how to find and remove DRIVER and DRIVER SETTINGS - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Closed Thread
Thread Tools Display Modes
Old 01-22-2007, 06:18 AM   #1 (permalink)
True Techie
Join Date: Feb 2005
Posts: 235
Default how to find and remove DRIVER and DRIVER SETTINGS

hi guys

I recently got hit by the Peacom virus.. where wincom32.sys is the culprit.. i was gettinig BSOD like ****.. after investigating, using windbg, research etc etc.... i confirmed that the BSOD is being caused by the wincom32.sys driver, which actually is the Peacom virus.. the virus itself is does not cause BSOD error by design, but KASPERSKY has killed this virus, and its files etc.. however, there seem to be a device driver instruction or setting still left in the system.. because in the BSOD the faulting module is:


I have REMOVED/UNINSTALLED this device already from the device manager, issuing first:

RUN> set dvcmgr_show_nonpresent_devices=1
RUN> dvcmgmt.msc

locating the wincom32 entry and successfully uninstalling it..

but.. IM STILL GETTING THE DARN BSOD! the debug info is still reporting wincom32.sys as the culprit..

so i searched the registries for "wincom32" entry... none found..

what's weird also is the faulting module, as shown in winDBG, is located in


take note of the highlighted..


what does that mean? where is this windows "instruction"? so i can KILL IT ONCE AND FOR ALL!

please advice. .

clever_j is offline  
Old 01-22-2007, 07:10 AM   #2 (permalink)
Monster Techie
MrCoffee's Avatar
Join Date: Feb 2006
Location: UK
Posts: 1,858

No idea, all I can suggest is take out your system restore and delete all instances of wincom32.sys from your drive.
if you're unlucky you may have a rootkit but I don't think Peacom includes a proper rootkit but this smells of one.

try blacklight

Intel core I7 920
6GB OCZ platinum 1600
XFX HD4890
Noctua nh-u12p
Corsair HX520
Antec 300
Samsung 1TB F1 Spinpoint
Samsung SM2443BW 24"
MrCoffee is offline  
Old 01-22-2007, 10:37 AM   #3 (permalink)
True Techie
Join Date: Feb 2005
Posts: 235

no instances of wincom32 anywhere on my drive, not even in my registries..annoying..
clever_j is offline  
Old 01-22-2007, 11:07 AM   #4 (permalink)
Do not Stare at my Avatar
Ste's Avatar
Join Date: Aug 2005
Location: Upon Gleaning Infinity
Posts: 9,571
Send a message via MSN to Ste

Windows Repair.
If Still. Back up info. Reformat. Reinstall.
Ste is offline  
Old 01-22-2007, 06:35 PM   #5 (permalink)
True Techie
Join Date: Feb 2005
Posts: 235

If Still. Back up info. Reformat. Reinstall.
yep this'd be my last recourse..

anyway, can you guys tell me atleast, where the LIST OF DRIVERS that are loaded on startup are located? an ini file? registry hive? coz i swear, if it's being loaded still, there's gotta be something there in my system that tells it to.
clever_j is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities

Copyright 2002-2015 Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 08:23 AM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2016, vBulletin Solutions, Inc.