Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

TRO/ROOT KIT?


  • Please log in to reply

#106
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Image Name PID Modules
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 352 ntdll.dll
csrss.exe 496 ntdll.dll, CSRSRV.dll, basesrv.DLL,
winsrv.DLL, USER32.dll, GDI32.dll,
kernel32.dll, KERNELBASE.dll, LPK.dll,
USP10.dll, msvcrt.dll, sxssrv.DLL, sxs.dll,
RPCRT4.dll, CRYPTBASE.dll
wininit.exe 580 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, USER32.dll, GDI32.dll,
LPK.dll, USP10.dll, msvcrt.dll, RPCRT4.dll,
sechost.dll, profapi.dll, IMM32.DLL,
MSCTF.dll, RpcRtRemote.dll, apphelp.dll,
CRYPTBASE.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wshtcpip.dll, wship6.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
ADVAPI32.dll
csrss.exe 600 ntdll.dll, CSRSRV.dll, basesrv.DLL,
winsrv.DLL, USER32.dll, GDI32.dll,
kernel32.dll, KERNELBASE.dll, LPK.dll,
USP10.dll, msvcrt.dll, sxssrv.DLL, sxs.dll,
RPCRT4.dll, CRYPTBASE.dll, ADVAPI32.dll,
sechost.dll
services.exe 636 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, RPCRT4.dll,
SspiCli.dll, profapi.dll, sechost.dll,
CRYPTBASE.dll, scext.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, Secur32.dll,
SCESRV.dll, srvcli.dll, IMM32.DLL,
MSCTF.dll, RpcRtRemote.dll, credssp.dll,
AUTHZ.dll, UBPM.dll, ADVAPI32.dll,
apphelp.dll, WTSAPI32.dll, WINSTA.dll,
WS2_32.dll, NSI.dll, mswsock.dll,
wshtcpip.dll, wship6.dll
lsass.exe 664 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, RPCRT4.dll,
SspiSrv.dll, lsasrv.dll, sechost.dll,
SspiCli.dll, ADVAPI32.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, SAMSRV.dll,
cryptdll.dll, MSASN1.dll, wevtapi.dll,
IMM32.DLL, MSCTF.dll, cngaudit.dll,
AUTHZ.dll, ncrypt.dll, bcrypt.dll,
msprivs.DLL, netjoin.dll, negoexts.DLL,
Secur32.dll, cryptbase.dll, kerberos.DLL,
CRYPTSP.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wship6.dll, msv1_0.DLL,
netlogon.DLL, DNSAPI.dll, logoncli.dll,
schannel.DLL, CRYPT32.dll, wdigest.DLL,
rsaenh.dll, tspkg.DLL, pku2u.DLL,
bcryptprimitives.dll, RpcRtRemote.dll,
efslsaext.dll, scecli.DLL, credssp.dll,
WINSTA.dll, IPHLPAPI.DLL, WINNSI.DLL,
netutils.dll, USERENV.dll, profapi.dll,
wshtcpip.dll, dssenh.dll, GPAPI.dll, MPR.dl
lsm.exe 672 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, SYSNTFY.dll, WMsgAPI.dll,
CRYPTBASE.dll, pcwum.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
ADVAPI32.dll
svchost.exe 788 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, umpnpmgr.dll, SPINF.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
DEVRTL.dll, IMM32.DLL, MSCTF.dll,
RpcRtRemote.dll, USERENV.dll, profapi.dll,
GPAPI.dll, CRYPTBASE.dll, umpo.dll,
WINSTA.dll, SETUPAPI.dll, CFGMGR32.dll,
ADVAPI32.dll, OLEAUT32.dll, ole32.dll,
DEVOBJ.dll, pcwum.DLL, rpcss.dll,
SspiCli.dll, credssp.dll, CLBCatQ.DLL,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
ntmarta.dll, WLDAP32.dll, wmidcprv.dll,
FastProx.dll, wbemcomn.dll, WS2_32.dll,
NSI.dll, NTDSAPI.dll, wbemprox.dll,
CRYPTSP.dll, rsaenh.dll, wbemsvc.dll,
wmiutils.dll, apphelp.dll, WTSAPI32.dll
nvvsvc.exe 864 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, RPCRT4.dll, WTSAPI32.dll,
msvcrt.dll, SHLWAPI.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll,
USERENV.dll, profapi.dll, SETUPAPI.dll,
CFGMGR32.dll, ADVAPI32.dll, sechost.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
SHELL32.dll, CLBCatQ.DLL, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, apphelp.dll,
nvxdbat.dll, WINSTA.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll
svchost.exe 900 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, rpcepmap.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
CRYPTBASE.dll, rpcss.dll, ADVAPI32.dll,
CRYPTSP.dll, rsaenh.dll, WS2_32.dll,
NSI.dll, mswsock.dll, user32.dll,
GDI32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, wshtcpip.dll, wship6.dll,
FirewallAPI.dll, VERSION.dll, CLBCatQ.DLL,
ole32.dll, OLEAUT32.dll, fwpuclnt.dll
svchost.exe 968 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
wevtsvc.dll, RpcRtRemote.dll, secur32.dll,
SSPICLI.DLL, credssp.dll, WS2_32.dll,
NSI.dll, mswsock.dll, wshtcpip.dll,
wship6.dll, GPAPI.dll, audiosrv.dll,
POWRPROF.dll, SETUPAPI.dll, CFGMGR32.dll,
OLEAUT32.dll, DEVOBJ.dll, MMDevAPI.DLL,
PROPSYS.dll, AVRT.dll, CLBCatQ.DLL,
lmhsvc.dll, IPHLPAPI.DLL, WINNSI.DLL,
nrpsrv.DLL, dhcpcore.dll, DNSAPI.dll,
firewallapi.dll, VERSION.dll,
dhcpcore6.dll, WINSTA.dll, SHLWAPI.dll,
CRYPTSP.dll, rsaenh.dll, audioses.dll,
dhcpcsvc6.DLL, dhcpcsvc.DLL, wscsvc.dll,
dbghelp.dll, wbemprox.dll, wbemcomn.dll,
wbemsvc.dll, fastprox.dll, NTDSAPI.dll,
CRYPT32.dll, MSASN1.dll, WINTRUST.DLL,
imagehlp.dll, ncrypt.dll, bcrypt.dll,
bcryptprimitives.dll, wuapi.dll,
Cabinet.dll, profapi.dll, USERENV.dll,
wkscli.dll, netutils.dll
svchost.exe 1016 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
audiosrv.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, OLEAUT32.dll, DEVOBJ.dll,
MMDevAPI.DLL, PROPSYS.dll, AVRT.dll,
CLBCatQ.DLL, SHLWAPI.dll, cscsvc.dll,
USERENV.dll, profapi.dll, pcwum.dll,
PeerDist.dll, AUTHZ.dll, taskschd.dll,
SspiCli.dll, mstask.dll, COMCTL32.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
WTSAPI32.dll, GPAPI.dll, WINSTA.dll,
uxsms.dll, wudfsvc.dll, WUDFPlatform.dll,
PSAPI.DLL, VERSION.dll, wevtapi.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
pcasvc.dll, apphelp.dll, AEPIC.dll,
sfc.dll, sfc_os.DLL, sysmain.dll,
SHELL32.dll, trkwks.dll, ntmarta.dll,
WLDAP32.dll, wdi.dll, APPHLPDM.DLL,
wer.dll, PortableDeviceApi.dll,
portabledeviceconnectapi.dll, netman.dll,
NSI.dll, WINNSI.DLL, netshell.dll,
IPHLPAPI.DLL, nlaapi.dll, RASDLG.dll,
MPRAPI.dll, RASAPI32.dll, rasman.dll,
WS2_32.dll, rtutils.dll, dsrole.dll,
netcfgx.dll, devrtl.DLL, hnetcfg.dll,
ATL.DLL, slc.dll, wbemprox.dll,
wbemcomn.dll, wbemsvc.dll, fastprox.dll,
NTDSAPI.dll, cscobj.dll, secur32.dll,
credssp.dll
svchost.exe 368 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
mmcss.dll, AVRT.dll, gpsvc.dll, GPAPI.dll,
WLDAP32.dll, Secur32.dll, SSPICLI.DLL,
NSI.dll, SYSNTFY.dll, nlaapi.dll,
profsvc.dll, OLEAUT32.dll, USERENV.dll,
profapi.dll, SHLWAPI.dll, ATL.DLL,
RpcRtRemote.dll, themeservice.dll,
WINSTA.dll, CLBCatQ.DLL, CRYPTSP.dll,
dsrole.dll, slc.dll, rsaenh.dll, sens.dll,
WS2_32.dll, shsvcs.dll, CFGMGR32.dll,
SETUPAPI.dll, DEVOBJ.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, SAMLIB.dll,
FVEAPI.dll, tbs.dll, FVECERTS.dll,
NETAPI32.dll, netutils.dll, srvcli.dll,
wkscli.dll, LOGONCLI.DLL, wiarpc.dll,
UxTheme.dll, schedsvc.dll, pcwum.dll,
SHELL32.dll, wevtapi.dll, AUTHZ.dll,
UBPM.dll, ktmw32.dll, XmlLite.dll,
credssp.dll, taskcomp.dll, VERSION.dll,
ntmarta.dll, mswsock.dll, wshtcpip.dll,
wship6.dll, netjoin.dll, WTSAPI32.dll,
comctl32.dll, PROPSYS.dll, wmisvc.dll,
wbemcomn.dll, iphlpsvc.dll, WINNSI.DLL,
FirewallAPI.dll, IPHLPAPI.DLL,
fwpuclnt.dll, rtutils.dll, sqmapi.dll,
WDSCORE.dll, srvsvc.dll, browser.dll,
SSCORE.DLL, CLUSAPI.DLL, cryptdll.dll,
RESUTILS.DLL, netprofm.dll, devrtl.DLL,
VSSAPI.DLL, VssTrace.DLL, samcli.dll,
NCI.dll, SPINF.dll, wbemcore.dll,
esscli.dll, FastProx.dll, NTDSAPI.dll,
wbemsvc.dll, wmiutils.dll, repdrvfs.dll,
dhcpcsvc.DLL, DNSAPI.dll, dhcpcsvc6.DLL,
rasadhlp.dll, npmproxy.dll, wmiprvsd.dll,
NCObjAPI.DLL, wbemess.dll, SXS.DLL,
aelupsvc.dll, apphelp.dll, appinfo.dll,
ncprov.dll, qmgr.dll, bitsperf.dll,
bitsigd.dll, upnp.dll, WINHTTP.dll,
webio.dll, SSDPAPI.dll, MPR.dll,
wuaueng.dll, ESENT.dll, WINSPOOL.DRV,
Cabinet.dll, mspatcha.dll, psapi.dll,
WMsgAPI.dll, RasApi32.dll, rasman.dll,
wer.dll
audiodg.exe 720 N/A
svchost.exe 1044 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
es.dll, OLEAUT32.dll, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, CLBCatQ.DLL,
nsisvc.dll, NSI.dll, SXS.DLL, wdi.dll,
netprofm.dll, nlaapi.dll, perftrack.dll,
wer.dll, dwmapi.dll, Secur32.dll,
SSPICLI.DLL, AEPIC.dll, sfc.dll,
sfc_os.DLL, VERSION.dll, npmproxy.dll,
WS2_32.dll, IPHLPAPI.DLL, WINNSI.DLL,
GPAPI.dll, winhttp.dll, webio.dll,
SHLWAPI.dll, credssp.dll, DNSAPI.dll,
napinsp.dll, pnrpnsp.dll, mswsock.dll,
winrnr.dll, wshtcpip.dll, wship6.dll,
rasadhlp.dll, fwpuclnt.dll, dhcpcsvc6.DLL,
dhcpcsvc.DLL
winlogon.exe 1148 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, USER32.dll, GDI32.dll,
LPK.dll, USP10.dll, msvcrt.dll, WINSTA.dll,
RPCRT4.dll, IMM32.DLL, MSCTF.dll,
ADVAPI32.dll, sechost.dll, profapi.dll,
RpcRtRemote.dll, apphelp.dll, UXINIT.dll,
UxTheme.dll, CRYPTSP.dll, rsaenh.dll,
CRYPTBASE.dll, WindowsCodecs.dll,
ole32.dll, wkscli.dll, netjoin.dll,
netutils.dll, SspiCli.dll, slc.dll, MPR.dll
svchost.exe 1200 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
dnsrslvr.dll, WS2_32.dll, NSI.dll,
DNSAPI.dll, WINNSI.DLL, Fwpuclnt.dll,
dnsext.dll, USERENV.dll, profapi.dll,
GPAPI.dll, mswsock.dll, RpcRtRemote.dll,
iphlpapi.dll, wship6.dll, dhcpcsvc6.DLL,
dhcpcsvc.DLL, wshtcpip.dll, wkssvc.dll,
netutils.dll, netjoin.dll, SspiCli.dll,
cryptsvc.dll, CRYPT32.dll, MSASN1.dll,
nlasvc.dll, wevtapi.dll, ncsi.dll,
WINHTTP.dll, webio.dll, CFGMGR32.dll,
secur32.dll, VSSAPI.DLL, ATL.DLL,
VssTrace.DLL, OLEAUT32.dll, credssp.dll,
samcli.dll, SAMLIB.dll, ssdpapi.dll,
CRYPTSP.dll, rsaenh.dll, CLBCatQ.DLL,
es.dll, PROPSYS.dll, wkscli.dll,
WTSAPI32.dll, WINSTA.dll, bcrypt.dll,
bcryptprimitives.dll, SHLWAPI.dll,
rasadhlp.dll, ESENT.dll, psapi.dll
AvastSvc.exe 1268 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
afwServ.exe 1352 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
nvxdsync.exe 1588 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, RPCRT4.dll, SHLWAPI.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
msvcrt.dll, ADVAPI32.dll, sechost.dll,
ole32.dll, OLEAUT32.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, CLBCatQ.DLL,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
nvxdapix.dll, NvUI.dll, gdiplus.dll,
VERSION.dll, WTSAPI32.dll, MSIMG32.dll,
USERENV.dll, profapi.dll, WINSPOOL.DRV,
dwmapi.dll, WINSTA.dll, Comctl32.dll,
nvapi64.dll, SHELL32.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, nvxdbat.dll,
SspiCli.dll, apphelp.dll
nvvsvc.exe 1600 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, RPCRT4.dll, WTSAPI32.dll,
msvcrt.dll, SHLWAPI.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll,
USERENV.dll, profapi.dll, SETUPAPI.dll,
CFGMGR32.dll, ADVAPI32.dll, sechost.dll,
OLEAUT32.dll, ole32.dll, DEVOBJ.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
SHELL32.dll, NVSVC64.DLL, mscms.dll,
VERSION.dll, WINMM.dll, COMCTL32.dll,
MSIMG32.dll, POWRPROF.dll, PSAPI.DLL,
dwmapi.dll, COMDLG32.dll, nvapi64.dll,
NVSVCR.DLL, CLBCatQ.DLL, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, WINSTA.dll,
SspiCli.dll, nvxdbat.dll, nvxdplcy.dll,
apphelp.dll
spoolsv.exe 2044 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, ADVAPI32.dll, OLEAUT32.dll,
ole32.dll, DEVOBJ.dll, DNSAPI.dll,
WS2_32.dll, NSI.dll, IMM32.DLL, MSCTF.dll,
CRYPTBASE.dll, slc.dll, RpcRtRemote.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
WTSAPI32.dll, WINSTA.dll, IPHLPAPI.DLL,
WINNSI.DLL, mswsock.dll, wshtcpip.dll,
wship6.dll, rasadhlp.dll, fwpuclnt.dll,
CLBCatQ.DLL, umb.dll, ATL.DLL,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
localspl.dll, SPOOLSS.DLL, srvcli.dll,
winspool.drv, PrintIsolationProxy.dll,
FXSMON.DLL, tcpmon.dll, snmpapi.dll,
wsnmp32.dll, msxml6.dll, SHLWAPI.dll,
usbmon.dll, wls0wndh.dll, WSDMon.dll,
wsdapi.dll, webservices.dll,
FirewallAPI.dll, VERSION.dll, FunDisc.dll,
fdPnp.dll, winprint.dll, USERENV.dll,
profapi.dll, GPAPI.dll, dsrole.dll,
win32spl.dll, DEVRTL.dll, SPINF.dll,
inetpp.dll, CRYPTSP.dll, cscapi.dll,
rsaenh.dll, netutils.dll
svchost.exe 1104 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
bfe.dll, AUTHZ.dll, slc.dll, SspiCli.dll,
pcwum.dll, RpcRtRemote.dll, mpssvc.dll,
FirewallAPI.dll, VERSION.dll, fwpuclnt.dll,
NSI.dll, CFGMGR32.dll, SHLWAPI.dll,
secur32.dll, credssp.dll, USERENV.dll,
profapi.dll, GPAPI.dll, WS2_32.dll,
IPHLPAPI.DLL, WINNSI.DLL, dhcpcsvc6.DLL,
dhcpcsvc.DLL, dps.dll, mswsock.dll,
OLEAUT32.dll, wshtcpip.dll, CLBCatQ.DLL,
wship6.dll, taskschd.dll, wfapigp.dll,
ntmarta.dll, WLDAP32.dll, wdi.dll,
diagperf.dll, pnpts.dll, wdiasqmmodule.dll,
netprofm.dll, nlaapi.dll, CRYPTSP.dll,
rsaenh.dll, npmproxy.dll, bcrypt.dll,
radardt.dll, WTSAPI32.dll
dwm.exe 2888 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, msvcrt.dll,
UxTheme.dll, IMM32.dll, MSCTF.dll,
dwmredir.dll, dwmcore.dll, ADVAPI32.dll,
sechost.dll, RPCRT4.dll, WindowsCodecs.dll,
ole32.dll, d3d10_1.dll, d3d10_1core.dll,
dxgi.dll, VERSION.dll, dwmapi.dll,
PSAPI.DLL, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll
explorer.exe 2952 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll,
SHLWAPI.dll, SHELL32.dll, ole32.dll,
OLEAUT32.dll, EXPLORERFRAME.dll, DUser.dll,
DUI70.dll, IMM32.dll, MSCTF.dll,
UxTheme.dll, POWRPROF.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, dwmapi.dll,
slc.dll, gdiplus.dll, Secur32.dll,
SSPICLI.DLL, PROPSYS.dll, CRYPTBASE.dll,
comctl32.dll, WindowsCodecs.dll,
profapi.dll, apphelp.dll, CLBCatQ.DLL,
ashShA64.dll, msi.dll, EhStorShell.dll,
cscui.dll, CSCDLL.dll, CSCAPI.dll,
ntshrui.dll, srvcli.dll,
IconCodecService.dll, CRYPTSP.dll,
rsaenh.dll, RpcRtRemote.dll, SndVolSSO.DLL,
HID.DLL, MMDevApi.dll, timedate.cpl,
ATL.DLL, WINBRAND.dll, actxprxy.dll,
ntmarta.dll, WLDAP32.dll, shdocvw.dll,
LINKINFO.dll, USERENV.dll, shacct.dll,
SAMLIB.dll, samcli.dll, netutils.dll,
MsftEdit.dll, msls31.dll, tiptsf.dll,
authui.dll, CRYPTUI.dll, CRYPT32.dll,
MSASN1.dll, gameux.dll, XmlLite.dll,
wer.dll, msiltcfg.dll, VERSION.dll,
urlmon.dll, iertutil.dll, WININET.dll,
Normaliz.dll, WINSTA.dll, PSAPI.DLL,
NetworkExplorer.dll, WINMM.dll, wdmaud.drv,
ksuser.dll, AVRT.dll, AUDIOSES.DLL,
msacm32.drv, MSACM32.dll, midimap.dll,
stobject.dll, BatMeter.dll, WTSAPI32.dll,
es.dll, prnfldr.dll, WINSPOOL.DRV, dxp.dll,
Syncreg.dll, ehSSO.dll, netshell.dll,
IPHLPAPI.DLL, NSI.dll, WINNSI.DLL,
nlaapi.dll, AltTab.dll,
wpdshserviceobj.dll,
PortableDeviceTypes.dll,
PortableDeviceApi.dll, WINTRUST.dll,
taskschd.dll, mssprxy.dll, pnidui.dll,
QUtil.dll, wevtapi.dll, dhcpcsvc6.DLL,
WS2_32.dll, dhcpcsvc.DLL, credssp.dll,
npmproxy.dll, Wlanapi.dll, wlanutil.dll,
wwanapi.dll, wwapi.dll, QAgent.dll,
cscobj.dll, srchadmin.dll, SXS.DLL,
bthprops.cpl, ieframe.dll, OLEACC.dll,
SyncCenter.dll, Actioncenter.dll,
imapi2.dll, hgcpl.dll, provsvc.dll,
netprofm.dll, wkscli.dll, ieproxy.dll,
fxsst.dll, FXSAPI.dll, FXSRESM.DLL,
MPR.dll, thumbcache.dll, EhStorAPI.dll,
dsrole.dll, StructuredQuery.dll, twext.dll,
syncui.dll, SYNCENG.dll, acppage.dll,
sfc.dll, sfc_os.DLL, DEVRTL.dll,
wscinterop.dll, WSCAPI.dll, wscui.cpl,
werconcpl.dll, framedynos.dll,
wercplsupport.dll, msxml6.dll,
hcproviders.dll, MLANG.dll
taskhost.exe 2988 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, ole32.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
RPCRT4.dll, OLEAUT32.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, sechost.dll,
ADVAPI32.dll, CLBCatQ.DLL, PlaySndSrv.dll,
RpcRtRemote.dll, MsCtfMonitor.dll,
MSUTB.dll, WINSTA.dll, WTSAPI32.dll,
dimsjob.dll, SHLWAPI.dll, taskschd.dll,
SspiCli.dll, netprofm.dll, NSI.dll,
nlaapi.dll, CRYPTSP.dll, rsaenh.dll,
npmproxy.dll, dsrole.dll, WINMM.dll,
MMDevAPI.DLL, PROPSYS.dll, wdmaud.drv,
ksuser.dll, AVRT.dll, SETUPAPI.dll,
CFGMGR32.dll, DEVOBJ.dll, AUDIOSES.DLL,
msacm32.drv, MSACM32.dll, midimap.dll
RAVCpl64.exe 2132 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, SETUPAPI.dll, CFGMGR32.dll,
msvcrt.dll, RPCRT4.dll, ADVAPI32.dll,
sechost.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, OLEAUT32.dll,
ole32.dll, DEVOBJ.dll, WINMM.dll,
DSOUND.dll, POWRPROF.dll, VERSION.dll,
PROPSYS.dll, UxTheme.dll, gdiplus.dll,
IMM32.dll, MSCTF.dll, SHLWAPI.dll,
OPENGL32.dll, GLU32.dll, DDRAW.dll,
DCIMAN32.dll, dwmapi.dll, MSIMG32.dll,
COMDLG32.dll, COMCTL32.dll, SHELL32.dll,
WINSPOOL.DRV, oledlg.dll, CRYPTBASE.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
WindowsCodecs.dll, CLBCatQ.DLL,
MMDevApi.dll, AUDIOSES.DLL
nusb3mon.exe 1508 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
AvastUI.exe 2704 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
nvtray.exe 2824 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, NvUI.dll, gdiplus.dll,
msvcrt.dll, USER32.dll, GDI32.dll, LPK.dll,
USP10.dll, ole32.dll, RPCRT4.dll,
VERSION.dll, WTSAPI32.dll, SHLWAPI.dll,
MSIMG32.dll, USERENV.dll, profapi.dll,
WINSPOOL.DRV, ADVAPI32.dll, sechost.dll,
OLEAUT32.dll, COMCTL32.dll, IMM32.DLL,
MSCTF.dll, NvUpdt.dll, UxTheme.dll,
Comctl32.dll, NVUPDTR.DLL,
easyUpdatusAPIU64.dll, WS2_32.dll, NSI.dll,
mswsock.dll, wshtcpip.dll, NLAapi.dll,
napinsp.dll, pnrpnsp.dll, DNSAPI.dll,
winrnr.dll, IPHLPAPI.DLL, WINNSI.DLL,
fwpuclnt.dll, rasadhlp.dll, WINSTA.dll,
SHELL32.dll
iexplore.exe 1324 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
iexplore.exe 2616 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
SearchIndexer.exe 1412 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, ole32.dll,
OLEAUT32.dll, TQUERY.DLL, SHLWAPI.dll,
MSSRCH.DLL, ESENT.dll, IMM32.dll,
MSCTF.dll, psapi.dll, SHELL32.dll,
profapi.dll, CRYPTBASE.dll, secur32.dll,
SSPICLI.DLL, credssp.dll, CLBCatQ.DLL,
Msidle.dll, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, mssprxy.dll, propsys.dll,
tQuery.dll.mui, ntmarta.dll, WLDAP32.dll,
VSSAPI.DLL, ATL.DLL, VssTrace.DLL,
samcli.dll, SAMLIB.dll, netutils.dll,
es.dll, apphelp.dll, CFGMGR32.dll,
WTSAPI32.dll, WINSTA.dll, USERENV.dll,
SXS.DLL, NaturalLanguage6.dll, CRYPT32.dll,
MSASN1.dll, NLSData0009.dll,
NLSLexicons0009.dll, elscore.dll,
ElsLad.dll, NLSData0000.dll, comctl32.dll,
SETUPAPI.dll, DEVOBJ.dll
svchost.exe 2524 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, ole32.dll, GDI32.dll,
USER32.dll, LPK.dll, USP10.dll, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ADVAPI32.dll,
fntcache.dll, ktmw32.dll, ntmarta.dll,
WLDAP32.dll, ssdpsrv.dll, WS2_32.dll,
NSI.dll, FirewallAPI.dll, VERSION.dll,
IPHLPAPI.DLL, WINNSI.DLL, dhcpcsvc6.DLL,
dhcpcsvc.DLL, CRYPTSP.dll, rsaenh.dll,
mswsock.dll, wship6.dll, wshtcpip.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
RpcRtRemote.dll
daemonu.exe 2744 ntdll.dll, wow64.dll, wow64win.dll,
wow64cpu.dll
sppsvc.exe 824 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, ole32.dll,
GDI32.dll, USER32.dll, LPK.dll, USP10.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
RpcRtRemote.dll, CRYPTSP.dll, rsaenh.dll,
sppwinob.dll, sppobjs.dll, DNSAPI.dll,
WS2_32.dll, NSI.dll, OLEAUT32.dll,
CLBCatQ.DLL, SspiCli.dll
svchost.exe 2448 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, sechost.dll,
RPCRT4.dll, mpsvc.dll, ADVAPI32.dll,
ole32.dll, GDI32.dll, USER32.dll, LPK.dll,
USP10.dll, WTSAPI32.dll, sfc.dll,
sfc_os.DLL, MpClient.dll, OLEAUT32.dll,
USERENV.dll, profapi.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, IMM32.DLL,
MSCTF.dll, GPAPI.dll, CRYPTSP.dll,
rsaenh.dll, CRYPTBASE.dll, imagehlp.dll,
bcrypt.dll, bcryptprimitives.dll,
ncrypt.dll, mprtp.dll, PSAPI.DLL, tdh.dll,
mpengine.dll, WS2_32.dll, NSI.dll,
secur32.dll, SSPICLI.DLL, credssp.dll,
RpcRtRemote.dll, ntmarta.dll, WLDAP32.dll,
wscapi.dll, urlmon.dll, iertutil.dll,
WININET.dll, Normaliz.dll, CLBCatQ.DLL
WmiPrvSE.exe 2796 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll,
wbemcomn.dll, OLEAUT32.dll, ole32.dll,
WS2_32.dll, NSI.dll, FastProx.dll,
NTDSAPI.dll, NCObjAPI.DLL, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ntmarta.dll,
WLDAP32.dll, CLBCatQ.DLL, wbemprox.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
wbemsvc.dll, wmiutils.dll, wmiprov.dll
cmd.exe 3020 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, msvcrt.dll, WINBRAND.dll,
USER32.dll, GDI32.dll, LPK.dll, USP10.dll,
IMM32.DLL, MSCTF.dll, apphelp.dll
conhost.exe 2380 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, GDI32.dll, USER32.dll,
LPK.dll, USP10.dll, msvcrt.dll, IMM32.dll,
MSCTF.dll, ole32.dll, RPCRT4.dll,
OLEAUT32.dll, CRYPTBASE.dll, ADVAPI32.dll,
sechost.dll
tasklist.exe 984 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll, ole32.dll,
VERSION.dll, MPR.dll, OLEAUT32.dll,
Secur32.dll, SSPICLI.DLL, WS2_32.dll,
NSI.dll, framedynos.dll, WTSAPI32.dll,
NETAPI32.dll, netutils.dll, srvcli.dll,
wkscli.dll, dbghelp.dll, SHLWAPI.dll,
IMM32.DLL, MSCTF.dll, CRYPTBASE.dll,
CLBCatQ.DLL, wbemprox.dll, wbemcomn.dll,
Winsta.dll, CRYPTSP.dll, rsaenh.dll,
RpcRtRemote.dll, wbemsvc.dll, fastprox.dll,
NTDSAPI.dll, wmiutils.dll
WmiPrvSE.exe 1964 ntdll.dll, kernel32.dll, KERNELBASE.dll,
snxhk64.dll, ADVAPI32.dll, msvcrt.dll,
sechost.dll, RPCRT4.dll, USER32.dll,
GDI32.dll, LPK.dll, USP10.dll,
wbemcomn.dll, OLEAUT32.dll, ole32.dll,
WS2_32.dll, NSI.dll, FastProx.dll,
NTDSAPI.dll, NCObjAPI.DLL, IMM32.DLL,
MSCTF.dll, CRYPTBASE.dll, ntmarta.dll,
WLDAP32.dll, CLBCatQ.DLL, wbemprox.dll,
CRYPTSP.dll, rsaenh.dll, RpcRtRemote.dll,
wbemsvc.dll, wmiutils.dll, cimwin32.dll,
framedynos.dll, SspiCli.dll, WTSAPI32.dll,
WINBRAND.dll
  • 0

Advertisements


#107
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, I apologize, because this is a little aside, but why does the computer make an internet connection to Akamai and transmit data to it whenever I place things into a word document on my computer. What would be the purpose of my computer transmitting data to Akamai when I am only placing my thoughts into my own Word document on my own computer. Thanks (I apologize for this, but I see a lot of strange behavior once I connect to the internet and this is one of them. MS Word makes this connection all by itself.)
  • 0

#108
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
I apologize, but where do these messages come from at the bottom of the screen? "NVIDIA update available" I look in Action center and nothing. I look in Win update and nothing. (and it is configured for all updates other than Win.) Who/what and where is this coming from and what does Win expect me to do? It always disappears before I can click on it and this is only an example. Does every loaded driver have its own access to the internet and do these communications that are unwanted and unneeded?
  • 0

#109
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Per Combofix you have a service:
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

This is what is checking for NVIDIA updates. Most drivers do not have this service.
If you want to turn it off: Right click on Computer and select Manage (Continue), then Services and Applications then Services. Find NVIDIA Update Service Daemon and right click on it and select Properties then change Startup Type: to Disabled. If it is not there then it must be under Device Manager, View, Show Hidden Devices.


As for Word talking to Akamai that's a bit strange. Possibly a macro in your normal.dot template.

Close Word. Do a search for system and hidden files called normal.dot or normal.dotm and rename them to anormal.dot or anormal.dotm.

Now start Word from Start, Programs, Office, Word (or similar path) (do not open an existing document to start Word.) It will create a new normal template. Did it try to contact Akamai this time? Make sure "Prompt to save Normal template" is turned on. I can't tell what version of Word you have so one of these may help:
http://support.microsoft.com/kb/918064
http://office.micros...A001151452.aspx

The last tasklist was inconclusive. One of the unknowns was tasklist itself. The other one was not in the list.

Have we tried Autoruns?
Get autoruns from
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin. Once it finishes its scan: File, Save, to your desktop, autoruns.arn, OK

Either zip up the file if you have the ability (7-zip works nicely) or just rename it from autoruns.arn to autoruns.txt then ATTACH it. Do not copy and paste.

You might get some use out of Process Monitor:
download and save Process Monitor http://live.sysinter...om/Procmon.exe. Run it by right clicking and Run As Admin.

If you leave it on too long in default mode it will use up all of the memory and crash. (hit the Space bar to stop it) This one monitors most of your registry and file access. It's logs are too big to send over the internet but if you find something interesting (like what happens when you start Word and it goes to Akamai) then you can:
click at the top of the page and then go down to the bottom of the page, hold down the shift key and click on the last line. That should highlight a full page of events.

File, Save, check Highlighted Events then OK. It should save the file to logfile.pml which should be on your desktop. Close Process Monitor. Turn off P&P and zip up the logfile.pml and attach it to a Reply. (You can also just rename it to logfile.txt and attach it)

I talked to our Avast expert again and got him to read through your whole thread and he now thinks it probably is just a False Positive.
  • 0

#110
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, thanks for all the help. I know I could not have done it without your expert help. I would have responded sooner, but IE9 32 bit crashed and burned. I reloaded Win only to get back to IE9 32 bit still not working. I lost all the Word documents in the process. I did not realize that reloading Win wiped out all the stored data. I already removed the old Win directory of old Win system files and that is where Win probably placed all my data, because it is gone. I wish they would make a simpler and more useful operating system that was user friendly and not hacker friendly like Win. My hacker friend has a field day with it, but I can not get it to work yet even with trying with help for over 1 year. Still a mystery to me how Win can place different Trojans that can be verified by Virus Total inside its pagefile.sys with connect to internet and why Avast and Comodo start to have problems right when Win is connected to the internet, but not before.
I will try your fixes, but first I need to fix IE9 32 bit and hopefully find all the data Win wiped out from the disk, since I always back it up when I kill disk, but this time I only reloaded and Win wiped the data from the disk.
Currently this is as far as 32 bit IE9 gets.

Attached Thumbnails

  • IE9CRASH.PNG

  • 0

#111
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, what is the easiest way to stop the computer from transferring data from the computer to Aca.... and "Theplanet.com" while at idle after starting from boot? I do want to get to a state that the computer does not send out any data to the internet unless I tell it to do so . I do not know what the data is, but it is in the kb+ range. Now it does it on its own to places I do not know and the only thing loaded is Win/Word and Avast.

Edited by DAV2, 27 January 2012 - 09:31 AM.

  • 0

#112
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, if Gparted can not checkdisk and it says there is no file system, does that mean that no data is recoverable and I need to kill disk and reload Win? After I could not get IE9 32 bit to work I loaded Adobe update and it wiped out boot mangager and apparently the entire file system. I can still see partitions but the larger one has no file system. What do you think I should do? Thanks.
  • 0

#113
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Have no idea what happened with the adobe update. Sounds like your system is hosed tho.

Once you get it running again you might look into Wireshark.
http://www.wireshark.org/download.html
This is a free network tool that lets you look at the traffic to and from your PC. Takes a little reading of the directions but you can set a filter so you only see the traffic to and from a certain IP. Perhaps you can figure out what it is doing and why.
  • 0

#114
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Thanks for the bad news Ron. I was hopping that some of the files would be salvageable, but when Gparted said it could not chkdsk and it could find no file system on the disk, I thought it was probably time for kill disk. That is 2 computers now where IE9 32 bit has failed to run. I kept denying adobe update to load on one, because it was not signed, but since IE was not working, I figured Adobe update may be the reason.It scanned clean. Now it looks like it wiped Boot Manager and when I tried to reload boot manager it said there was no drive. That is a lot of data just poof gone.
It says over 300 clusters were out of order. Hope they can be put back in order

Edited by DAV2, 27 January 2012 - 08:05 PM.

  • 0

#115
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, I noticed on the computer that "FLASH" erased the bootmanager and file system, that Hiren's will not load. That is the disk boots and the mini XP loads but Hiren's is blocked completely. Is that normal? What would block Hiren's from even being present. It is still on the boot disk, because it loads on another computer, but it is as if not on the disk when loaded on the "FLASH" crashed computer. It does not even show in the directory. Is there something on the C: disk that is blocking it even though it is loading as a boot disk? Yes, this is the one that Gparted said its clusters were scrambled. I also noticed that the bios screen stays up a lot longer now on this computer. Does FLASH crash affect bios in this way or is it something else?

Edited by DAV2, 28 January 2012 - 08:41 AM.

  • 0

Advertisements


#116
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Certainly not normal. Have you tried running the Hard drive maker's diagnostic program? Perhaps the hard drive is not working since it goes to miniXP so you are reading the CD OK.

You might try resetting the BIOS to the default.

It is theoretically possible for the BIOS to get an infection tho I have never seen one and have never read of one. If all else fails I guess it wouldn't hurt to download and flash the BIOS again.
  • 0

#117
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, thanks a lot. It is just I do not know what is normal and what is not most of the time and there is not much in finding out very fast. I compare the computers to see what is the difference and that gives me some clues at times. I will try to flash the bios and see if Hir... will act like it does on the other computers. Just thought it was strange when it does not even show the Hir... directory, yet will do a chkdsk with no problems now. (Gparted now says all the scrambled clusters are in order now.) I also new that it was not normal for 2 computers not to run IE9 32bit both starting at the same time. Then the 64 bit stopped downloading. I still haven't figured out why photo viewer does not open PNG files. All this makes me think that Win just isn't ready for beta testing just yet or something is very wrong with the INTERNET, because most of this happens when I try to use it. Thanks for your expert input into getting my computers just to function with Win. May be you see why I have been reloading Win from scratch every couple of weeks for the last yr. As soon as I think I have gotten it stable, it disintegrates. And, yes, I would be replacing the hard drive like I have done so many times before this last year, except some smart guy placed the entire world production of drives in a swamp in SE Asia and imagine, it rained. I am still waiting for my order I placed in November

Edited by DAV2, 28 January 2012 - 06:28 PM.

  • 0

#118
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, just as some feedback for you. I flashed, but Hir... still will not read the drive. (bios screen is back to normal speed). I reloaded computer 1 with Kas... and Kas... failed just like Avast. Avast rescue disk on old and new data bases then found a new "virus" different from the previous "Trojans" inside the pagefile.sys. Com... found and quarantined the "flash" update that scrambled all the clusters on the other computer that I did the bios update. Haven't figured out picture viewer failure yet and haven't found out what data is constantly being sent to aka.... Are we there yet???

Edited by DAV2, 29 January 2012 - 05:49 PM.

  • 0

#119
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
I think you need to get the drive test software from the hard drive maker's site and run the extended test on it. I would also try a bootable memory test program such as

http://www.memtest86.com/ (There is a free download of the .iso )

Ron
  • 0

#120
DAV2

DAV2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Ron, thanks. I take from your input, that you are thinking hardware problems. Yes, I thought it was hardware months ago. That is why I did download Intel burn test and ran it on computers. I posted the results of computer 1 and they are rock solid as are all the other computers. I also did an iso of the memory test you sited and it also ran rock solid on all the computers, but to be sure I submitted the memory modules back to the manufactures and they recertified them. I switched out motherboards and Intel processors and ran the manufactures tests on drives and sent back some of the drives for replacements even though they passed all the tests, just to be sure. I replaced video cards and cd/dvd drives and power supplies. Do you actually think with all this, that it could still be a "HARDWARE" problem???
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP