Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost issue causing lose of internet


  • Please log in to reply
9 replies to this topic

#1 Ganther

Ganther

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 11 March 2012 - 03:32 PM

Hello

I have been getting very high memory usage from svchost.exe (localsystemnetworkrestricted)I normally notice it between 90K and 110+K memory usage. Usually when it is that high I notice I am unable to access the internet. At first I thought it was a Firefox thing since it was getting connection rest messages then I noticed Thunderbird would not send or receive messages so I tested in IE same unable to access any webpage my network icon shows me connected. I am thinking I have a malware or something causing svchost.exe to get that high and stop me from accessing the internet. As soon as I stop the svchost process I am able to surf again.

I have looked and looked and can not find any resolve to this issue. I have scanned with windows defender, Avast, Malwarebytes all come up clean.

Any help would be great.

Edit: Moved topic from Windows 7 to the more appropriate forum, at the suggestion of staff. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:45 PM

Posted 11 March 2012 - 06:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Ganther

Ganther
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 11 March 2012 - 11:52 PM

Windows is 64bit so GMER I did not do. Here are the log files

23:37:39.0338 3912 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
23:37:39.0765 3912 ============================================================
23:37:39.0765 3912 Current date / time: 2012/03/11 23:37:39.0765
23:37:39.0765 3912 SystemInfo:
23:37:39.0765 3912
23:37:39.0765 3912 OS Version: 6.1.7601 ServicePack: 1.0
23:37:39.0765 3912 Product type: Workstation
23:37:39.0765 3912 ComputerName: BOB
23:37:39.0766 3912 UserName: Shayne
23:37:39.0766 3912 Windows directory: C:\Windows
23:37:39.0766 3912 System windows directory: C:\Windows
23:37:39.0766 3912 Running under WOW64
23:37:39.0766 3912 Processor architecture: Intel x64
23:37:39.0766 3912 Number of processors: 4
23:37:39.0766 3912 Page size: 0x1000
23:37:39.0766 3912 Boot type: Normal boot
23:37:39.0766 3912 ============================================================
23:37:40.0140 3912 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:37:40.0151 3912 \Device\Harddisk0\DR0:
23:37:40.0151 3912 MBR used
23:37:40.0151 3912 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:37:40.0151 3912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
23:37:40.0185 3912 Initialize success
23:37:40.0185 3912 ============================================================
23:38:34.0786 3132 ============================================================
23:38:34.0786 3132 Scan started
23:38:34.0786 3132 Mode: Manual; TDLFS;
23:38:34.0786 3132 ============================================================
23:38:34.0974 3132 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
23:38:34.0976 3132 1394ohci - ok
23:38:35.0004 3132 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:38:35.0006 3132 ACPI - ok
23:38:35.0015 3132 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:38:35.0016 3132 AcpiPmi - ok
23:38:35.0056 3132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:38:35.0059 3132 adp94xx - ok
23:38:35.0066 3132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:38:35.0068 3132 adpahci - ok
23:38:35.0083 3132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:38:35.0084 3132 adpu320 - ok
23:38:35.0116 3132 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:38:35.0119 3132 AFD - ok
23:38:35.0130 3132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:38:35.0132 3132 agp440 - ok
23:38:35.0164 3132 AiChargerPlus (8b6625d53c18774f0102f690e285b5e8) C:\Windows\system32\DRIVERS\AiChargerPlus.sys
23:38:35.0164 3132 AiChargerPlus - ok
23:38:35.0177 3132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:38:35.0178 3132 aliide - ok
23:38:35.0187 3132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:38:35.0188 3132 amdide - ok
23:38:35.0198 3132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:38:35.0199 3132 AmdK8 - ok
23:38:35.0290 3132 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
23:38:35.0374 3132 amdkmdag - ok
23:38:35.0411 3132 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
23:38:35.0412 3132 amdkmdap - ok
23:38:35.0418 3132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
23:38:35.0418 3132 AmdPPM - ok
23:38:35.0430 3132 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:38:35.0431 3132 amdsata - ok
23:38:35.0445 3132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:38:35.0446 3132 amdsbs - ok
23:38:35.0461 3132 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:38:35.0461 3132 amdxata - ok
23:38:35.0477 3132 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:38:35.0478 3132 AppID - ok
23:38:35.0489 3132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:38:35.0490 3132 arc - ok
23:38:35.0501 3132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:38:35.0503 3132 arcsas - ok
23:38:35.0513 3132 AsIO - ok
23:38:35.0526 3132 asmthub3 (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
23:38:35.0527 3132 asmthub3 - ok
23:38:35.0543 3132 asmtxhci (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
23:38:35.0544 3132 asmtxhci - ok
23:38:35.0549 3132 AsUpIO - ok
23:38:35.0573 3132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:38:35.0574 3132 AsyncMac - ok
23:38:35.0596 3132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:38:35.0596 3132 atapi - ok
23:38:35.0619 3132 AthBTPort (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys
23:38:35.0619 3132 AthBTPort - ok
23:38:35.0645 3132 ATHDFU (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys
23:38:35.0646 3132 ATHDFU - ok
23:38:35.0673 3132 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
23:38:35.0673 3132 AtiHDAudioService - ok
23:38:35.0696 3132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:38:35.0698 3132 b06bdrv - ok
23:38:35.0709 3132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:38:35.0711 3132 b57nd60a - ok
23:38:35.0729 3132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:38:35.0730 3132 Beep - ok
23:38:35.0753 3132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:38:35.0755 3132 blbdrive - ok
23:38:35.0786 3132 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:38:35.0788 3132 bowser - ok
23:38:35.0793 3132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:38:35.0794 3132 BrFiltLo - ok
23:38:35.0798 3132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:38:35.0798 3132 BrFiltUp - ok
23:38:35.0815 3132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:38:35.0817 3132 Brserid - ok
23:38:35.0822 3132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:38:35.0823 3132 BrSerWdm - ok
23:38:35.0828 3132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:38:35.0828 3132 BrUsbMdm - ok
23:38:35.0834 3132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:38:35.0840 3132 BrUsbSer - ok
23:38:35.0857 3132 BTATH_A2DP (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys
23:38:35.0858 3132 BTATH_A2DP - ok
23:38:35.0872 3132 BTATH_BUS (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\DRIVERS\btath_bus.sys
23:38:35.0873 3132 BTATH_BUS - ok
23:38:35.0883 3132 BTATH_HCRP (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys
23:38:35.0884 3132 BTATH_HCRP - ok
23:38:35.0894 3132 BTATH_LWFLT (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:38:35.0895 3132 BTATH_LWFLT - ok
23:38:35.0917 3132 BTATH_RCP (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys
23:38:35.0918 3132 BTATH_RCP - ok
23:38:35.0935 3132 BtFilter (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys
23:38:35.0937 3132 BtFilter - ok
23:38:35.0950 3132 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
23:38:35.0951 3132 BthEnum - ok
23:38:35.0961 3132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:38:35.0962 3132 BTHMODEM - ok
23:38:35.0977 3132 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:38:35.0979 3132 BthPan - ok
23:38:35.0992 3132 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
23:38:35.0996 3132 BTHPORT - ok
23:38:36.0002 3132 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
23:38:36.0002 3132 BTHUSB - ok
23:38:36.0011 3132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:38:36.0012 3132 cdfs - ok
23:38:36.0039 3132 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:38:36.0040 3132 cdrom - ok
23:38:36.0047 3132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:38:36.0048 3132 circlass - ok
23:38:36.0065 3132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:38:36.0067 3132 CLFS - ok
23:38:36.0076 3132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:38:36.0076 3132 CmBatt - ok
23:38:36.0087 3132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:38:36.0088 3132 cmdide - ok
23:38:36.0111 3132 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:38:36.0114 3132 CNG - ok
23:38:36.0124 3132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:38:36.0125 3132 Compbatt - ok
23:38:36.0134 3132 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:38:36.0135 3132 CompositeBus - ok
23:38:36.0145 3132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:38:36.0146 3132 crcdisk - ok
23:38:36.0160 3132 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:38:36.0161 3132 DfsC - ok
23:38:36.0166 3132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:38:36.0167 3132 discache - ok
23:38:36.0178 3132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:38:36.0179 3132 Disk - ok
23:38:36.0208 3132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:38:36.0209 3132 drmkaud - ok
23:38:36.0230 3132 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:38:36.0233 3132 DXGKrnl - ok
23:38:36.0274 3132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:38:36.0303 3132 ebdrv - ok
23:38:36.0320 3132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:38:36.0323 3132 elxstor - ok
23:38:36.0333 3132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:38:36.0334 3132 ErrDev - ok
23:38:36.0349 3132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:38:36.0350 3132 exfat - ok
23:38:36.0366 3132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:38:36.0368 3132 fastfat - ok
23:38:36.0381 3132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:38:36.0381 3132 fdc - ok
23:38:36.0392 3132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:38:36.0393 3132 FileInfo - ok
23:38:36.0406 3132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:38:36.0408 3132 Filetrace - ok
23:38:36.0413 3132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:38:36.0413 3132 flpydisk - ok
23:38:36.0445 3132 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:38:36.0453 3132 FltMgr - ok
23:38:36.0474 3132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:38:36.0475 3132 FsDepends - ok
23:38:36.0480 3132 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:38:36.0480 3132 Fs_Rec - ok
23:38:36.0497 3132 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:38:36.0498 3132 fvevol - ok
23:38:36.0510 3132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:38:36.0511 3132 gagp30kx - ok
23:38:36.0529 3132 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:38:36.0530 3132 GEARAspiWDM - ok
23:38:36.0542 3132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:38:36.0543 3132 hcw85cir - ok
23:38:36.0555 3132 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:38:36.0558 3132 HdAudAddService - ok
23:38:36.0574 3132 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:38:36.0576 3132 HDAudBus - ok
23:38:36.0586 3132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:38:36.0587 3132 HidBatt - ok
23:38:36.0595 3132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:38:36.0597 3132 HidBth - ok
23:38:36.0605 3132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:38:36.0606 3132 HidIr - ok
23:38:36.0612 3132 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:38:36.0612 3132 HidUsb - ok
23:38:36.0630 3132 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:38:36.0632 3132 HpSAMD - ok
23:38:36.0651 3132 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:38:36.0655 3132 HTTP - ok
23:38:36.0667 3132 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:38:36.0667 3132 hwpolicy - ok
23:38:36.0677 3132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:38:36.0679 3132 i8042prt - ok
23:38:36.0703 3132 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
23:38:36.0704 3132 iaStor - ok
23:38:36.0734 3132 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:38:36.0737 3132 iaStorV - ok
23:38:36.0753 3132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:38:36.0753 3132 iirsp - ok
23:38:36.0768 3132 IntcAzAudAddService - ok
23:38:36.0790 3132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:38:36.0791 3132 intelide - ok
23:38:36.0799 3132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:38:36.0800 3132 intelppm - ok
23:38:36.0816 3132 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:38:36.0818 3132 IpFilterDriver - ok
23:38:36.0825 3132 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:38:36.0827 3132 IPMIDRV - ok
23:38:36.0832 3132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:38:36.0833 3132 IPNAT - ok
23:38:36.0845 3132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:38:36.0846 3132 IRENUM - ok
23:38:36.0852 3132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:38:36.0852 3132 isapnp - ok
23:38:36.0874 3132 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:38:36.0877 3132 iScsiPrt - ok
23:38:36.0899 3132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:38:36.0899 3132 kbdclass - ok
23:38:36.0914 3132 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:38:36.0915 3132 kbdhid - ok
23:38:36.0935 3132 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:38:36.0936 3132 KSecDD - ok
23:38:36.0960 3132 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:38:36.0961 3132 KSecPkg - ok
23:38:36.0971 3132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:38:36.0972 3132 ksthunk - ok
23:38:36.0993 3132 L1C (32980b4e711d2ef7128c44dc2cf85706) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:38:36.0994 3132 L1C - ok
23:38:37.0016 3132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:38:37.0017 3132 lltdio - ok
23:38:37.0034 3132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:38:37.0035 3132 LSI_FC - ok
23:38:37.0045 3132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:38:37.0046 3132 LSI_SAS - ok
23:38:37.0051 3132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:38:37.0052 3132 LSI_SAS2 - ok
23:38:37.0060 3132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:38:37.0061 3132 LSI_SCSI - ok
23:38:37.0072 3132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:38:37.0074 3132 luafv - ok
23:38:37.0083 3132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:38:37.0083 3132 megasas - ok
23:38:37.0099 3132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:38:37.0101 3132 MegaSR - ok
23:38:37.0133 3132 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
23:38:37.0134 3132 MEIx64 - ok
23:38:37.0150 3132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:38:37.0151 3132 Modem - ok
23:38:37.0160 3132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:38:37.0160 3132 monitor - ok
23:38:37.0174 3132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:38:37.0174 3132 mouclass - ok
23:38:37.0195 3132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:38:37.0197 3132 mouhid - ok
23:38:37.0208 3132 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:38:37.0209 3132 mountmgr - ok
23:38:37.0223 3132 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:38:37.0224 3132 mpio - ok
23:38:37.0240 3132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:38:37.0241 3132 mpsdrv - ok
23:38:37.0257 3132 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:38:37.0259 3132 MRxDAV - ok
23:38:37.0274 3132 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:38:37.0275 3132 mrxsmb - ok
23:38:37.0290 3132 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:38:37.0292 3132 mrxsmb10 - ok
23:38:37.0300 3132 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:38:37.0301 3132 mrxsmb20 - ok
23:38:37.0314 3132 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:38:37.0315 3132 msahci - ok
23:38:37.0328 3132 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:38:37.0329 3132 msdsm - ok
23:38:37.0344 3132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:38:37.0345 3132 Msfs - ok
23:38:37.0358 3132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:38:37.0360 3132 mshidkmdf - ok
23:38:37.0378 3132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:38:37.0379 3132 msisadrv - ok
23:38:37.0404 3132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:38:37.0405 3132 MSKSSRV - ok
23:38:37.0419 3132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:38:37.0420 3132 MSPCLOCK - ok
23:38:37.0434 3132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:38:37.0435 3132 MSPQM - ok
23:38:37.0449 3132 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:38:37.0451 3132 MsRPC - ok
23:38:37.0467 3132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:38:37.0467 3132 mssmbios - ok
23:38:37.0499 3132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:38:37.0500 3132 MSTEE - ok
23:38:37.0528 3132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:38:37.0529 3132 MTConfig - ok
23:38:37.0544 3132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:38:37.0545 3132 Mup - ok
23:38:37.0578 3132 mv91xx (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
23:38:37.0580 3132 mv91xx - ok
23:38:37.0595 3132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:38:37.0598 3132 NativeWifiP - ok
23:38:37.0616 3132 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:38:37.0632 3132 NDIS - ok
23:38:37.0646 3132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:38:37.0647 3132 NdisCap - ok
23:38:37.0658 3132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:38:37.0659 3132 NdisTapi - ok
23:38:37.0674 3132 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:38:37.0675 3132 Ndisuio - ok
23:38:37.0681 3132 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:38:37.0682 3132 NdisWan - ok
23:38:37.0688 3132 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:38:37.0688 3132 NDProxy - ok
23:38:37.0701 3132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:38:37.0702 3132 NetBIOS - ok
23:38:37.0713 3132 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:38:37.0715 3132 NetBT - ok
23:38:37.0730 3132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:38:37.0732 3132 nfrd960 - ok
23:38:37.0742 3132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:38:37.0742 3132 Npfs - ok
23:38:37.0755 3132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:38:37.0756 3132 nsiproxy - ok
23:38:37.0786 3132 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:38:37.0803 3132 Ntfs - ok
23:38:37.0817 3132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:38:37.0818 3132 Null - ok
23:38:37.0842 3132 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:38:37.0843 3132 nvraid - ok
23:38:37.0856 3132 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:38:37.0857 3132 nvstor - ok
23:38:37.0863 3132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:38:37.0864 3132 nv_agp - ok
23:38:37.0869 3132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:38:37.0870 3132 ohci1394 - ok
23:38:37.0887 3132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:38:37.0888 3132 Parport - ok
23:38:37.0902 3132 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:38:37.0904 3132 partmgr - ok
23:38:37.0918 3132 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:38:37.0919 3132 pci - ok
23:38:37.0934 3132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:38:37.0934 3132 pciide - ok
23:38:37.0945 3132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:38:37.0947 3132 pcmcia - ok
23:38:37.0960 3132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:38:37.0961 3132 pcw - ok
23:38:37.0996 3132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:38:37.0999 3132 PEAUTH - ok
23:38:38.0019 3132 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:38:38.0021 3132 PptpMiniport - ok
23:38:38.0026 3132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:38:38.0026 3132 Processor - ok
23:38:38.0046 3132 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:38:38.0047 3132 Psched - ok
23:38:38.0071 3132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:38:38.0088 3132 ql2300 - ok
23:38:38.0102 3132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:38:38.0104 3132 ql40xx - ok
23:38:38.0128 3132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:38:38.0129 3132 QWAVEdrv - ok
23:38:38.0140 3132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:38:38.0141 3132 RasAcd - ok
23:38:38.0165 3132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:38:38.0166 3132 RasAgileVpn - ok
23:38:38.0179 3132 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:38:38.0180 3132 Rasl2tp - ok
23:38:38.0191 3132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:38:38.0193 3132 RasPppoe - ok
23:38:38.0204 3132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:38:38.0206 3132 RasSstp - ok
23:38:38.0217 3132 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:38:38.0218 3132 rdbss - ok
23:38:38.0230 3132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:38:38.0231 3132 rdpbus - ok
23:38:38.0237 3132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:38:38.0237 3132 RDPCDD - ok
23:38:38.0251 3132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:38:38.0252 3132 RDPENCDD - ok
23:38:38.0260 3132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:38:38.0261 3132 RDPREFMP - ok
23:38:38.0274 3132 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:38:38.0275 3132 RDPWD - ok
23:38:38.0293 3132 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:38:38.0294 3132 rdyboost - ok
23:38:38.0326 3132 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:38:38.0327 3132 RFCOMM - ok
23:38:38.0340 3132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:38:38.0342 3132 rspndr - ok
23:38:38.0364 3132 RTL8167 (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:38:38.0366 3132 RTL8167 - ok
23:38:38.0376 3132 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:38:38.0378 3132 sbp2port - ok
23:38:38.0393 3132 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:38:38.0394 3132 scfilter - ok
23:38:38.0410 3132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:38:38.0412 3132 secdrv - ok
23:38:38.0426 3132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:38:38.0427 3132 Serenum - ok
23:38:38.0441 3132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:38:38.0443 3132 Serial - ok
23:38:38.0456 3132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:38:38.0457 3132 sermouse - ok
23:38:38.0465 3132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:38:38.0465 3132 sffdisk - ok
23:38:38.0470 3132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:38:38.0470 3132 sffp_mmc - ok
23:38:38.0476 3132 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:38:38.0476 3132 sffp_sd - ok
23:38:38.0498 3132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:38:38.0499 3132 sfloppy - ok
23:38:38.0517 3132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:38:38.0518 3132 SiSRaid2 - ok
23:38:38.0531 3132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:38:38.0532 3132 SiSRaid4 - ok
23:38:38.0542 3132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:38:38.0543 3132 Smb - ok
23:38:38.0579 3132 snapman (8ac15211eb4bf019aab0022781cc8ad0) C:\Windows\system32\DRIVERS\snapman.sys
23:38:38.0581 3132 snapman - ok
23:38:38.0594 3132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:38:38.0595 3132 spldr - ok
23:38:38.0636 3132 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:38:38.0639 3132 srv - ok
23:38:38.0651 3132 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:38:38.0653 3132 srv2 - ok
23:38:38.0663 3132 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:38:38.0664 3132 srvnet - ok
23:38:38.0672 3132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:38:38.0673 3132 stexstor - ok
23:38:38.0684 3132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:38:38.0684 3132 swenum - ok
23:38:38.0723 3132 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:38:38.0748 3132 Tcpip - ok
23:38:38.0773 3132 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:38:38.0779 3132 TCPIP6 - ok
23:38:38.0801 3132 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:38:38.0802 3132 tcpipreg - ok
23:38:38.0813 3132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:38:38.0814 3132 TDPIPE - ok
23:38:38.0835 3132 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
23:38:38.0838 3132 tdrpman - ok
23:38:38.0844 3132 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:38:38.0844 3132 TDTCP - ok
23:38:38.0853 3132 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:38:38.0855 3132 tdx - ok
23:38:38.0859 3132 Teefer3 - ok
23:38:38.0873 3132 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
23:38:38.0874 3132 TermDD - ok
23:38:38.0906 3132 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
23:38:38.0906 3132 tifsfilter - ok
23:38:38.0928 3132 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
23:38:38.0932 3132 timounter - ok
23:38:38.0943 3132 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:38:38.0944 3132 tssecsrv - ok
23:38:38.0958 3132 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:38:38.0959 3132 TsUsbFlt - ok
23:38:38.0964 3132 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:38:38.0965 3132 TsUsbGD - ok
23:38:38.0987 3132 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:38:38.0991 3132 tunnel - ok
23:38:39.0018 3132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:38:39.0020 3132 uagp35 - ok
23:38:39.0035 3132 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:38:39.0038 3132 udfs - ok
23:38:39.0055 3132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:38:39.0057 3132 uliagpkx - ok
23:38:39.0073 3132 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:38:39.0074 3132 umbus - ok
23:38:39.0089 3132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:38:39.0090 3132 UmPass - ok
23:38:39.0112 3132 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
23:38:39.0113 3132 USBAAPL64 - ok
23:38:39.0139 3132 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:38:39.0141 3132 usbccgp - ok
23:38:39.0150 3132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:38:39.0151 3132 usbcir - ok
23:38:39.0167 3132 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:38:39.0168 3132 usbehci - ok
23:38:39.0181 3132 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:38:39.0183 3132 usbhub - ok
23:38:39.0199 3132 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:38:39.0200 3132 usbohci - ok
23:38:39.0217 3132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
23:38:39.0218 3132 usbprint - ok
23:38:39.0237 3132 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:38:39.0238 3132 USBSTOR - ok
23:38:39.0245 3132 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:38:39.0246 3132 usbuhci - ok
23:38:39.0263 3132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:38:39.0264 3132 vdrvroot - ok
23:38:39.0278 3132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:38:39.0279 3132 vga - ok
23:38:39.0294 3132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:38:39.0295 3132 VgaSave - ok
23:38:39.0305 3132 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:38:39.0307 3132 vhdmp - ok
23:38:39.0322 3132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:38:39.0324 3132 viaide - ok
23:38:39.0333 3132 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:38:39.0334 3132 volmgr - ok
23:38:39.0353 3132 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:38:39.0355 3132 volmgrx - ok
23:38:39.0369 3132 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:38:39.0371 3132 volsnap - ok
23:38:39.0382 3132 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:38:39.0383 3132 vsmraid - ok
23:38:39.0395 3132 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
23:38:39.0395 3132 vwifibus - ok
23:38:39.0408 3132 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:38:39.0408 3132 WacomPen - ok
23:38:39.0417 3132 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:38:39.0418 3132 WANARP - ok
23:38:39.0420 3132 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:38:39.0420 3132 Wanarpv6 - ok
23:38:39.0438 3132 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:38:39.0440 3132 Wd - ok
23:38:39.0472 3132 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:38:39.0476 3132 Wdf01000 - ok
23:38:39.0493 3132 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:38:39.0494 3132 WfpLwf - ok
23:38:39.0499 3132 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:38:39.0500 3132 WIMMount - ok
23:38:39.0524 3132 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:38:39.0525 3132 WinUsb - ok
23:38:39.0541 3132 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:38:39.0541 3132 WmiAcpi - ok
23:38:39.0560 3132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:38:39.0561 3132 ws2ifsl - ok
23:38:39.0578 3132 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:38:39.0580 3132 WudfPf - ok
23:38:39.0590 3132 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:38:39.0591 3132 WUDFRd - ok
23:38:39.0615 3132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:38:39.0760 3132 \Device\Harddisk0\DR0 - ok
23:38:39.0761 3132 Boot (0x1200) (c2a89fd363edd3334c397a067e0ebd67) \Device\Harddisk0\DR0\Partition0
23:38:39.0762 3132 \Device\Harddisk0\DR0\Partition0 - ok
23:38:39.0785 3132 Boot (0x1200) (d984129e10927d0e0f5249f98cf2aabf) \Device\Harddisk0\DR0\Partition1
23:38:39.0787 3132 \Device\Harddisk0\DR0\Partition1 - ok
23:38:39.0787 3132 ============================================================
23:38:39.0787 3132 Scan finished
23:38:39.0787 3132 ============================================================
23:38:39.0791 2776 Detected object count: 0
23:38:39.0791 2776 Actual detected object count: 0

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 23:43:16
-----------------------------
23:43:16.369 OS Version: Windows x64 6.1.7601 Service Pack 1
23:43:16.369 Number of processors: 4 586 0x2A07
23:43:16.369 ComputerName: BOB UserName:
23:43:16.935 Initialize success
23:46:28.333 AVAST engine defs: 12031101
23:46:56.026 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:46:56.027 Disk 0 Vendor: ST1000DM CC4C Size: 953869MB BusType: 3
23:46:56.046 Disk 0 MBR read successfully
23:46:56.047 Disk 0 MBR scan
23:46:56.049 Disk 0 Windows 7 default MBR code
23:46:56.059 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:46:56.066 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
23:46:56.076 Disk 0 scanning C:\Windows\system32\drivers
23:47:02.032 Service scanning
23:47:11.240 Modules scanning
23:47:11.244 Disk 0 trace - called modules:
23:47:11.252 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:47:11.254 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009b71060]
23:47:11.579 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80083d9050]
23:47:12.595 AVAST engine scan C:\Windows
23:47:14.036 AVAST engine scan C:\Windows\system32
23:48:38.258 AVAST engine scan C:\Windows\system32\drivers
23:48:45.981 AVAST engine scan C:\Users\Shayne
23:50:43.956 AVAST engine scan C:\ProgramData
23:51:10.461 Scan finished successfully
23:51:23.305 Disk 0 MBR has been saved successfully to "C:\Users\Shayne\Desktop\virus stuff\MBR.dat"
23:51:23.307 The log file has been saved successfully to "C:\Users\Shayne\Desktop\virus stuff\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:45 PM

Posted 12 March 2012 - 07:34 PM

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 Ganther

Ganther
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 13 March 2012 - 07:33 PM

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8d9006b33757c048afbae861ea1bb377
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-14 12:19:06
# local_time=2012-03-13 07:19:06 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776637 100 94 0 83226084 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=121033
# found=0
# cleaned=0
# scan_time=1712
ESETSmartInstaller@High as downloader log:
all ok

MiniToolBox by Farbar Version: 18-01-2012
Ran by Shayne (administrator) on 13-03-2012 at 19:29:49
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 2 (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bob
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-26-83-16-2A-DF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-40-35-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, March 13, 2012 5:42:54 PM
Lease Expires . . . . . . . . . . : Saturday, April 20, 2148 1:58:07 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{39524BEA-9936-4997-B8BC-56919A8C1985}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:6:2697:cdb8:b928(Preferred)
Link-local IPv6 Address . . . . . : fe80::6:2697:cdb8:b928%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server:
Address: 192.168.1.1

Name: google.com
Address: 74.125.225.4


Pinging google.com [74.125.225.4] with 32 bytes of data:
Reply from 74.125.225.4: bytes=32 time=39ms TTL=57
Reply from 74.125.225.4: bytes=32 time=113ms TTL=57

Ping statistics for 74.125.225.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 113ms, Average = 76ms
Server:
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.183.24
98.139.127.62


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=50ms TTL=55
Reply from 209.191.122.70: bytes=32 time=52ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 52ms, Average = 51ms
Server:
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 26 83 16 2a df ......Bluetooth Device (Personal Area Network)
12...f4 6d 04 40 35 b7 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 276
192.168.1.9 255.255.255.255 On-link 192.168.1.9 276
192.168.1.255 255.255.255.255 On-link 192.168.1.9 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:5ef5:79fb:6:2697:cdb8:b928/128
On-link
17 306 fe80::/64 On-link
17 306 fe80::6:2697:cdb8:b928/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/13/2012 07:24:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 07:23:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 07:22:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 07:22:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 06:46:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 06:46:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 06:46:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 06:46:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2012 05:44:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2012 05:42:54 PM) (Source: Microsoft-Windows-EapHost) (User: SYSTEM)SYSTEM
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=88, authorId=0, vendorId=0, vendorType=0


System errors:
=============
Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Distributed Link Tracking Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Network Connections service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Human Interface Device Access service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (03/13/2012 06:56:43 PM) (Source: Service Control Manager) (User: )
Description: The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (03/13/2012 07:24:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/13/2012 07:23:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 07:22:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 07:22:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 06:46:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 06:46:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 06:46:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 06:46:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Shayne\Desktop\virus stuff\esetsmartinstaller_enu.exe

Error: (03/13/2012 05:44:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2012 05:42:54 PM) (Source: Microsoft-Windows-EapHost)(User: SYSTEM)SYSTEM
Description: Eap method DLL path name88000


=========================== Installed Programs ============================

µTorrent (Version: 3.1.2)
4 Elements (remove only)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
AI Suite II (Version: 1.01.40)
AMD APP SDK Runtime (Version: 2.4.650.9)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.12.5.0)
ASUS PC Diagnostics (Version: 1.1.2)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.33)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0524.2352.41027)
Catalyst Control Center InstallProxy (Version: 2011.0524.2352.41027)
Catalyst Control Center Localization All (Version: 2011.0524.2352.41027)
Catalyst Control Center Profiles Desktop (Version: 2011.0524.2352.41027)
ccc-utility64 (Version: 2011.0524.2352.41027)
CCC Help Chinese Standard (Version: 2011.0524.2351.41027)
CCC Help Chinese Traditional (Version: 2011.0524.2351.41027)
CCC Help Czech (Version: 2011.0524.2351.41027)
CCC Help Danish (Version: 2011.0524.2351.41027)
CCC Help Dutch (Version: 2011.0524.2351.41027)
CCC Help English (Version: 2011.0524.2351.41027)
CCC Help Finnish (Version: 2011.0524.2351.41027)
CCC Help French (Version: 2011.0524.2351.41027)
CCC Help German (Version: 2011.0524.2351.41027)
CCC Help Greek (Version: 2011.0524.2351.41027)
CCC Help Hungarian (Version: 2011.0524.2351.41027)
CCC Help Italian (Version: 2011.0524.2351.41027)
CCC Help Japanese (Version: 2011.0524.2351.41027)
CCC Help Korean (Version: 2011.0524.2351.41027)
CCC Help Norwegian (Version: 2011.0524.2351.41027)
CCC Help Polish (Version: 2011.0524.2351.41027)
CCC Help Portuguese (Version: 2011.0524.2351.41027)
CCC Help Russian (Version: 2011.0524.2351.41027)
CCC Help Spanish (Version: 2011.0524.2351.41027)
CCC Help Swedish (Version: 2011.0524.2351.41027)
CCC Help Thai (Version: 2011.0524.2351.41027)
CCC Help Turkish (Version: 2011.0524.2351.41027)
CCleaner (Version: 3.16)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ESET Online Scanner v3
Exact Audio Copy 1.0beta3 (Version: 1.0beta3)
HydraVision (Version: 4.2.206.0)
iCloud (Version: 1.1.0.40)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Island Tribe 2 (remove only)
iTunes (Version: 10.6.0.40)
iWin Games (remove only)
Lost Souls Enchanted Paintings (remove only)
Mah Jong Quest II (remove only)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
marvell 91xx driver (Version: 1.0.0.1045)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
Mozilla Thunderbird 10.0.2 (x86 en-US) (Version: 10.0.2)
Mp3tag v2.49b (Version: v2.49b)
Notepad++ (Version: 5.9.8)
Overwolf (Version: 0.28.170)
Realtek Ethernet Controller Driver (Version: 7.37.1229.2010)
Runes of Magic (Version: 4.0.5.2467)
Seagate DiscWizard (Version: 11.0.8326)
SeaTools for Windows (Version: 1.2.0.6)
The Treasures of Montezuma 3 (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
WinRAR 4.10 beta 5 (64-bit) (Version: 4.10.5)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8168.75 MB
Available physical RAM: 6142.71 MB
Total Pagefile: 16335.7 MB
Available Pagefile: 14331.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.31 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:819.95 GB) NTFS

========================= Users: ========================================

User accounts for \\BOB

Administrator Cassie Guest
Sandi Shayne


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:45 PM

Posted 14 March 2012 - 06:13 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 Ganther

Ganther
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 14 March 2012 - 07:02 PM

First I would like to thank you for your help I greatly appreciate it. I will run the TFC program and as always practice safe surfing..

But if everything looks fine what would be causing the high memory usage on the svchost and internet connection not working. I just turned on my PC and started the web browser and the svchost is at 168,836K.

Thanks again

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:45 PM

Posted 15 March 2012 - 07:41 AM

Download

http://download.sysinternals.com/files/ProcessExplorer.zip

Extract and launch it,try to open your browser

Now let me know processes that has high cpu usage

#9 Ganther

Ganther
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 17 March 2012 - 09:27 AM

Here is a screen shot of the processes running.


Posted Image

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:45 PM

Posted 18 March 2012 - 02:10 AM

You're desktop windows manager running under svchost may be the cause.I do not find any malware issues at this point.I would suggest you to have a deeper look by

Reading the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users