Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Monday, June 25, 2012

GEARAspiWDM.sys incompatible

Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys por una incompatibilidad con este sistema
http://www.computerhope.com/cgi-bin/process.pl?p=gearaspiwdm.sys
GEAR Software disc copying service installed with iTunes and other CD / DVD burning software file.
Source
The process CDRom Class Filter Driver or CD/DVD Class Filter Driver or CD DVD Filter or Filter Driver for (version 2k and XP) or GEAR ASPI Filter Driver or iTunes
belongs to the software GEAR.wrks or iTunes or GEAR CDRom Filter or GEAR ASPI Filter Driver or CD DVD Filter or GearDrvs or Norton Ghost or GEAR driver installer for (version x86) or GEARAspi by GEAR Software (www.gearsoftware.com).
Description: GEARAspiWDM.sys is located in the folder C:\Windows\System32\drivers. Known file sizes on Windows 7/XP are 14,408 bytes (34% of all occurrence), 15,664 bytes and 14 more variants. http://www.file.net/process/gearaspiwdm.sys.html
The driver can be started or stopped from Services in the Control Panel or by other programs. The program is not visible. GEARAspiWDM.sys is not a Windows system file. File GEARAspiWDM.sys is a Verisign signed file. The file has a digital signature. There is no detailed description of this service. You can uninstall this program in the control panel. GEARAspiWDM.sys seems to be a compressed file. Therefore the technical security rating is 9% dangerous, however also read the users reviews.
If you run into problems with GEARAspiWDM.sys, you can also visit the Apple support page, update the program to the latest version or uninstall iTunes or GEAR 32bit Driver Installer software via Windows Control Panel/Add or Remove Programs (Windows XP) or Programs and Features (Windows 7/Vista).

An inside look at Apple's sneaky iTunes 8 upgrade
http://www.gearsoftware.com/wiki/index.php?title=DRIVERS:_Windows_-_Updating,_removing,_64_bit_versions,_etc
http://www.gearsoftware.com/support/forum/viewtopic.php?t=584
Source
OTL by OldTimer is like HijackThis — on steroids. OTL scans your system for malware, and produces detailed logs. It’s primarily a malware diagnostic tool, but has advanced removal abilities. It is used alone, or with other tools to  remove malware completely.
OTL is a flexible, multipurpose, diagnostic, and malware removal tool. It also has some curative ability.

Modern malware will hide all, or most of itself from detection in a HijackThis log. HijackThis (HJT) is very popular, and if malware can hide from it, it has a better chance of survival. But mostly HJT fails to detect malware because, with the exception of some bug fixes and minor updates, it has not been updated in a long time.
A brief history lesson… Merijn Bellekom is the creator and developer of HJT. He sold it to Trend Micro in March, 2007. Trend added an “Analyze This” button to collect data, updated HJT to be compatible with Windows Vista/7, and fixed a few bugs. While malware has evolved much since March 2007, HJT has not.
The need for a more powerful diagnostic tool that is updated often spurred developers to create their own pseudo versions of HJT. Among them DDS by sUBs, RSIT by random/random, and of course OTL by OldTimer Of them, OTL is the most robust, and has the most advanced ability to remove malware.
The most common use for OTL is to post a log in a malware removal forum for analysis by an expert. However, it’s also a good idea to run an OTL log as a baseline before running any advanced removal tools. In the event those tools don’t completely remove the malware, the OTL log can offer valuable information to remove the remainder.
A complete and detailed OTL tutorial has just been made public. It has been available to experts and forum helpers for some time. While most people will never use all the features of OTL, or only use it to create a log, others will find all the information offered in the tutorial helpful.
One of the most powerful features of OTL is its ability to run custom scans. This allows the log output to be modified very easily, and quickly adapt to the latest malware threats. An always up-to-date custom scan recommendation can be found in our Malware Cleaning Guide.
Following is a “Quick Start” Guide to creating an OTL log:
  1. Simply Download OTL.exe (alternate mirror) to your desktop, download folder, or other convenient location. In the event malware is blocking OTL.exe from running, alternate versions are available as either .com (mirror), or .scr (mirror).
  2. OTL doesn’t need to be installed, simply run it by clicking the icon (approve any UAC warnings on WIndows Vista or 7).OTL_icon
  3. First paste custom scan information (if any). Second, click the “Quick Scan” button.
OTL_main
4. When the scan completes, it will open two windows in Notepad. OTL.txt, and Extras.txt. They are saved in the same location as OTL.exe. Copy the contents and paste to a forum for help, or if you’re an advanced user and have read the tutorial, analyze the output.

http://www.techspot.com/community/topics/tidserv-activity-2-trojan-virus-elimination-help.173535/page-2
http://www.forospyware.com/t418986.html
http://foros.inteco.es/seguridad/posts/list/10/67361.page

No comments: