1.

Solve : Vista Started Running Slow?

Answer»

Hello,
A friend referred me to this website, hope you guys can help me out!

I'm running on Windows Vista and just the other day it started giving me trouble, running really slow.  It happened after I uploaded a few gb's of videos to my computer from my camera.  I have 16GB's free of the 109GB's so running low on space isn't the problem.  I ran lavasoft's ad-aware scanner, did a full computer scan for viruses a couple times, I defragged, I ran a hijack this log and found a few things I needed to delete, I also used CCleaner and cleaned things up a bit.  However I'm still having problems.  I turned everything off at startup in case something was slowing it down.  As soon as I start up, my CPU is running at 30% and spikes up to 50, 70, 90%.  In firefox, if I just let it sit here it runs at around 30%-60% until I start scrolling and clicking on other tabs it spikes up to 70%+ and lags my computer a bit.

I checked out my processes and now I see a lot of svchost.exe's, one in particular was taking up a lot of my CPU  so I just ended it and my taskbar is the old fashion windows XP style, except for the start button.  If you have any ideas please let me know!

SS of my processes:

Hijack This Log

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [EmbassySecurityCheck] "C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exeSomeone will be along shortly to check your logs but free space is getting CLOSE o being an issue...
Windows likes approx. 15% free for comfort so 16G free on 109 is close.The log has a header missing, but appears to be clean.
I'd definitely go with patio's advice, and get some more free space.
How MUCH RAM do you have?
I don't like that svchost.exe using 49% of CPU cycles.

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.Not to hijack op's post, but I am wondering how much minimum free space would you recommend that I save on the pc? I know that too little free space can make your pc slow .... Quote

Windows likes approx. 15% free for comfort
Quote from: Broni on April 03, 2009, 06:03:09 PM
Windows likes approx. 15% free for comfort

oh the minimum required for the built in windows defragmenter to work without that "disk space too low, please clean up or delete some files on computer to increase disk space" type message appears.It seems to be running a little bit easier, but still lags a bit and spikes up to 80-90% when I open a folder or click between tabs in firefox.  Just typing fast in this reply box causes it to lag.  Here is that log you asked for.

Process   PID   CPU   Description   Company Name   Command Line
System Idle Process   0   27.68         
 Interrupts   n/a      Hardware Interrupts      
 DPCs   n/a      Deferred Procedure Calls      
 System   4            
  smss.exe   460      Windows Session Manager   Microsoft Corporation   \SystemRoot\System32\smss.exe
csrss.exe   520      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe   560      Windows Start-Up Application   Microsoft Corporation   wininit.exe
 services.exe   604   2.18   Services and Controller app   Microsoft Corporation   C:\Windows\system32\services.exe
  svchost.exe   792      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k DcomLaunch
  svchost.exe   856      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k rpcss
  svchost.exe   984   1.46   Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
   audiodg.exe   1148      Windows Audio Device Graph Isolation    Microsoft Corporation   C:\Windows\system32\AUDIODG.EXE 0x2e4
  svchost.exe   1016      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
   dwm.exe   2408      Desktop WINDOW Manager   Microsoft Corporation   "C:\Windows\system32\Dwm.exe"
  svchost.exe   1052      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k netsvcs
   taskeng.exe   3148      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {5DFABFEC-8AE4-42E0-AB86-BEA2A46635C9}
   taskeng.exe   3996   0.73   Task Scheduler Engine   Microsoft Corporation   taskeng.exe {686FDAE8-6600-4B73-AAE2-39E4BFB5A3EC}
   wuauclt.exe   4308      Windows Update Automatic Updates   Microsoft Corporation   "C:\Windows\system32\wuauclt.exe"
  svchost.exe   1180      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k GPSvcGroup
  SLsvc.exe   1244      Microsoft Software Licensing Service   Microsoft Corporation   C:\Windows\system32\SLsvc.exe
  svchost.exe   1292      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalService
  svchost.exe   1456      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkService
  aawservice.exe   1628      Ad-Aware Service   Lavasoft   "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
  spoolsv.exe   1804      Spooler SubSystem App   Microsoft Corporation   C:\Windows\System32\spoolsv.exe
  svchost.exe   1836      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
  AppleMobileDeviceService.exe   2016      Apple Mobile Device Service   Apple Inc.   "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
  mDNSResponder.exe   120      Bonjour Service   Apple Inc.   "C:\Program Files\Bonjour\mDNSResponder.exe"
  svchost.exe   304      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k bthsvcs
  jqs.exe   392      Java(TM) Quick Starter Service   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
  ccSvcHst.exe   840      Symantec Service Framework   Symantec Corporation   "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\diMaster.dll" /prefetch:1
   ccSvcHst.exe   3824      Symantec Service Framework   Symantec Corporation   "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe" /c /a /s UserSession
  PnkBstrA.exe   976            C:\Windows\system32\PnkBstrA.exe
  svchost.exe   1988      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
  rpcnet.exe   1992      rpcnet   Absolute Software Corp.   C:\Windows\system32\rpcnet.exe
  svchost.exe   2052      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k imgsvc
  dllhost.exe   2116      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
  svchost.exe   2208      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k WerSvcGroup
  winvnc4.exe   2248      VNC Server Free Edition for Win32   RealVNC Ltd.   "C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
  SearchIndexer.exe   2300      Microsoft Windows Search Indexer   Microsoft Corporation   C:\Windows\system32\SearchIndexer.exe /Embedding
  tcsd_win32.exe   2516            "C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe"
  dllhost.exe   2952      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
  wmpnetwk.exe   3508      Windows Media Player Network Sharing Service   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnetwk.exe"
  msdtc.exe   3564      MS DTCconsole program   Microsoft Corporation   C:\Windows\System32\msdtc.exe
  iPodService.exe   4876      iPodService Module   Apple Inc.   "C:\Program Files\iPod\bin\iPodService.exe"
 lsass.exe   616      Local Security Authority Process   Microsoft Corporation   C:\Windows\system32\lsass.exe
 lsm.exe   624      Local Session Manager Service   Microsoft Corporation   C:\Windows\system32\lsm.exe
csrss.exe   572      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe   764      Windows Logon Application   Microsoft Corporation   winlogon.exe
explorer.exe   2472      Windows Explorer   Microsoft Corporation   C:\Windows\Explorer.EXE
 rundll32.exe   2928      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
 rundll32.exe   3028      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\nvHotkey.dll,Start
 jusched.exe   3052      Java(TM) Platform SE binary   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jusched.exe"
 WavXDocMgr.exe   3068      WavX Document Manager Application   Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe"
 SecureUpgrade.exe   3076      Check For Later Product Line    Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe"
 iTunesHelper.exe   3108      iTunesHelper Module   Apple Inc.   "C:\Program Files\iTunes\iTunesHelper.exe"
 wmpnscfg.exe   3272      Windows Media Player Network Sharing Service Configuration Application   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnscfg.exe"
 SetPoint.exe   3304      Logitech SetPoint Event Manager (UNICODE)   Logitech, Inc.   "C:\Program Files\Logitech\SetPoint\SetPoint.exe"
  KHALMNPR.exe   3924      Logitech KHAL Main Process   Logitech, Inc.   KHALMNPR.EXE /API
 procexp.exe   5964   3.64   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   "C:\Users\Bob\Documents\Process Explorer\procexp.exe"
 Ventrilo.exe   3444      Ventrilo by Flagship Industries, Inc.      "C:\Program Files\Ventrilo\Ventrilo.exe"
 iTunes.exe   3144   0.73   iTunes   Apple Inc.   "C:\Program Files\iTunes\iTunes.exe"
  AppleMobileDeviceHelper.exe   5464      AppleMobileDeviceHelper      "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\29996413-1993606544175843144 --parentPipe
   distnoted.exe   1592      distnoted.exe      "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe"
 WINWORD.EXE   2628      Microsoft Office Word   Microsoft Corporation   "C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"
rundll32.exe   3180      Windows host process (Rundll32)   Microsoft Corporation   rundll32 NVSVC.DLL,nvsvcInitialize
firefox.exe   4452   64.09   Firefox   Mozilla Corporation   "C:\Program Files\Mozilla Firefox\firefox.exe"

I also just deleted some stuff and now I have 21.6GB's of 109 free.  This laptop has 2GB's of ram and has a 2.2GHz dual core.  I've had the space down to just a couple of GB's free and it was faster than it is now.  That svchost that was taking up a lot of the CPU I ended it and restarted and it's not taking up that amount of CPU anymore.  I'm so confused now with why it's running so slow.  Just typing here, every several seconds it freezes up and takes a second to catch up with what I'm typing.  Arg, this is frustrating lol.Firefox is using over 64% of your CPU cycles, which is not normal.
You're not opening any new pages, while running Process Explorer?

Did you try to free some HD space?
You never said, how much RAM you have.

Do this.
Close Firefox. Wait a few moments, because sometimes it takes some time to close FF process.
Post new PE log.

Go Start>All Programs>Mozilla Firefox, click on Mozilla Firefox (safe mode).
Post new PE log.I did as you said, when I closed firefox my CPU cycles went down to 5-10%, I am running firefox in safemode now and it seems a whole lot better.  No lag so far.  It does spike up to 60-70% sometimes, but this is much better.  It is steadily running at around 30% which is pretty smooth.  So does this mean one of my plugins or scripts is lagging my laptop?  My specs are at the bottom of my previous post, I was modifying it while you wrote your last response.  Thanks for your help so far!

Process   PID   CPU   Description   Company Name   Command Line
System Idle Process   0   59.77         
 Interrupts   n/a      Hardware Interrupts      
 DPCs   n/a      Deferred Procedure Calls      
 System   4            
  smss.exe   460      Windows Session Manager   Microsoft Corporation   \SystemRoot\System32\smss.exe
csrss.exe   520      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe   560      Windows Start-Up Application   Microsoft Corporation   wininit.exe
 services.exe   604   2.37   Services and Controller app   Microsoft Corporation   C:\Windows\system32\services.exe
  svchost.exe   792      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k DcomLaunch
   mobsync.exe   6064      Microsoft Sync Center   Microsoft Corporation   C:\Windows\System32\mobsync.exe -Embedding
  svchost.exe   856      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k rpcss
  svchost.exe   984   2.96   Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
   audiodg.exe   1148      Windows Audio Device Graph Isolation    Microsoft Corporation   C:\Windows\system32\AUDIODG.EXE 0x2e4
  svchost.exe   1016      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
   dwm.exe   2408      Desktop Window Manager   Microsoft Corporation   "C:\Windows\system32\Dwm.exe"
  svchost.exe   1052      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k netsvcs
   taskeng.exe   3148      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {5DFABFEC-8AE4-42E0-AB86-BEA2A46635C9}
   taskeng.exe   3996      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {686FDAE8-6600-4B73-AAE2-39E4BFB5A3EC}
   wuauclt.exe   4308      Windows Update Automatic Updates   Microsoft Corporation   "C:\Windows\system32\wuauclt.exe"
  svchost.exe   1180      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k GPSvcGroup
  SLsvc.exe   1244      Microsoft Software Licensing Service   Microsoft Corporation   C:\Windows\system32\SLsvc.exe
  svchost.exe   1292      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalService
  svchost.exe   1456      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkService
  aawservice.exe   1628      Ad-Aware Service   Lavasoft   "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
  spoolsv.exe   1804      Spooler SubSystem App   Microsoft Corporation   C:\Windows\System32\spoolsv.exe
  svchost.exe   1836      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
  AppleMobileDeviceService.exe   2016      Apple Mobile Device Service   Apple Inc.   "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
  mDNSResponder.exe   120      Bonjour Service   Apple Inc.   "C:\Program Files\Bonjour\mDNSResponder.exe"
  svchost.exe   304      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k bthsvcs
  jqs.exe   392      Java(TM) Quick Starter Service   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
  ccSvcHst.exe   840      Symantec Service Framework   Symantec Corporation   "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\diMaster.dll" /prefetch:1
   ccSvcHst.exe   3824      Symantec Service Framework   Symantec Corporation   "C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe" /c /a /s UserSession
  PnkBstrA.exe   976            C:\Windows\system32\PnkBstrA.exe
  svchost.exe   1988      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
  rpcnet.exe   1992      rpcnet   Absolute Software Corp.   C:\Windows\system32\rpcnet.exe
  svchost.exe   2052      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k imgsvc
  dllhost.exe   2116      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
  svchost.exe   2208      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k WerSvcGroup
  winvnc4.exe   2248      VNC Server Free Edition for Win32   RealVNC Ltd.   "C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
  SearchIndexer.exe   2300      Microsoft Windows Search Indexer   Microsoft Corporation   C:\Windows\system32\SearchIndexer.exe /Embedding
   SearchProtocolHost.exe   4180      Microsoft Windows Search Protocol Host   Microsoft Corporation   "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
   SearchFilterHost.exe   5172      Microsoft Windows Search Filter Host   Microsoft Corporation   "C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652
  tcsd_win32.exe   2516            "C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe"
  dllhost.exe   2952      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
  wmpnetwk.exe   3508      Windows Media Player Network Sharing Service   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnetwk.exe"
  msdtc.exe   3564      MS DTCconsole program   Microsoft Corporation   C:\Windows\System32\msdtc.exe
  iPodService.exe   4876      iPodService Module   Apple Inc.   "C:\Program Files\iPod\bin\iPodService.exe"
 lsass.exe   616      Local Security Authority Process   Microsoft Corporation   C:\Windows\system32\lsass.exe
 lsm.exe   624      Local Session Manager Service   Microsoft Corporation   C:\Windows\system32\lsm.exe
csrss.exe   572      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe   764      Windows Logon Application   Microsoft Corporation   winlogon.exe
explorer.exe   2472   2.96   Windows Explorer   Microsoft Corporation   C:\Windows\Explorer.EXE
 rundll32.exe   2928      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
 rundll32.exe   3028      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\nvHotkey.dll,Start
 jusched.exe   3052      Java(TM) Platform SE binary   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jusched.exe"
 WavXDocMgr.exe   3068      WavX Document Manager Application   Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe"
 SecureUpgrade.exe   3076      Check For Later Product Line    Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe"
 iTunesHelper.exe   3108      iTunesHelper Module   Apple Inc.   "C:\Program Files\iTunes\iTunesHelper.exe"
 wmpnscfg.exe   3272      Windows Media Player Network Sharing Service Configuration Application   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnscfg.exe"
 SetPoint.exe   3304      Logitech SetPoint Event Manager (UNICODE)   Logitech, Inc.   "C:\Program Files\Logitech\SetPoint\SetPoint.exe"
  KHALMNPR.exe   3924      Logitech KHAL Main Process   Logitech, Inc.   KHALMNPR.EXE /API
 procexp.exe   5964   10.06   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   "C:\Users\Bob\Documents\Process Explorer\procexp.exe"
 Ventrilo.exe   3444      Ventrilo by Flagship Industries, Inc.      "C:\Program Files\Ventrilo\Ventrilo.exe"
 iTunes.exe   3144      iTunes   Apple Inc.   "C:\Program Files\iTunes\iTunes.exe"
  AppleMobileDeviceHelper.exe   5464      AppleMobileDeviceHelper      "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\29996413-1993606544175843144 --parentPipe
   distnoted.exe   1592      distnoted.exe      "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe"
 WINWORD.EXE   2628      Microsoft Office Word   Microsoft Corporation   "C:\Program Files\Microsoft Office\Office12\WINWORD.EXE"
 firefox.exe   5904   21.90   Firefox   Mozilla Corporation   "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
rundll32.exe   3180      Windows host process (Rundll32)   Microsoft Corporation   rundll32 NVSVC.DLL,nvsvcInitialize

30% is better, but still HIGH. My FF never uses more than 2-3% of CPU at the most.


Go Start>Run (Start Search in Vista), type in:
msconfig
Click OK (hit Enter in Vista).

Click on Startup tab.
Click Disable all

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

Run FF with no-adds, and post new PE log.

P. S. I'll be gone for couple of hours...
Sorry it's taken so long.  I did as you said and this is the PE log when I'm running firefox in safemode.

Process   PID   CPU   Description   Company Name   Command Line
System Idle Process   0   93.39         
procexp.exe   1984   2.99   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   "c:\Users\Bob\Documents\Process Explorer\procexp.exe"
svchost.exe   1008   2.24   Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
services.exe   608   1.49   Services and Controller app   Microsoft Corporation   C:\Windows\system32\services.exe
wuauclt.exe   2796      Windows Update Automatic Updates   Microsoft Corporation   "C:\Windows\system32\wuauclt.exe"
wmpnscfg.exe   3164      Windows Media Player Network Sharing Service Configuration Application   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnscfg.exe"
wmpnetwk.exe   3200      Windows Media Player Network Sharing Service   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnetwk.exe"
winlogon.exe   704      Windows Logon Application   Microsoft Corporation   winlogon.exe
wininit.exe   564      Windows Start-Up Application   Microsoft Corporation   wininit.exe
TrustedInstaller.exe   1784      Windows Modules Installer   Microsoft Corporation   C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe   2784      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {169456CF-BB5B-4D12-AA77-1B76038A520C}
taskeng.exe   2144      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {BD59BD6B-5C28-409B-AED2-B5F4885BA333}
System   4            
svchost.exe   1040      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
svchost.exe   1060      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k netsvcs
svchost.exe   1500      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkService
svchost.exe   1324      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalService
svchost.exe   864      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k rpcss
svchost.exe   808      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k DcomLaunch
svchost.exe   1228      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k GPSvcGroup
svchost.exe   1760      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
svchost.exe   1948      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k bthsvcs
svchost.exe   2028      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
svchost.exe   280      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k imgsvc
svchost.exe   1480      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k WerSvcGroup
spoolsv.exe   1724      Spooler SubSystem App   Microsoft Corporation   C:\Windows\System32\spoolsv.exe
smss.exe   388      Windows Session Manager   Microsoft Corporation   \SystemRoot\System32\smss.exe
SLsvc.exe   1284      Microsoft Software Licensing Service   Microsoft Corporation   C:\Windows\system32\SLsvc.exe
SearchIndexer.exe   860      Microsoft Windows Search Indexer   Microsoft Corporation   C:\Windows\system32\SearchIndexer.exe /Embedding
OrbTray.exe   2836      Orb   Orb Networks   "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"
Orb.exe   3436      Orb Application   Orb Networks, Inc.   "C:\Program Files\Orb Networks\Orb\bin\Orb.exe"
msdtc.exe   2492      MS DTCconsole program   Microsoft Corporation   C:\Windows\System32\msdtc.exe
msconfig.exe   2960      System Configuration Utility   Microsoft Corporation   "C:\Windows\System32\msconfig.exe" /auto
lsm.exe   632      Local Session Manager Service   Microsoft Corporation   C:\Windows\system32\lsm.exe
lsass.exe   620      Local Security Authority Process   Microsoft Corporation   C:\Windows\system32\lsass.exe
Interrupts   n/a      Hardware Interrupts      
firefox.exe   3136      Firefox   Mozilla Corporation   "C:\Program Files\Mozilla Firefox\firefox.exe" "-safe-mode"
explorer.exe   2808      Windows Explorer   Microsoft Corporation   C:\Windows\Explorer.EXE
dwm.exe   2752      Desktop Window Manager   Microsoft Corporation   "C:\Windows\system32\Dwm.exe"
DPCs   n/a      Deferred Procedure Calls      
dllhost.exe   652      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
dllhost.exe   2236      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
csrss.exe   576      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe   524      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
audiodg.exe   1192      Windows Audio Device Graph Isolation    Microsoft Corporation   C:\Windows\system32\AUDIODG.EXE 0x304

This is the PE log when I run firefox normally, it's down to only a few %


Process   PID   CPU   Description   Company Name   Command Line
System Idle Process   0   96.66         
procexp.exe   1984   2.25   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   "c:\Users\Bob\Documents\Process Explorer\procexp.exe"
services.exe   608   1.50   Services and Controller app   Microsoft Corporation   C:\Windows\system32\services.exe
wuauclt.exe   2796      Windows Update Automatic Updates   Microsoft Corporation   "C:\Windows\system32\wuauclt.exe"
wmpnscfg.exe   3164      Windows Media Player Network Sharing Service Configuration Application   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnscfg.exe"
wmpnetwk.exe   3200      Windows Media Player Network Sharing Service   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnetwk.exe"
winlogon.exe   704      Windows Logon Application   Microsoft Corporation   winlogon.exe
wininit.exe   564      Windows Start-Up Application   Microsoft Corporation   wininit.exe
TrustedInstaller.exe   1784      Windows Modules Installer   Microsoft Corporation   C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe   2784      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {169456CF-BB5B-4D12-AA77-1B76038A520C}
taskeng.exe   2144      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {BD59BD6B-5C28-409B-AED2-B5F4885BA333}
System   4            
svchost.exe   1500      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkService
svchost.exe   1040      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
svchost.exe   808      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k DcomLaunch
svchost.exe   1760      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
svchost.exe   1008      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
svchost.exe   1060      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k netsvcs
svchost.exe   1324      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalService
svchost.exe   864      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k rpcss
svchost.exe   1228      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k GPSvcGroup
svchost.exe   1948      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k bthsvcs
svchost.exe   2028      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
svchost.exe   280      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k imgsvc
svchost.exe   1480      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k WerSvcGroup
spoolsv.exe   1724      Spooler SubSystem App   Microsoft Corporation   C:\Windows\System32\spoolsv.exe
smss.exe   388      Windows Session Manager   Microsoft Corporation   \SystemRoot\System32\smss.exe
SLsvc.exe   1284      Microsoft Software Licensing Service   Microsoft Corporation   C:\Windows\system32\SLsvc.exe
SearchIndexer.exe   860      Microsoft Windows Search Indexer   Microsoft Corporation   C:\Windows\system32\SearchIndexer.exe /Embedding
OrbTray.exe   2836      Orb   Orb Networks   "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"
Orb.exe   3436      Orb Application   Orb Networks, Inc.   "C:\Program Files\Orb Networks\Orb\bin\Orb.exe"
notepad.exe   3432      Notepad   Microsoft Corporation   "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Bob\Documents\Process Explorer\ProcexpFFsafemode.txt
msdtc.exe   2492      MS DTCconsole program   Microsoft Corporation   C:\Windows\System32\msdtc.exe
msconfig.exe   2960      System Configuration Utility   Microsoft Corporation   "C:\Windows\System32\msconfig.exe" /auto
lsm.exe   632      Local Session Manager Service   Microsoft Corporation   C:\Windows\system32\lsm.exe
lsass.exe   620      Local Security Authority Process   Microsoft Corporation   C:\Windows\system32\lsass.exe
Interrupts   n/a      Hardware Interrupts      
firefox.exe   3308      Firefox   Mozilla Corporation   "C:\Program Files\Mozilla Firefox\firefox.exe"
explorer.exe   2808      Windows Explorer   Microsoft Corporation   C:\Windows\Explorer.EXE
dwm.exe   2752      Desktop Window Manager   Microsoft Corporation   "C:\Windows\system32\Dwm.exe"
DPCs   n/a      Deferred Procedure Calls      
dllhost.exe   652      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
dllhost.exe   2236      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
csrss.exe   576      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe   524      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
audiodg.exe   1192      Windows Audio Device Graph Isolation    Microsoft Corporation   C:\Windows\system32\AUDIODG.EXE 0x304

Now, it looks normal.
Repeat same procedure, but this time disable Norton's entries only.
Restart, and run PE again.Ok, I enabled everything else besides Norton, here it is again.

Process   PID   CPU   Description   Company Name   Command Line
System Idle Process   0   88.32         
svchost.exe   1080   5.20   Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
procexp.exe   4428   2.97   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   "c:\Users\Bob\Documents\Process Explorer\procexp.exe"
services.exe   640   1.48   Services and Controller app   Microsoft Corporation   C:\Windows\system32\services.exe
Orb.exe   3816   0.74   Orb Application   Orb Networks, Inc.   "C:\Program Files\Orb Networks\Orb\bin\Orb.exe"
DPCs   n/a   0.74   Deferred Procedure Calls      
YStart.exe   2176      Application Starter   CASIO COMPUTER CO.,LTD.   "C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe"
wuauclt.exe   4140      Windows Update Automatic Updates   Microsoft Corporation   "C:\Windows\system32\wuauclt.exe"
wmpnscfg.exe   2412      Windows Media Player Network Sharing Service Configuration Application   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnscfg.exe"
wmpnetwk.exe   2264      Windows Media Player Network Sharing Service   Microsoft Corporation   "C:\Program Files\Windows Media Player\wmpnetwk.exe"
WmiPrvSE.exe   2856      WMI Provider Host   Microsoft Corporation   C:\Windows\system32\wbem\wmiprvse.exe
winvnc4.exe   2136      VNC Server Free Edition for Win32   RealVNC Ltd.   "C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
winlogon.exe   808      Windows Logon Application   Microsoft Corporation   winlogon.exe
wininit.exe   596      Windows Start-Up Application   Microsoft Corporation   wininit.exe
WavXDocMgr.exe   3696      WavX Document Manager Application   Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe"
tcsd_win32.exe   2228            "C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe"
taskeng.exe   3440      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {8BE1F400-0A23-453E-B2B7-12C676B3B61C}
taskeng.exe   2524      Task Scheduler Engine   Microsoft Corporation   taskeng.exe {55A89D85-AC86-4F30-B8E9-65066E8F11BD}
System   4            
svchost.exe   1512      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkService
svchost.exe   832      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k DcomLaunch
svchost.exe   1048      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
svchost.exe   1108      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k netsvcs
svchost.exe   1348      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalService
svchost.exe   896      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k rpcss
svchost.exe   1240      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k GPSvcGroup
svchost.exe   1892      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
svchost.exe   476      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k bthsvcs
svchost.exe   1000      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
svchost.exe   352      Host Process for Windows Services   Microsoft Corporation   C:\Windows\system32\svchost.exe -k imgsvc
svchost.exe   2112      Host Process for Windows Services   Microsoft Corporation   C:\Windows\System32\svchost.exe -k WerSvcGroup
spoolsv.exe   1856      Spooler SubSystem App   Microsoft Corporation   C:\Windows\System32\spoolsv.exe
smss.exe   452      Windows Session Manager   Microsoft Corporation   \SystemRoot\System32\smss.exe
SLsvc.exe   1296      Microsoft Software Licensing Service   Microsoft Corporation   C:\Windows\system32\SLsvc.exe
SetPoint.exe   2336      Logitech SetPoint Event Manager (UNICODE)   Logitech, Inc.   "C:\Program Files\Logitech\SetPoint\SetPoint.exe"
SecureUpgrade.exe   3744      Check For Later Product Line    Wave Systems Corp.   "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe"
SearchProtocolHost.exe   4696      Microsoft Windows Search Protocol Host   Microsoft Corporation   "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
SearchIndexer.exe   2184      Microsoft Windows Search Indexer   Microsoft Corporation   C:\Windows\system32\SearchIndexer.exe /Embedding
SearchFilterHost.exe   4728      Microsoft Windows Search Filter Host   Microsoft Corporation   "C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652
rundll32.exe   3800      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\nvHotkey.dll,Start
rundll32.exe   1140      Windows host process (Rundll32)   Microsoft Corporation   rundll32 NVSVC.DLL,nvsvcInitialize
rundll32.exe   3792      Windows host process (Rundll32)   Microsoft Corporation   "C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
rpcnet.exe   1308      rpcnet   Absolute Software Corp.   C:\Windows\system32\rpcnet.exe
reader_sl.exe   1232      Adobe Acrobat SpeedLauncher   Adobe Systems Incorporated   "C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe"
PnkBstrA.exe   892            C:\Windows\system32\PnkBstrA.exe
OrbTray.exe   3516      Orb   Orb Networks   "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"
msdtc.exe   2736      MS DTCconsole program   Microsoft Corporation   C:\Windows\System32\msdtc.exe
msconfig.exe   3684      System Configuration Utility   Microsoft Corporation   "C:\Windows\System32\msconfig.exe" /auto
mDNSResponder.exe   388      Bonjour Service   Apple Inc.   "C:\Program Files\Bonjour\mDNSResponder.exe"
lsm.exe   664      Local Session Manager Service   Microsoft Corporation   C:\Windows\system32\lsm.exe
lsass.exe   652      Local Security Authority Process   Microsoft Corporation   C:\Windows\system32\lsass.exe
KHALMNPR.exe   976      Logitech KHAL Main Process   Logitech, Inc.   KHALMNPR.EXE /API
jusched.exe   3708      Java(TM) Platform SE binary   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jusched.exe"
jqs.exe   564      Java(TM) Quick Starter Service   Sun Microsystems, Inc.   "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
iTunesHelper.exe   4088      iTunesHelper Module   Apple Inc.   "C:\Program Files\iTunes\iTunesHelper.exe"
iPodService.exe   3164      iPodService Module   Apple Inc.   "C:\Program Files\iPod\bin\iPodService.exe"
Interrupts   n/a      Hardware Interrupts      
firefox.exe   4660      Firefox   Mozilla Corporation   "C:\Program Files\Mozilla Firefox\firefox.exe"
explorer.exe   3496      Windows Explorer   Microsoft Corporation   C:\Windows\Explorer.EXE
dwm.exe   3452      Desktop Window Manager   Microsoft Corporation   "C:\Windows\system32\Dwm.exe"
dllhost.exe   2036      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
dllhost.exe   2476      COM Surrogate   Microsoft Corporation   C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
csrss.exe   608      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
csrss.exe   556      Client Server Runtime Process   Microsoft Corporation   C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
audiodg.exe   1208      Windows Audio Device Graph Isolation    Microsoft Corporation   C:\Windows\system32\AUDIODG.EXE 0x2e0
AppleMobileDeviceService.exe   384      Apple Mobile Device Service   Apple Inc.   "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
aawservice.exe   1680      Ad-Aware Service   Lavasoft   "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"

See? Excellent!

Get rid of Norton, using this: http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

Replace it with one of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- Avira free antivirus: http://www.free-av.com/en/download/index.html

- free PC Tools Firewall Plus: http://www.pctools.com/firewall/

- free Comodo Internet Security (firewall + AV): http://www.personalfirewall.comodo.com/
NOTE. During installation, Comodo will also allow you to install AV only, or firewall only, if you prefer to combine one Comodo product with some other product.

If you decide to install Avast, or Avira, make sure, Windows firewall is turned on, or use PC Tools Firewall Plus.
If you decide to install Comodo, make sure, Windows firewall is turned off.

IMPORTANT! Make sure, you use only ONE antivirus, and ONE firewall.


Discussion

No Comment Found

Related InterviewSolutions