Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vundo/RamnitA and more! - Can't complete most scan tools - com

Started by spyhunter , Feb 25 2012 05:09 AM

  • Please log in to reply

#16
RKinner
Posted 29 February 2012 - 05:28 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I saw the developer do it yesterday but it doesn't work for me either. He must have a newer version than is on the website.

Just got another new tool.

http://windows.micro...em-requirements

Select the 32 bit version. Download and run the file by right clicking and run as admin. You have a choice of blank CD or a USB drive. (There is a third option to download a .iso file whihc we don't need.) Put a blank CD in the drive or a blank USB (Doesn't really have to be blank but it will reformat it so will erase anything on it.)

Select the appropriate option and let it do its thing. It will create a bootable CD or USB drive. Boot off it and let it run the Full scan.

When it finishes boot into regular mode and open the file:


"c:\windows\windows defender offline\summit\mssWrapper.log" with notepad and copy and paste it into a reply.

Ron
  • 0

Advertisements

#17
spyhunter
Posted 29 February 2012 - 05:33 PM

spyhunter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Worked it out! Just realised that you have to add the 'Verified signer' column to the display as well as tick the option to verify!

The things with no verification are:

System Idle process,
System,
Interrupts,
HpqToaster.exe (no Co., blank signature)
hpqbam08.exe (unable to verify Hewlett-Packard Co.)
hpqgpc01.exe (unable to verify Hewlett-Packard)
wsqmcons.exe (Microsoft Corporation, blank signature)
taskeng.exe
HPHC_Service.exe (unable to verify Hewlett-Packard)
WiFimsg.exe (unable to verify Hewlett-Packard Development company. L.P.)
hpqWmiEx.exe (unable to verify Hewlett-Packard Development company. L.P.)
hpqste08 (unable to verify Hewlett-Packard Co.)
Notepad (Microsoft Corporation, blank signature)

I will have a go with that new tool now, Neil
  • 0

#18
spyhunter
Posted 01 March 2012 - 02:39 AM

spyhunter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
The tool found one bit of 'low risk' Adware which I removed (I don't know what, I didn't pay much attention 'cos I thought it would be in the log but it's not mentioned). Log follows:-





ERRORS_ONLY=0
MAX_SIZE=5120
APPEND=1
MAX_LINE_SIZE=256
-------------------------------------------------
START 2012/03/01 01:08:06:619 TID:836 PID:780

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
Binary architecture is x86

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
UtilIsFileExists(C:\Windows\SysWOW64\ntdll.dll) returned 0x80070003

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
CheckProcessorArchitecture returned 0x00000000

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
SetRecoveryEnvironmentKey returned 0x00000000

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
GetSystemSweeperPath returned 0x00000000

INFO 2012/03/01 01:08:06:619 TID:836 PID:780
Windows Defender Offline Directory = 'x:\Program Files\Microsoft Security Client'

WARNING 2012/03/01 01:08:06:635 TID:836 PID:780
Missing definitions file in 'C:\mpam-fe.exe'

WARNING 2012/03/01 01:08:06:666 TID:836 PID:780
Missing definitions file in 'D:\mpam-fe.exe'

INFO 2012/03/01 01:08:07:087 TID:836 PID:780
Found definitions file in 'E:\mpam-fe.exe'

INFO 2012/03/01 01:08:07:087 TID:836 PID:780
Signatures File Target = 'x:\Program Files\Microsoft Security Client\mpam-fe.exe'

INFO 2012/03/01 01:08:25:667 TID:836 PID:780
CopySignatureFile returned 0x00000000

INFO 2012/03/01 08:00:16:719 TID:836 PID:780
RunCallisto returned 0x00000000

FINISH 2012/03/01 08:00:16:719 TID:784 PID:780



Thanks, Neil



P.S. Avast boot scanner still crashes, tried a normal full system scan with Avast and it stopped at "Disk C: Boot Record".

Edited by spyhunter, 01 March 2012 - 04:15 AM.

  • 0

#19
RKinner
Posted 01 March 2012 - 11:56 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
This is the first time I've used this tool so didn't know what we would see with the log. If I see the developer tonight I will complain to him.

I'm wondering if we are not seeing a bad hard drive.

Who makes the hard drive? I would try their drive test program. See if the extended test will run.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#20
spyhunter
Posted 01 March 2012 - 06:33 PM

spyhunter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
It's a Western Digital WD2500, their tool cannot complete a scan either so I presume it must after all be the disk. I ran chkdsk again from the 'repair your computer' startup option this time, and it finally managed to complete a scan, repairing two files with bad clusters, but I still cannot run any full scan with the WD tool. The SMART status shows as ok though. The speccy file follows:

Summary
Operating System
MS Windows Vista Home Premium 32-bit SP2
CPU
Intel Mobile Core 2 Duo T5550 @ 1.83GHz 48 °C
Merom 65nm Technology
RAM
2.00 GB Dual-Channel DDR2 @ 332MHz (5-5-5-15)
Motherboard
Wistron 30CD (U2E1) 49 °C
Graphics
Generic PnP Monitor (1280x800@60Hz)
Mobile Intel® 965 Express Chipset Family
Mobile Intel® 965 Express Chipset Family
Hard Drives
244GB Western Digital WDC WD2500BEVS-60UST0 (SATA) 44 °C
Optical Drives
Slimtype DVD A DS8A1H ATA Device
Audio
Conexant High Definition SmartAudio 221
Operating System
MS Windows Vista Home Premium 32-bit SP2
Installation Date: 18 April 2008, 08:07
Serial Number: XXXXXXXXXXXXXXXXXXXXXXXXX
Windows Security Center
User Account Control (UAC) Enabled
Notify level 3 - Always Notify
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Enabled
Environment Variables
USERPROFILE C:\Users\tem
SystemRoot C:\Windows
User Variables
TEMP C:\Users\tem\AppData\Local\Temp
TMP C:\Users\tem\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files\CyberLink\Power2Go
C:\Program Files\Windows Live\Shared
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE x86
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_REVISION 0f0d
NUMBER_OF_PROCESSORS 2
PLATFORM MCD
PCBRAND Pavilion
OnlineServices Online Services
USERPART E:
asl.log Destination=file;OnFirstLog=command,environment,parent
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
CLASSPATH .;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
QTJAVA C:\Program Files\Java\jre6\lib\ext\QTJava.zip

Uptime
Current Session
Current Time 02/03/2012 00:15:25
Current Uptime 507 sec (0 d, 00 h, 08 m, 27 s)
Last Boot Time 02/03/2012 00:06:58
Last ShutDown Time 01/03/2012 19:30:39
Uptime Statistics
First Boot Time 14/11/2011 16:35:24
First Shutdown Time 14/11/2011 13:23:18
Total Uptime 1346813 sec (15 d, 14 h, 06 m, 53 s)
Total Downtime 5091579 sec (58 d, 22 h, 19 m, 39 s)
Longest Uptime 49523 sec (0 d, 13 h, 45 m, 23 s)
Longest Downtime 100133 sec (1 d, 03 h, 48 m, 53 s)
Total Reboots 306
System Availability 20.92%

Scheduler
02/03/2012 00:24; GoogleUpdateTaskMachineUA
02/03/2012 01:01; FacebookUpdateTaskUserS-1-5-21-3286062453-1921412419-991409975-1002UA
02/03/2012 01:04; GoogleUpdateTaskUserS-1-5-21-3286062453-1921412419-991409975-1003UA
02/03/2012 07:24; GoogleUpdateTaskMachineCore
02/03/2012 12:31; Google Software Updater
02/03/2012 20:04; GoogleUpdateTaskUserS-1-5-21-3286062453-1921412419-991409975-1003Core
02/03/2012 22:01; FacebookUpdateTaskUserS-1-5-21-3286062453-1921412419-991409975-1002Core
12/03/2012 16:30; Spybot - Search & Destroy - Scheduled Task
Process List
apmsgfwd.exe
Process ID 3968
User tem
Domain MUMSCOMP
Path C:\Program Files\Apoint2K\ApMsgFwd.exe
Memory Usage 3.11 MB
Peak Memory Usage 3.73 MB
apntex.exe
Process ID 4132
User tem
Domain MUMSCOMP
Path C:\Program Files\Apoint2K\Apntex.exe
Memory Usage 3.46 MB
Peak Memory Usage 4.21 MB
apoint.exe
Process ID 2260
User tem
Domain MUMSCOMP
Path C:\Program Files\Apoint2K\Apoint.exe
Memory Usage 5.69 MB
Peak Memory Usage 10 MB
applemobiledeviceservice.exe
Process ID 864
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 7.65 MB
Peak Memory Usage 9.11 MB
audiodg.exe
Process ID 1124
avastsvc.exe
Process ID 1444
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 35 MB
Peak Memory Usage 58 MB
avastui.exe
Process ID 220
User tem
Domain MUMSCOMP
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 3.35 MB
Peak Memory Usage 13 MB
btstackserver.exe
Process ID 2276
User tem
Domain MUMSCOMP
Path C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
bttray.exe
Process ID 3372
User tem
Domain MUMSCOMP
Path C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Memory Usage 7.76 MB
Peak Memory Usage 11 MB
csrss.exe
Process ID 572
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.49 MB
Peak Memory Usage 4.98 MB
csrss.exe
Process ID 632
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 7.23 MB
Peak Memory Usage 14 MB
dwm.exe
Process ID 2268
User tem
Domain MUMSCOMP
Path C:\Windows\system32\Dwm.exe
Memory Usage 34 MB
Peak Memory Usage 41 MB
explorer.exe
Process ID 2436
User tem
Domain MUMSCOMP
Path C:\Windows\Explorer.EXE
Memory Usage 43 MB
Peak Memory Usage 47 MB
hkcmd.exe
Process ID 3644
User tem
Domain MUMSCOMP
Path C:\Windows\System32\hkcmd.exe
Memory Usage 4.38 MB
Peak Memory Usage 5.09 MB
hphc_service.exe
Process ID 2360
User SYSTEM
Domain NT AUTHORITY
Path c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
Memory Usage 8.45 MB
Peak Memory Usage 8.48 MB
hpkbdapp.exe
Process ID 3384
User tem
Domain MUMSCOMP
Path C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
Memory Usage 5.34 MB
Peak Memory Usage 6.29 MB
hpqbam08.exe
Process ID 4292
User tem
Domain MUMSCOMP
Path C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
Memory Usage 5.14 MB
Peak Memory Usage 5.16 MB
hpqgpc01.exe
Process ID 4332
User tem
Domain MUMSCOMP
Path C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
hpqste08.exe
Process ID 4240
User tem
Domain MUMSCOMP
Path C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
Memory Usage 8.41 MB
Peak Memory Usage 10 MB
hpqtoaster.exe
Process ID 3972
User tem
Domain MUMSCOMP
Path C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
Memory Usage 5.95 MB
Peak Memory Usage 6.04 MB
hpqtra08.exe
Process ID 1976
User tem
Domain MUMSCOMP
Path C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
Memory Usage 11 MB
Peak Memory Usage 16 MB
hpqwmiex.exe
Process ID 2764
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
Memory Usage 4.48 MB
Peak Memory Usage 5.14 MB
hpwamain.exe
Process ID 1644
User tem
Domain MUMSCOMP
Path C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
Memory Usage 5.08 MB
Peak Memory Usage 5.95 MB
hpwuschd2.exe
Process ID 2940
User tem
Domain MUMSCOMP
Path C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
Memory Usage 2.93 MB
Peak Memory Usage 3.46 MB
iaanotif.exe
Process ID 2820
User tem
Domain MUMSCOMP
Path C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
Memory Usage 3.62 MB
Peak Memory Usage 4.36 MB
igfxpers.exe
Process ID 3804
User tem
Domain MUMSCOMP
Path C:\Windows\System32\igfxpers.exe
Memory Usage 3.95 MB
Peak Memory Usage 4.45 MB
igfxsrvc.exe
Process ID 3600
User tem
Domain MUMSCOMP
Path C:\Windows\system32\igfxsrvc.exe
Memory Usage 5.43 MB
Peak Memory Usage 5.43 MB
igfxtray.exe
Process ID 3452
User tem
Domain MUMSCOMP
Path C:\Windows\System32\igfxtray.exe
Memory Usage 4.34 MB
Peak Memory Usage 5.02 MB
ipodservice.exe
Process ID 4144
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 5.85 MB
Peak Memory Usage 5.87 MB
ituneshelper.exe
Process ID 1172
User tem
Domain MUMSCOMP
Path C:\Program Files\iTunes\iTunesHelper.exe
Memory Usage 8.63 MB
Peak Memory Usage 11 MB
jusched.exe
Process ID 3776
User tem
Domain MUMSCOMP
Path C:\Program Files\Common Files\Java\Java Update\jusched.exe
Memory Usage 3.27 MB
Peak Memory Usage 3.95 MB
lightscribecontrolpanel.exe
Process ID 3868
User tem
Domain MUMSCOMP
Path C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
Memory Usage 6.50 MB
Peak Memory Usage 9.71 MB
lsass.exe
Process ID 728
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 7.15 MB
Peak Memory Usage 8.50 MB
lsm.exe
Process ID 744
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 3.60 MB
Peak Memory Usage 4.11 MB
lssrvc.exe
Process ID 1188
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Memory Usage 3.25 MB
Peak Memory Usage 4.04 MB
mdnsresponder.exe
Process ID 1236
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 4.21 MB
Peak Memory Usage 5.21 MB
qlbctrl.exe
Process ID 2864
User tem
Domain MUMSCOMP
Path C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
Memory Usage 6.37 MB
Peak Memory Usage 8.04 MB
qpcapsvc.exe
Process ID 2188
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
Memory Usage 8.30 MB
Peak Memory Usage 15 MB
qpsched.exe
Process ID 3016
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
Memory Usage 4.96 MB
Peak Memory Usage 6.41 MB
qpservice.exe
Process ID 3056
User tem
Domain MUMSCOMP
Path C:\Program Files\Hp\QuickPlay\QPService.exe
Memory Usage 12 MB
Peak Memory Usage 20 MB
reader_sl.exe
Process ID 3316
User tem
Domain MUMSCOMP
Path C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
Memory Usage 3.36 MB
Peak Memory Usage 3.88 MB
richvideo.exe
Process ID 2424
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\CyberLink\Shared Files\RichVideo.exe
Memory Usage 3.55 MB
Peak Memory Usage 4.16 MB
searchfilterhost.exe
Process ID 5832
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 7.48 MB
Peak Memory Usage 7.58 MB
searchindexer.exe
Process ID 2584
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 11 MB
Peak Memory Usage 37 MB
searchprotocolhost.exe
Process ID 5800
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 9.60 MB
Peak Memory Usage 9.63 MB
services.exe
Process ID 664
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 6.41 MB
Peak Memory Usage 7.46 MB
slsvc.exe
Process ID 1160
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\SLsvc.exe
Memory Usage 3.72 MB
Peak Memory Usage 15 MB
smss.exe
Process ID 504
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 632 KB
Peak Memory Usage 764 KB
speccy.exe
Process ID 5940
User tem
Domain MUMSCOMP
Path C:\Program Files\Speccy\Speccy.exe
Memory Usage 24 MB
Peak Memory Usage 25 MB
spoolsv.exe
Process ID 1544
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 8.11 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1620
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 8.29 MB
Peak Memory Usage 8.65 MB
svchost.exe
Process ID 2092
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 2.68 MB
Peak Memory Usage 3.48 MB
svchost.exe
Process ID 2132
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 2.50 MB
Peak Memory Usage 3.10 MB
svchost.exe
Process ID 2448
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.81 MB
Peak Memory Usage 7.95 MB
svchost.exe
Process ID 1828
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.68 MB
Peak Memory Usage 4.68 MB
svchost.exe
Process ID 2496
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 2.25 MB
Peak Memory Usage 2.50 MB
svchost.exe
Process ID 876
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.22 MB
Peak Memory Usage 6.50 MB
svchost.exe
Process ID 2148
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.17 MB
Peak Memory Usage 6.18 MB
svchost.exe
Process ID 948
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 6.81 MB
Peak Memory Usage 7.29 MB
svchost.exe
Process ID 1012
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 1044
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 68 MB
Peak Memory Usage 91 MB
svchost.exe
Process ID 1056
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 30 MB
Peak Memory Usage 30 MB
svchost.exe
Process ID 1144
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.42 MB
Peak Memory Usage 4.91 MB
svchost.exe
Process ID 1204
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1332
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 1576
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 61 MB
svchost.exe
Process ID 1288
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.38 MB
Peak Memory Usage 3.86 MB
system
Process ID 4
system idle process
Process ID 0
taskeng.exe
Process ID 3460
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\taskeng.exe
Memory Usage 6.05 MB
Peak Memory Usage 6.32 MB
taskeng.exe
Process ID 2072
User tem
Domain MUMSCOMP
Path C:\Windows\system32\taskeng.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
wifimsg.exe
Process ID 3412
User tem
Domain MUMSCOMP
Path C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
Memory Usage 4.16 MB
Peak Memory Usage 5.09 MB
wininit.exe
Process ID 620
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 3.21 MB
Peak Memory Usage 4.50 MB
winlogon.exe
Process ID 704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 4.73 MB
Peak Memory Usage 6.91 MB
wlidsvc.exe
Process ID 2524
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 11 MB
Peak Memory Usage 12 MB
wlidsvcm.exe
Process ID 2624
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 2.40 MB
Peak Memory Usage 3.11 MB
wmiprvse.exe
Process ID 2000
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
wmiprvse.exe
Process ID 6052
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 12 MB
Peak Memory Usage 14 MB
wudfhost.exe
Process ID 2932
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\WUDFHost.exe
Memory Usage 4.36 MB
Peak Memory Usage 5.12 MB
xaudio.exe
Process ID 2716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DRIVERS\xaudio.exe
Memory Usage 2.12 MB
Peak Memory Usage 2.84 MB
Hotfixes
01/03/2012 Definition Update for Windows Defender - KB915597 (Definition 1.121.548.0)
Install this update to revise the definition files used to detect
spyware and other potentially unwanted software. Once you have
installed this item, it cannot be removed.
27/02/2012 Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.121.461.0)
Install this update to revise the definition files that are used
to detect viruses, spyware, and other potentially unwanted software.
Once you have installed this item, it cannot be removed.
27/02/2012 Intel driver update for Intel® Wireless WiFi Link 4965AGN
This driver was provided by Intel for support of Intel® Wireless
WiFi Link 4965AGN
27/02/2012 Update for Office File Validation 2010 (KB2553065), 32-bit Edition
Microsoft has released an update for Microsoft Office File Validation


************ REST OF HOTFIXES DELETED, WAY TOO LONG!! ****************


System Folders
Path for burning CD C:\Users\tem\AppData\Local\Microsoft\Windows\Burn\Burn
Application Data C:\ProgramData
Public Desktop C:\Users\Public\Desktop
Documents C:\Users\Public\Documents
Global Favorites C:\Users\tem\Favorites
Music C:\Users\Public\Music
Pictures C:\Users\Public\Pictures
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Videos C:\Users\Public\Videos
Cookies C:\Users\tem\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\tem\Desktop
Physical Desktop C:\Users\tem\Desktop
User Favorites C:\Users\tem\Favorites
Fonts C:\Windows\Fonts
Internet History C:\Users\tem\AppData\Local\Microsoft\Windows\History
Temporary Internet Files C:\Users\tem\AppData\Local\Microsoft\Windows\Temporary Internet Files
Local Application Data C:\Users\tem\AppData\Local
Windows directory C:\Windows
Windows/System C:\Windows\system32
Program Files C:\Program Files
Device Tree
ACPI x86-based PC
Microsoft ACPI-Compliant System
Intel® Core™2 Duo CPU T5550 @ 1.83GHz
Intel® Core™2 Duo CPU T5550 @ 1.83GHz
ACPI Thermal Zone
ACPI Thermal Zone
Microsoft Windows Management Interface for ACPI
ACPI Lid
ACPI Sleep Button
ACPI Fixed Feature Button
HP Remote Control HID Device
HID-compliant device
HID-compliant consumer control device
HID Keyboard Device
PCI bus
PCI standard host CPU bridge
Mobile Intel® 965 Express Chipset Family
Intel® ICH8 Family PCI Express Root Port 1 - 283F
Intel® ICH8 Family PCI Express Root Port 3 - 2843
Intel® ICH8 Family SMBus Controller - 283E
Motherboard resources
Mobile Intel® 965 Express Chipset Family
Generic PnP Monitor
Intel® ICH8 Family USB Universal Host Controller - 2834
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2835
USB Root Hub
Intel® ICH8 Family USB2 Enhanced Host Controller - 283A
USB Root Hub
High Definition Audio Controller
Conexant High Definition SmartAudio 221
HDAUDIO Soft Data Fax Modem with SmartCP
Intel® ICH8 Family PCI Express Root Port 2 - 2841
Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Intel® ICH8 Family PCI Express Root Port 4 - 2845
Intel® Wireless WiFi Link 4965AGN
Intel® ICH8 Family USB Universal Host Controller - 2830
USB Root Hub
Intel® ICH8 Family USB Universal Host Controller - 2831
USB Root Hub
USB Human Interface Device
HID-compliant mouse
Intel® ICH8 Family USB Universal Host Controller - 2832
USB Root Hub
HP Integrated Module with Bluetooth 2.0 Wireless Technology
Bluetooth Device (RFCOMM Protocol TDI)
Bluetooth Device (Personal Area Network)
Microsoft Bluetooth Enumerator
Bluetooth Hands-free Audio
Bluetooth Stereo Audio
Bluetooth Remote Control
HID-compliant consumer control device
Intel® ICH8 Family USB2 Enhanced Host Controller - 2836
USB Root Hub
USB Mass Storage Device
ChipsBnk SD/MMCReader USB Device
USB Composite Device
HP Webcam
Intel® 82801 PCI Bridge - 2448
RICOH OHCI Compliant IEEE 1394 Host Controller
SDA Standard Compliant SD Host Controller
Ricoh SD/MMC Host Controller
Ricoh Memory Stick Controller
Ricoh xD-Picture Card Controller
Intel® ICH8M-E LPC Interface Controller - 2815
Alps Pointing-device (2-way)
Direct memory access controller
Intel® 82802 Firmware Hub Device
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
System CMOS/real time clock
System timer
Microsoft ACPI-Compliant Embedded Controller
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Direct Application Launch Button
Microsoft ACPI-Compliant Control Method Battery
Microsoft AC Adapter
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Keyboard_Filter_01
Intel® ICH8M Ultra ATA Storage Controllers - 2850
IDE Channel
IDE Channel
Slimtype DVD A DS8A1H ATA Device
Intel® 82801HEM/HBM SATA AHCI Controller
WDC WD2500BEVS-60UST0
Services
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running avast! Antivirus
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bluetooth Support Service
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Cryptographic Services
Running Cyberlink RichVideo Service(CRVS)
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HP CUE DeviceDiscovery Service
Running HP Health Check Service
Running hpqcxs08
Running hpqwmiex
Running Human Interface Device Access
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running KtmRm for Distributed Transaction Coordinator
Running LightScribeService Direct Disc Labeling Service
Running Multimedia Class Scheduler
Running Net Driver HPZ12
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Pml Driver HPZ12
Running Portable Device Enumerator Service
Running Print Spooler
Running Program Compatibility Assistant Service
Running QuickPlay Background Capture Service (QBCS)
Running QuickPlay Task Scheduler (QTS)
Running ReadyBoost
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Licensing
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Tablet PC Input Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Terminal Services
Running Themes
Running UPnP Device Host
Running User Profile Service
Running WebClient
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Error Reporting Service
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Search
Running Windows Time
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running Workstation
Running XAudioService
Stopped Application Layer Gateway Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Com4Qlb
Stopped Computer Browser
Stopped DFS Replication
Stopped Diagnostic Service Host
Stopped Distributed Transaction Coordinator
Stopped GameConsoleService
Stopped Google Software Updater
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped InstallDriver Table Manager
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Link-Layer Topology Discovery Mapper
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped PuranDefrag
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped SL UI Notification Service
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Terminal Services Configuration
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped Windows Backup
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Live Family Safety Service
Stopped Windows Live Mesh remote connections service
Stopped Windows Media Center Extender Service
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Center Service Launcher
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Presentation Foundation Font Cache 4.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
CPU
Intel Mobile Core 2 Duo T5550
Cores 2
Threads 2
Name Intel Mobile Core 2 Duo T5550
Code Name Merom
Package Socket P (478)
Technology 65nm
Specification Intel® Core™2 Duo CPU T5550 @ 1.83GHz
Family 6
Extended Family 6
Model F
Extended Model F
Stepping D
Revision M0
Instructions MMX, SSE, SSE2, SSE3, SSSE3, Intel 64
Virtualization Unsupported
Hyperthreading Not supported
Bus Speed 166.3 MHz
Rated Bus Speed 665.0 MHz
Stock Core Speed 1833 MHz
Stock Bus Speed 166 MHz
Average Temperature 48 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2048 KBytes
Core 0
Core Speed 997.6 MHz
Multiplier x 6.0
Bus Speed 166.3 MHz
Rated Bus Speed 665.0 MHz
Temperature 48 °C
Thread 1
APIC ID 0
Core 1
Core Speed 997.6 MHz
Multiplier x 6.0
Bus Speed 166.3 MHz
Rated Bus Speed 665.0 MHz
Temperature 47 °C
Thread 1
APIC ID 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR2
Size 2048 MBytes
Channels # Dual
DRAM Frequency 332.5 MHz
CAS# Latency (CL) 5 clocks
RAS# to CAS# Delay (tRCD) 5 clocks
RAS# Precharge (tRP) 5 clocks
Cycle Time (tRAS) 15 clocks
Physical Memory
Memory Usage 52 %
Total Physical 1.99 GB
Available Physical 968 MB
Total Virtual 4.21 GB
Available Virtual 3.14 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T2953EZ3-CE6
Serial Number 833E8F2F
Week/year 12 / 08
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Slot #2
Type DDR2
Size 1024 MBytes
Manufacturer Samsung
Max Bandwidth PC2-5300 (333 MHz)
Part Number M4 70T2953EZ3-CE6
Serial Number 833E8EBD
Week/year 12 / 08
SPD Ext. EPP
JEDEC #3
Frequency 333.3 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 21
Voltage 1.800 V
JEDEC #2
Frequency 266.7 MHz
CAS# Latency 4.0
RAS# To CAS# 4
RAS# Precharge 4
tRAS 12
tRC 16
Voltage 1.800 V
JEDEC #1
Frequency 200.0 MHz
CAS# Latency 3.0
RAS# To CAS# 3
RAS# Precharge 3
tRAS 9
tRC 12
Voltage 1.800 V
Motherboard
Manufacturer Wistron
Model 30CD (U2E1)
Version F.2A
Chipset Vendor Intel
Chipset Model GM965
Chipset Revision C0
Southbridge Vendor Intel
Southbridge Model 82801HBM (ICH8-ME)
Southbridge Revision B1
System Temperature 49 °C
BIOS
Brand Phoenix
Version F.2A
Date 03/25/2008
PCI Data
Slot UNKNOWN
Slot Type UNKNOWN
Slot Usage Available
Bus Width 32 bit
Slot Designation PCMCIA Slot CBUS1
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI Express Slot J6B1
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation PCI Express Slot J8B4
Slot Number 2
Slot PCI
Slot Type PCI
Slot Usage In Use
Bus Width 32 bit
Slot Designation PCI Express Slot J8D1
Slot Number 3
Slot PCI
Slot Type PCI
Slot Usage Unknown
Bus Width 32 bit
Slot Designation PCI Express Slot J7B1
Slot Number 4
Graphics
Monitor
Name Generic PnP Monitor on Mobile Intel 965 Express Chipset Family
Current Resolution 1280x800 pixels
Work Resolution 1280x770 pixels
State enabled, primary
Monitor Width 1280
Monitor Height 800
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Mobile Intel® 965 Express Chipset Family
Memory 448 MB
Memory type 2
Driver version 7.14.10.1437
Mobile Intel® 965 Express Chipset Family
Memory type 2
Driver version 7.14.10.1437
OpenGL
Version 1.5.0 - Build 7.14.10.1437
Vendor Intel
Renderer Intel 965/963 Graphics Media Accelerator
GLU Version 1.2.2.0 Microsoft Corporation
Values
GL_MAX_LIGHTS 16
GL_MAX_TEXTURE_SIZE 2048
GL_MAX_TEXTURE_STACK_DEPTH 10
GL Extensions
GL_ARB_depth_texture
GL_ARB_fragment_program
GL_ARB_multitexture
GL_ARB_occlusion_query
GL_ARB_point_parameters
GL_ARB_shadow
GL_ARB_texture_border_clamp
GL_ARB_texture_compression
GL_ARB_texture_cube_map
GL_ARB_texture_env_add
GL_ARB_texture_env_combine
GL_ARB_texture_env_dot3
GL_ARB_texture_env_crossbar
GL_ARB_transpose_matrix
GL_ARB_vertex_buffer_object
GL_ARB_vertex_program
GL_ARB_window_pos
GL_EXT_abgr
GL_EXT_bgra
GL_EXT_blend_color
GL_EXT_blend_func_separate
GL_EXT_blend_minmax
GL_EXT_blend_subtract
GL_EXT_clip_volume_hint
GL_EXT_compiled_vertex_array
GL_EXT_draw_range_elements
GL_EXT_fog_coord
GL_EXT_multi_draw_arrays
GL_EXT_packed_pixels
GL_EXT_rescale_normal
GL_EXT_secondary_color
GL_EXT_separate_specular_color
GL_EXT_shadow_funcs
GL_EXT_stencil_two_side
GL_ARB_texture_rectangle
GL_EXT_texture_rectangle
GL_EXT_stencil_wrap
GL_EXT_texture_compression_s3tc
GL_EXT_texture_env_add
GL_EXT_texture_env_combine
GL_EXT_texture_lod_bias
GL_EXT_texture_filter_anisotropic
GL_EXT_texture3D
GL_3DFX_texture_compression_FXT1
GL_IBM_texture_mirrored_repeat
GL_NV_blend_square
GL_NV_texgen_reflection
GL_SGIS_generate_mipmap
GL_SGIS_texture_edge_clamp
GL_SGIS_texture_lod
GL_WIN_swap_hint
GL_EXT_bgra
Hard Drives
WDC WD2500BEVS-60UST0
Manufacturer Western Digital
Form Factor GB/2.5-inch
Business Unit/Brand Mobile/WD Scorpio®
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
LBA Size 48-bit LBA
Power On Count 5709 times
Power On Time 308.3 days
Features S.M.A.R.T., APM
Transfer Mode SATA I
Interface SATA
Capacity 244GB
Real size 250,059,350,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 0000001722
03 Spin-Up Time 191 (188) Data 0000000580
04 Start/Stop Count 093 (093) Data 0000001EFA
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 100 (253) Data 0000000000
09 Power-On Hours (POH) 090 (090) Data 0000001CE6
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 095 (095) Data 000000164D
BB Reported Uncorrectable Errors 092 (001) Data 00000018D6
BC Command Timeout 100 (098) Data 0000070008
BE Temperature Difference from 100 057 (025) Data 000000002B
C0 Power-off Retract Count 200 (200) Data 0000000091
C1 Load/Unload Cycle Count 190 (190) Data 0000007767
C2 Temperature 104 (072) Data 000000002B
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000002
C6 Uncorrectable Sector Count 100 (253) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
C8 Write Error Rate / Multi-Zone Error Rate 100 (253) Data 0000000000
Temperature 44 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number 16FC309A
Size 221GB
Used Space 104GB (47%)
Free Space 117GB (53%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter D:
File System NTFS
Volume Serial Number 8874071C
Size 11.6GB
Used Space 9.97GB (86%)
Free Space 1.65GB (14%)
Optical Drives
Slimtype DVD A DS8A1H ATA Device
Media Type DVD Writer
Name Slimtype DVD A DS8A1H ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
Audio
Sound Cards
Conexant High Definition SmartAudio 221
Bluetooth Hands-free Audio
Bluetooth Stereo Audio
Playback Devices
Speakers (Conexant High Definition SmartAudio 221) (default)
SPDIF Interface (Conexant High Definition SmartAudio 221)
Recording Device
Microphone (Conexant High Definition SmartAudio 221)
Peripherals
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Device Kind Keyboard
Device Name Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Location plugged into keyboard port
Driver
Date 6-18-2007
Version 1.0.0.1
File C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
File C:\Windows\system32\DRIVERS\wdfcoinstaller01005.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID Keyboard Device
Device Kind Keyboard
Device Name HID Keyboard Device
Location HP Remote Control HID Device
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\kbdhid.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Alps Pointing-device (2-way)
Device Kind Mouse
Device Name Alps Pointing-device (2-way)
Location plugged into PS/2 mouse port
Driver
Date 8-28-2007
Version 7.0.1701.15
File C:\Windows\system32\DRIVERS\Apfiltr.sys
File C:\Windows\system32\Vxdif.dll
File C:\Program Files\Apoint2K\Apoint.exe
File C:\Program Files\Apoint2K\Ezcapt.exe
File C:\Program Files\Apoint2K\Logo.bmp
File C:\Program Files\Apoint2K\Gesture.bmp
File C:\Program Files\Apoint2K\ApntEx.exe
File C:\Program Files\Apoint2K\Apoint.dll
File C:\Program Files\Apoint2K\EzLaunch.dll
File C:\Program Files\Apoint2K\Elprop.dll
File C:\Program Files\Apoint2K\EzAuto.dll
File C:\Program Files\Apoint2K\ApInst.dll
File C:\Program Files\Apoint2K\Uninstap.exe
File C:\Program Files\Apoint2K\ApResJP.dll
File C:\Program Files\Apoint2K\ApResUS.dll
File C:\Program Files\Apoint2K\ApResFR.dll
File C:\Program Files\Apoint2K\ApResGR.dll
File C:\Program Files\Apoint2K\ApResIT.dll
File C:\Program Files\Apoint2K\ApResSP.dll
File C:\Program Files\Apoint2K\ApResCT.dll
File C:\Program Files\Apoint2K\ApResCS.dll
File C:\Program Files\Apoint2K\ApResKR.dll
File C:\Program Files\Apoint2K\ApResAR.dll
File C:\Program Files\Apoint2K\ApResBP.dll
File C:\Program Files\Apoint2K\ApResCZ.dll
File C:\Program Files\Apoint2K\ApResDK.dll
File C:\Program Files\Apoint2K\ApResFI.dll
File C:\Program Files\Apoint2K\ApResGK.dll
File C:\Program Files\Apoint2K\ApResHU.dll
File C:\Program Files\Apoint2K\ApResIL.dll
File C:\Program Files\Apoint2K\ApResLA.dll
File C:\Program Files\Apoint2K\ApResNL.dll
File C:\Program Files\Apoint2K\ApResNO.dll
File C:\Program Files\Apoint2K\ApResPL.dll
File C:\Program Files\Apoint2K\ApResRU.dll
File C:\Program Files\Apoint2K\ApResSE.dll
File C:\Program Files\Apoint2K\ApResTR.dll
File C:\Program Files\Apoint2K\ApointSP.chm
File C:\Program Files\Apoint2K\ApointJP.chm
File C:\Program Files\Apoint2K\ApointGR.chm
File C:\Program Files\Apoint2K\ApointFR.chm
File C:\Program Files\Apoint2K\ApointUS.chm
File C:\Program Files\Apoint2K\ApointCT.chm
File C:\Program Files\Apoint2K\ApointCS.chm
File C:\Program Files\Apoint2K\ApointIT.chm
File C:\Program Files\Apoint2K\ApointKR.chm
File C:\Program Files\Apoint2K\ApointAR.chm
File C:\Program Files\Apoint2K\ApointBP.chm
File C:\Program Files\Apoint2K\ApointCZ.chm
File C:\Program Files\Apoint2K\ApointDK.chm
File C:\Program Files\Apoint2K\ApointFI.chm
File C:\Program Files\Apoint2K\ApointGK.chm
File C:\Program Files\Apoint2K\ApointHU.chm
File C:\Program Files\Apoint2K\ApointIL.chm
File C:\Program Files\Apoint2K\ApointLA.chm
File C:\Program Files\Apoint2K\ApointNL.chm
File C:\Program Files\Apoint2K\ApointNO.chm
File C:\Program Files\Apoint2K\ApointPL.chm
File C:\Program Files\Apoint2K\ApointRU.chm
File C:\Program Files\Apoint2K\ApointSE.chm
File C:\Program Files\Apoint2K\ApointTR.chm
File C:\Program Files\Apoint2K\ApMsgFwd.exe
File C:\Windows\system32\WdfCoinstaller01005.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Human Interface Device
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Unknown
Comment HP Webcam
Location 0000.001d.0007.005.000.000.000.000.000
Driver
Date 6-21-2006
Version 6.0.6001.18000
File C:\Windows\system32\drivers\usbvideo.sys
Disk drive
Device Kind USB storage
Device Name Disk drive
Vendor CHIPSBNK
Comment ChipsBnk SD/MMCReader USB Device
Location USB Mass Storage Device
Driver
Date 6-21-2006
Version 6.0.6002.18005
File C:\Windows\system32\DRIVERS\disk.sys
Printers
HP Photosmart C4600 series
Printer Port USB001
Print Processor hpfpp083
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Photosmart C4600 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor WinPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
Send To OneNote 2007 (Default Printer)
Printer Port Send To Microsoft OneNote Port:
Print Processor OneNotePrint2007
Availability Always
Priority 1
Duplex None
Print Quality 300 * 300 dpi Color
Status Unknown
Driver
Driver Name Send To Microsoft OneNote Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\W32X86\3\msonpdrv.dll
Network
You are connected to the internet
Connected through Intel® Wireless WiFi Link 4965AGN
IP Address 192.168.1.66
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
Preferred DNS server 192.168.1.254
DHCP Enabled
DHCP server 192.168.1.254
External IP Address 80.176.93.45
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name MUMSCOMP
DNS Name mumscomp
Domain Name MUMSCOMP
Remote Desktop
Console
State Active
Domain MUMSCOMP
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (SpeedTouch6E98AF)
SSID SpeedTouch6E98AF
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 99
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network WEP cipher algorithm with a cipher key of any length
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Disabled
Simple File Sharing Enabled
Administrative Shares Enabled
Adapters List
Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Intel® Wireless WiFi Link 4965AGN
IP Address 192.168.1.66
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
Bluetooth Device (Personal Area Network)
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Network Shares
No network shares
Firewall Rules
Microsoft Office OneNote
Enabled TRUE
Protocol TCP
Direction In
Path C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
Profile Public
Microsoft Office OneNote
Enabled TRUE
Protocol UDP
Direction In
Path C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
Profile Public
CyberLink PowerDirector
Enabled TRUE
Direction In
Path C:\Program Files\Cyberlink\PowerDirector\PDR.EXE
Quick Play
Enabled TRUE
Direction In
Path C:\Program Files\HP\QuickPlay\QP.exe
Quick Play Resident Program
Enabled TRUE
Direction In
Path C:\Program Files\HP\QuickPlay\QPService.exe
Tiscali Wireless Gateway Installation
Enabled TRUE
Protocol TCP
Direction In
Path E:\Release\Tiscali.exe
Profile Public
Tiscali Wireless Gateway Installation
Enabled TRUE
Protocol UDP
Direction In
Path E:\Release\Tiscali.exe
Profile Public
Windows Live Messenger
Enabled TRUE
Direction In
Path C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Windows Live Messenger (UPnP-In)
Enabled TRUE
Protocol TCP
Direction In
Path System
Port 2869
Windows Live Messenger (SSDP-In)
Enabled TRUE
Protocol UDP
Direction In
Path svchost.exe
Port 1900
Windows Live Messenger
Enabled TRUE
Direction In
Path C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Windows Live Messenger (UPnP-In)
Enabled TRUE
Protocol TCP
Direction In
Path System
Port 2869
Windows Live Messenger (SSDP-In)
Enabled TRUE
Protocol UDP
Direction In
Path svchost.exe
Port 1900
Windows Live Sync
Enabled TRUE
Direction In
Path C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
hpqtra08.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
hpqste08.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
hposid01.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
hpqkygrp.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
hpfccopy.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
hpoews01.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
hpiscnapp.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
hpqphotocrm.exe
Enabled TRUE
Direction In
Path C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
hpqgplgtupl.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
hpqgpc01.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
hpqusgm.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
hpqusgh.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
hpwucli.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\hp software update\hpwucli.exe
smartwebprintexe.exe
Enabled TRUE
Direction In
Path C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
SweetIM Installer
Enabled TRUE
Protocol TCP
Direction In
Path C:\Users\dave\Downloads\SweetImSetup.exe
Profile Private
SweetIM Installer
Enabled TRUE
Protocol UDP
Direction In
Path C:\Users\dave\Downloads\SweetImSetup.exe
Profile Private
SweetIM Installer
Enabled TRUE
Protocol TCP
Direction In
Path C:\Users\dave\Downloads\SweetImSetup(2).exe
Profile Private
SweetIM Installer
Enabled TRUE
Protocol UDP
Direction In
Path C:\Users\dave\Downloads\SweetImSetup(2).exe
Profile Private
Windows Live Communications Platform
Enabled TRUE
Direction In
Path C:\Program Files\Windows Live\Contacts\wlcomm.exe
Windows Live Communications Platform (UPnP)
Enabled TRUE
Protocol TCP
Direction In
Port 2869
Windows Live Communications Platform (SSDP)
Enabled TRUE
Protocol UDP
Direction In
Port 1900
Windows Live Mesh
Enabled TRUE
Direction In
Path C:\Program Files\Windows Live\Mesh\MOE.exe
Blizzard Launcher
Enabled TRUE
Protocol TCP
Direction In
Path C:\Program Files\World of Warcraft\Launcher.exe
Profile Private
Blizzard Launcher
Enabled TRUE
Protocol UDP
Direction In
Path C:\Program Files\World of Warcraft\Launcher.exe
Profile Private
Blizzard Launcher
Enabled TRUE
Protocol TCP
Direction In
Path C:\Program Files\World of Warcraft\Launcher.patch.exe
Profile Private
Blizzard Launcher
Enabled TRUE
Protocol UDP
Direction In
Path C:\Program Files\World of Warcraft\Launcher.patch.exe
Profile Private
WebKit
Enabled TRUE
Direction In
Path C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
Bonjour Service
Enabled TRUE
Protocol TCP
Direction In
Path C:\Program Files\Bonjour\mDNSResponder.exe
Profile Private
Bonjour Service
Enabled TRUE
Protocol UDP
Direction In
Path C:\Program Files\Bonjour\mDNSResponder.exe
Profile Private
Yahoo! Messenger
Enabled TRUE
Protocol TCP
Direction In
Path C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
Profile Private
Yahoo! Messenger
Enabled TRUE
Protocol UDP
Direction In
Path C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
Profile Private
iTunes
Enabled TRUE
Direction In
Path C:\Program Files\iTunes\iTunes.exe
Current TCP Connections
AppleMobileDeviceService.exe (864)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:49187 (Querying... )
Local 127.0.0.1:49159 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
AvastSvc.exe (1444)
Local 127.0.0.1:12025 LISTEN
Local 127.0.0.1:12080 LISTEN
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12465 LISTEN
Local 127.0.0.1:12563 LISTEN
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:27275 LISTEN
Local 192.168.1.66:49157 ESTABLISHED Remote 62.109.145.92:80 (Querying... ) (HTTP)
C:\Program Files\iTunes\iTunesHelper.exe (1172)
Local 127.0.0.1:49187 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
System Process
Local 192.168.1.66:49195 TIME-WAIT Remote 174.133.64.236:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 192.168.1.66:139 (NetBIOS session service) LISTEN
lsass.exe (728)
Local 0.0.0.0:49155 LISTEN
mDNSResponder.exe (1236)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:49159 (Querying... )
services.exe (664)
Local 0.0.0.0:49166 LISTEN
svchost.exe (1012)
Local 0.0.0.0:49153 LISTEN
svchost.exe (1056)
Local 0.0.0.0:49154 LISTEN
svchost.exe (948)
Local 0.0.0.0:135 (DCE) LISTEN
wininit.exe (620)
Local 0.0.0.0:49152 LISTEN


Thanks again, Neil
  • 0

#21
RKinner
Posted 01 March 2012 - 08:10 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
If the hard drive maker's test won't run then it's probably the drive. It's not hard to replace the drive especially if you get a USB - SATA adapter for it. They are about $15

http://www.amazon.co...r/dp/B000YJBL78

New drive should be around $50. I'd get a Seagate 2.5" SATA 250 gig or bigger. Western Digital CD didn't work last time I tried it.

Ron
  • 0

#22
spyhunter
Posted 02 March 2012 - 03:21 AM

spyhunter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Hi Ron, thank you once again for all your help :thumbsup:

I suppose it's not surprising, considering the physical state of the computer when it arrived, I should imagine it's had an impact of some sort.

Just one last question, if it is physical damage to the platter, is it necessary to replace the drive or could wiping it and reformatting help? (I know it won't repair the damage but could it work around it?)

Thanks, Neil
  • 0

#23
RKinner
Posted 02 March 2012 - 08:49 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I doubt that wiping the drive would help. The extended test from the PC maker should run if the drive is still good. Since it doesn't then the drive is toast and needs to be replaced.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP