and post it.


  • 0

Advertisements


#32
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 78.36 0 K 24 K 0   
svchost.exe 6.72 673,424 K 677,260 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 5.22 22,008 K 32,932 K 3548 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 5.22 0 K 0 K n/a Hardware Interrupts and DPCs  
dwm.exe 2.99 34,136 K 36,076 K 3940 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
MsMpEng.exe 0.75 108,068 K 99,480 K 952 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
igfxsrvc.exe 0.75 2,328 K 5,940 K 1076 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
Acer.Empowering.Framework.Supervisor.exe < 0.01 40,412 K 44,388 K 3932 Acer Empowering Techonology Framework Launcher Acer Inc. (No signature was present in the subject) Acer Inc.
SynTPEnh.exe < 0.01 2,220 K 6,516 K 2356 Synaptics TouchPad Enhancements Synaptics, Inc. (Verified) Synaptics Incorporated
System < 0.01 0 K 2,784 K 4   
csrss.exe < 0.01 2,876 K 8,504 K 612 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
WMIADAP.exe < 0.01 2,520 K 4,760 K 6048 WMI Reverse Performance Adapter Maintenance Utility Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 38,536 K 51,092 K 4008 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 4,056 K 7,192 K 908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 69,092 K 72,344 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
LManager.exe < 0.01 10,472 K 9,516 K 2592 Acer Launch Manager Keyboard Application Dritek System Inc. (Verified) Dritek System Inc.
hkcmd.exe < 0.01 1,880 K 5,504 K 4060 hkcmd Module Intel Corporation (Verified) Intel Corporation
HPNetworkCommunicator.exe < 0.01 3,496 K 7,152 K 5244 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
eNMTray.exe < 0.01 30,252 K 23,292 K 3564 Acer eNet Tray Acer Inc. (No signature was present in the subject) Acer Inc.
SearchIndexer.exe < 0.01 40,916 K 14,804 K 2828 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
ePower_DMC.exe < 0.01 20,844 K 18,820 K 3324 Acer ePower Management DMC Acer Inc. (No signature was present in the subject) Acer Inc.
XAudio.exe < 0.01 760 K 2,412 K 2872 Modem Audio Service Conexant Systems, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
taskeng.exe < 0.01 9,524 K 10,976 K 4048 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe < 0.01 7,624 K 12,124 K 1808 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
ePowerSvc.exe < 0.01 18,976 K 14,756 K 2424 WMIServi Application acer (No signature was present in the subject) acer
eNet Service.exe < 0.01 15,172 K 12,292 K 840 acer eNet Management Service Acer Inc. (No signature was present in the subject) Acer Inc.
eLockServ.exe < 0.01 18,016 K 12,784 K 292 Acer eLock Management Acer Inc. (No signature was present in the subject) Acer Inc.
capuserv.exe < 0.01 40,616 K 20,816 K 2912 Service  (No signature was present in the subject)
WUDFHost.exe  2,448 K 5,176 K 1544 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  3,340 K 6,400 K 3232 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  8,352 K 12,484 K 2860 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE  908 K 2,816 K 2696 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE  6,700 K 11,188 K 2324 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe  2,104 K 5,848 K 740 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,320 K 4,068 K 600 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  2,212 K 4,076 K 3300 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UnlockerAssistant.exe  1,260 K 3,772 K 4084   (No signature was present in the subject)
taskeng.exe  2,032 K 6,128 K 3972 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPStart.exe  1,688 K 5,584 K 3160 Synaptics Pointing Device starter Synaptics, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe  16,064 K 12,576 K 1132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  3,264 K 6,920 K 848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  15,928 K 14,936 K 1616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  8,780 K 13,484 K 1348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  13,968 K 17,084 K 1832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  5,376 K 9,536 K 2196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,144 K 5,500 K 2064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,120 K 5,060 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  588 K 2,308 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  1,696 K 10,864 K 5128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sqlwriter.exe  3,804 K 7,336 K 2164 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
sqlbrowser.exe  1,112 K 3,272 K 2144 SQL Browser Service EXE Microsoft Corporation (Verified) Microsoft Corporation
smss.exe  288 K 752 K 424 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe  6,128 K 10,572 K 1304 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe  2,692 K 6,792 K 644 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe  2,784 K 8,484 K 1112 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
rundll32.exe  4,192 K 9,360 K 3204 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
RtkBtMnt.exe  2,648 K 4,644 K 2204 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtHDVCpl.exe  9,112 K 9,100 K 2988 HD Audio Control Panel Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PDVDServ.exe  1,596 K 5,288 K 3536 PowerDVD RC Service Cyberlink Corp. (No signature was present in the subject) Cyberlink Corp.
NisSrv.exe  13,804 K 6,304 K 3488 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
msseces.exe  6,128 K 11,308 K 2440 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
MobilityService.exe  12,320 K 10,344 K 1604 app  (No signature was present in the subject)
LSSrvc.exe  1,044 K 3,388 K 1444  Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
lsm.exe  1,912 K 4,032 K 668 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe  3,460 K 8,592 K 660 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
igfxtray.exe  1,664 K 5,464 K 1212 igfxTray Module Intel Corporation (Verified) Intel Corporation
igfxsrvc.exe  1,380 K 4,540 K 3568 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe  1,472 K 4,956 K 1068 persistence Module Intel Corporation (Verified) Intel Corporation
igfxext.exe  1,104 K 4,184 K 2552 igfxext Module Intel Corporation (Verified) Intel Corporation
IAANTmon.exe  2,840 K 5,764 K 1052 RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe  1,552 K 4,584 K 1532 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
hpwuschd2.exe  1,084 K 3,468 K 1048 hpwuSchd Application Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
HP1006MC.EXE  1,116 K 3,668 K 2768 SMLMProxy Module Software 2000 Limited (Verified) Microsoft Windows Hardware Compatibility Publisher
ehtray.exe  1,828 K 2,436 K 1980 Media Center Tray Applet Microsoft Corporation (Verified) Microsoft Windows
ehmsas.exe  1,348 K 4,732 K 3528 Media Center Media Status Aggregator Service Microsoft Corporation (Verified) Microsoft Windows
eDSService.exe  1,604 K 4,860 K 208 Acer eDataSecurity Management Service Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
eDSLoader.exe  12,032 K 15,984 K 3616 Acer eDataSecurity Management Loader Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
csrss.exe  1,896 K 6,168 K 556 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
BR040286.exe  2,568 K 3,492 K 2056 USB PC Camera Bison Inc. (No signature was present in the subject) Bison Inc.
BcmSqlStartupSvc.exe  1,000 K 3,116 K 2024 BCM SQL Startup Service Microsoft Corporation (Verified) Microsoft Corporation
audiodg.exe  15,600 K 16,068 K 1256 Windows Audio Device Graph Isolation  Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe  2,112 K 3,408 K 2000 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems


  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

Got worse:

 

svchost.exe 6.72 673,424 K 677,260 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

Interrupts 5.22 0 K 0 K n/a Hardware Interrupts and DPCs  

 

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Type with an Enter after each line

 
 
 
 
 
1. Disable and stop the WMI service.
 
     
sc  config  winmgmt  start=  disabled 
 
     net  stop  winmgmt
 
 
 
2. Rename the repository folder (located at %windir%\System32\wbem\repository) to repository.old.
 
   
  ren  \winows\System32\wbem\repository  repository.old
 
3. Re-enable the WMI service.
 
     
sc  config  winmgmt  start=  auto


     net start winmgmt
Reboot.  Wait 5 minutes.  Make new process explorer log.

  • 0

#34
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 72.73 0 K 24 K 0   
svchost.exe 9.85 79,004 K 81,624 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7.58 3,148 K 6,296 K 852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 3.79 36,672 K 45,064 K 3212 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 3.03 0 K 21,060 K 4   
procexp.exe 2.27 22,884 K 34,720 K 5568 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.76 0 K 0 K n/a Hardware Interrupts and DPCs  
Acer.Empowering.Framework.Supervisor.exe < 0.01 44,756 K 47,536 K 3200 Acer Empowering Techonology Framework Launcher Acer Inc. (No signature was present in the subject) Acer Inc.
MsMpEng.exe < 0.01 105,492 K 89,380 K 952 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
BR040286.exe < 0.01 2,544 K 3,268 K 2236 USB PC Camera Bison Inc. (No signature was present in the subject) Bison Inc.
SynTPEnh.exe < 0.01 2,192 K 4,492 K 2888 Synaptics TouchPad Enhancements Synaptics, Inc. (Verified) Synaptics Incorporated
iexplore.exe < 0.01 95,780 K 133,136 K 5292 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe < 0.01 2,872 K 9,548 K 616 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
igfxsrvc.exe < 0.01 2,588 K 6,380 K 3588 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
osk.exe < 0.01 1,416 K 4,736 K 3564 On-Screen Keyboard Microsoft Corporation (Verified) Microsoft Windows
explorer.exe < 0.01 29,380 K 43,480 K 504 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
HPNetworkCommunicator.exe < 0.01 3,492 K 7,232 K 4188 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
LManager.exe < 0.01 10,436 K 9,744 K 3604 Acer Launch Manager Keyboard Application Dritek System Inc. (Verified) Dritek System Inc.
svchost.exe < 0.01 426,048 K 427,428 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 4,128 K 6,668 K 912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
hkcmd.exe < 0.01 1,844 K 4,740 K 3676 hkcmd Module Intel Corporation (Verified) Intel Corporation
ePower_DMC.exe < 0.01 20,812 K 16,504 K 3172 Acer ePower Management DMC Acer Inc. (No signature was present in the subject) Acer Inc.
SearchIndexer.exe < 0.01 41,172 K 14,360 K 2588 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
eNMTray.exe < 0.01 28,200 K 22,996 K 3896 Acer eNet Tray Acer Inc. (No signature was present in the subject) Acer Inc.
taskeng.exe < 0.01 9,596 K 11,400 K 3160 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
XAudio.exe < 0.01 764 K 2,080 K 2620 Modem Audio Service Conexant Systems, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
iexplore.exe < 0.01 8,368 K 21,536 K 5600 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
spoolsv.exe < 0.01 7,576 K 9,104 K 1896 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 1,948 K 5,584 K 556 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe < 0.01 4,388 K 8,724 K 4616 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
capuserv.exe < 0.01 40,324 K 20,040 K 2660 Service  (No signature was present in the subject)
eLockServ.exe < 0.01 20,100 K 12,288 K 1480 Acer eLock Management Acer Inc. (No signature was present in the subject) Acer Inc.
ePowerSvc.exe < 0.01 18,992 K 18,480 K 2496 WMIServi Application acer (No signature was present in the subject) acer
eNet Service.exe < 0.01 15,152 K 11,500 K 816 acer eNet Management Service Acer Inc. (No signature was present in the subject) Acer Inc.
TrustedInstaller.exe < 0.01 15,624 K 18,940 K 4376 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe  2,452 K 4,668 K 1496 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  7,040 K 11,324 K 3456 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  7,796 K 12,076 K 2088 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE  892 K 2,504 K 2548 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE  6,588 K 10,464 K 2396 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe  2,156 K 5,236 K 676 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,328 K 3,392 K 600 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  2,180 K 4,132 K 3776 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
UnlockerAssistant.exe  1,256 K 3,396 K 3764   (No signature was present in the subject)
taskeng.exe  1,572 K 5,044 K 4560 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe  1,984 K 6,124 K 3232 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPStart.exe  1,672 K 4,708 K 748 Synaptics Pointing Device starter Synaptics, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe  15,644 K 11,896 K 1608 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  16,356 K 11,908 K 1132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,152 K 4,596 K 1268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  8,452 K 11,748 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  5,320 K 7,572 K 2280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  12,340 K 9,728 K 1920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  584 K 2,196 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,108 K 4,848 K 2132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  1,832 K 63,612 K 5344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sqlwriter.exe  3,732 K 5,088 K 2248 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
sqlbrowser.exe  1,112 K 2,732 K 2192 SQL Browser Service EXE Microsoft Corporation (Verified) Microsoft Corporation
smss.exe  312 K 684 K 488 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe  6,128 K 3,636 K 1300 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe  2,720 K 6,912 K 652 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe  3,528 K 6,280 K 3800 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe  2,768 K 7,492 K 1712 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
rundll32.exe  4,172 K 7,952 K 688 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
RtkBtMnt.exe  2,620 K 3,660 K 3708 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtHDVCpl.exe  9,244 K 6,000 K 1824 HD Audio Control Panel Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
PDVDServ.exe  1,580 K 4,656 K 1368 PowerDVD RC Service Cyberlink Corp. (No signature was present in the subject) Cyberlink Corp.
NisSrv.exe  13,900 K 8,024 K 3908 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation
msseces.exe  6,068 K 7,612 K 160 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
MobilityService.exe  11,324 K 9,152 K 2080 app  (No signature was present in the subject)
LSSrvc.exe  1,032 K 2,984 K 1104  Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
lsm.exe  1,924 K 3,764 K 712 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe  4,120 K 8,296 K 704 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
igfxtray.exe  1,624 K 4,656 K 3700 igfxTray Module Intel Corporation (Verified) Intel Corporation
igfxsrvc.exe  1,376 K 4,592 K 3760 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
igfxpers.exe  1,632 K 4,816 K 3644 persistence Module Intel Corporation (Verified) Intel Corporation
igfxext.exe  1,124 K 4,356 K 3720 igfxext Module Intel Corporation (Verified) Intel Corporation
IAANTmon.exe  2,872 K 5,496 K 2040 RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe  1,504 K 3,888 K 2308 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
hpwuschd2.exe  1,060 K 3,076 K 2908 hpwuSchd Application Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
HP1006MC.EXE  1,132 K 3,576 K 3100 SMLMProxy Module Software 2000 Limited (Verified) Microsoft Windows Hardware Compatibility Publisher
FlashUtil32_21_0_0_242_ActiveX.exe  4,904 K 9,360 K 5700 Adobe® Flash® Player Installer/Uninstaller 21.0 r0 Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
ehtray.exe  1,804 K 2,632 K 224 Media Center Tray Applet Microsoft Corporation (Verified) Microsoft Windows
ehmsas.exe  1,560 K 5,172 K 2312 Media Center Media Status Aggregator Service Microsoft Corporation (Verified) Microsoft Windows
eDSService.exe  1,604 K 4,332 K 1148 Acer eDataSecurity Management Service Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
eDSLoader.exe  12,072 K 13,104 K 2024 Acer eDataSecurity Management Loader Egis Incorporated (Verified) EGIS TECHNOLOGY INC.
BcmSqlStartupSvc.exe  976 K 2,900 K 708 BCM SQL Startup Service Microsoft Corporation (Verified) Microsoft Corporation
audiodg.exe  15,580 K 9,232 K 1248 Windows Audio Device Graph Isolation  Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe  2,088 K 3,108 K 756 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems


  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP
svchost.exe 9.85 79,004 K 81,624 K 1160 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7.58 3,148 K 6,296 K 852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
 
Hover over these two if they are still high and tell me what services are in them

  • 0

#36
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
This is best I could figure out

Attached Thumbnails

  • image.jpeg

  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

The picture shows a good system.  Do you have anything Suspended?


  • 0

#38
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
No, not that I know of. When I rebooted the computer whatever items I had suspended prior to reboot, got unsuspended by itself. I went in and checked these items to unsuspend but it didn't need my action.
  • 0

#39
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Another shot

Attached Thumbnails

  • image.jpg

  • 0

#40
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

Looks like things have settled down.  PC should be fairly responsive now.

 

Are you still unable to get MSE to update?


  • 0

Advertisements


#41
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
It is working like a charm now
  • 0

#42
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP
We usually clean up with Delfix.  This removes our tools and their logs and quarantines and also removes all but the latest System Restore point so there is no chance of the malware coming back with a system restore. Delfix has been a tad too aggressive recently and seems to dislike pdf files in the Downloads folder so if you have any you should move them to a different folder before running Delfix.
 
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
 
Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
 
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
 
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on.  Go to adblockplus.org with each browser and get the add-on.  (It's actually a program for IE)
 
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
Last time I downloaded it you had to give them your IP address and they would send you the link to download it.  When it ran it asked if you were sure your PC was clean then it would try to allow everything on your PC to continue running.  The free version does not update on its own so you should check for updated versions once in a while.  If you have problems after installing CryptoPrevent you can just uninstall it.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
 
 
My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's an Orcas Island environmental organization that I volunteered with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)
 
Ron

  • 0

#43
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts

# DelFix v1.013 - Logfile created 01/06/2016 at 23:41:23
# Updated 17/04/2016 by Xplode
# Username : Allen - ALLEN-PC
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Allen\Desktop\Addition.txt
Deleted : C:\Users\Allen\Desktop\AdwCleaner.exe
Deleted : C:\Users\Allen\Desktop\FRST.exe
Deleted : C:\Users\Allen\Desktop\FRST.txt
Deleted : C:\Users\Allen\Desktop\JRT.exe
Deleted : C:\Users\Allen\Desktop\JRT.txt

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1798 [Scheduled Checkpoint | 04/18/2016 01:49:56]
Deleted : RP #1799 [Windows Update | 04/21/2016 00:39:27]
Deleted : RP #1800 [Scheduled Checkpoint | 04/22/2016 00:31:23]
Deleted : RP #1801 [Scheduled Checkpoint | 04/22/2016 23:35:00]
Deleted : RP #1802 [Windows Update | 04/25/2016 11:14:55]
Deleted : RP #1803 [Windows Update | 04/29/2016 15:19:36]
Deleted : RP #1804 [Windows Backup | 04/29/2016 19:05:22]
Deleted : RP #1805 [Scheduled Checkpoint | 05/02/2016 15:54:24]
Deleted : RP #1806 [Windows Update | 05/04/2016 11:40:08]
Deleted : RP #1807 [Windows Update | 05/07/2016 23:37:07]
Deleted : RP #1808 [Windows Update | 05/08/2016 01:55:31]
Deleted : RP #1809 [Scheduled Checkpoint | 05/10/2016 02:03:21]
Deleted : RP #1810 [Windows Update | 05/12/2016 12:09:08]
Deleted : RP #1811 [Windows Update | 05/20/2016 01:43:10]
Deleted : RP #1812 [Windows Update | 05/21/2016 00:01:09]
Deleted : RP #1814 [Windows Update | 05/25/2016 01:01:11]
Deleted : RP #1815 [JRT Pre-Junkware Removal | 05/27/2016 19:34:23]
Deleted : RP #1816 [Windows Update | 05/28/2016 19:37:46]
Deleted : RP #1817 [Scheduled Checkpoint | 05/30/2016 14:53:44]
Deleted : RP #1818 [Windows Update | 06/02/2016 01:57:22]

New restore point created !

########## - EOF - ##########


  • 0

#44
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

Looks good.  It doesn't delete VEW or Process Explorer or their logs so you can do that yourself.  

 

All done.


  • 0

#45
puthu

puthu

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts

Thank you Ron, Your efforts are highly appreciated. I dont know what i would have done without you guys. Geeks to go is an awesome site that i recommend to anyone to fix their software issues. Im grateful. Thanks for your patience in working with me. I will be donating ....


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP