I am sure the hard drive my OS on has a bad sector (Samsung F1) but it has been moved and the HDD does not access it. Recently the boot sector was corrupt, and I created a new one using Vista repair disk.
Programmes like "SmarThru 4", I no longer use. Can I just delete them using HijackThis?
HijackThis log is below:
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:04:32, on 24/09/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\INITIO\Button Manager v1.60\inihid.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll O2 - BHO: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files (x86)\Messenger\Msmsgs.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1971581739-487193456-41462279-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - Global Startup: Button Manager v1.60.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Post Image to Blog - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll2.htm O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll1.htm O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll.htm O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll O8 - Extra context menu item: Tag This Image - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Transload Image to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5004 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5001 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing) O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O15 - Trusted Zone: http://software.kuaiche.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c98b815e21a5b2) (gupdate1c98b815e21a5b2) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15368 bytes
I have multiple svchost.exe running.. One of which takes up around 276,000k of memory that can be seen below.
List of services using ProcessXP:
Process PID CPU Private Bytes Working Set Description Company Name svchost.exe 488 < 0.01 267,244 K 274,728 K Host Process for Windows Services Microsoft Corporation firefox.exe 4500 < 0.01 217,892 K 236,020 K Firefox Mozilla Corporation SearchIndexer.exe 3476 118,964 K 53,200 K Microsoft Windows Search Indexer Microsoft Corporation mbam.exe 3640 < 0.01 116,300 K 119,216 K Malwarebytes' Anti-Malware Malwarebytes Corporation mbamservice.exe 4780 < 0.01 113,488 K 45,672 K Malwarebytes' Anti-Malware Malwarebytes Corporation dwm.exe 2000 1.16 82,816 K 116,640 K Desktop Window Manager Microsoft Corporation svchost.exe 1004 72,824 K 47,284 K Host Process for Windows Services Microsoft Corporation explorer.exe 1548 < 0.01 55,420 K 83,096 K Windows Explorer Microsoft Corporation svchost.exe 1636 33,216 K 37,716 K Host Process for Windows Services Microsoft Corporation svchost.exe 508 30,596 K 43,368 K Host Process for Windows Services Microsoft Corporation svchost.exe 2044 29,256 K 35,420 K Host Process for Windows Services Microsoft Corporation procexp64.exe 4800 8.10 21,208 K 38,540 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com svchost.exe 360 < 0.01 20,184 K 17,984 K Host Process for Windows Services Microsoft Corporation audiodg.exe 748 18,824 K 21,968 K Windows Audio Device Graph Isolation Microsoft Corporation plugin-container.exe 4596 15,204 K 20,756 K Plugin Container for Firefox Mozilla Corporation Pen_Tablet.exe 3496 < 0.01 14,164 K 24,880 K Tablet Service for consumer driver Wacom Technology, Corp. InputPersonalization.exe 1496 < 0.01 13,388 K 13,484 K Input Personalization Server Microsoft Corporation taskeng.exe 2032 12,144 K 14,976 K Task Scheduler Engine Microsoft Corporation svchost.exe 1108 12,008 K 20,140 K Host Process for Windows Services Microsoft Corporation RAVCpl64.exe 2592 10,896 K 11,468 K HD Audio Control Panel Realtek Semiconductor TabTip.exe 1156 < 0.01 10,196 K 20,716 K Tablet PC Input Panel Accessory Microsoft Corporation PDAgent.exe 3172 < 0.01 10,148 K 18,392 K PDAgent Module Raxco Software, Inc. svchost.exe 1280 1.16 9,808 K 14,888 K Host Process for Windows Services Microsoft Corporation spoolsv.exe 1992 < 0.01 9,060 K 15,592 K Spooler SubSystem App Microsoft Corporation nvxdsync.exe 1316 8,972 K 17,480 K NVIDIA User Experience Driver Component NVIDIA Corporation Pen_TouchUser.exe 2056 8,756 K 14,544 K Touch User Mode Driver Wacom Technology, Corp. SLsvc.exe 840 8,320 K 13,016 K Microsoft Software Licensing Service Microsoft Corporation KHALMNPR.exe 2920 8,248 K 11,468 K Logitech KHAL Main Process Logitech, Inc. TabTip.exe 1348 7,852 K 1,424 K Tablet PC Input Panel Accessory Microsoft Corporation Core Temp.exe 2212 < 0.01 7,288 K 10,984 K CPU temperature and system information utility wisptis.exe 1100 < 0.01 7,032 K 12,940 K Microsoft Tablet PC Input Component Microsoft Corporation nvvsvc.exe 1328 6,924 K 13,296 K NVIDIA Driver Helper Service, Version 280.26 NVIDIA Corporation SetPoint.exe 2520 6,768 K 14,816 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. svchost.exe 964 6,532 K 10,656 K Host Process for Windows Services Microsoft Corporation NetworkLicenseServer.exe 2932 5,892 K 9,696 K ABBYY network license server ABBYY svchost.exe 3828 5,448 K 9,324 K Host Process for Windows Services Microsoft Corporation GoogleToolbarNotifier.exe 2800 < 0.01 5,416 K 4,176 K GoogleToolbarNotifier Google Inc. svchost.exe 3252 5,344 K 9,476 K Host Process for Windows Services Microsoft Corporation wisptis.exe 1340 5,228 K 8,240 K Microsoft Tablet PC Input Component Microsoft Corporation TeamViewer_Service.exe 3372 5,152 K 10,524 K TeamViewer Remote Control Application TeamViewer GmbH lsass.exe 660 4,996 K 3,436 K Local Security Authority Process Microsoft Corporation WmiPrvSE.exe 4204 4,536 K 8,608 K WMI Provider Host Microsoft Corporation nvvsvc.exe 912 4,456 K 8,136 K NVIDIA Driver Helper Service, Version 280.26 NVIDIA Corporation csrss.exe 608 < 0.01 4,448 K 9,616 K Client Server Runtime Process Microsoft Corporation services.exe 644 4,380 K 9,496 K Services and Controller app Microsoft Corporation svchost.exe 856 4,076 K 8,516 K Host Process for Windows Services Microsoft Corporation unsecapp.exe 4148 3,964 K 7,768 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation svchost.exe 3220 3,908 K 7,936 K Host Process for Windows Services Microsoft Corporation nvSCPAPISvr.exe 924 3,856 K 6,380 K Stereo Vision Control Panel API Server NVIDIA Corporation ehtray.exe 2792 3,816 K 5,016 K Media Center Tray Applet Microsoft Corporation wmdcBase.exe 2760 3,684 K 8,292 K Windows Mobile Device Center Microsoft Corporation lsm.exe 668 3,536 K 5,796 K Local Session Manager Service Microsoft Corporation winlogon.exe 772 3,456 K 7,912 K Windows Logon Application Microsoft Corporation Pen_TabletUser.exe 3380 3,268 K 7,300 K Tablet user module for consumer driver Wacom Technology, Corp. taskeng.exe 2104 3,204 K 7,976 K Task Scheduler Engine Microsoft Corporation csrss.exe 536 < 0.01 3,128 K 7,540 K Client Server Runtime Process Microsoft Corporation inihid.exe 2472 < 0.01 2,972 K 8,576 K svchost.exe 1244 2,824 K 4,328 K Host Process for Windows Services Microsoft Corporation PDAgentS1.exe 4756 2,776 K 6,192 K PDAgentS1 Module Raxco Software, Inc. daemonu.exe 4600 < 0.01 2,752 K 6,792 K NVIDIA Settings Update Manager NVIDIA Corporation PnkBstrA.exe 3208 < 0.01 2,672 K 4,964 K procexp.exe 4620 2,520 K 10,352 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com ehmsas.exe 2820 2,512 K 6,500 K Media Center Media Status Aggregator Service Microsoft Corporation mDNSResponder.exe 1088 2,504 K 6,664 K Bonjour Service Apple Computer, Inc. Pen_Tablet.exe 3284 2,464 K 11,388 K Tablet Service for consumer driver Wacom Technology, Corp. TeamViewer_Service.exe 3328 < 0.01 2,384 K 4,292 K TeamViewer Service TeamViewer GmbH Pen_TouchService.exe 1300 2,344 K 5,528 K Touch Service Wacom Technology, Corp. taskeng.exe 4688 2,248 K 5,640 K Task Scheduler Engine Microsoft Corporation svchost.exe 3444 2,000 K 4,364 K Host Process for Windows Services Microsoft Corporation wininit.exe 588 1,936 K 5,168 K Windows Start-Up Application Microsoft Corporation SetPoint32.exe 1200 1,656 K 5,472 K jusched.exe 2328 1,612 K 5,372 K Java(TM) Update Scheduler Sun Microsystems, Inc. TabTip32.exe 1808 < 0.01 1,024 K 3,340 K Tablet PC Input Panel Helper Microsoft Corporation smss.exe 460 568 K 1,072 K Windows Session Manager Microsoft Corporation System Idle Process 0 89.58 0 K 24 K System 4 < 0.01 0 K 13,652 K Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs [size="4"] Process: svchost.exe Pid: 488[/size] Type Name ALPC Port \UxSmsApiPort ALPC Port \RPC Control\OLEF97B9CACE57D4AFA802D2C0E1734 ALPC Port \UMDFCommunicationPorts\Loopback-6526e363-dc1d-4c72-bef8-66fd3d7a08fe ALPC Port \UMDFCommunicationPorts\ProcessManagement ALPC Port \RPC Control\LRPC-f154f14e4df339f6d9 ALPC Port \Security\TRKWKS_PORT ALPC Port \RPC Control\trkwks Desktop \Default Directory \KnownDlls Directory \BaseNamedObjects Directory \UMDFCommunicationPorts\WUDF Event \BaseNamedObjects\TermSrvReadyEvent Event \BaseNamedObjects\ConsoleSessionCreation Event \BaseNamedObjects\TabletHardwarePresent Event \BaseNamedObjects\WLAN_POLICY_CHANGE_EVENT Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-running Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-request Event \Sessions\1\BaseNamedObjects\{DFFDE213-8CB4-46a9-90EB-3DA843AF66F9}-request Event \Sessions\1\BaseNamedObjects\{DFFDE213-8CB4-46a9-90EB-3DA843AF66F9}-show Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-uds Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-sds Event \KernelObjects\SuperfetchScenarioNotify Event \BaseNamedObjects\WinSta0_DesktopSwitch Event \KernelObjects\SuperfetchScenarioNotify Event \Security\TRKWKS_EVENT Event \KernelObjects\HighCommitCondition Event \KernelObjects\MaximumCommitCondition Event \KernelObjects\PrefetchTracesReady Event \KernelObjects\LowCommitCondition Event \KernelObjects\SuperfetchParametersChanged Event \KernelObjects\SuperfetchParametersChanged Event \KernelObjects\SuperfetchTracesReady File C:\Windows\System32 File C:\Windows\System32\en-US\svchost.exe.mui File \Device\KsecDD File \Device\NamedPipe\net\NtControlPipe7 File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File C:\Windows\registration\R000000000005.clb File \Device\00000074\RtSpdifTopo File \Device\00000074\SingleLineOutTopo File \Device\00000074\RearLineInBlueTopo File \Device\00000074\FrontLineInGreenTopo File \Device\00000074\RtCDInTopo File \Device\00000074\RearMicInPinkTopo File \Device\00000074\RtStereoMixTopo File \Device\00000074\frontlineinpinktopo File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File \Device\Mup\.\. File \Device\0000007e File C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_56cd8757b545091c File \Device\KsecDD File \Device\KsecDD File \Device\KsecDD File \Device\WMIDataDevice File \Device\WMIDataDevice File \Device\Nsi File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File \Device\ECacheControl File \Device\FileInfo File \Device\HarddiskVolume2 File \Device\HarddiskVolume3 File \Device\HarddiskVolume4 File \Device\HarddiskVolume5 File \Device\HarddiskVolume6 File \Device\HarddiskVolume7 File \Device\HarddiskVolume8 File \Device\NamedPipe\trkwks File \Device\NamedPipe\trkwks File \Device\NamedPipe\trkwks File H:\System Volume Information\tracking.log File I:\System Volume Information\tracking.log File J:\System Volume Information\tracking.log File H:\$Extend\$ObjId File C:\$Extend\$ObjId File I:\$Extend\$ObjId File J:\$Extend\$ObjId File C:\System Volume Information\tracking.log File D:\$Extend\$ObjId File D:\System Volume Information\tracking.log File E:\$Extend\$ObjId File E:\System Volume Information\tracking.log File F:\$Extend\$ObjId File F:\System Volume Information\tracking.log File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6 File \Device\Afd File \Device\0000004b File \Device\FileInfo File \Device\ECacheControl File \Device\Afd File \Device\NamedPipe\lsass Job \BaseNamedObjects\PCA_{43981809-BD3E-4138-B82E-CF51F06F1029} Job \BaseNamedObjects\PCA_{2D31AD23-B59C-4AED-B351-F391237A923E} Job \BaseNamedObjects\PCA_{42957C90-AD76-477F-8243-4AD4B5898066} Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER Key HKCR Key HKLM\SYSTEM\ControlSet002\Control\NetworkProvider\HwOrder Key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache Key HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\AppCompatFlags Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Image File Execution Options Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\WUDF Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Superfetch Key HKLM\SYSTEM\ControlSet002\Services Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER\MEMORY MANAGEMENT\PrefetchParameters Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Superfetch Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER\MEMORY MANAGEMENT\PrefetchParameters Key HKLM\SOFTWARE\Microsoft\Tracing\RASDLG Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Prefetcher Key HKLM\SYSTEM\ControlSet002\Control\Network\Connections Key HKLM\SYSTEM\ControlSet002\Services\WinSock2\Parameters\Protocol_Catalog9 Key HKLM\SYSTEM\ControlSet002\Services\WinSock2\Parameters\NameSpace_Catalog5 Mutant \BaseNamedObjects\ZonesCounterMutex Mutant \BaseNamedObjects\ZonesCacheCounterMutex Mutant \BaseNamedObjects\oleacc-msaa-loaded Mutant \BaseNamedObjects\ZonesLockedCacheCounterMutex Mutant \BaseNamedObjects\OOC State Mutex Mutant \BaseNamedObjects\RasPbFile Mutant \BaseNamedObjects\RasPbFile Process wisptis.exe(1340) Process TabTip.exe(1348) Process svchost.exe(488) Process dwm.exe(2000) Process wisptis.exe(1100) Process TabTip.exe(1156) Section \BaseNamedObjects\__ComCatalogCache__ Section \BaseNamedObjects\__ComCatalogCache__ Section \BaseNamedObjects\windows_shell_global_counters Thread svchost.exe(488): 480 Thread svchost.exe(488): 12 Thread svchost.exe(488): 12 Thread svchost.exe(488): 696 Thread svchost.exe(488): 452 Thread svchost.exe(488): 452 Thread svchost.exe(488): 492 Thread svchost.exe(488): 1032 Thread svchost.exe(488): 1164 Thread svchost.exe(488): 1172 Thread svchost.exe(488): 1176 Thread svchost.exe(488): 1212 Thread svchost.exe(488): 1216 Thread svchost.exe(488): 1032 Thread svchost.exe(488): 1580 Thread svchost.exe(488): 1580 Thread svchost.exe(488): 1540 Thread svchost.exe(488): 4000 Thread svchost.exe(488): 1764 Thread svchost.exe(488): 1768 Thread svchost.exe(488): 1772 Thread svchost.exe(488): 1164 Thread svchost.exe(488): 1176 Thread svchost.exe(488): 720 Thread svchost.exe(488): 720 Thread svchost.exe(488): 2088 Thread svchost.exe(488): 2224 Thread svchost.exe(488): 2224 Thread svchost.exe(488): 500 Thread svchost.exe(488): 2716 Thread svchost.exe(488): 3264 Thread svchost.exe(488): 3264 Thread svchost.exe(488): 3408 Thread svchost.exe(488): 1980 Thread svchost.exe(488): 2712 Thread svchost.exe(488): 3412 Thread svchost.exe(488): 3908 Thread svchost.exe(488): 3912 Thread svchost.exe(488): 3916 Thread svchost.exe(488): 3920 Thread svchost.exe(488): 3924 Thread svchost.exe(488): 3928 Thread svchost.exe(488): 3932 Thread svchost.exe(488): 3936 Thread svchost.exe(488): 3940 Thread svchost.exe(488): 3944 Thread svchost.exe(488): 3848 Thread svchost.exe(488): 3744 Thread svchost.exe(488): 4292 Thread svchost.exe(488): 4296 Thread svchost.exe(488): 1540 Thread svchost.exe(488): 4860 Thread svchost.exe(488): 4000 Thread svchost.exe(488): 1452 Thread svchost.exe(488): 4292 Thread svchost.exe(488): 4304 Thread svchost.exe(488): 4308 Thread svchost.exe(488): 4312 Thread svchost.exe(488): 4316 Thread svchost.exe(488): 4860 Thread svchost.exe(488): 4544 Thread svchost.exe(488): 2716 Thread svchost.exe(488): 4140 Token NT AUTHORITY\SYSTEM:3e7 Token NT AUTHORITY\SYSTEM:3e7 Token NT AUTHORITY\SYSTEM:3e7 Token PC\Mo:2485f Token PC\Mo:2485f Token NT AUTHORITY\SYSTEM:3e7 Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token PC\Mo:2485f Token NT AUTHORITY\SYSTEM:3e7 WindowStation \Windows\WindowStations\Service-0x0-3e7$ WindowStation \Windows\WindowStations\Service-0x0-3e7$
Thankyou for reading. Any help/advice would be appreciated!
Edited by MO_LFC, 23 September 2011 - 05:18 PM.