Jump to content

error: writetodisk need help ASAP!!!

pyroman611

By pyroman611
in Troubleshooting

Recommended Posts

pyroman611 Newbie

pyroman611

Posted
Posted

hey guys everything was working fine on my laptop with utorrent beening using utorrent for years now and never had this problem im going to include a highjackthis post and a process explorer post. please help me out....greatly appreciated :)

the ERROR is: writetodisk: The process cannot access the file because it is being used by another process.

HIGHJACK THIS:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:08:44 PM, on 15/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\PROGRA~2\LANDesk\LDClient\issclipexec.exe

C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE

C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\F-Secure\common\FSM32.EXE

C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Users\100403428\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\100403428\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.live.com/1rewlive4startup/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\100403428\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Google Update] "C:\Users\100403428\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [66EDC186CE31D0A1B050481D8B560D113D4F7FD6._service_run] "C:\Users\100403428\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User 'Default user')

O4 - Startup: Facebook Messenger.lnk = C:\Users\100403428\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = oncampus.local

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = oncampus.local

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = oncampus.local

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: LANDesk® Management Agent (CBA8) - Avocent Corporation - C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe

O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)

O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: F-Secure Device Control Daemon (fsdevcon) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)

O23 - Service: Intel Local Scheduler Service - LANDesk Software, Inc. and its affiliates. - C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE

O23 - Service: Intel PDS - LANDesk Software Ltd. - C:\Windows\system32\CBA\pds.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LANDesk Remote Control Service (ISSUSER) - LANDesk Software, Inc. and its affiliates. - C:\PROGRA~2\LANDesk\LDClient\issuser.exe

O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LANDesk Policy Invoker - LANDesk Software, Inc. and its affiliates - C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe

O23 - Service: LANDesk Targeted Multicast - LANDesk Software, Inc. and its affiliates. - C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe

O23 - Service: LANDesk® Out-of-Band Monitor Service - LANDesk Software, Inc. and its affiliates. - C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe

O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: LANDesk® Software Monitoring Service (Softmon) - LANDesk Software, Inc. and its affiliates. - C:\Program Files (x86)\LANDesk\LDClient\softmon.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)

O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 18713 bytes

PROCESS EXPLORER:

Process PID CPU Private Bytes Working Set Description Company Name

System Idle Process 0 83.17 0 K 24 K

System 4 1.08 172 K 2,000 K

Interrupts n/a 1.31 0 K 0 K Hardware Interrupts and DPCs

smss.exe 484 528 K 616 K Windows Session Manager Microsoft Corporation

csrss.exe 616 < 0.01 2,604 K 2,368 K Client Server Runtime Process Microsoft Corporation

conhost.exe 1524 1,084 K 804 K Console Window Host Microsoft Corporation

conhost.exe 3340 1,164 K 528 K Console Window Host Microsoft Corporation

conhost.exe 3484 1,420 K 792 K Console Window Host Microsoft Corporation

wininit.exe 696 1,676 K 624 K Windows Start-Up Application Microsoft Corporation

services.exe 808 9,868 K 8,052 K Services and Controller app Microsoft Corporation

svchost.exe 928 5,316 K 5,388 K Host Process for Windows Services Microsoft Corporation

WmiPrvSE.exe 3172 5,556 K 5,584 K WMI Provider Host Microsoft Corporation

unsecapp.exe 3232 1,868 K 2,132 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

igfxext.exe 2532 2,512 K 3,296 K igfxext Module Intel Corporation

ibmpmsvc.exe 1020 1,412 K 1,732 K ThinkPad Power Management Service Lenovo.

svchost.exe 628 8,092 K 7,636 K Host Process for Windows Services Microsoft Corporation

svchost.exe 868 0.16 28,440 K 17,144 K Host Process for Windows Services Microsoft Corporation

audiodg.exe 8508 0.96 17,672 K 18,200 K Windows Audio Device Graph Isolation Microsoft Corporation

svchost.exe 1044 0.29 158,060 K 151,376 K Host Process for Windows Services Microsoft Corporation

wlanext.exe 1516 7,564 K 5,464 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation

WUDFHost.exe 4112 6,692 K 8,380 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation

dwm.exe 4052 0.98 126,924 K 70,024 K Desktop Window Manager Microsoft Corporation

svchost.exe 1084 0.10 67,160 K 46,212 K Host Process for Windows Services Microsoft Corporation

taskeng.exe 7008 2,036 K 5,296 K Task Scheduler Engine Microsoft Corporation

svchost.exe 1232 < 0.01 15,256 K 15,636 K Host Process for Windows Services Microsoft Corporation

svchost.exe 1404 0.01 34,176 K 15,412 K Host Process for Windows Services Microsoft Corporation

spoolsv.exe 1612 13,476 K 8,176 K Spooler SubSystem App Microsoft Corporation

svchost.exe 1660 0.01 13,976 K 10,452 K Host Process for Windows Services Microsoft Corporation

tphkload.exe 1764 9,024 K 3,724 K ThinkPad Message Client Loader Lenovo Group Limited

rundll32.exe 5672 1,676 K 952 K Windows host process (Rundll32) Microsoft Corporation

TpScrex.exe 5780 2,632 K 2,384 K ThinkPad UltraZoom Lenovo Group Limited

TPONSCR.exe 5828 2,600 K 2,860 K On screen display drawer Lenovo Group Limited

TPHKSVC.exe 1784 2,316 K 2,644 K On screen display Fn+Fx handler Lenovo Group Limited

tpnumlk.exe 3180 2,940 K 2,164 K NumLock indicator for ThinkPad Lenovo Group Limited

tpnumlkd.exe 5988 3,200 K 1,756 K NumLock on screen display for ThinkPad Lenovo Group Limited

AppleMobileDeviceService.exe 1840 0.02 3,376 K 3,136 K MobileDeviceService Apple Inc.

mDNSResponder.exe 1908 3,752 K 3,128 K Bonjour Service Apple Inc.

residentAgent.exe 1960 < 0.01 2,408 K 616 K Resident Agent Application Avocent Corporation

collector.exe 3324 1,568 K 1,912 K collector Application Avocent Corporation

LDRegWatch.exe 3460 1,856 K 2,024 K LDregwatch Application

CxAudMsg64.exe 2012 6,152 K 1,928 K Conexant Audio Message Service Conexant Systems Inc.

EvtEng.exe 1200 < 0.01 12,208 K 12,524 K Intel® PROSet/Wireless Event Log Service Intel® Corporation

fsgk32st.exe 1432 968 K 1,300 K F-Secure Anti-Virus Scanning Service F-Secure Corporation

fsgk32.exe 2060 < 0.01 12,816 K 5,020 K F-Secure Gatekeeper Handler 32-bit F-Secure Corporation

fssm32.exe 2100 153,316 K 95,152 K F-Secure Scanner Manager 32-bit F-Secure Corporation

fsav32.exe 2024 < 0.01 4,456 K 3,192 K FSAV Handler F-Secure Corporation

PresentationFontCache.exe 1880 29,028 K 4,332 K PresentationFontCache.exe Microsoft Corporation

fsdevcon64.exe 2224 < 0.01 4,424 K 4,036 K F-Secure Client Security Device Control Daemon F-Secure Corporation

FSMA32.EXE 2244 < 0.01 3,820 K 2,720 K F-Secure Management Agent F-Secure Corporation

FSHDLL32.EXE 3572 13,872 K 5,888 K F-Secure DLL Hosting Plugin F-Secure Corporation

FSHDLL64.EXE 3688 3,924 K 1,112 K F-Secure DLL Hosting Plugin F-Secure Corporation

FIH32.exe 624 1,960 K 824 K F-Secure Installation Launcher F-Secure Corporation

LocalSch.EXE 2264 < 0.01 4,628 K 4,312 K LocalSch LANDesk Software, Inc. and its affiliates.

pds.exe 2324 1,964 K 808 K CBA -- Ping Discovery Service LANDesk Software Ltd.

issuser.exe 2364 3,380 K 2,604 K Remote Control Client LANDesk Software, Inc. and its affiliates.

rcgui.exe 4664 2,012 K 1,308 K Remote Control Client LANDesk Software, Inc. and its affiliates.

issclipexec.exe 4656 1,340 K 1,160 K Remote Control Clip Monitor LANDesk Software, Inc. and its affiliates.

jhi_service.exe 2392 1,376 K 1,748 K Intel IPT Host Interface Service Intel Corporation

policy.client.invoker.exe 2424 4,232 K 3,480 K LANDesk Policy Invoker Service LANDesk Software, Inc. and its affiliates

tmcsvc.exe 2452 0.01 6,096 K 2,100 K Targeted Multicast Client Service Executable LANDesk Software, Inc. and its affiliates.

amtmon.exe 2480 4,980 K 4,152 K amtmon service application LANDesk Software, Inc. and its affiliates.

micmute.exe 2568 6,508 K 2,208 K Microphone Mute Controll Service for ThinkPad Lenovo Group Limited

lvvsst.exe 2612 2,728 K 1,504 K Auto Scroll Start Service Lenovo Group Limited

virtscrl.exe 4880 0.25 2,944 K 2,056 K Lenovo Auto Scroll Utility Lenovo Group Limited

PnkBstrA.exe 2680 < 0.01 1,232 K 840 K

RegSrvc.exe 2720 2,288 K 1,636 K Intel® PROSet/Wireless Registry Service Intel® Corporation

SASrv.exe 2752 1,188 K 716 K SmartAudio Service Application Conexant Systems, Inc.

c2c_service.exe 2780 0.02 2,900 K 1,896 K Skype C2C Service Skype Technologies S.A.

SoftMon.exe 2852 0.55 4,244 K 3,740 K LANDesk Software Monitor LANDesk Software, Inc. and its affiliates.

svchost.exe 2904 4,352 K 3,324 K Host Process for Windows Services Microsoft Corporation

ULCDRSvr.exe 2948 792 K 484 K ULCDRSvr Ulead Systems, Inc.

WLIDSVC.EXE 3008 < 0.01 8,676 K 4,152 K Microsoft® Windows Live ID Service Microsoft Corp.

WLIDSVCM.EXE 2204 1,508 K 712 K Microsoft® Windows Live ID Service Monitor Microsoft Corp.

fsorsp.exe 3920 6,160 K 3,292 K F-Secure ORSP Service F-Secure Corporation

fsdfwd.exe 3952 0.14 11,544 K 3,660 K F-Secure Internet Shield daemon (64 bit) F-Secure Corporation

alg.exe 3980 1,476 K 1,440 K Application Layer Gateway Service Microsoft Corporation

FNRB32.exe 3512 7,284 K 2,436 K F-Secure Network Request Broker F-Secure Corporation

svchost.exe 3864 < 0.01 11,032 K 13,160 K Host Process for Windows Services Microsoft Corporation

svchost.exe 4280 2,168 K 2,536 K Host Process for Windows Services Microsoft Corporation

svchost.exe 4580 < 0.01 45,132 K 33,612 K Host Process for Windows Services Microsoft Corporation

SearchIndexer.exe 4732 < 0.01 54,204 K 44,632 K Microsoft Windows Search Indexer Microsoft Corporation

SearchProtocolHost.exe 8280 < 0.01 2,844 K 8,536 K Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 9108 5,024 K 8,740 K Microsoft Windows Search Filter Host Microsoft Corporation

taskhost.exe 728 8,604 K 6,180 K Host Process for Windows Tasks Microsoft Corporation

wmpnetwk.exe 6076 7,880 K 10,492 K Windows Media Player Network Sharing Service Microsoft Corporation

iPodService.exe 6920 0.01 3,684 K 3,312 K iPodService Module (64-bit) Apple Inc.

LMS.exe 4652 < 0.01 4,068 K 3,388 K Local Manageability Service Intel Corporation

UNS.exe 6608 < 0.01 7,304 K 7,972 K User Notification Service Intel Corporation

SUService.exe 7356 11,936 K 4,336 K ThinkVantage System Update Service Lenovo Group Limited

DZSVC64.EXE 3900 1,412 K 1,064 K Doze Mode Service Program Lenovo.

OSPPSVC.EXE 4452 4,040 K 2,512 K Microsoft Office Software Protection Platform Service Microsoft Corporation

lsass.exe 816 7,640 K 9,828 K Local Security Authority Process Microsoft Corporation

lsm.exe 824 3,448 K 3,048 K Local Session Manager Service Microsoft Corporation

csrss.exe 720 0.55 3,160 K 44,948 K Client Server Runtime Process Microsoft Corporation

winlogon.exe 760 3,160 K 2,440 K Windows Logon Application Microsoft Corporation

explorer.exe 3160 0.04 89,612 K 85,792 K Windows Explorer Microsoft Corporation

SynTPEnh.exe 5196 < 0.01 10,852 K 7,624 K Synaptics TouchPad Enhancements Synaptics Incorporated

SynTPLpr.exe 5840 2,712 K 1,832 K TouchPad Driver Helper Application Synaptics Incorporated

TpShocks.exe 5588 2,240 K 1,916 K ThinkVantage Active Protection System Lenovo.

fmapp.exe 5740 1,712 K 1,264 K FMAPP Application

hkcmd.exe 5240 2,904 K 2,492 K hkcmd Module Intel Corporation

igfxpers.exe 1344 4,064 K 5,112 K persistence Module Intel Corporation

StikyNot.exe 996 5,864 K 3,988 K Sticky Notes Microsoft Corporation

chrome.exe 4492 < 0.01 13,948 K 13,768 K Google Chrome Google Inc.

Kies.exe 900 0.10 28,536 K 8,020 K Kies Samsung

ONENOTEM.EXE 5028 1,160 K 904 K Microsoft OneNote Quick Launcher Microsoft Corporation

notepad.exe 7068 2,008 K 1,392 K Notepad Microsoft Corporation

Skype.exe 5208 0.09 124,412 K 54,404 K Skype Skype Technologies S.A.

uTorrent.exe 5516 41,348 K 44,956 K µTorrent BitTorrent, Inc.

chrome.exe 1656 0.01 140,260 K 148,880 K Google Chrome Google Inc.

chrome.exe 5968 61,552 K 46,156 K Google Chrome Google Inc.

chrome.exe 3376 22,316 K 24,216 K Google Chrome Google Inc.

chrome.exe 2840 10,892 K 15,620 K Google Chrome Google Inc.

chrome.exe 4772 0.01 48,088 K 54,044 K Google Chrome Google Inc.

chrome.exe 2664 0.03 40,408 K 47,696 K Google Chrome Google Inc.

chrome.exe 7064 0.04 49,936 K 58,628 K Google Chrome Google Inc.

chrome.exe 8644 0.01 38,268 K 43,664 K Google Chrome Google Inc.

HijackThis.exe 1496 5,800 K 15,280 K HijackThis Trend Micro Inc.

notepad.exe 8032 1,532 K 6,860 K Notepad Microsoft Corporation

chrome.exe 5568 33,244 K 40,884 K Google Chrome Google Inc.

WinRAR.exe 1700 < 0.01 9,136 K 19,216 K WinRAR archiver Alexander Roshal

procexp.exe 5576 2,228 K 7,324 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 8568 2.20 27,640 K 48,828 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com

wmplayer.exe 2304 5.60 80,348 K 92,600 K Windows Media Player Microsoft Corporation

uTorrent.exe 2628 2.09 41,656 K 52,912 K µTorrent BitTorrent, Inc.

SynTPHelper.exe 6000 1,600 K 1,080 K Synaptics Pointing Device Helper Synaptics Incorporated

GoogleCrashHandler.exe 4200 1,620 K 1,088 K Google Crash Handler Google Inc.

GoogleCrashHandler64.exe 5320 1,980 K 1,040 K Google Crash Handler Google Inc.

GoogleCrashHandler.exe 5952 1,820 K 1,140 K Google Crash Handler Google Inc.

GoogleCrashHandler64.exe 5296 1,984 K 820 K Google Crash Handler Google Inc.

RCIMGDIR.exe 5072 2,076 K 2,012 K RCIMGDIR Ricoh co.,Ltd.

rundll32.exe 5060 1,216 K 1,020 K Windows host process (Rundll32) Microsoft Corporation

rundll32.exe 6216 7,312 K 8,320 K Windows host process (Rundll32) Microsoft Corporation

SCHTASK.EXE 6512 2,652 K 2,980 K Power Manager Power Agenda Lenovo Group Limited

FSM32.EXE 6288 0.01 11,996 K 3,552 K F-Secure Settings and Statistics F-Secure Corporation

iTunesHelper.exe 6668 < 0.01 4,000 K 4,068 K iTunesHelper Apple Inc.

jusched.exe 6736 1,272 K 1,020 K Java Update Scheduler Sun Microsystems, Inc.

KiesTrayAgent.exe 6792 5,064 K 6,952 K Kies TrayAgent Application Samsung Electronics Co., Ltd.

FacebookMessenger.exe 6504 0.08 193,664 K 137,824 K Facebook Messenger Facebook

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...