Help
Never stops, just keeps repeating over and over.
I have already been through the Spyware/Malware Removal forum and have an all clear on virus, malware and spyware.
This started about three weeks ago and I never had it before.
SystemInternals Process Monitor on auto scroll shows that the following happens 4 or 5 times a second, every second.
______________________________________________________________
System 4 SUCCESS Thread ID: 2496 108 Process System NT AUTHORITY\SYSTEM
System 4 SUCCESS User Time: 0.0000000, Kernel Time: 0.0000000 2496 Process System NT AUTHORITY\SYSTEM
System 4 SUCCESS Thread ID: 2928 108 Process System NT AUTHORITY\SYSTEM
explorer.exe 1608 HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33} SUCCESS Desired Access: Read 4020 Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33}\EnableDHCP SUCCESS Type: REG_DWORD, Length: 4, Data: 1 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33}\LeaseObtainedTime SUCCESS Type: REG_DWORD, Length: 4, Data: 1252623254 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33}\LeaseTerminatesTime SUCCESS Type: REG_DWORD, Length: 4, Data: 1252626854 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33}\DhcpServer SUCCESS Type: REG_SZ, Length: 24, Data: 192.168.0.1 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33}\DhcpServer SUCCESS Type: REG_SZ, Length: 24, Data: 192.168.0.1 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C05FD31-C6C0-4295-8994-0544470B4E33} SUCCESS 4020 Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Linkage\Bind BUFFER OVERFLOW Length: 144 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Linkage\Bind BUFFER OVERFLOW Length: 144 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
explorer.exe 1608 HKLM\System\CurrentControlSet\Services\Tcpip\Linkage\Bind SUCCESS Type: REG_MULTI_SZ, Length: 226, Data: \Device\{F2AB8DFA-84C5-4D8B-985F-E56CFCCD02F5}, \Device\{2C05FD31-C6C0-4295-8994-0544470B4E33}, \Device\NdisWanIp 4020 Read Registry C:\WINDOWS\explorer.exe BASE\Port C:\WINDOWS\explorer.exe
System 4 SUCCESS User Time: 0.0000000, Kernel Time: 0.0000000 2928 Process System NT AUTHORITY\SYSTEM
System 4 SUCCESS Thread ID: 2868 108 Process System NT AUTHORITY\SYSTEM
System 4 SUCCESS User Time: 0.0000000, Kernel Time: 0.0000000 2868 Process System NT AUTHORITY\SYSTEM
System 4 SUCCESS Thread ID: 2960 108 Process System NT AUTHORITY\SYSTEM
______________________________________________________
Can anyone identify what's happening here and let me know how to stop it.
Thanks
This post has been edited by sinsanity: 04 October 2009 - 02:23 AM
Back to top
