I am sure the hard drive my OS on has a bad sector (Samsung F1) but it has been moved and the HDD does not access it. Recently the boot sector was corrupt, and I created a new one using Vista repair disk.
Programmes like "SmarThru 4", I no longer use. Can I just delete them using HijackThis?
HijackThis log is below:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:04:32, on 24/09/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\INITIO\Button Manager v1.60\inihid.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll
O2 - BHO: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: thechatterbox.cc Toolbar - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - C:\Program Files (x86)\thechatterbox.cc\tbthe0.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files (x86)\Messenger\Msmsgs.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1971581739-487193456-41462279-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Global Startup: Button Manager v1.60.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll
O8 - Extra context menu item: Tag This Image - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\Program Files (x86)\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files (x86)\SmarThru 4\WebCapture.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98b815e21a5b2) (gupdate1c98b815e21a5b2) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15368 bytes
I have multiple svchost.exe running.. One of which takes up around 276,000k of memory that can be seen below.
List of services using ProcessXP:
Process PID CPU Private Bytes Working Set Description Company Name
svchost.exe 488 < 0.01 267,244 K 274,728 K Host Process for Windows Services Microsoft Corporation
firefox.exe 4500 < 0.01 217,892 K 236,020 K Firefox Mozilla Corporation
SearchIndexer.exe 3476 118,964 K 53,200 K Microsoft Windows Search Indexer Microsoft Corporation
mbam.exe 3640 < 0.01 116,300 K 119,216 K Malwarebytes' Anti-Malware Malwarebytes Corporation
mbamservice.exe 4780 < 0.01 113,488 K 45,672 K Malwarebytes' Anti-Malware Malwarebytes Corporation
dwm.exe 2000 1.16 82,816 K 116,640 K Desktop Window Manager Microsoft Corporation
svchost.exe 1004 72,824 K 47,284 K Host Process for Windows Services Microsoft Corporation
explorer.exe 1548 < 0.01 55,420 K 83,096 K Windows Explorer Microsoft Corporation
svchost.exe 1636 33,216 K 37,716 K Host Process for Windows Services Microsoft Corporation
svchost.exe 508 30,596 K 43,368 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2044 29,256 K 35,420 K Host Process for Windows Services Microsoft Corporation
procexp64.exe 4800 8.10 21,208 K 38,540 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
svchost.exe 360 < 0.01 20,184 K 17,984 K Host Process for Windows Services Microsoft Corporation
audiodg.exe 748 18,824 K 21,968 K Windows Audio Device Graph Isolation Microsoft Corporation
plugin-container.exe 4596 15,204 K 20,756 K Plugin Container for Firefox Mozilla Corporation
Pen_Tablet.exe 3496 < 0.01 14,164 K 24,880 K Tablet Service for consumer driver Wacom Technology, Corp.
InputPersonalization.exe 1496 < 0.01 13,388 K 13,484 K Input Personalization Server Microsoft Corporation
taskeng.exe 2032 12,144 K 14,976 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1108 12,008 K 20,140 K Host Process for Windows Services Microsoft Corporation
RAVCpl64.exe 2592 10,896 K 11,468 K HD Audio Control Panel Realtek Semiconductor
TabTip.exe 1156 < 0.01 10,196 K 20,716 K Tablet PC Input Panel Accessory Microsoft Corporation
PDAgent.exe 3172 < 0.01 10,148 K 18,392 K PDAgent Module Raxco Software, Inc.
svchost.exe 1280 1.16 9,808 K 14,888 K Host Process for Windows Services Microsoft Corporation
spoolsv.exe 1992 < 0.01 9,060 K 15,592 K Spooler SubSystem App Microsoft Corporation
nvxdsync.exe 1316 8,972 K 17,480 K NVIDIA User Experience Driver Component NVIDIA Corporation
Pen_TouchUser.exe 2056 8,756 K 14,544 K Touch User Mode Driver Wacom Technology, Corp.
SLsvc.exe 840 8,320 K 13,016 K Microsoft Software Licensing Service Microsoft Corporation
KHALMNPR.exe 2920 8,248 K 11,468 K Logitech KHAL Main Process Logitech, Inc.
TabTip.exe 1348 7,852 K 1,424 K Tablet PC Input Panel Accessory Microsoft Corporation
Core Temp.exe 2212 < 0.01 7,288 K 10,984 K CPU temperature and system information utility
wisptis.exe 1100 < 0.01 7,032 K 12,940 K Microsoft Tablet PC Input Component Microsoft Corporation
nvvsvc.exe 1328 6,924 K 13,296 K NVIDIA Driver Helper Service, Version 280.26 NVIDIA Corporation
SetPoint.exe 2520 6,768 K 14,816 K Logitech SetPoint Event Manager (UNICODE) Logitech, Inc.
svchost.exe 964 6,532 K 10,656 K Host Process for Windows Services Microsoft Corporation
NetworkLicenseServer.exe 2932 5,892 K 9,696 K ABBYY network license server ABBYY
svchost.exe 3828 5,448 K 9,324 K Host Process for Windows Services Microsoft Corporation
GoogleToolbarNotifier.exe 2800 < 0.01 5,416 K 4,176 K GoogleToolbarNotifier Google Inc.
svchost.exe 3252 5,344 K 9,476 K Host Process for Windows Services Microsoft Corporation
wisptis.exe 1340 5,228 K 8,240 K Microsoft Tablet PC Input Component Microsoft Corporation
TeamViewer_Service.exe 3372 5,152 K 10,524 K TeamViewer Remote Control Application TeamViewer GmbH
lsass.exe 660 4,996 K 3,436 K Local Security Authority Process Microsoft Corporation
WmiPrvSE.exe 4204 4,536 K 8,608 K WMI Provider Host Microsoft Corporation
nvvsvc.exe 912 4,456 K 8,136 K NVIDIA Driver Helper Service, Version 280.26 NVIDIA Corporation
csrss.exe 608 < 0.01 4,448 K 9,616 K Client Server Runtime Process Microsoft Corporation
services.exe 644 4,380 K 9,496 K Services and Controller app Microsoft Corporation
svchost.exe 856 4,076 K 8,516 K Host Process for Windows Services Microsoft Corporation
unsecapp.exe 4148 3,964 K 7,768 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
svchost.exe 3220 3,908 K 7,936 K Host Process for Windows Services Microsoft Corporation
nvSCPAPISvr.exe 924 3,856 K 6,380 K Stereo Vision Control Panel API Server NVIDIA Corporation
ehtray.exe 2792 3,816 K 5,016 K Media Center Tray Applet Microsoft Corporation
wmdcBase.exe 2760 3,684 K 8,292 K Windows Mobile Device Center Microsoft Corporation
lsm.exe 668 3,536 K 5,796 K Local Session Manager Service Microsoft Corporation
winlogon.exe 772 3,456 K 7,912 K Windows Logon Application Microsoft Corporation
Pen_TabletUser.exe 3380 3,268 K 7,300 K Tablet user module for consumer driver Wacom Technology, Corp.
taskeng.exe 2104 3,204 K 7,976 K Task Scheduler Engine Microsoft Corporation
csrss.exe 536 < 0.01 3,128 K 7,540 K Client Server Runtime Process Microsoft Corporation
inihid.exe 2472 < 0.01 2,972 K 8,576 K
svchost.exe 1244 2,824 K 4,328 K Host Process for Windows Services Microsoft Corporation
PDAgentS1.exe 4756 2,776 K 6,192 K PDAgentS1 Module Raxco Software, Inc.
daemonu.exe 4600 < 0.01 2,752 K 6,792 K NVIDIA Settings Update Manager NVIDIA Corporation
PnkBstrA.exe 3208 < 0.01 2,672 K 4,964 K
procexp.exe 4620 2,520 K 10,352 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
ehmsas.exe 2820 2,512 K 6,500 K Media Center Media Status Aggregator Service Microsoft Corporation
mDNSResponder.exe 1088 2,504 K 6,664 K Bonjour Service Apple Computer, Inc.
Pen_Tablet.exe 3284 2,464 K 11,388 K Tablet Service for consumer driver Wacom Technology, Corp.
TeamViewer_Service.exe 3328 < 0.01 2,384 K 4,292 K TeamViewer Service TeamViewer GmbH
Pen_TouchService.exe 1300 2,344 K 5,528 K Touch Service Wacom Technology, Corp.
taskeng.exe 4688 2,248 K 5,640 K Task Scheduler Engine Microsoft Corporation
svchost.exe 3444 2,000 K 4,364 K Host Process for Windows Services Microsoft Corporation
wininit.exe 588 1,936 K 5,168 K Windows Start-Up Application Microsoft Corporation
SetPoint32.exe 1200 1,656 K 5,472 K
jusched.exe 2328 1,612 K 5,372 K Java(TM) Update Scheduler Sun Microsystems, Inc.
TabTip32.exe 1808 < 0.01 1,024 K 3,340 K Tablet PC Input Panel Helper Microsoft Corporation
smss.exe 460 568 K 1,072 K Windows Session Manager Microsoft Corporation
System Idle Process 0 89.58 0 K 24 K
System 4 < 0.01 0 K 13,652 K
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
[size="4"]
Process: svchost.exe Pid: 488[/size]
Type Name
ALPC Port \UxSmsApiPort
ALPC Port \RPC Control\OLEF97B9CACE57D4AFA802D2C0E1734
ALPC Port \UMDFCommunicationPorts\Loopback-6526e363-dc1d-4c72-bef8-66fd3d7a08fe
ALPC Port \UMDFCommunicationPorts\ProcessManagement
ALPC Port \RPC Control\LRPC-f154f14e4df339f6d9
ALPC Port \Security\TRKWKS_PORT
ALPC Port \RPC Control\trkwks
Desktop \Default
Directory \KnownDlls
Directory \BaseNamedObjects
Directory \UMDFCommunicationPorts\WUDF
Event \BaseNamedObjects\TermSrvReadyEvent
Event \BaseNamedObjects\ConsoleSessionCreation
Event \BaseNamedObjects\TabletHardwarePresent
Event \BaseNamedObjects\WLAN_POLICY_CHANGE_EVENT
Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-running
Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-request
Event \Sessions\1\BaseNamedObjects\{DFFDE213-8CB4-46a9-90EB-3DA843AF66F9}-request
Event \Sessions\1\BaseNamedObjects\{DFFDE213-8CB4-46a9-90EB-3DA843AF66F9}-show
Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-uds
Event \Sessions\1\BaseNamedObjects\{773F1B9A-35B9-4E95-83A0-A210F2DE3B37}-sds
Event \KernelObjects\SuperfetchScenarioNotify
Event \BaseNamedObjects\WinSta0_DesktopSwitch
Event \KernelObjects\SuperfetchScenarioNotify
Event \Security\TRKWKS_EVENT
Event \KernelObjects\HighCommitCondition
Event \KernelObjects\MaximumCommitCondition
Event \KernelObjects\PrefetchTracesReady
Event \KernelObjects\LowCommitCondition
Event \KernelObjects\SuperfetchParametersChanged
Event \KernelObjects\SuperfetchParametersChanged
Event \KernelObjects\SuperfetchTracesReady
File C:\Windows\System32
File C:\Windows\System32\en-US\svchost.exe.mui
File \Device\KsecDD
File \Device\NamedPipe\net\NtControlPipe7
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File C:\Windows\registration\R000000000005.clb
File \Device\00000074\RtSpdifTopo
File \Device\00000074\SingleLineOutTopo
File \Device\00000074\RearLineInBlueTopo
File \Device\00000074\FrontLineInGreenTopo
File \Device\00000074\RtCDInTopo
File \Device\00000074\RearMicInPinkTopo
File \Device\00000074\RtStereoMixTopo
File \Device\00000074\frontlineinpinktopo
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File \Device\Mup\.\.
File \Device\0000007e
File C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_56cd8757b545091c
File \Device\KsecDD
File \Device\KsecDD
File \Device\KsecDD
File \Device\WMIDataDevice
File \Device\WMIDataDevice
File \Device\Nsi
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File \Device\ECacheControl
File \Device\FileInfo
File \Device\HarddiskVolume2
File \Device\HarddiskVolume3
File \Device\HarddiskVolume4
File \Device\HarddiskVolume5
File \Device\HarddiskVolume6
File \Device\HarddiskVolume7
File \Device\HarddiskVolume8
File \Device\NamedPipe\trkwks
File \Device\NamedPipe\trkwks
File \Device\NamedPipe\trkwks
File H:\System Volume Information\tracking.log
File I:\System Volume Information\tracking.log
File J:\System Volume Information\tracking.log
File H:\$Extend\$ObjId
File C:\$Extend\$ObjId
File I:\$Extend\$ObjId
File J:\$Extend\$ObjId
File C:\System Volume Information\tracking.log
File D:\$Extend\$ObjId
File D:\System Volume Information\tracking.log
File E:\$Extend\$ObjId
File E:\System Volume Information\tracking.log
File F:\$Extend\$ObjId
File F:\System Volume Information\tracking.log
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6
File \Device\Afd
File \Device\0000004b
File \Device\FileInfo
File \Device\ECacheControl
File \Device\Afd
File \Device\NamedPipe\lsass
Job \BaseNamedObjects\PCA_{43981809-BD3E-4138-B82E-CF51F06F1029}
Job \BaseNamedObjects\PCA_{2D31AD23-B59C-4AED-B351-F391237A923E}
Job \BaseNamedObjects\PCA_{42957C90-AD76-477F-8243-4AD4B5898066}
Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER
Key HKCR
Key HKLM\SYSTEM\ControlSet002\Control\NetworkProvider\HwOrder
Key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\NetCache
Key HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\AppCompatFlags
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Image File Execution Options
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\WUDF
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Superfetch
Key HKLM\SYSTEM\ControlSet002\Services
Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER\MEMORY MANAGEMENT\PrefetchParameters
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Superfetch
Key HKLM\SYSTEM\ControlSet002\Control\SESSION MANAGER\MEMORY MANAGEMENT\PrefetchParameters
Key HKLM\SOFTWARE\Microsoft\Tracing\RASDLG
Key HKLM\SOFTWARE\Microsoft\WINDOWS NT\CURRENTVERSION\Prefetcher
Key HKLM\SYSTEM\ControlSet002\Control\Network\Connections
Key HKLM\SYSTEM\ControlSet002\Services\WinSock2\Parameters\Protocol_Catalog9
Key HKLM\SYSTEM\ControlSet002\Services\WinSock2\Parameters\NameSpace_Catalog5
Mutant \BaseNamedObjects\ZonesCounterMutex
Mutant \BaseNamedObjects\ZonesCacheCounterMutex
Mutant \BaseNamedObjects\oleacc-msaa-loaded
Mutant \BaseNamedObjects\ZonesLockedCacheCounterMutex
Mutant \BaseNamedObjects\OOC State Mutex
Mutant \BaseNamedObjects\RasPbFile
Mutant \BaseNamedObjects\RasPbFile
Process wisptis.exe(1340)
Process TabTip.exe(1348)
Process svchost.exe(488)
Process dwm.exe(2000)
Process wisptis.exe(1100)
Process TabTip.exe(1156)
Section \BaseNamedObjects\__ComCatalogCache__
Section \BaseNamedObjects\__ComCatalogCache__
Section \BaseNamedObjects\windows_shell_global_counters
Thread svchost.exe(488): 480
Thread svchost.exe(488): 12
Thread svchost.exe(488): 12
Thread svchost.exe(488): 696
Thread svchost.exe(488): 452
Thread svchost.exe(488): 452
Thread svchost.exe(488): 492
Thread svchost.exe(488): 1032
Thread svchost.exe(488): 1164
Thread svchost.exe(488): 1172
Thread svchost.exe(488): 1176
Thread svchost.exe(488): 1212
Thread svchost.exe(488): 1216
Thread svchost.exe(488): 1032
Thread svchost.exe(488): 1580
Thread svchost.exe(488): 1580
Thread svchost.exe(488): 1540
Thread svchost.exe(488): 4000
Thread svchost.exe(488): 1764
Thread svchost.exe(488): 1768
Thread svchost.exe(488): 1772
Thread svchost.exe(488): 1164
Thread svchost.exe(488): 1176
Thread svchost.exe(488): 720
Thread svchost.exe(488): 720
Thread svchost.exe(488): 2088
Thread svchost.exe(488): 2224
Thread svchost.exe(488): 2224
Thread svchost.exe(488): 500
Thread svchost.exe(488): 2716
Thread svchost.exe(488): 3264
Thread svchost.exe(488): 3264
Thread svchost.exe(488): 3408
Thread svchost.exe(488): 1980
Thread svchost.exe(488): 2712
Thread svchost.exe(488): 3412
Thread svchost.exe(488): 3908
Thread svchost.exe(488): 3912
Thread svchost.exe(488): 3916
Thread svchost.exe(488): 3920
Thread svchost.exe(488): 3924
Thread svchost.exe(488): 3928
Thread svchost.exe(488): 3932
Thread svchost.exe(488): 3936
Thread svchost.exe(488): 3940
Thread svchost.exe(488): 3944
Thread svchost.exe(488): 3848
Thread svchost.exe(488): 3744
Thread svchost.exe(488): 4292
Thread svchost.exe(488): 4296
Thread svchost.exe(488): 1540
Thread svchost.exe(488): 4860
Thread svchost.exe(488): 4000
Thread svchost.exe(488): 1452
Thread svchost.exe(488): 4292
Thread svchost.exe(488): 4304
Thread svchost.exe(488): 4308
Thread svchost.exe(488): 4312
Thread svchost.exe(488): 4316
Thread svchost.exe(488): 4860
Thread svchost.exe(488): 4544
Thread svchost.exe(488): 2716
Thread svchost.exe(488): 4140
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token PC\Mo:2485f
Token PC\Mo:2485f
Token NT AUTHORITY\SYSTEM:3e7
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token PC\Mo:2485f
Token NT AUTHORITY\SYSTEM:3e7
WindowStation \Windows\WindowStations\Service-0x0-3e7$
WindowStation \Windows\WindowStations\Service-0x0-3e7$Thankyou for reading. Any help/advice would be appreciated!
Edited by MO_LFC, 23 September 2011 - 05:18 PM.
Sign In
Create Account
