PDA

View Full Version : Malware problem: hldrrr issues


holmz20
2008-09-27, 02:58
I installed something on my computer that has installed hldrrr in my process which i cant kill. This has disabled safeboot as well.
I have two laptops now down since i used a jump drive to move some files which apparently had this messed up malware in it too. I do not have wireless and cant start the service either so now hooked up to a wire sitting next to my computer.

On this laptop I never did a reboot since I learned the hard way with my first laptop which i rebooted 5 times and which is now in a condition where hijackthis, icesword and gmer dont even run.

I have performed the following on my second laptop (Dell) which I am writing this message from:
1. Tried to remove certain startup programs that i dont need to run.
2. Cleaned registry by finding the hldrr word, hidr and srosa. any instance i deleted all of them.
3. System restore is turned off on both computers
4. Funny thing is i cant see my C:winnt\system32\ drivers folder but can see it from icesword which is luckily running on this laptop.
5. Deleted down folder through icesword from drivers folder.
6. killed any process that was hidden through icesword, enstart kept on popping up though.

I have installed Hijack this and GMER on this laptop:

here is log of hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:42, on 9/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Symantec\SPA\smc.exe
C:\Program Files\Symantec\SPA\snac.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\1E\NightWatchman\NwmSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\1E\SMSWakeUp\SMSWUagent.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Symantec\SPA\SmcGui.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\system32\igfxpers.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\1E\NightWatchman\NWMCLI.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Adobe\Distillr\Acrotray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\FeedReader30\feedreader.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Symantec AntiVirus\VPC32.exe
C:\WINNT\system32\taskmgr.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINNT\system32\mmc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\regedit.exe
C:\Documents and Settings\umar_javaid\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 143.166.*;*.dell.co*;163.244.*;10.*;127.*;198.185.237.*;*.corptvl.com;ORL10PLUSWS01.CSERVER;dell.mtgworksphere.com;dellhome.mtgworksphere.com;64.207.0.*;*.tbgfinancial.com;myinvoice.csd.disa.mil;vdc.emc.com;192.0.2.*;*.servigistics.com;<local>
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINNT\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SysInfo] C:\WINNT\bginfo\Bginfo.exe /iC:\WINNT\bginfo\Corp40.bgi /timer:0
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [MSConfig] C:\WINNT\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINNT\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://inside.us.dell.com/home/
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://testdirector.us.dell.com/qcbin/Spider80.ocx
O16 - DPF: {60A6F73C-54B5-46C1-B436-5E4E6AFF2136} (Siebel High Interactivity Framework) - http://rmtsitweb.aus.amer.dell.com/callcenter_enu/19234/applets/SiebelAx_HI_Client.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1210034487859
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://www.homesteadhotels.com/minisite/accommodations/surround/MSSurVid.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B2FC031D-8C74-46AE-8042-BCF4FC03C1EF} (Loader Class v4) - http://testdirector.us.dell.com/qcbin/Spider91.cab
O16 - DPF: {F61F549C-A083-4893-AF31-3AD491EFB5AC} (PrimusImageGrabber6x Class) - http://auskcsprdweb01/components/imagegrabber.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = amer.dell.com
O17 - HKLM\Software\..\Telephony: DomainName = amer.dell.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = amer.dell.com,us.dell.com,emea.dell.com,olqa.preol.dell.com,oldev.preol.dell.com,aus.amer.dell.com,lim.emea.dell.com,ie.dell.com,lim.emea-poclab.dellpoc.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = amer.dell.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = aus.amer.dell.com,amer.dell.com,us.dell.com,emea.dell.com,olqa.preol.dell.com,oldev.preol.dell.com,lim.emea.dell.com,ie.dell.com,lim.emea-poclab.dellpoc.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = amer.dell.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = aus.amer.dell.com,amer.dell.com,us.dell.com,emea.dell.com,olqa.preol.dell.com,oldev.preol.dell.com,lim.emea.dell.com,ie.dell.com,lim.emea-poclab.dellpoc.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = aus.amer.dell.com,amer.dell.com,us.dell.com,emea.dell.com,olqa.preol.dell.com,oldev.preol.dell.com,lim.emea.dell.com,ie.dell.com,lim.emea-poclab.dellpoc.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: enstart - Unknown owner - C:\WINNT\system32\enstart.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NightWatchman50 - 1E Ltd. - C:\Program Files\1E\NightWatchman\NwmSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SMSWUagent - 1E Ltd. - C:\Program Files\1E\SMSWakeUp\SMSWUagent.exe
O23 - Service: Symantec NAC Service (SNAC) - Symantec Corporation - C:\Program Files\Symantec\SPA\snac.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 17364 bytes


Please advise on next steps since I have been trying to fix this for two days and have read everywhere.
holmz20
2008-09-27, 02:59
I have also ran GMER with results below:

--------------------------------
Here is log of gmer:

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-09-26 19:55:27
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.14 ----

SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwAllocateVirtualMemory [0xBABB99EA]
SSDT 8A2385D0 ZwConnectPort
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwCreateThread [0xBABB968C]
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xA7FE7350]
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xBABB93F4]
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwProtectVirtualMemory [0xBABB9AE2]
SSDT \??\C:\WINNT\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xA7FE7580]
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xBABB98BA]
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwTerminateProcess [0xBABB981E]
SSDT \??\C:\WINNT\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xA72AE6D0]
SSDT \??\C:\WINNT\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwWriteVirtualMemory [0xBABB9BD8]

---- Kernel code sections - GMER 1.0.14 ----

.text tcpip.sys!IPTransmit + 10BC A7CB4CFA 6 Bytes CALL BA58BE16 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!IPTransmit + 263D A7CB627B 6 Bytes CALL BA58BE16 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!ARPRcv + 521E A7CBB4BE 6 Bytes CALL BA58BE16 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text wanarp.sys A7F0C3FD 7 Bytes CALL BA58BF46 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
? C:\WINNT\system32\Drivers\uphcleanhlp.sys The system cannot find the file specified. !
? System32\Drivers\IsDrv122.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[3596] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe (Messenger/Microsoft Corporation)
.text C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe[4280] kernel32.dll!LoadLibraryExW 7C801AF1 5 Bytes JMP 00402B70 C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 42F0F301 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 430A1667 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 430A15E8 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 430A162C C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 430A1574 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 430A15AE C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 430A16A2 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5460] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 42F316B6 C:\WINNT\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [BA58D524] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [BA58D4A8] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [BA58C97C] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [BA58C754] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[340] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[340] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[340] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[340] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[360] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A12F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[360] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A12CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[360] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00A12D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[360] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A12CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe[380] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe[380] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe[380] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe[380] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\HidFind.exe[472] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00962F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\HidFind.exe[472] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00962CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\HidFind.exe[472] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00962D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\HidFind.exe[472] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00962CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\ctfmon.exe[552] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\ctfmon.exe[552] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\ctfmon.exe[552] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\ctfmon.exe[552] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\mmc.exe[816] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\mmc.exe[816] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\mmc.exe[816] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\mmc.exe[816] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\hkcmd.exe[2256] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\hkcmd.exe[2256] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\hkcmd.exe[2256] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\hkcmd.exe[2256] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxpers.exe[2284] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxpers.exe[2284] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxpers.exe[2284] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxpers.exe[2284] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\rundll32.exe[2304] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AB2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\rundll32.exe[2304] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AB2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\rundll32.exe[2304] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00AB2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\rundll32.exe[2304] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AB2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxsrvc.exe[2344] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxsrvc.exe[2344] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxsrvc.exe[2344] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\igfxsrvc.exe[2344] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2368] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B72F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2368] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B72CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2368] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00B72D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe[2368] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B72CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\1E\NightWatchman\NWMCLI.EXE[2404] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\1E\NightWatchman\NWMCLI.EXE[2404] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\1E\NightWatchman\NWMCLI.EXE[2404] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\1E\NightWatchman\NWMCLI.EXE[2404] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B32F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B32CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00B32D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe[2448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B32CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apoint.exe[2656] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A22F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apoint.exe[2656] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A22CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apoint.exe[2656] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00A22D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apoint.exe[2656] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A22CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe[2820] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe[2820] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe[2820] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe[2820] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\QuickSet\quickset.exe[2888] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DF2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\QuickSet\quickset.exe[2888] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DF2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\QuickSet\quickset.exe[2888] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00DF2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\QuickSet\quickset.exe[2888] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DF2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Pure Networks\Network Magic\nmapp.exe[2976] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Pure Networks\Network Magic\nmapp.exe[2976] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Pure Networks\Network Magic\nmapp.exe[2976] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Pure Networks\Network Magic\nmapp.exe[2976] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apntex.exe[3296] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00962F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apntex.exe[3296] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00962CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apntex.exe[3296] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00962D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Apoint\Apntex.exe[3296] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00962CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[3408] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00942F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[3408] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00942CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[3408] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00942D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[3408] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00942CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Adobe\Distillr\Acrotray.exe[3448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A22F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Adobe\Distillr\Acrotray.exe[3448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A22CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Adobe\Distillr\Acrotray.exe[3448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00A22D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Adobe\Distillr\Acrotray.exe[3448] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A22CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[3596] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01312F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[3596] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01312CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[3596] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [01312D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\MSN Messenger\MsnMsgr.Exe[3596] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01312CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[3792] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00E72F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[3792] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00E72CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[3792] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00E72D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[3792] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00E72CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[3804] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[3804] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[3804] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00B42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe[3804] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\FeedReader30\feedreader.exe[3860] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\FeedReader30\feedreader.exe[3860] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\FeedReader30\feedreader.exe[3860] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [003A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\FeedReader30\feedreader.exe[3860] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[3868] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008F2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[3868] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008F2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[3868] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [008F2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[3868] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008F2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[3876] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A72F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[3876] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A72CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[3876] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00A72D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe[3876] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A72CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[3896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DA2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[3896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DA2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[3896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00DA2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[3896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DA2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\Explorer.EXE[4036] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\Explorer.EXE[4036] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\Explorer.EXE[4036] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\Explorer.EXE[4036] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe[4280] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CF2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe[4280] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CF2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe[4280] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00CF2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\IceSword122en\IceSword.exe[4280] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CF2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4492] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00FD2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4492] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00FD2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4492] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00FD2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4492] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00FD2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4840] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D72F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4840] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D72CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4840] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00D72D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[4840] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D72CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4856] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00972F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4856] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00972CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4856] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00972D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4856] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00972CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4908] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CC2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4908] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CC2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4908] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00CC2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[4908] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CC2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\taskmgr.exe[5400] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\taskmgr.exe[5400] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\taskmgr.exe[5400] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [009F2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\system32\taskmgr.exe[5400] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5460] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A32F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5460] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A32CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5460] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00A32D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[5460] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A32CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\regedit.exe[5464] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [004A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\regedit.exe[5464] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [004A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\regedit.exe[5464] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [004A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINNT\regedit.exe[5464] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [004A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\gmer.exe[5896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\gmer.exe[5896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\gmer.exe[5896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtClose] [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\umar_javaid\Desktop\gmer.exe[5896] @ C:\WINNT\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.14 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)

Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IsDrv122.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IsDrv122.sys
AttachedDevice \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\SYMTDI \Device\SymTDI wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Processes - GMER 1.0.14 ----

Process C:\WINNT\system32\enstart.exe (*** hidden *** ) 4232

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001641ddb9b3
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001641ddb9b3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001641ddb9b3

---- EOF - GMER 1.0.14 ----