Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

BearShare Malware

chimeall

By chimeall
in Spyware-Malware Removal Help!

Recommended Posts

chimeall Newbie

chimeall

Posted
Posted

Advanced SystemCare Diagnose Report v1.0

Date: 2012/01/02 12:33:16

 

----------------------------------

01 - Operating System

----------------------------------

 

0101 - Operating System : Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.110622-1506)

0102 - Language : English (Regional Setting: English)

0103 - BIOS : Ver 1.00 BIOS A13 PARTTBL

0104 - Processor : Intel® Core i3 CPU M 380 @ 2.53GHz (4 CPUs), ~2.5GHz

0105 - Memory : 4096MB RAM

0106 - Available OS Memory : 3892MB RAM

0107 - Page File : 2401MB used, 5381MB available

0108 - Windows Dir : C:\Windows

0109 - DirectX Version : DirectX 11

0110 - DX Setup Parameters : Not found

0111 - User DPI Setting : Using System DPI

0112 - System DPI Setting : 96 DPI (100 percent)

0113 - DWM DPI Scaling : Disabled

0114 - DxDiag Version : 6.01.7601.17514

 

----------------------------------

02 - Processor

----------------------------------

 

0201 - Caption : Intel® Core i3 CPU M 380 @ 2.53GHz x4 ~2533MHz

0202 - Current Clock Speed : 2533MHz

0203 - L1 Cache : 128.00 KB

0204 - L2 Cache : 512.00 KB

0205 - L3 Cache : 3.00 MB

 

----------------------------------

03 - Video Adapter

----------------------------------

 

0301 - Card Name : Intel® HD Graphics

0302 - Manufacturer : Intel Corporation

0303 - Chip Type : Intel® HD Graphics (Core i3)

0304 - DAC Type : Internal

0305 - Device Key : Enum\PCI\VEN_8086&DEV_0046&SUBSYS_04561028&REV_18

0306 - Display Memory : 1696 MB

0307 - AdapterRAM : 1.68 GB

0308 - Current Mode : 1366 x 768 (32 bit) (60Hz)

0309 - Monitor Name : Generic PnP Monitor

0310 - Driver Name : igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32

0311 - Driver Version : 8.15.0010.2182

0312 - Driver Language : English

0313 - DDI Version : 10

0314 - Driver Model : WDDM 1.1

0315 - Driver Beta : False

0316 - Driver Debug : False

0317 - Driver Date : 7/20/2010 07:40:34

0318 - Driver Size : 6544896

0319 - VDD : n/a

0320 - Mini VDD : n/a

0321 - Mini VDD Date : n/a

0322 - Mini VDD Size : 0

0323 - Device Identifier : {D7B78E66-4306-11CF-1E7B-5C24B8C2C535}

0324 - Vendor ID : 0x8086

0325 - Device ID : 0x0046

0326 - SubSys ID : 0x04561028

0327 - Revision ID : 0x0018

0328 - Driver Strong Name : oem57.inf:Intel.Mfg.NTamd64:iILKM0:8.15.10.2182:pci\ven_8086&dev_0046&subsys_04561028

0329 - Rank Of Driver : 00E60001

0330 - Video Accel : ModeMPEG2_A ModeMPEG2_C ModeWMV9_B ModeWMV9_C ModeVC1_B ModeVC1_C

0331 - Deinterlace Caps : {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering

{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch

{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend

0332 - D3D9 Overlay : Supported

0333 - DXVA-HD : Supported

0334 - DDraw Status : Enabled

0335 - D3D Status : Enabled

0336 - AGP Status : Enabled

0337 - Notes : No problems found.

 

0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)

 

----------------------------------

04 - Memory

----------------------------------

 

0401 - Total Memory : 3.80 GB

0402 - Free Memory : 1.79 GB

0403 - Total Pagefile : 7.60 GB

0404 - Free Pagefile : 5.24 GB

 

0405 - Bank Label : N/A

0406 - Speed : 1333 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 2.00 GB

 

0405 - Bank Label : N/A

0406 - Speed : 1333 MHz

0407 - Total Width : 64 Bits

0408 - Capacity : 2.00 GB

 

----------------------------------

05 - Network

----------------------------------

 

0501 - Description : Intel® WiFi Link 1000 BGN

0502 - Driver Date : 3-18-2010

0503 - Driver Version : 13.2.0.30

 

----------------------------------

06 - Motherboard

----------------------------------

 

0601 - Model : 021CN3

0602 - Manufacturer : Dell Inc.

 

----------------------------------

07 - Sound Device

----------------------------------

 

0701 - Description : Speakers (Realtek High Definition Audio)

0702 - Default Sound Playback : True

0703 - Default Voice Playback : True

0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_10280456&REV_1001

0705 - Manufacturer ID : 1

0706 - Product ID : 100

0707 - Type : WDM

0708 - Driver Name : RTKVHD64.sys

0709 - Driver Version : 6.00.0001.6088

0710 - Driver attributes : Final Retail

0711 - Date and Size : 4/13/2010 19:16:56

0713 - Driver Provider : Realtek Semiconductor Corp.

0714 - Min/Max Sample Rate : 4642294, 4642294

0715 - Static/Strm HW Mix Bufs : 4642294, 4642294

0716 - Static/Strm HW 3D Bufs : 4642294, 4642294

0717 - HW Memory : 4642302

0718 - Voice Management : False

0719 - EAX 2.0 Listen/Src : False, False

0720 - I3DL2 Listen/Src : False, False

0721 - Notes : No problems found.

 

 

----------------------------------

08 - Hard Disk

----------------------------------

 

0801 - Model : WDC WD5000BPVT-75HXZT1(Western Digital)

0802 - Media Type : Fixed hard disk media

0803 - Size : 465.76 GB

0804 - Interface Type : Serial ATA

 

0801 - Model : SanDisk Cruzer USB Device

0802 - Media Type : Removable Media

0803 - Size : 1.86 GB

0805 - Driver Date : 6-21-2006

0806 - Driver Version : 6.1.7600.16385

 

0807 - Caption : C:\

0808 - Capacity : 451.01 GB

0809 - Free Space : 393.28 GB

0810 - Drive Type : 3-Fixed

0811 - File System : NTFS

 

0807 - Caption : Q:\

 

----------------------------------

09 - Process

----------------------------------

 

0901 - 0000 Idle 0 0 0

0901 - 0004 System 0 0 0

0901 - 0140 smss.exe 0 0 0 normal

0901 - 01dc csrss.exe 0 0 0 normal

0901 - 021c wininit.exe 0 0 0 high

0901 - 0230 csrss.exe 1 174 80 normal

0901 - 0254 services.exe 0 0 0 normal

0901 - 026c lsass.exe 0 0 0 normal

0901 - 0274 lsm.exe 0 0 0 normal

0901 - 02e8 svchost.exe 0 0 0 normal

0901 - 0320 ASCService.exe 0 0 0 high C:\Program Files (x86)\IObit\Advanced SystemCare 5

0901 - 0348 winlogon.exe 1 6 0 high

0901 - 038c svchost.exe 0 0 0 normal

0901 - 03e8 svchost.exe 0 0 0 normal

0901 - 0154 svchost.exe 0 0 0 normal

0901 - 0234 svchost.exe 0 0 0 normal

0901 - 0454 svchost.exe 0 0 0 normal

0901 - 0504 wlanext.exe 0 0 0 normal

0901 - 0510 conhost.exe 0 0 0 normal

0901 - 05a4 spoolsv.exe 0 0 0 normal

0901 - 0654 SASCore64.exe 0 0 0 normal

0901 - 066c armsvc.exe 0 0 0 normal C:\Program Files (x86)\Common Files\Adobe\ARM\1.0

0901 - 0680 AERTSr64.exe 0 0 0 normal

0901 - 06a8 AppleMobileDeviceService.exe 0 0 0 normal C:\Program Files (x86)\Common Files\Apple\Mobile Device Support

0901 - 06cc ApplicationUpdater.exe 0 0 0 normal C:\Program Files (x86)\Application Updater

0901 - 06f0 mDNSResponder.exe 0 0 0 normal

0901 - 0708 btwdins.exe 0 0 0 normal

0901 - 0720 svchost.exe 0 0 0 normal

0901 - 0748 svchost.exe 0 0 0 normal

0901 - 0770 NOBuAgent.exe 0 0 0 normal

0901 - 07cc RegSrvc.exe 0 0 0 normal

0901 - 0860 sftservice.EXE 0 0 0 normal C:\Program Files (x86)\Dell DataSafe Local Backup

0901 - 0878 sftvsa.exe 0 0 0 normal C:\Program Files (x86)\Microsoft Application Virtualization Client

0901 - 08dc WLIDSVC.EXE 0 0 0 normal

0901 - 0958 EvtEng.exe 0 0 0 normal

0901 - 0980 WLIDSVCM.EXE 0 0 0 normal

0901 - 0a00 sftlist.exe 0 0 0 normal C:\Program Files (x86)\Microsoft Application Virtualization Client

0901 - 0ab4 unsecapp.exe 0 0 0 normal

0901 - 0564 CVHSVC.EXE 0 0 0 normal C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler

0901 - 0c0c SearchIndexer.exe 0 0 0 normal

0901 - 0cbc WUDFHost.exe 0 0 0 normal

0901 - 0cec svchost.exe 0 0 0 normal

0901 - 0f74 taskhost.exe 1 27 20 normal

0901 - 0fe0 dwm.exe 1 16 2 high

0901 - 0dac DSUpd.exe 1 4 2 normal C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate

0901 - 0d58 explorer.exe 1 383 243 normal

0901 - 0e3c STSERVICE.EXE 1 16 10 normal C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER

0901 - 04c0 Toaster.exe 1 14 14 normal C:\Program Files (x86)\Dell DataSafe Local Backup

0901 - 0c08 SynTPEnh.exe 1 72 38 above normal

0901 - 025c RAVCpl64.exe 1 54 19 normal

0901 - 029c igfxtray.exe 1 15 5 normal

0901 - 0c7c SynTPHelper.exe 1 9 3 above normal

0901 - 049c iFrmewrk.exe 1 82 44 normal

0901 - 0bc8 ipoint.exe 1 24 47 normal

0901 - 09bc BTTray.exe 1 18 22 normal

0901 - 1074 iTunesHelper.exe 1 14 10 normal C:\Program Files (x86)\iTunes

0901 - 109c BTStackServer.exe 1 14 9 normal

0901 - 10a4 SearchSettings.exe 1 413 148 normal C:\Program Files (x86)\Common Files\Spigot\Search Settings

0901 - 10ac jusched.exe 1 9 2 normal C:\Program Files (x86)\Common Files\Java\Java Update

0901 - 10c8 RoxioBurnLauncher.exe 1 24 21 normal C:\Program Files (x86)\Roxio\OEM\Roxio Burn

0901 - 1284 unsecapp.exe 1 9 2 normal

0901 - 1380 iPodService.exe 0 0 0 normal

0901 - 1388 BluetoothHeadsetProxy.exe 1 12 3 normal c:\Program Files\WIDCOMM\Bluetooth Software

0901 - 12f0 wmpnetwk.exe 0 0 0 normal

0901 - 10f8 svchost.exe 0 0 0 normal

0901 - 1218 LMS.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS

0901 - 1420 UNS.exe 0 0 0 normal C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS

0901 - 1970 ASC.exe 1 1662 290 normal C:\Program Files (x86)\IObit\Advanced SystemCare 5

0901 - 13b8 ASCTray.exe 1 68 35 normal C:\Program Files (x86)\IObit\Advanced SystemCare 5

0901 - 0e90 ping.exe 0 0 0 idle C:\Windows\SysWOW64

0901 - 1bfc conhost.exe 0 0 0 normal

0901 - 15f4 IMFsrv.exe 0 0 0 normal C:\Program Files (x86)\IObit\IObit Malware Fighter

0901 - 19fc IMF.exe 1 1749 222 normal C:\Program Files (x86)\IObit\IObit Malware Fighter

0901 - 1550 ToolBox.exe 1 446 108 normal C:\Program Files (x86)\IObit\Advanced SystemCare 5

0901 - 0cb8 TrustedInstaller.exe 0 0 0 normal

0901 - 0dc4 svchost.exe 0 0 0 normal

0901 - 198c msiexec.exe 0 0 0 normal

0901 - 0300 svchost.exe 0 0 0 normal

0901 - 0f54 mscorsvw.exe 0 0 0 normal C:\Windows\Microsoft.NET\Framework\v4.0.30319

0901 - 182c WmiPrvSE.exe 0 0 0 normal

0901 - 0a24 mscorsvw.exe 0 0 0 normal

0901 - 0f34 VSSVC.exe 0 0 0 normal

0901 - 1a60 Sus10_SysExplorer.exe 1 102 48 normal C:\Program Files (x86)\IObit\Advanced SystemCare 5

0901 - 0fdc WmiPrvSE.exe 0 0 0 normal

0901 - 110c audiodg.exe 0 0 0

 

 

----------------------------------

10 - Service

----------------------------------

 

1001 - SAS Core Service - ["C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"]

1001 - Adobe Acrobat Update Service - ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"]

1001 - Advanced SystemCare Service 5 - [C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe]

1001 - Application Experience - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Andrea RT Filters Service - [C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe]

1001 - Apple Mobile Device - ["C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"]

1001 - Application Updater - ["C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"]

1001 - Windows Audio Endpoint Builder - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Background Intelligent Transfer Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Bonjour Service - ["C:\Program Files\Bonjour\mDNSResponder.exe"]

1001 - Bluetooth Support Service - [C:\Windows\system32\svchost.exe -k bthsvcs]

1001 - Bluetooth Service - [c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe]

1001 - Microsoft .NET Framework NGEN v4.0.30319_X86 - [C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe]

1001 - Microsoft .NET Framework NGEN v4.0.30319_X64 - [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe]

1001 - Cryptographic Services - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Client Virtualization Handler - ["C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"]

1001 - DHCP Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - DNS Client - [C:\Windows\system32\svchost.exe -k NetworkService]

1001 - Extensible Authentication Protocol - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Windows Event Log - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - COM+ Event System - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Intel® PROSet/Wireless Event Log - [C:\Program Files\Intel\WiFi\bin\EvtEng.exe]

1001 - Function Discovery Provider Host - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Function Discovery Resource Publication - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Windows Font Cache Service - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Human Interface Device Access - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - HomeGroup Provider - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - PnP-X IP Bus Enumerator - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - iPod Service - ["C:\Program Files\iPod\bin\iPodService.exe"]

1001 - CNG Key Isolation - [C:\Windows\system32\lsass.exe]

1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Workstation - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - TCP/IP NetBIOS Helper - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]

1001 - Intel® Management and Security Application Local Management Service - [C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe]

1001 - Windows Installer - [C:\Windows\system32\msiexec.exe /V]

1001 - Network Connections - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Network List Service - [C:\Windows\System32\svchost.exe -k LocalService]

1001 - Network Location Awareness - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Dell DataSafe Online - ["C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE]

1001 - Network Store Interface Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Peer Networking Identity Manager - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]

1001 - Peer Networking Grouping - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]

1001 - Program Compatibility Assistant Service - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Plug and Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - Peer Name Resolution Protocol - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]

1001 - Power - [C:\Windows\system32\svchost.exe -k DcomLaunch]

1001 - User Profile Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Remote Access Connection Manager - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Intel® PROSet/Wireless Registry Service - [C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe]

1001 - Security Accounts Manager - [C:\Windows\system32\lsass.exe]

1001 - Secondary Logon - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - System Event Notification Service - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Application Virtualization Client - ["C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"]

1001 - SoftThinks Agent Service - ["C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"]

1001 - Application Virtualization Service Agent - ["C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"]

1001 - Print Spooler - [C:\Windows\System32\spoolsv.exe]

1001 - SSDP Discovery - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Secure Socket Tunneling Protocol Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Microsoft Software Shadow Copy Provider - [C:\Windows\System32\svchost.exe -k swprv]

1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Telephony - [C:\Windows\System32\svchost.exe -k NetworkService]

1001 - Themes - [C:\Windows\System32\svchost.exe -k netsvcs]

1001 - Distributed Link Tracking Client - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Intel® Management & Security Application User Notification Service - ["C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"]

1001 - UPnP Device Host - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]

1001 - Desktop Window Manager Session Manager - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Volume Shadow Copy - [C:\Windows\system32\vssvc.exe]

1001 - WinHTTP Web Proxy Auto-Discovery Service - [C:\Windows\system32\svchost.exe -k LocalService]

1001 - Windows Management Instrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - WLAN AutoConfig - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Live ID Sign-in Assistant - ["C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"]

1001 - Windows Media Player Network Sharing Service - ["C:\Program Files\Windows Media Player\wmpnetwk.exe"]

1001 - Portable Device Enumerator Service - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]

1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]

1001 - Windows Driver Foundation - User-mode Driver Framework - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]

1001 - IMF Service - [C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe]

 

----------------------------------

11 - Windows Express

----------------------------------

 

1101 - System Score : 4.5

1102 - Memory Score : 5.9

1103 - CPU Score : 6.7

1104 - Graphics Score : 4.5

1105 - Gaming Score : 5.2

1106 - Disk Score : 5.6

 

----------------------------------

12 - Event Log

----------------------------------

 

1201 - Time : 1/3/2012 2:28:41 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 1/3/2012 2:26:40 AM

1202 - Source : Application Error

1203 - Description : Faulting application name: svchost.exe_Schedule, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9 Exception code: 0xc00000fd Fault offset: 0x0000000000053483 Faulting process id: 0x1b4 Faulting application start time: 0x01ccc96ceeafa1aa Faulting application path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 500b840f-356f-11e1-9f62-c0f8daec9275

 

1201 - Time : 1/3/2012 2:11:39 AM

1202 - Source : Bonjour Service

1203 - Description : Task Scheduling Error: m->NextScheduledSPRetry 4587787

 

1201 - Time : 1/3/2012 2:11:39 AM

1202 - Source : Bonjour Service

1203 - Description : Task Scheduling Error: m->NextScheduledEvent 4587787

 

1201 - Time : 1/3/2012 2:11:39 AM

1202 - Source : Bonjour Service

1203 - Description : Task Scheduling Error: Continuously busy for more than a second

 

1201 - Time : 1/3/2012 12:51:56 AM

1202 - Source : Application Error

1203 - Description : Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964 Faulting module name: jvm.dll, version: 20.5.0.3, time stamp: 0x4ebbd76b Exception code: 0xc0000005 Fault offset: 0x0005e4e2 Faulting process id: 0x16a4 Faulting application start time: 0x01ccc96e56753bcd Faulting application path: C:\Windows\SysWOW64\ping.exe Faulting module path: C:\PROGRA~2\Java\jre6\bin\client\jvm.dll Report Id: 13c0ec34-3562-11e1-9f62-c0f8daec9275

 

1201 - Time : 1/3/2012 12:38:29 AM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 1/2/2012 5:10:53 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 1/2/2012 5:02:10 PM

1202 - Source : WinMgmt

1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

1201 - Time : 1/2/2012 4:54:04 PM

1202 - Source : Application Error

1203 - Description : Faulting application name: ping.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc964 Faulting module name: Flash11e.ocx, version: 11.1.102.55, time stamp: 0x4eaf89fc Exception code: 0xc0000005 Fault offset: 0x00001d9d Faulting process id: 0x1af0 Faulting application start time: 0x01ccc92baef01f8d Faulting application path: C:\Windows\SysWOW64\ping.exe Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx Report Id: 521d2676-351f-11e1-8277-c0f8daec9275

 

1201 - Time : 1/3/2012 2:28:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

1201 - Time : 1/3/2012 2:26:52 AM

1202 - Source : Service Control Manager

1203 - Description : The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

 

----------------------------------

End of file - 35142 Bytes

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*************************************************

Download DDS from HERE or HERE and save it to your desktop.

 

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

 

* XP users Double click on dds to run it.

* If your antivirus or firewall try to block DDS then please allow it to run.

* When finished DDS will open two (2) logs.

* Save both reports to your desktop.

* The instructions here ask you to attach the Attach.txt.

 

http://i424.photobucket.com/albums/pp322/digistar/DDS.jpg

 

1) DDS.txt

2) Attach.txt

Instead of attaching, please copy/past both logs into your Thread

 

Note: DDS will instruct you to post the Attach.txt log as an attachment.

Please just post it as you would any other log by copying and pasting it into the reply.

 

•Close the program window, and delete the program from your desktop.

 

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...