Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #16  
Old April 22nd, 2010, 02:22 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
sounds good, my hockey team is losing their game at the moment so this sounds more fruitful anyway
Reply With Quote
  #17  
Old April 22nd, 2010, 02:25 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Took a bit - it was on a different computer. Here:



Attempting a Malwarebytes scan. Unexpected activities started as soon as the laptop started up, and you couldn't touch anything without just a mass of crazy activity. A stuck key. Carefully check all the keys on your keyboard and see. On the one I had it really was not obvious (and ended up the person had spilled hot chocolate on it a while before anyway).
Reply With Quote
  #18  
Old April 22nd, 2010, 02:54 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
Not exactly the same. In my situation, the problems come at random unexpected times.

I suspected a stuck key like the windows key, but that would not explain some of the actions. Particular resizing of browser windows, random 7 number sequences... I don't know.

It was the first thing I thought of, but none of the keys appear to be stuck. Should I disassemble the laptop to get a closer look?

I did i bit of digging on the Daemon tools forums, and their unofficial explanation of the reason behind their rootkit is that it circumvents drm policy that may ban a cpu by having the program installed even if its using a legal copy. Doesn't make sense to me.
Reply With Quote
  #19  
Old April 23rd, 2010, 02:12 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Daemon's rootkit basically monitors early boot activities, stalls those it targets, relocates it's own functions (masks them), returns functions then puts it's own back into play. Not a very technically correct description but it'll do when cornered.

See if you can ID some event info from these issues. Go to Start - Run, type eventvwr.msc (and press OK). Click on the System icon to expand the list in the right column. Look through that list for Errors posted at the same time you get your shutdown issues. Copy/paste back here any items of significance you see.


You can post what you find back here by double-clicking on each Error/Warning in the log. In the upper corner of that display is an icon (a sorta double file icon) you can click to copy the information to your clipboard, then open a Notepad text and Paste the information, and repeat that to develop a log to post back here for review.

--------------

But we also need to look towards malware still, as the malware coding squirrels' lousy work has been creating some very unusual system issues.

Open Gmer again. This time just right click in the white space in the display and select Options - Only non MS files. Then click Scan and allow Gmer to run a different scan. Once that completes click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
Reply With Quote
  #20  
Old April 23rd, 2010, 02:52 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
A few DCOM, Dhcp errors, but there's alot of side-by-side errors. At certain points there is about 47 entries one after the other.


Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 4/21/2010
Time: 1:55:05 AM
User: NT AUTHORITY\NETWORK SERVICE
Computer: OFFICELAPTOP
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


------------------------------------



Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10016
Date: 4/21/2010
Time: 1:17:08 AM
User: NT AUTHORITY\NETWORK SERVICE
Computer: OFFICELAPTOP
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


-------------------------------------------------------

Event Type: Error
Event Source: Dhcp
Event Category: None
Event ID: 1002
Date: 4/21/2010
Time: 1:09:30 AM
User: N/A
Computer: OFFICELAPTOP
Description:
The IP address lease 192.168.1.132 for the Network Card with network address 0018DE8B1E58 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------------------------------------------------------------

Event Type: Error
Event Source: SideBySide
Event Category: None
Event ID: 59
Date: 4/19/2010
Time: 2:39:55 PM
User: N/A
Computer: OFFICELAPTOP
Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL. Reference error message: The operation completed successfully.
.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------------------------------------------------------

Event Type: Error
Event Source: SideBySide
Event Category: None
Event ID: 59
Date: 4/19/2010
Time: 2:39:55 PM
User: N/A
Computer: OFFICELAPTOP
Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system.
.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


------------------------------------------------------------------------

Event Type: Error
Event Source: SideBySide
Event Category: None
Event ID: 32
Date: 4/19/2010
Time: 2:39:55 PM
User: N/A
Computer: OFFICELAPTOP
Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


------------------------------------------------------------

Event Type: Error
Event Source: SideBySide
Event Category: None
Event ID: 59
Date: 4/19/2010
Time: 2:39:55 PM
User: N/A
Computer: OFFICELAPTOP
Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL. Reference error message: The operation completed successfully.
.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


---------------------------------------------------------------
Reply With Quote
  #21  
Old April 23rd, 2010, 03:57 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
Gmer 1

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-22 22:22:41
Windows 5.1.2600 Service Pack 3
Running: et3pyec9.exe; Driver: C:\DOCUME~1\BHAVESH\LOCALS~1\Temp\pwtyypow.sys


---- Modules - GMER 1.0.15 ----

Module DRVMCDB.SYS (Device Driver/Sonic Solutions) F737E000-F7394000 (90112 bytes)
Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F77CD000-F77D2000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\ialmnt5.sys (Intel Graphics Miniport Driver/Intel Corporation) F6733000-F6881000 (1368064 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) F66F7000-F671F000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\NETw4x32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) F64D5000-F66F7000 (2236416 bytes)
Module \SystemRoot\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driver/Broadcom Corporation) F75FD000-F7609000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\rimmptsk.sys (RICOH MMC Driver/REDC) F78AD000-F78B4000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\rimsptsk.sys (RICOH MS Driver/REDC) F760D000-F761A000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\rixdptsk.sys (RICOH XD SM Driver/REDC) F6451000-F649D000 (311296 bytes)
Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) F6422000-F6451000 (192512 bytes)
Module \SystemRoot\System32\Drivers\DLACDBHM.SYS (Shared Driver Component/Sonic Solutions) F7A6B000-F7A6D000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\lmimirr.sys (LogMeIn Mirror Miniport Driver/LogMeIn, Inc.) F7C61000-F7C62000 (4096 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F78CD000-F78D2000 (20480 bytes)
Module \SystemRoot\system32\drivers\sthda.sys (NDRC/SigmaTel, Inc.) AA66E000-AA77E000 (1114112 bytes)
Module \SystemRoot\system32\DRIVERS\HSXHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.) AA610000-AA64A000 (237568 bytes)
Module \SystemRoot\system32\DRIVERS\HSX_DPV.sys (HSF_DP driver/Conexant Systems, Inc.) AA4FF000-AA5F6000 (1011712 bytes)
Module \SystemRoot\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) AA449000-AA4FF000 (745472 bytes)
Module \SystemRoot\System32\Drivers\DLARTL_N.SYS (Shared Driver Component/Sonic Solutions) F7915000-F791B000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) F793D000-F7943000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) AA209000-AA22B000 (139264 bytes)
Module \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (App Support Driver/Dell Inc) F7263000-F7267000 (16384 bytes)
Module \SystemRoot\System32\ialmdnt5.dll (Controller Hub for Intel Graphics Driver/Intel Corporation) BF020000-BF042000 (139264 bytes)
Module \SystemRoot\System32\ialmrnt5.dll (Controller Hub for Intel Graphics Driver/Intel Corporation) BF012000-BF020000 (57344 bytes)
Module \SystemRoot\System32\ialmdev5.DLL (Component GHAL Driver/Intel Corporation) BF042000-BF077000 (217088 bytes)
Module \SystemRoot\System32\ialmdd5.DLL (DirectDraw(R) Driver for Intel(R) Graphics Technology/Intel Corporation) BF077000-BF159000 (925696 bytes)
Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes)
Module \SystemRoot\System32\Drivers\DRVNDDM.SYS (Device Driver Manager/Sonic Solutions) A92DA000-A92E4000 (40960 bytes)
Module \SystemRoot\System32\DLA\DLADResN.SYS (Drive Letter Access Component/Sonic Solutions) F7B4C000-F7B4D000 (4096 bytes)
Module \SystemRoot\System32\DLA\DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) A919F000-A91B5000 (90112 bytes)
Module \SystemRoot\System32\DLA\DLAOPIOM.SYS (Drive Letter Access Component/Sonic Solutions) AA431000-AA435000 (16384 bytes)
Module \SystemRoot\System32\DLA\DLAPoolM.SYS (Drive Letter Access Component/Sonic Solutions) F7AEF000-F7AF1000 (8192 bytes)
Module \SystemRoot\System32\DLA\DLABOIOM.SYS (Drive Letter Access Component/Sonic Solutions) F77DD000-F77E4000 (28672 bytes)
Module \SystemRoot\System32\DLA\DLAUDFAM.SYS (Drive Letter Access Component/Sonic Solutions) A9187000-A919F000 (98304 bytes)
Module \SystemRoot\System32\DLA\DLAUDF_M.SYS (Drive Letter Access Component/Sonic Solutions) A9171000-A9187000 (90112 bytes)
Module \SystemRoot\system32\DRIVERS\AegisP.sys (IEEE 802.1X Protocol Driver/Cisco Systems, Inc.) F781D000-F7822000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\s24trans.sys (Intel WLAN Packet Driver/Intel Corporation) A91D1000-A91D4000 (12288 bytes)
Module \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn Rfs Drivemap Driver/LogMeIn, Inc.) A8DDC000-A8DE6000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) A8D30000-A8D34000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) A8EF9000-A8F03000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) A772C000-A7741000 (86016 bytes)
Module \SystemRoot\System32\Drivers\hiber_WMILIB.SYS F7A8F000-F7A91000 (8192 bytes)
Module \??\C:\DOCUME~1\BHAVESH\LOCALS~1\Temp\pwtyypow.sys (GMER) A716F000-A7186000 (94208 bytes)

---- Processes - GMER 1.0.15 ----

Process C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (SQL Server Windows NT/Microsoft Corporation) 476
Library C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\SSmsLPCn.dll (Client-Side Local Inter-Process Communication (LPC) Net Library/Microsoft Corporation) 0x026E0000

Process C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) 500
Library C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) 0x00400000

Process C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) 540
Library C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) 0x00400000

Process C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 844
Library C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online GoToAssist/Citrix Online, a division of Citrix Systems, Inc.) 0x10000000
Library C:\WINDOWS\system32\LMIinit.dll (LogMeIn Remote Control Helper/LogMeIn, Inc.) 0x00FD0000
Library C:\WINDOWS\system32\igfxdev.dll (igfxdev Module/Intel Corporation) 0x00FA0000

Process C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) 1272
Library C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) 0x00400000
Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x10000000
Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00550000
Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00660000
Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x006F0000

Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics, Inc.) 1288
Library C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics, Inc.) 0x00400000
Library C:\WINDOWS\system32\SynCOM.dll (SynCOM/Synaptics, Inc.) 0x10000000
Library C:\WINDOWS\system32\SynTPAPI.dll (SynTPAPI/Synaptics, Inc.) 0x63010000

Process C:\WINDOWS\stsystra.exe (Sigmatel Audio system tray application/SigmaTel, Inc.) 1348
Library C:\WINDOWS\stsystra.exe (Sigmatel Audio system tray application/SigmaTel, Inc.) 0x00400000
Library C:\WINDOWS\system32\STLang.dll (Localize Module/SigmaTel, Inc.) 0x10000000
Library C:\WINDOWS\system32\stacapi.dll (STACAPI.DLL/SigmaTel, Inc.) 0x012F0000

Process C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 1468
Library C:\Program Files\Java\jre6\bin\jusched.exe (Java(TM) Platform SE binary/Sun Microsystems, Inc.) 0x00400000

Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1620
Library C:\WINDOWS\system32\cpwmon2k.dll 0x10000000
Library C:\WINDOWS\system32\ZLhp1020.DLL (Spooler Language Monitor for HP LaserJet Series 1020/2600/Zenographics, Inc.) 0x00990000
Library C:\WINDOWS\system32\LMIport.dll (RemotelyAnywhere Printer Port Monitor/LogMeIn, Inc.) 0x50400000
Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00D30000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\IMFPrint .DLL (Intelligent MetaFile Print Processor/Zenographics, Inc.) 0x715E0000
Library C:\WINDOWS\system32\Imf32.dll (IMF32/Zenographics, Inc.) 0x71600000
Library C:\WINDOWS\system32\ZTAG32.dll (ZTag/Zenographics, Inc.) 0x715D0000
Library C:\WINDOWS\system32\ZSPOOL.dll (ZSpool/Zenographics, Inc.) 0x00D80000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LMIproc. dll (RemotelyAnywhere Print Processor/LogMeIn, Inc.) 0x6A900000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.d ll (Microsoft® Document Imaging/Microsoft Corporation) 0x00DD0000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpi pelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\ZIMFPrnt .DLL (Intelligent MetaFile Print Processor/Zenographics, Inc.) 0x00DF0000
Library C:\WINDOWS\system32\ZIMF.dll (IMF32/Zenographics, Inc.) 0x00E10000
Library C:\WINDOWS\system32\ZTAG.dll (ZTag/Zenographics, Inc.) 0x00E30000
Reply With Quote
  #22  
Old April 23rd, 2010, 03:59 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
2

Process C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) 1860
Library C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) 0x00400000
Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x10000000
Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x004D0000
Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x00590000
Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00630000
Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00740000
Library C:\Program Files\Intel\Wireless\Bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x007D0000
Library C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x008C0000

Process C:\Program Files\Dell\Media Experience\PCMService.exe (PowerCinema Resident Program for Dell/CyberLink Corp.) 1940
Library C:\Program Files\Dell\Media Experience\PCMService.exe (PowerCinema Resident Program for Dell/CyberLink Corp.) 0x00400000
Library C:\Program Files\Dell\Media Experience\DirWatcher.dll 0x10000000
Library C:\Program Files\Dell\Media Experience\CLMixerWrapper.dll (Cyberlink Mixer Wrapper for Dell/CyberLink Corp.) 0x01130000
Library C:\Program Files\Dell\Media Experience\Music\MMLibraryObj.dll (MMLibraryObj/Musicmatch) 0x02550000
Library C:\Program Files\Dell\Media Experience\Music\WMPEngine.dll (PowerCinema WMP Engine Module/CyberLink Corp.) 0x027D0000
Library C:\WINDOWS\system32\wmp.dll (Windows Media Player Core/Microsoft Corporation) 0x07510000

Process C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Software Manager Scheduler/Macrovision Corporation) 1956
Library C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Software Manager Scheduler/Macrovision Corporation) 0x00400000

Process C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 1996
Library C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) 0x00400000

Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2092
Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x10000000
Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x003E0000
Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x00B60000
Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00C60000
Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00E70000
Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x00F00000
Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x00F10000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00F40000
Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x00F70000
Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x00FE0000
Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x00FF0000
Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x01140000
Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x01150000
Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x011C0000
Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x01580000
Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x014E0000

Process C:\Program Files\Dell\Media Experience\DMXLauncher.exe 2132
Library C:\Program Files\Dell\Media Experience\DMXLauncher.exe 0x00400000

Process C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (ZeroCfgSvc MFC Application/Intel Corporation) 2180
Library C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (ZeroCfgSvc MFC Application/Intel Corporation) 0x00400000
Library C:\Program Files\Intel\Wireless\bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x10000000
Library C:\Program Files\Intel\Wireless\bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x00500000
Library C:\Program Files\Intel\Wireless\bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x005C0000
Library C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00660000
Library C:\Program Files\Intel\Wireless\bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00770000
Library C:\Program Files\Intel\Wireless\bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x00800000
Library C:\Program Files\Intel\Wireless\bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x008F0000

Process C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Capability Manager/Popwire AB) 2304
Library C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Capability Manager/Popwire AB) 0x00400000
Library C:\Program Files\Common Files\Teleca Shared\tlib_log.dll (Telecalib Logging, Dynamic Link Library used for logging./Popwire AB) 0x10000000
Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll 0x00330000
Reply With Quote
  #23  
Old April 23rd, 2010, 04:00 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
3

Process C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 2476
Library C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 0x00400000
Library C:\Program Files\Intel\Wireless\Bin\acAuth.dll 0x10000000
Library C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll (C8021XSettings DLL/Intel Corporation) 0x004C0000
Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x005B0000
Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00670000
Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x00700000
Library C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll (LSAWRAPI/Intel Corporation) 0x23000000
Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x07670000
Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x077C0000
Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x07860000

Process C:\WINDOWS\system32\igfxpers.exe (persistence Module/Intel Corporation) 2500
Library C:\WINDOWS\system32\igfxpers.exe (persistence Module/Intel Corporation) 0x00400000
Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x10000000

Process C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Framework MFC Application/Intel Corporation) 2572
Library C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Framework MFC Application/Intel Corporation) 0x00400000
Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x10000000
Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x00520000
Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00630000
Library C:\Program Files\Intel\Wireless\Bin\MurocApi.dll (MurocApi DLL/Intel Corporation) 0x006D0000
Library C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll (Interface DLL for S24EvMon functions/Intel Corporation) 0x007B0000
Library C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr. dll (Intel PROSet/Wireless Application/Intel Corporation) 0x00F30000
Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x010C0000
Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x01210000

Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 2676
Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000
Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00BD0000
Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D20000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00D40000

Process C:\WINDOWS\system32\hkcmd.exe (hkcmd Module/Intel Corporation) 2716
Library C:\WINDOWS\system32\hkcmd.exe (hkcmd Module/Intel Corporation) 0x00400000
Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x10000000
Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x00EC0000
Library C:\WINDOWS\system32\igfxres.dll (igfxres Module/Intel Corporation) 0x00EE0000

Process C:\WINDOWS\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 2780
Library C:\WINDOWS\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 0x00400000
Library C:\WINDOWS\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x10000000
Library C:\WINDOWS\system32\igfxdev.dll (igfxdev Module/Intel Corporation) 0x010C0000

Process C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (CAPI_Worker Module/Sony Ericsson Mobile Communications AB) 2872
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (CAPI_Worker Module/Sony Ericsson Mobile Communications AB) 0x00400000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ShowMfcDialog.dll (ShowMfcDialog DLL/Sony Ericsson Mobile Communications AB) 0x10000000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\Capires0409.DLL (capires0809/Popwire AB) 0x10300000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll 0x013C0000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\cabmain.dll (cabmain/Sony Ericsson Mobile Communications AB) 0x02200000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msmeirsock_object.dll (MSMEIrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10F00000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ms98irsock_object.dll (MS98IrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10D00000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\msirsock_object.dll (MSIrSock_object Module/Sony Ericsson Mobile Communications AB) 0x10E00000

Process C:\Program Files\NetWaiting\netWaiting.exe 2968
Library C:\Program Files\NetWaiting\netWaiting.exe 0x00400000
Library C:\Program Files\NetWaiting\BVRPDIAG.dll (BVRP Diagnostics/BVRP Software) 0x10000000
Library C:\Program Files\NetWaiting\MODEMMOH.dll (NetWaiting for V92/BVRP Software) 0x00340000
Library C:\Program Files\NetWaiting\bvrpctln.dll (Custom controls and utilities library/BVRP Software) 0x00360000
Library C:\WINDOWS\system32\MdmXSdk.dll (Diagnostic Interface DLL/Conexant) 0x008F0000
Library C:\Program Files\NetWaiting\mohrc.dll (Modem On Hold Resource/BVRP Software) 0x00A20000

Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 3160
Library C:\WINDOWS\System32\strmfilt.dll (Stream Filter Library/Microsoft Corporation) 0x6F290000

Process C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software) 3300
Library C:\Program Files\Digital Line Detect\DLG.exe (Digital Line Detection/BVRP Software) 0x00400000
Library C:\Program Files\Digital Line Detect\BVRPDIAG.dll (BVRP Diagnostics/BVRP Software) 0x10000000
Library C:\WINDOWS\system32\MdmXSdk.dll (Diagnostic Interface DLL/Conexant) 0x003B0000

Process C:\WINDOWS\system32\taskmgr.exe (Windows TaskManager/Microsoft Corporation) 3428
Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x10000000

Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 3544
Library C:\PROGRA~1\WINDOW~2\wmpband.dll (Windows Media Player/Microsoft Corporation) 0x074A0000
Library c:\windows\system32\netprovcredman.dll (Network Provider Credentials Manager/Intel Corporation) 0x10000000
Library C:\WINDOWS\system32\LMIRfsClientNP.dll (LogMeIn Rfs Client Network Provider/LogMeIn, Inc.) 0x02550000
Library C:\WINDOWS\system32\hccutils.DLL (hccutils Module/Intel Corporation) 0x00DA0000
Library C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll (File Manager interface/Sony Ericsson Mobile Communications AB) 0x03D70000
Library C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll (File Manager interface/Sony Ericsson Mobile Communications AB) 0x02D60000
Library C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (SBSD IE Protection/Safer Networking Limited)
Reply With Quote
  #24  
Old April 23rd, 2010, 04:01 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
4

Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 3668
Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000
Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000
Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AntiVir Guard Messages (Deutsch)/Avira GmbH) 0x00D40000
Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D50000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00D70000
Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00EE0000
Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x00F00000
Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x00FD0000
Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01100000
Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01140000
Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01170000
Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012C0000
Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012F0000
Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01340000
Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x015E0000
Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01660000
Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016C0000
Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01710000
Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x019A0000
Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x019F0000
Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01A60000
Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01AE0000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01B00000

Process C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Drive Letter Access Component/Sonic Solutions) 3692
Library C:\WINDOWS\System32\DLA\DLACTRLW.EXE (Drive Letter Access Component/Sonic Solutions) 0x00400000
Library C:\WINDOWS\system32\DLAAPI_W.DLL (Drive Letter Access Component/Sonic Solutions) 0x10000000
Library C:\WINDOWS\System32\DLA\DLACResW.dll (Drive Letter Access Component/Sonic Solutions) 0x00330000
Library C:\WINDOWS\system32\VxBlock.dll (VxBlock/Sonic Solutions) 0x009A0000

Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 3808
Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000

Process C:\Program Files\Common Files\Teleca Shared\Generic.exe (Generic Device Management Executable./Teleca Software Solutions) 3996
Library C:\Program Files\Common Files\Teleca Shared\Generic.exe (Generic Device Management Executable./Teleca Software Solutions) 0x00400000
Library C:\Program Files\Common Files\Teleca Shared\Telecalib_logging.dll (Telecalib Logging, Dynamic Link Library. Dll used for logging purposes./Teleca/Popwire AB) 0x10000000
Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll 0x00330000
Library C:\Program Files\Common Files\Teleca Shared\TC Device Mgmt.dll (Device Management type library and proxy/stub dll./Teleca Software Solutions) 0x01DC0000
Library C:\Program Files\Sony Ericsson\Mobile2\Device Manager\SpecificMPM.dll (Mobile Phone Monitor specific device management dll./SonyEricsson) 0x01210000
Library C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll 0x01230000
Library C:\Program Files\Common Files\Teleca Shared\SpecificUSB.dll (USB specific device management dll./Popwire AB) 0x01240000
Library C:\Program Files\Common Files\Teleca Shared\tlib_log.dll (Telecalib Logging, Dynamic Link Library used for logging./Popwire AB) 0x01280000
Library C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll 0x012B0000

Process C:\Documents and Settings\BHAVESH\Desktop\et3pyec9.exe 4428
Library C:\Documents and Settings\BHAVESH\Desktop\et3pyec9.exe 0x00400000

Process C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 5708
Library C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel 802.1x Server/Intel Corporation) 0x00400000
Library C:\Program Files\Intel\Wireless\Bin\acAuth.dll 0x10000000
Library C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll (C8021XSettings DLL/Intel Corporation) 0x004C0000
Library C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL (TraceAPI Module/Intel Corporation) 0x00350000
Library C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll (PsRegApi/Intel Corporation) 0x005B0000
Library C:\Program Files\Intel\Wireless\Bin\IntStngs.dll (IntelSettings DLL/Intel Corporation) 0x00670000
Library C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 0x00700000
Library C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll (LSAWRAPI/Intel Corporation) 0x23000000
Library C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll (ProfileMgrApi DLL/Intel Corporation) 0x07460000
Library C:\Program Files\Intel\Wireless\Bin\DbEngine.dll (Secure Database Egnine DLL/Intel Corporation) 0x07250000
Library C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll (OpenSSL Shared Library/The OpenSSL Project, http://www.openssl.org/) 0x075A0000

---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\system32\DRIVERS\AegisP.sys (IEEE 802.1X Protocol Driver/Cisco Systems, Inc.) [AUTO] AegisP
Service C:\WINDOWS\system32\DRIVERS\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] AliIde
Service C:\WINDOWS\system32\DRIVERS\amdagp.sys (AMD Win2000 AGP Filter/Advanced Micro Devices, Inc.) [DISABLED] amdagp
Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService
Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService
Service C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (App Support Driver/Dell Inc) [SYSTEM] APPDRV
Service C:\WINDOWS\system32\DRIVERS\asc.sys (AdvanSys SCSI Controller Driver/Advanced System Products, Inc.) [DISABLED] asc
Service C:\WINDOWS\system32\DRIVERS\asc3550.sys (AdvanSys Ultra-Wide PCI SCSI Driver/Advanced System Products, Inc.) [DISABLED] asc3550
Service C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [SYSTEM] avgio
Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt
Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb
Service C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driver/Broadcom Corporation) [MANUAL] bcm4sbxp
Service system32\DRIVERS\blueletaudio.sys [MANUAL] BlueletAudio
Service system32\DRIVERS\BlueletSCOAudio.sys [MANUAL] BlueletSCOAudio
Service system32\DRIVERS\btnetdrv.sys [MANUAL] BT
Service System32\Drivers\btcusb.sys [MANUAL] Btcsrusb
Service system32\DRIVERS\vbtenum.sys [MANUAL] BTHidEnum
Service System32\Drivers\BTHidMgr.sys
Reply With Quote
  #25  
Old April 23rd, 2010, 04:01 AM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
5

Service C:\ComboFix\catchme.sys [MANUAL] catchme
Service C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] CmdIde
Service C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Disk Array Controller Driver/Mylex Corporation) [DISABLED] dac2w2k
Service C:\WINDOWS\System32\DLA\DLABOIOM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLABOIOM
Service C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Shared Driver Component/Sonic Solutions) [SYSTEM] DLACDBHM
Service C:\WINDOWS\System32\DLA\DLADResN.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLADResN
Service C:\WINDOWS\System32\DLA\DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAIFS_M
Service C:\WINDOWS\System32\DLA\DLAOPIOM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAOPIOM
Service C:\WINDOWS\System32\DLA\DLAPoolM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAPoolM
Service C:\WINDOWS\System32\Drivers\DLARTL_N.SYS (Shared Driver Component/Sonic Solutions) [SYSTEM] DLARTL_N
Service C:\WINDOWS\System32\DLA\DLAUDFAM.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAUDFAM
Service C:\WINDOWS\System32\DLA\DLAUDF_M.SYS (Drive Letter Access Component/Sonic Solutions) [AUTO] DLAUDF_M
Service C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Device Driver/Sonic Solutions) [BOOT] DRVMCDB
Service C:\WINDOWS\System32\Drivers\DRVNDDM.SYS (Device Driver Manager/Sonic Solutions) [AUTO] DRVNDDM
Service C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys (Process Trigger Driver/GTek Technologies Ltd.) [MANUAL] DSproct
Service C:\WINDOWS\system32\DRIVERS\e100b325.sys (NDIS 5 driver/Intel Corporation) [MANUAL] E100B
Service C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel(R) PROSet/Wireless Event Log/Intel Corporation) [AUTO] EvtEng
Service C:\WINDOWS\system32\DRIVERS\ggsemc.sys (SEMC USB Flash Driver/Sony Ericsson Mobile Communications) [MANUAL] ggsemc
Service C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online GoToAssist/Citrix Online, a division of Citrix Systems, Inc.) [MANUAL] GoToAssist
Service C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc.) [AUTO] gupdate
Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [MANUAL] gusvc
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys (HSF_DP driver/Conexant Systems, Inc.) [MANUAL] HSF_DPV
Service C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.) [MANUAL] HSXHWAZL
Service C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Graphics Miniport Driver/Intel Corporation) [MANUAL] ialm
Service C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service IntelNetProvCredMan
Service C:\Program Files\Java\jre6\bin\jqs.exe (Java(TM) Quick Starter Service/Sun Microsystems, Inc.) [AUTO] JavaQuickStarterService
Service C:\Program Files\LogMeIn\x86\RaInfo.sys (RemotelyAnywhere Kernel Information Provider/LogMeIn, Inc.) [AUTO] LMIInfo
Service C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn Maintenance Service/LogMeIn, Inc.) [AUTO] LMIMaint
Service C:\WINDOWS\system32\DRIVERS\lmimirr.sys (LogMeIn Mirror Miniport Driver/LogMeIn, Inc.) [MANUAL] lmimirr
Service C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn Rfs Drivemap Driver/LogMeIn, Inc.) [AUTO] LMIRfsDriver
Service C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn/LogMeIn, Inc.) [AUTO] LogMeIn
Service C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) [AUTO] mdmxsdk
Service C:\WINDOWS\system32\DRIVERS\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Whistler 32/American Megatrends Inc.) [DISABLED] mraid35x
Service MSDTC Bridge 3.0.0.0
Service C:\WINDOWS\system32\DRIVERS\NETw4x32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) [MANUAL] NETw4x32
Service C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe (Internal Network Card Power Management Service/Dell Inc.) [AUTO] NICCONFIGSVC
Service nm
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 /NVIDIA Corporation) [MANUAL] nv
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service C:\WINDOWS\system32\DRIVERS\ql1080.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1080
Service C:\WINDOWS\system32\DRIVERS\ql12160.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql12160
Service C:\WINDOWS\system32\DRIVERS\ql1280.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1280
Service C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) PROSet/Wireless Registry Service/Intel Corporation) [AUTO] RegSrvc
Service C:\WINDOWS\system32\DRIVERS\rimmptsk.sys (RICOH MMC Driver/REDC) [MANUAL] rimmptsk
Service C:\WINDOWS\system32\DRIVERS\rimsptsk.sys (RICOH MS Driver/REDC) [MANUAL] rimsptsk
Service C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (RICOH XD SM Driver/REDC) [MANUAL] rismxdp
Service C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Wireless Management Service/Intel Corporation ) [AUTO] S24EventMonitor
Service C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel WLAN Packet Driver/Intel Corporation) [AUTO] s24trans
Service C:\WINDOWS\System32\DRIVERS\SDTHOOK.sys (Panda Anti-Malware support driver (sdthook)/Panda Software) [MANUAL] SDTHOOK
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] Secdrv
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service C:\WINDOWS\system32\DRIVERS\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service C:\Program Files\Winsim\ConnectionManager\SimplyConnectionMan ager.exe (Simply Accounting Connection Manager/Sage) [AUTO] Simply Accounting Database Connection Manager
Service C:\Program Files\Winsim\TransactionManager2010 - CDN\Sage_SA.TransactionManager.exe (Simply Accounting Transaction Manager/Sage) [MANUAL] Simply Accounting Transaction Manager 2010 - CDN
Service C:\WINDOWS\system32\DRIVERS\sisagp.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) [DISABLED] sisagp
Service SMSvcHost 3.0.0.0
Service C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec AIC-6x60 series SCSI miniport/Adaptec, Inc.) [DISABLED] Sparrow
Service System32\Drivers\sptd.sys [DISABLED] sptd
Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [SYSTEM] ssmdrv
Service C:\WINDOWS\system32\drivers\sthda.sys (NDRC/SigmaTel, Inc.) [MANUAL] STHDA
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc. SCSI Miniport Driver/Symbios Logic Inc.) [DISABLED] symc810
Service C:\WINDOWS\system32\DRIVERS\symc8xx.sys (Symbios 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] symc8xx
Service C:\WINDOWS\system32\DRIVERS\sym_hi.sys (Symbios Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] sym_hi
Service C:\WINDOWS\system32\DRIVERS\sym_u3.sys (Symbios Ultra3 SCSI Miniport Driver/LSI Logic) [DISABLED] sym_u3
Service SynPS2Enable
Service C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) [MANUAL] SynTP
Service C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Ultra66 Miniport Driver/Promise Technology, Inc.) [DISABLED] ultra
Service system32\DRIVERS\VComm.sys [MANUAL] VComm
Service System32\Drivers\VcommMgr.sys [MANUAL] VcommMgr
Service C:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [DISABLED] ViaIde
Service C:\WINDOWS\system32\DRIVERS\w39n51.sys (Intel® Wireless LAN Driver/Intel® Corporation) [MANUAL] w39n51
Service C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) [MANUAL] winachsf
Service Windows Workflow Foundation 3.0.0.0
Service C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (WLANKEEPER/Intel Corporation) [AUTO] WLANKEEPER
Service Wmi

---- EOF - GMER 1.0.15 ----
Reply With Quote
  #26  
Old April 23rd, 2010, 05:00 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Event log info is tough to decipher into any real ID'ing of the problem, so I will have to ponder those you posted. The Gmer log doesn't indicate Malware. Teleca and Sony Ericsson Mobile device softwares. External devices are always a candidate for strange things occurring on systems. No devices are attached when the problems occur, yes?
Reply With Quote
  #27  
Old April 23rd, 2010, 02:45 PM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
No devices were attached, that is correct. Although I have not received that system error since this process began, It could be related to that error I first mentioned. If the logs do not indicate any harm then should we consider it to be a hardware problem?

Last edited by BSTAR; April 23rd, 2010 at 02:47 PM.
Reply With Quote
  #28  
Old April 24th, 2010, 01:01 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
I am going to go ahead and suggest it is a hardware issue, and likely a good idea to post on it in the CTH Hardware forum. That way more we see the info, and more folks can provide some solution ideas.
Reply With Quote
  #29  
Old April 24th, 2010, 06:06 PM
BSTAR BSTAR is offline
Senior Member
 
Join Date: Aug 2005
Posts: 181
Ok, good deal. Thanks for the help Jintan, 5 stars
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Odd PC Behavior ROgden Hardware 2 March 8th, 2012 09:26 PM
odd behavior chuckweis Malware Removal 27 June 10th, 2009 02:43 AM
IE 7's odd behavior eriebch Windows XP 0 June 21st, 2007 12:02 AM
Odd behavior. supdog134 MacOS 5 November 7th, 2006 12:24 AM
Odd behavior from Win XP eriebch Windows XP 10 January 14th, 2005 02:21 AM


All times are GMT +1. The time now is 01:39 PM.