|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#16
|
|||
|
|||
sounds good, my hockey team is losing their game at the moment so this sounds more fruitful anyway
|
#17
|
||||
|
||||
Took a bit - it was on a different computer. Here:
Attempting a Malwarebytes scan. Unexpected activities started as soon as the laptop started up, and you couldn't touch anything without just a mass of crazy activity. A stuck key. Carefully check all the keys on your keyboard and see. On the one I had it really was not obvious (and ended up the person had spilled hot chocolate on it a while before anyway). |
#18
|
|||
|
|||
Not exactly the same. In my situation, the problems come at random unexpected times.
I suspected a stuck key like the windows key, but that would not explain some of the actions. Particular resizing of browser windows, random 7 number sequences... I don't know. It was the first thing I thought of, but none of the keys appear to be stuck. Should I disassemble the laptop to get a closer look? I did i bit of digging on the Daemon tools forums, and their unofficial explanation of the reason behind their rootkit is that it circumvents drm policy that may ban a cpu by having the program installed even if its using a legal copy. Doesn't make sense to me. |
#19
|
||||
|
||||
Daemon's rootkit basically monitors early boot activities, stalls those it targets, relocates it's own functions (masks them), returns functions then puts it's own back into play. Not a very technically correct description but it'll do when cornered.
See if you can ID some event info from these issues. Go to Start - Run, type eventvwr.msc (and press OK). Click on the System icon to expand the list in the right column. Look through that list for Errors posted at the same time you get your shutdown issues. Copy/paste back here any items of significance you see. You can post what you find back here by double-clicking on each Error/Warning in the log. In the upper corner of that display is an icon (a sorta double file icon) you can click to copy the information to your clipboard, then open a Notepad text and Paste the information, and repeat that to develop a log to post back here for review. -------------- But we also need to look towards malware still, as the malware coding squirrels' lousy work has been creating some very unusual system issues. Open Gmer again. This time just right click in the white space in the display and select Options - Only non MS files. Then click Scan and allow Gmer to run a different scan. Once that completes click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. |
#20
|
|||
|
|||
A few DCOM, Dhcp errors, but there's alot of side-by-side errors. At certain points there is about 47 entries one after the other.
Event Type: Error Event Source: DCOM Event Category: None Event ID: 10016 Date: 4/21/2010 Time: 1:55:05 AM User: NT AUTHORITY\NETWORK SERVICE Computer: OFFICELAPTOP Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ------------------------------------ Event Type: Error Event Source: DCOM Event Category: None Event ID: 10016 Date: 4/21/2010 Time: 1:17:08 AM User: NT AUTHORITY\NETWORK SERVICE Computer: OFFICELAPTOP Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ------------------------------------------------------- Event Type: Error Event Source: Dhcp Event Category: None Event ID: 1002 Date: 4/21/2010 Time: 1:09:30 AM User: N/A Computer: OFFICELAPTOP Description: The IP address lease 192.168.1.132 for the Network Card with network address 0018DE8B1E58 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ---------------------------------------------------------------- Event Type: Error Event Source: SideBySide Event Category: None Event ID: 59 Date: 4/19/2010 Time: 2:39:55 PM User: N/A Computer: OFFICELAPTOP Description: Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL. Reference error message: The operation completed successfully. . For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ---------------------------------------------------------- Event Type: Error Event Source: SideBySide Event Category: None Event ID: 59 Date: 4/19/2010 Time: 2:39:55 PM User: N/A Computer: OFFICELAPTOP Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. . For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ------------------------------------------------------------------------ Event Type: Error Event Source: SideBySide Event Category: None Event ID: 32 Date: 4/19/2010 Time: 2:39:55 PM User: N/A Computer: OFFICELAPTOP Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ------------------------------------------------------------ Event Type: Error Event Source: SideBySide Event Category: None Event ID: 59 Date: 4/19/2010 Time: 2:39:55 PM User: N/A Computer: OFFICELAPTOP Description: Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL. Reference error message: The operation completed successfully. . For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. --------------------------------------------------------------- |
#21
|
|||
|
|||
Gmer 1
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-22 22:22:41 Windows 5.1.2600 Service Pack 3 Running: et3pyec9.exe; Driver: C:\DOCUME~1\BHAVESH\LOCALS~1\Temp\pwtyypow.sys ---- Modules - GMER 1.0.15 ---- Module DRVMCDB.SYS (Device Driver/Sonic Solutions) F737E000-F7394000 (90112 bytes) Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F77CD000-F77D2000 (20480 bytes) Module \SystemRoot\system32\DRIVERS\ialmnt5.sys (Intel Graphics Miniport Driver/Intel Corporation) F6733000-F6881000 (1368064 bytes) Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) F66F7000-F671F000 (163840 bytes) Module \SystemRoot\system32\DRIVERS\NETw4x32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) F64D5000-F66F7000 (2236416 bytes) Module \SystemRoot\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driver/Broadcom Corporation) F75FD000-F7609000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\rimmptsk.sys (RICOH MMC Driver/REDC) F78AD000-F78B4000 (28672 bytes) Module \SystemRoot\system32\DRIVERS\rimsptsk.sys (RICOH MS Driver/REDC) F760D000-F761A000 (53248 bytes) Module \SystemRoot\system32\DRIVERS\rixdptsk.sys (RICOH XD SM Driver/REDC) F6451000-F649D000 (311296 bytes) Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) F6422000-F6451000 (192512 bytes) Module \SystemRoot\System32\Drivers\DLACDBHM.SYS (Shared Driver Component/Sonic Solutions) F7A6B000-F7A6D000 (8192 bytes) Module \SystemRoot\system32\DRIVERS\lmimirr.sys (LogMeIn Mirror Miniport Driver/LogMeIn, Inc.) F7C61000-F7C62000 (4096 bytes) Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F78CD000-F78D2000 (20480 bytes) Module \SystemRoot\system32\drivers\sthda.sys (NDRC/SigmaTel, Inc.) AA66E000-AA77E000 (1114112 bytes) Module \SystemRoot\system32\DRIVERS\HSXHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.) AA610000-AA64A000 (237568 bytes) Module \SystemRoot\system32\DRIVERS\HSX_DPV.sys (HSF_DP driver/Conexant Systems, Inc.) AA4FF000-AA5F6000 (1011712 bytes) Module \SystemRoot\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) AA449000-AA4FF000 (745472 bytes) Module \SystemRoot\System32\Drivers\DLARTL_N.SYS (Shared Driver Component/Sonic Solutions) F7915000-F791B000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) F793D000-F7943000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) AA209000-AA22B000 (139264 bytes) Module \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (App Support Driver/Dell Inc) F7263000-F7267000 (16384 bytes) Module \SystemRoot\System32\ialmdnt5.dll (Controller Hub for Intel Graphics Driver/Intel Corporation) BF020000-BF042000 (139264 bytes) Module \SystemRoot\System32\ialmrnt5.dll (Controller Hub for Intel Graphics Driver/Intel Corporation) BF012000-BF020000 (57344 bytes) Module \SystemRoot\System32\ialmdev5.DLL (Component GHAL Driver/Intel Corporation) BF042000-BF077000 (217088 bytes) Module \SystemRoot\System32\ialmdd5.DLL (DirectDraw(R) Driver for Intel(R) Graphics Technology/Intel Corporation) BF077000-BF159000 (925696 bytes) Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes) Module \SystemRoot\System32\Drivers\DRVNDDM.SYS (Device Driver Manager/Sonic Solutions) A92DA000-A92E4000 (40960 bytes) Module \SystemRoot\System32\DLA\DLADResN.SYS (Drive Letter Access Component/Sonic Solutions) F7B4C000-F7B4D000 (4096 bytes) Module \SystemRoot\System32\DLA\DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) A919F000-A91B5000 (90112 bytes) Module \SystemRoot\System32\DLA\DLAOPIOM.SYS (Drive Letter Access Component/Sonic Solutions) AA431000-AA435000 (16384 bytes) Module \SystemRoot\System32\DLA\DLAPoolM.SYS (Drive Letter Access Component/Sonic Solutions) F7AEF000-F7AF1000 (8192 bytes) Module \SystemRoot\System32\DLA\DLABOIOM.SYS (Drive Letter Access Component/Sonic Solutions) F77DD000-F77E4000 (28672 bytes) Module \SystemRoot\System32\DLA\DLAUDFAM.SYS (Drive Letter Access Component/Sonic Solutions) A9187000-A919F000 (98304 bytes) Module \SystemRoot\System32\DLA\DLAUDF_M.SYS (Drive Letter Access Component/Sonic Solutions) A9171000-A9187000 (90112 bytes) Module \SystemRoot\system32\DRIVERS\AegisP.sys (IEEE 802.1X Protocol Driver/Cisco Systems, Inc.) F781D000-F7822000 (20480 bytes) Module \SystemRoot\system32\DRIVERS\s24trans.sys (Intel WLAN Packet Driver/Intel Corporation) A91D1000-A91D4000 (12288 bytes) Module \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn Rfs Drivemap Driver/LogMeIn, Inc.) A8DDC000-A8DE6000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) A8D30000-A8D34000 (16384 bytes) Module \SystemRoot\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) A8EF9000-A8F03000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) A772C000-A7741000 (86016 bytes) Module \SystemRoot\System32\Drivers\hiber_WMILIB.SYS F7A8F000-F7A91000 (8192 bytes) Module \??\C:\DOCUME~1\BHAVESH\LOCALS~1\Temp\pwtyypow.sys (GMER) A716F000-A7186000 (94208 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (SQL Server Windows NT/Microsoft Corporation) 476 Library C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSmsLPCn.dll (Client-Side Local Inter-Process Communication (LPC) Net Library/Microsoft Corporation) 0x026E0000 Process C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) 500 Library C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) 0x00400000 Process C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) 540 Library C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) 0x00400000 Process C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 844 Library C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online GoToAssist/Citrix Online, a division of Citrix Systems, Inc.) 0x10000000 Library C:\WINDOWS\system32\LMIinit.dll (LogMeIn Remote Control Helper/LogMeIn, Inc.) 0x00FD0000 Library C:\WINDOWS\system32\igfxdev.dll (igfxdev Module/Intel Corporation) 0x00FA0000 Process C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) 1272 Library C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) 0x00400000 Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00550000 Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00660000 Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x006F0000 Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics, Inc.) 1288 Library C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics, Inc.) 0x00400000 Library C:\WINDOWS\system32\SynCOM.dll (SynCOM/Synaptics, Inc.) 0x10000000 Library C:\WINDOWS\system32\SynTPAPI.dll (SynTPAPI/Synaptics, Inc.) 0x63010000 Process C:\WINDOWS\stsystra.exe (Sigmatel Audio system tray application/SigmaTel, Inc.) 1348 Library C:\WINDOWS\stsystra.exe (Sigmatel Audio system tray application/SigmaTel, Inc.) 0x00400000 Library C:\WINDOWS\system32\STLang.dll (Localize Module/SigmaTel, Inc.) 0x10000000 Library C:\WINDOWS\system32\stacapi.dll (STACAPI.DLL/SigmaTel, Inc.) 0x012F0000 Process C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 1468 Library C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 0x00400000 Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1620 Library C:\WINDOWS\system32\cpwmon2k.dll 0x10000000 Library C:\WINDOWS\system32\ZLhp1020.DLL (Spooler Language Monitor for HP LaserJet Series 1020/2600/Zenographics, Inc.) 0x00990000 Library C:\WINDOWS\system32\LMIport.dll (RemotelyAnywhere Printer Port Monitor/LogMeIn, Inc.) 0x50400000 Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00D30000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint .DLL (Intelligent MetaFile Print Processor/Zenographics, Inc.) 0x715E0000 Library C:\WINDOWS\system32\Imf32.dll (IMF32/Zenographics, Inc.) 0x71600000 Library C:\WINDOWS\system32\ZTAG32.dll (ZTag/Zenographics, Inc.) 0x715D0000 Library C:\WINDOWS\system32\ZSPOOL.dll (ZSpool/Zenographics, Inc.) 0x00D80000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LMIproc. dll (RemotelyAnywhere Print Processor/LogMeIn, Inc.) 0x6A900000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.d ll (Microsoft® Document Imaging/Microsoft Corporation) 0x00DD0000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpi pelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\ZIMFPrnt .DLL (Intelligent MetaFile Print Processor/Zenographics, Inc.) 0x00DF0000 Library C:\WINDOWS\system32\ZIMF.dll (IMF32/Zenographics, Inc.) 0x00E10000 Library C:\WINDOWS\system32\ZTAG.dll (ZTag/Zenographics, Inc.) 0x00E30000 |
#22
|
|||
|
|||
2
Process C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) 1860
Library C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) 0x00400000 Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x004D0000 Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x00590000 Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00630000 Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00740000 Library C:\Program Files\Intel\Wireless\Bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x007D0000 Library C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x008C0000 Process C:\Program Files\Dell\Media Experience\PCMService.exe (PowerCinema Resident Program for Dell/CyberLink Corp.) 1940 Library C:\Program Files\Dell\Media Experience\PCMService.exe (PowerCinema Resident Program for Dell/CyberLink Corp.) 0x00400000 Library C:\Program Files\Dell\Media Experience\DirWatcher.dll 0x10000000 Library C:\Program Files\Dell\Media Experience\CLMixerWrapper.dll (Cyberlink Mixer Wrapper for Dell/CyberLink Corp.) 0x01130000 Library C:\Program Files\Dell\Media Experience\Music\MMLibraryObj.dll (MMLibraryObj/Musicmatch) 0x02550000 Library C:\Program Files\Dell\Media Experience\Music\WMPEngine.dll (PowerCinema WMP Engine Module/CyberLink Corp.) 0x027D0000 Library C:\WINDOWS\system32\wmp.dll (Windows Media Player Core/Microsoft Corporation) 0x07510000 Process C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Software Manager Scheduler/Macrovision Corporation) 1956 Library C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Software Manager Scheduler/Macrovision Corporation) 0x00400000 Process C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 1996 Library C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 0x00400000 Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2092 Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x10000000 Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x003E0000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x00B60000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00C60000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00E70000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x00F00000 Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x00F10000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00F40000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x00F70000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x00FE0000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x00FF0000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x01140000 Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x01150000 Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x011C0000 Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x01580000 Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x014E0000 Process C:\Program Files\Dell\Media Experience\DMXLauncher.exe 2132 Library C:\Program Files\Dell\Media Experience\DMXLauncher.exe 0x00400000 Process C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (ZeroCfgSvc MFC Application/Intel Corporation) 2180 Library C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (ZeroCfgSvc MFC Application/Intel Corporation) 0x00400000 Library C:\Program Files\Intel\Wireless\bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Wireless\bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x00500000 Library C:\Program Files\Intel\Wireless\bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x005C0000 Library C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00660000 Library C:\Program Files\Intel\Wireless\bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00770000 Library C:\Program Files\Intel\Wireless\bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x00800000 Library C:\Program Files\Intel\Wireless\bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x008F0000 Process C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Capability Manager/Popwire AB) 2304 Library C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Capability Manager/Popwire AB) 0x00400000 Library C:\Program Files\Common Files\Teleca Shared\tlib_log.dll (Telecalib Logging, Dynamic Link Library used for logging./Popwire AB) 0x10000000 Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll 0x00330000 |
#23
|
|||
|
|||
3
Process C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 2476
Library C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 0x00400000 Library C:\Program Files\Intel\Wireless\Bin\acAuth.dll 0x10000000 Library C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll (C8021XSettings DLL/Intel Corporation) 0x004C0000 Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x005B0000 Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00670000 Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x00700000 Library C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll (LSAWRAPI/Intel Corporation) 0x23000000 Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x07670000 Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x077C0000 Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x07860000 Process C:\WINDOWS\system32\igfxpers.exe (persistence Module/Intel Corporation) 2500 Library C:\WINDOWS\system32\igfxpers.exe (persistence Module/Intel Corporation) 0x00400000 Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x10000000 Process C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Framework MFC Application/Intel Corporation) 2572 Library C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Framework MFC Application/Intel Corporation) 0x00400000 Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00520000 Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00630000 Library C:\Program Files\Intel\Wireless\Bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x006D0000 Library C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x007B0000 Library C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr. dll (Intel PROSet/Wireless Application/Intel Corporation) 0x00F30000 Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x010C0000 Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x01210000 Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 2676 Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00BD0000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D20000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00D40000 Process C:\WINDOWS\system32\hkcmd.exe (hkcmd Module/Intel Corporation) 2716 Library C:\WINDOWS\system32\hkcmd.exe (hkcmd Module/Intel Corporation) 0x00400000 Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x10000000 Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x00EC0000 Library C:\WINDOWS\system32\igfxres.dll (igfxres Module/Intel Corporation) 0x00EE0000 Process C:\WINDOWS\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 2780 Library C:\WINDOWS\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 0x00400000 Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x10000000 Library C:\WINDOWS\system32\igfxdev.dll (igfxdev Module/Intel Corporation) 0x010C0000 Process C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (CAPI_Worker Module/Sony Ericsson Mobile Communications AB) 2872 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (CAPI_Worker Module/Sony Ericsson Mobile Communications AB) 0x00400000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll (ShowMfcDialog DLL/Sony Ericsson Mobile Communications AB) 0x10000000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\Capires0409.DLL (capires0809/Popwire AB) 0x10300000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll 0x013C0000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll (cabmain/Sony Ericsson Mobile Communications AB) 0x02200000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msmeirsock_object.dll (MSMEIrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10F00000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ms98irsock_object.dll (MS98IrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10D00000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll (MSIrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10E00000 Process C:\Program Files\NetWaiting\netWaiting.exe 2968 Library C:\Program Files\NetWaiting\netWaiting.exe 0x00400000 Library C:\Program Files\NetWaiting\BVRPDIAG.dll (BVRP Diagnostics/BVRP Software) 0x10000000 Library C:\Program Files\NetWaiting\MODEMMOH.dll (NetWaiting for V92/BVRP Software) 0x00340000 Library C:\Program Files\NetWaiting\bvrpctln.dll (Custom controls and utilities library/BVRP Software) 0x00360000 Library C:\WINDOWS\system32\MdmXSdk.dll (Diagnostic Interface DLL/Conexant) 0x008F0000 Library C:\Program Files\NetWaiting\mohrc.dll (Modem On Hold Resource/BVRP Software) 0x00A20000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 3160 Library C:\WINDOWS\System32\strmfilt.dll (Stream Filter Library/Microsoft Corporation) 0x6F290000 Process C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software) 3300 Library C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software) 0x00400000 Library C:\Program Files\Digital Line Detect\BVRPDIAG.dll (BVRP Diagnostics/BVRP Software) 0x10000000 Library C:\WINDOWS\system32\MdmXSdk.dll (Diagnostic Interface DLL/Conexant) 0x003B0000 Process C:\WINDOWS\system32\taskmgr.exe (Windows TaskManager/Microsoft Corporation) 3428 Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x10000000 Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 3544 Library C:\PROGRA~1\WINDOW~2\wmpband.dll (Windows Media Player/Microsoft Corporation) 0x074A0000 Library c:\windows\system32\netprovcredman.dll (Network Provider Credentials Manager/Intel Corporation) 0x10000000 Library C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn Rfs Client Network Provider/LogMeIn, Inc.) 0x02550000 Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x00DA0000 Library C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll (File Manager interface/Sony Ericsson Mobile Communications AB) 0x03D70000 Library C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll (File Manager interface/Sony Ericsson Mobile Communications AB) 0x02D60000 Library C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (SBSD IE Protection/Safer Networking Limited) |
#24
|
|||
|
|||
4
Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 3668
Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000 Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AntiVir Guard Messages (Deutsch)/Avira GmbH) 0x00D40000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D50000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00D70000 Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00EE0000 Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x00F00000 Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x00FD0000 Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01100000 Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01140000 Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01170000 Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012C0000 Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012F0000 Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01340000 Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x015E0000 Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01660000 Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016C0000 Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01710000 Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x019A0000 Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x019F0000 Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01A60000 Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01AE0000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01B00000 Process C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Drive Letter Access Component/Sonic Solutions) 3692 Library C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Drive Letter Access Component/Sonic Solutions) 0x00400000 Library C:\WINDOWS\system32\DLAAPI_W.DLL (Drive Letter Access Component/Sonic Solutions) 0x10000000 Library C:\WINDOWS\System32\DLA\DLACResW.dll (Drive Letter Access Component/Sonic Solutions) 0x00330000 Library C:\WINDOWS\system32\VxBlock.dll (VxBlock/Sonic Solutions) 0x009A0000 Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 3808 Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000 Process C:\Program Files\Common Files\Teleca Shared\Generic.exe (Generic Device Management Executable./Teleca Software Solutions) 3996 Library C:\Program Files\Common Files\Teleca Shared\Generic.exe (Generic Device Management Executable./Teleca Software Solutions) 0x00400000 Library C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll (Telecalib Logging, Dynamic Link Library. Dll used for logging purposes./Teleca/Popwire AB) 0x10000000 Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll 0x00330000 Library C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll (Device Management type library and proxy/stub dll./Teleca Software Solutions) 0x01DC0000 Library C:\Program Files\Sony Ericsson\Mobile2\Device Manager\SpecificMPM.dll (Mobile Phone Monitor specific device management dll./SonyEricsson) 0x01210000 Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll 0x01230000 Library C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll (USB specific device management dll./Popwire AB) 0x01240000 Library C:\Program Files\Common Files\Teleca Shared\tlib_log.dll (Telecalib Logging, Dynamic Link Library used for logging./Popwire AB) 0x01280000 Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll 0x012B0000 Process C:\Documents and Settings\BHAVESH\Desktop\et3pyec9.exe 4428 Library C:\Documents and Settings\BHAVESH\Desktop\et3pyec9.exe 0x00400000 Process C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 5708 Library C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 0x00400000 Library C:\Program Files\Intel\Wireless\Bin\acAuth.dll 0x10000000 Library C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll (C8021XSettings DLL/Intel Corporation) 0x004C0000 Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000 Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x005B0000 Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00670000 Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x00700000 Library C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll (LSAWRAPI/Intel Corporation) 0x23000000 Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x07460000 Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x07250000 Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x075A0000 ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\DRIVERS\AegisP.sys (IEEE 802.1X Protocol Driver/Cisco Systems, Inc.) [AUTO] AegisP Service C:\WINDOWS\system32\DRIVERS\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] AliIde Service C:\WINDOWS\system32\DRIVERS\amdagp.sys (AMD Win2000 AGP Filter/Advanced Micro Devices, Inc.) [DISABLED] amdagp Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (App Support Driver/Dell Inc) [SYSTEM] APPDRV Service C:\WINDOWS\system32\DRIVERS\asc.sys (AdvanSys SCSI Controller Driver/Advanced System Products, Inc.) [DISABLED] asc Service C:\WINDOWS\system32\DRIVERS\asc3550.sys (AdvanSys Ultra-Wide PCI SCSI Driver/Advanced System Products, Inc.) [DISABLED] asc3550 Service C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [SYSTEM] avgio Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb Service C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driver/Broadcom Corporation) [MANUAL] bcm4sbxp Service system32\DRIVERS\blueletaudio.sys [MANUAL] BlueletAudio Service system32\DRIVERS\BlueletSCOAudio.sys [MANUAL] BlueletSCOAudio Service system32\DRIVERS\btnetdrv.sys [MANUAL] BT Service System32\Drivers\btcusb.sys [MANUAL] Btcsrusb Service system32\DRIVERS\vbtenum.sys [MANUAL] BTHidEnum Service System32\Drivers\BTHidMgr.sys |
#25
|
|||
|
|||
5
Service C:\ComboFix\catchme.sys [MANUAL] catchme
Service C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] CmdIde Service C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Disk Array Controller Driver/Mylex Corporation) [DISABLED] dac2w2k Service C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLABOIOM Service C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Shared Driver Component/Sonic Solutions) [SYSTEM] DLACDBHM Service C:\WINDOWS\System32\DLA\DLADResN.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLADResN Service C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAIFS_M Service C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAOPIOM Service C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAPoolM Service C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Shared Driver Component/Sonic Solutions) [SYSTEM] DLARTL_N Service C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAUDFAM Service C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAUDF_M Service C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Device Driver/Sonic Solutions) [BOOT] DRVMCDB Service C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Device Driver Manager/Sonic Solutions) [AUTO] DRVNDDM Service C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (Process Trigger Driver/GTek Technologies Ltd.) [MANUAL] DSproct Service C:\WINDOWS\system32\DRIVERS\e100b325.sys (NDIS 5 driver/Intel Corporation) [MANUAL] E100B Service C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) [AUTO] EvtEng Service C:\WINDOWS\system32\DRIVERS\ggsemc.sys (SEMC USB Flash Driver/Sony Ericsson Mobile Communications) [MANUAL] ggsemc Service C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online GoToAssist/Citrix Online, a division of Citrix Systems, Inc.) [MANUAL] GoToAssist Service C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc.) [AUTO] gupdate Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [MANUAL] gusvc Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus Service C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys (HSF_DP driver/Conexant Systems, Inc.) [MANUAL] HSF_DPV Service C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.) [MANUAL] HSXHWAZL Service C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Graphics Miniport Driver/Intel Corporation) [MANUAL] ialm Service C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT Service IntelNetProvCredMan Service C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService Service C:\Program Files\LogMeIn\x86\RaInfo.sys (RemotelyAnywhere Kernel Information Provider/LogMeIn, Inc.) [AUTO] LMIInfo Service C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn Maintenance Service/LogMeIn, Inc.) [AUTO] LMIMaint Service C:\WINDOWS\system32\DRIVERS\lmimirr.sys (LogMeIn Mirror Miniport Driver/LogMeIn, Inc.) [MANUAL] lmimirr Service C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn Rfs Drivemap Driver/LogMeIn, Inc.) [AUTO] LMIRfsDriver Service C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn/LogMeIn, Inc.) [AUTO] LogMeIn Service C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) [AUTO] mdmxsdk Service C:\WINDOWS\system32\DRIVERS\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Whistler 32/American Megatrends Inc.) [DISABLED] mraid35x Service MSDTC Bridge 3.0.0.0 Service C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) [MANUAL] NETw4x32 Service C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) [AUTO] NICCONFIGSVC Service nm Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 /NVIDIA Corporation) [MANUAL] nv Service Outlook Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20 Service C:\WINDOWS\system32\DRIVERS\ql1080.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1080 Service C:\WINDOWS\system32\DRIVERS\ql12160.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql12160 Service C:\WINDOWS\system32\DRIVERS\ql1280.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1280 Service C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) [AUTO] RegSrvc Service C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (RICOH MMC Driver/REDC) [MANUAL] rimmptsk Service C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (RICOH MS Driver/REDC) [MANUAL] rimsptsk Service C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (RICOH XD SM Driver/REDC) [MANUAL] rismxdp Service C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) [AUTO] S24EventMonitor Service C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel WLAN Packet Driver/Intel Corporation) [AUTO] s24trans Service C:\WINDOWS\System32\DRIVERS\SDTHOOK.sys (Panda Anti-Malware support driver (sdthook)/Panda Software) [MANUAL] SDTHOOK Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] Secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\WINDOWS\system32\DRIVERS\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd Service C:\Program Files\Winsim\ConnectionManager\SimplyConnectionMan ager.exe (Simply Accounting Connection Manager/Sage) [AUTO] Simply Accounting Database Connection Manager Service C:\Program Files\Winsim\TransactionManager2010 - CDN\Sage_SA.TransactionManager.exe (Simply Accounting Transaction Manager/Sage) [MANUAL] Simply Accounting Transaction Manager 2010 - CDN Service C:\WINDOWS\system32\DRIVERS\sisagp.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) [DISABLED] sisagp Service SMSvcHost 3.0.0.0 Service C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec AIC-6x60 series SCSI miniport/Adaptec, Inc.) [DISABLED] Sparrow Service System32\Drivers\sptd.sys [DISABLED] sptd Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [SYSTEM] ssmdrv Service C:\WINDOWS\system32\drivers\sthda.sys (NDRC/SigmaTel, Inc.) [MANUAL] STHDA Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip Service C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc. SCSI Miniport Driver/Symbios Logic Inc.) [DISABLED] symc810 Service C:\WINDOWS\system32\DRIVERS\symc8xx.sys (Symbios 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] symc8xx Service C:\WINDOWS\system32\DRIVERS\sym_hi.sys (Symbios Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] sym_hi Service C:\WINDOWS\system32\DRIVERS\sym_u3.sys (Symbios Ultra3 SCSI Miniport Driver/LSI Logic) [DISABLED] sym_u3 Service SynPS2Enable Service C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) [MANUAL] SynTP Service C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Ultra66 Miniport Driver/Promise Technology, Inc.) [DISABLED] ultra Service system32\DRIVERS\VComm.sys [MANUAL] VComm Service System32\Drivers\VcommMgr.sys [MANUAL] VcommMgr Service C:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [DISABLED] ViaIde Service C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Wireless LAN Driver/Intel® Corporation) [MANUAL] w39n51 Service C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) [MANUAL] winachsf Service Windows Workflow Foundation 3.0.0.0 Service C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (WLANKEEPER/Intel Corporation) [AUTO] WLANKEEPER Service Wmi ---- EOF - GMER 1.0.15 ---- |
#26
|
||||
|
||||
Event log info is tough to decipher into any real ID'ing of the problem, so I will have to ponder those you posted. The Gmer log doesn't indicate Malware. Teleca and Sony Ericsson Mobile device softwares. External devices are always a candidate for strange things occurring on systems. No devices are attached when the problems occur, yes?
|
#27
|
|||
|
|||
No devices were attached, that is correct. Although I have not received that system error since this process began, It could be related to that error I first mentioned. If the logs do not indicate any harm then should we consider it to be a hardware problem?
Last edited by BSTAR; April 23rd, 2010 at 02:47 PM. |
#28
|
||||
|
||||
I am going to go ahead and suggest it is a hardware issue, and likely a good idea to post on it in the CTH Hardware forum. That way more we see the info, and more folks can provide some solution ideas.
|
#29
|
|||
|
|||
Ok, good deal. Thanks for the help Jintan, 5 stars
|
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Odd PC Behavior | ROgden | Hardware | 2 | March 8th, 2012 09:26 PM |
odd behavior | chuckweis | Malware Removal | 27 | June 10th, 2009 02:43 AM |
IE 7's odd behavior | eriebch | Windows XP | 0 | June 21st, 2007 12:02 AM |
Odd behavior. | supdog134 | MacOS | 5 | November 7th, 2006 12:24 AM |
Odd behavior from Win XP | eriebch | Windows XP | 10 | January 14th, 2005 02:21 AM |
All times are GMT +1. The time now is 01:39 PM.