Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91681 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Video DownloadHelper Installation


  • This topic is locked This topic is locked
8 replies to this topic

#1 manicd

manicd

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 585 posts

Posted 09 October 2009 - 06:32 PM

Hi

I recently installed the Firefox Add-On "Video Download Helper" and its seems to have infected my computer. I was wondering if someone would be so kind as to take a look at my log just to see if my AV has cleaned the infection. Please see details below, thank you.

- The name & location of the infection as picked up by NOD32

01_Cache_Infection.jpg

- DDS Scan Results[/list]


DDS (Ver_09-09-29.01) - NTFSx86  
Run by Dan at  1:05:25.06 on 10/10/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_16
Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.44.1033.18.3000.1330 [GMT 1:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Thomson\ST330\service\st330service.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Dan\Desktop\dds(2).pif
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0809&m=aspire_7730
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0809&m=aspire_7730
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0809&m=aspire_7730
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vb32&d=0809&m=aspire_7730
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [eRecoveryService] 
mRun: [CLMLServer] "c:\program files\acer arcade deluxe\acer arcade deluxe\kernel\clml\CLMLSvc.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\dan\appdata\roaming\mozilla\firefox\profiles\vxrriqxx.default\
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\drivers\snman380.sys [2009-8-13 134272]
R0 tdrpman174;Acronis Try&Decide and Restore Points filter (build 174);c:\windows\system32\drivers\tdrpm174.sys [2009-8-13 971552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-2-6 106208]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\playmovie\000.fcl [2009-8-12 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]
R2 CLHNService;CLHNService;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\CLHNService.exe [2009-8-12 81504]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-6 727720]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-2-6 38240]
R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2008-4-17 24576]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-8-12 269648]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-7 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\NTIPPKernel.sys [2009-8-12 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-4 131072]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-3-28 210432]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-4-17 81296]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-8-12 19160]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-4-17 3658752]
R3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2009-8-12 30464]
R3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2009-8-12 12672]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [2009-8-12 49408]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]
S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files\autodesk\3ds max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2009-3-18 86016]
S3 A310;AVerMedia A310 DVB-T;c:\windows\system32\drivers\AVerA310USB.sys [2008-4-17 25856]
S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device;c:\windows\system32\drivers\AVerA310Cap.sys [2008-4-17 42880]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-3 112128]
S4 Partner Service;Partner Service;"c:\programdata\partner\partner.exe" --> c:\programdata\partner\partner.exe [?]

=============== Created Last 30 ================

2009-10-09 21:02	<DIR>	--d-----	c:\program files\ConvertHelper
2009-10-03 20:09	2,421,760	a-------	c:\windows\system32\wucltux.dll
2009-10-03 20:09	87,552	a-------	c:\windows\system32\wudriver.dll
2009-10-03 20:09	171,608	a-------	c:\windows\system32\wuwebv.dll
2009-10-03 20:09	33,792	a-------	c:\windows\system32\wuapp.exe
2009-10-03 01:39	195,440	--------	c:\windows\system32\MpSigStub.exe
2009-10-03 01:15	<DIR>	--d-----	c:\program files\iPod
2009-10-02 23:20	<DIR>	--d-----	c:\program files\common files\Common Share
2009-09-26 22:32	<DIR>	--d-----	c:\program files\iPod(2)
2009-09-20 01:52	<DIR>	--d-----	c:\program files\CCleaner
2009-09-20 01:17	<DIR>	--d-----	c:\users\dan\appdata\roaming\Disk Cleaner
2009-09-19 08:41	<DIR>	--d-----	c:\users\dan\appdata\roaming\WinPatrol
2009-09-19 08:41	<DIR>	--d-----	c:\program files\BillP Studios
2009-09-17 19:53	107,368	a-------	c:\windows\system32\GEARAspi.dll
2009-09-17 19:53	26,600	a-------	c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-17 19:51	<DIR>	--d-----	c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 19:51	<DIR>	--d-----	c:\program files\iTunes
2009-09-17 19:51	<DIR>	--d-----	c:\progra~2\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-15 20:11	<DIR>	--d-----	c:\users\dan\Tracing
2009-09-15 20:04	<DIR>	--d-----	c:\program files\common files\Windows Live

==================== Find3M  ====================

2009-09-10 20:45	143,360	a-------	c:\windows\inf\infstrng.dat
2009-09-10 20:45	86,016	a-------	c:\windows\inf\infstor.dat
2009-09-10 20:45	51,200	a-------	c:\windows\inf\infpub.dat
2009-09-10 14:54	38,224	a-------	c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53	19,160	a-------	c:\windows\system32\drivers\mbam.sys
2009-09-05 20:38	411,368	a-------	c:\windows\system32\deploytk.dll
2009-08-29 03:30	173,056	a-------	c:\windows\apppatch\AcXtrnal.dll
2009-08-29 03:30	458,752	a-------	c:\windows\apppatch\AcSpecfc.dll
2009-08-29 03:30	2,159,616	a-------	c:\windows\apppatch\AcGenral.dll
2009-08-29 03:30	542,720	a-------	c:\windows\apppatch\AcLayers.dll
2009-08-29 01:27	4,240,384	a-------	c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 01:14	28,672	a-------	c:\windows\system32\Apphlpdm.dll
2009-08-28 19:42	2,065,696	a-------	c:\windows\system32\usbaaplrc.dll
2009-08-28 19:42	40,448	a-------	c:\windows\system32\drivers\usbaapl.sys
2009-08-14 19:50	665,600	a-------	c:\windows\inf\drvindex.dat
2009-08-14 18:56	0	a---h---	c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-08-14 17:27	904,776	a-------	c:\windows\system32\drivers\tcpip.sys
2009-08-14 16:53	17,920	a-------	c:\windows\system32\netevent.dll
2009-08-14 14:49	9,728	a-------	c:\windows\system32\TCPSVCS.EXE
2009-08-14 14:49	17,920	a-------	c:\windows\system32\ROUTE.EXE
2009-08-14 14:49	11,264	a-------	c:\windows\system32\MRINFO.EXE
2009-08-14 14:49	27,136	a-------	c:\windows\system32\NETSTAT.EXE
2009-08-14 14:49	19,968	a-------	c:\windows\system32\ARP.EXE
2009-08-14 14:49	8,704	a-------	c:\windows\system32\HOSTNAME.EXE
2009-08-14 14:49	10,240	a-------	c:\windows\system32\finger.exe
2009-08-14 14:48	30,720	a-------	c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 14:48	105,984	a-------	c:\windows\system32\netiohlp.dll
2009-08-13 21:31	971,552	a-------	c:\windows\system32\drivers\tdrpm174.sys
2009-08-13 21:31	540,000	a-------	c:\windows\system32\drivers\timntr.sys
2009-08-13 21:31	44,704	a-------	c:\windows\system32\drivers\tifsfilt.sys
2009-08-13 21:31	134,272	a-------	c:\windows\system32\drivers\snman380.sys
2009-08-12 22:11	49,408	a-------	c:\windows\system32\drivers\stppp.sys
2009-08-12 22:11	30,464	a-------	c:\windows\system32\drivers\st330.sys
2009-08-12 22:11	12,672	a-------	c:\windows\system32\drivers\stbus.sys
2009-08-12 22:11	16,128	a-------	c:\windows\system32\drivers\lpwdm.sys
2009-08-03 15:07	403,816	a-------	c:\windows\system32\OGACheckControl.dll
2009-08-03 15:07	322,928	a-------	c:\windows\system32\OGAAddin.dll
2009-08-03 15:07	230,768	a-------	c:\windows\system32\OGAEXEC.exe
2009-07-21 22:52	915,456	a-------	c:\windows\system32\wininet.dll
2009-07-21 22:47	109,056	a-------	c:\windows\system32\iesysprep.dll
2009-07-21 22:47	71,680	a-------	c:\windows\system32\iesetup.dll
2009-07-21 21:13	133,632	a-------	c:\windows\system32\ieUnatt.exe
2009-07-17 14:54	71,680	a-------	c:\windows\system32\atl.dll
2009-07-15 13:40	8,147,456	a-------	c:\windows\system32\wmploc.DLL
2009-07-15 13:39	313,344	a-------	c:\windows\system32\wmpdxm.dll
2009-07-15 13:39	4,096	a-------	c:\windows\system32\dxmasf.dll
2009-07-15 13:39	7,680	a-------	c:\windows\system32\spwmp.dll
2008-01-21 03:57	174	a--sh---	c:\program files\desktop.ini
2006-11-02 13:39	287,440	a-------	c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:39	287,440	a-------	c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:39	30,674	a-------	c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:39	30,674	a-------	c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20	287,440	a-------	c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20	287,440	a-------	c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20	30,674	a-------	c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20	30,674	a-------	c:\windows\inf\perflib\0000\perfc.dat

============= FINISH:  1:05:51.85 ===============
- RootRepeal report 10.10.09 (01-08-37)


ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time:		2009/10/10 01:08
Program Version:		Version 1.3.5.0
Windows Version:		Windows Vista SP2
==================================================

Drivers
-------------------
Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8DE00000	Size: 888832	File Visible: No	Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xB095C000	Size: 49152	File Visible: No	Signed: -
Status: -

Processes
-------------------
Path: System
PID: 4	Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1248	Status: Locked to the Windows API!

==EOF==

Attached Files


    Advertisements

Register to Remove


#2 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 13 October 2009 - 01:21 PM

Hi manicd,

:welcome:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

It appears that your AV took care of the problem but let's run one more scan anyway.

Also, it appears that your last windows update didn't work.

It also appears that sometimes you can't connect to the internet because there are two computers on your network using the same IP address.


Please go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#3 manicd

manicd

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 585 posts

Posted 14 October 2009 - 01:06 PM

Hi TomK

One of my updates doesn't seem to want to work, I think it was some host process.
Would the double I.P & Internet issues be attributed to the fact that I've just up graded my Broadband package to a faster speed?
I also got a Blue Screen of Death, please see details below.

Product
Windows

Problem
Shut down unexpectedly

Date
14/10/2009 19:31

Status
Not Reported

Problem signature
Problem Event Name:	BlueScreen
OS Version:	6.0.6002.2.2.0.768.2
Locale ID:	2057

Files that help describe the problem (some files may no longer be available)
Mini101409-01.dmp
sysdata.xml
Version.txt

Extra information about the problem
BCCode:	ce
BCP1:	8F3A1EA6
BCP2:	00000008
BCP3:	8F3A1EA6
BCP4:	00000000
OS Version:	6_0_6002
Service Pack:	2_0
Product:	768_1


Here is my Kaspersky log as requested:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
 Tuesday, October 13, 2009
 Operating system: Microsoft Windows Vista Home Basic Edition, 32-bit Service Pack 2 (build 6002)
 Kaspersky Online Scanner version: 7.0.26.13
 Last database update: Tuesday, October 13, 2009 22:00:46
 Records in database: 2970027
--------------------------------------------------------------------------------

Scan settings:
	scan using the following database: extended
	Scan archives: yes
	Scan e-mail databases: yes

Scan area - My Computer:
	C:\
	D:\
	E:\

Scan statistics:
	Objects scanned: 102797
	Threats found: 0
	Infected objects found: 0
	Suspicious objects found: 0
	Scan duration: 01:36:44

No threats found. Scanned area is clean.

Selected area has been scanned.

Thank you.


#4 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 14 October 2009 - 02:14 PM

Hi TomK

One of my updates doesn't seem to want to work, I think it was some host process.
Would the double I.P & Internet issues be attributed to the fact that I've just up graded my Broadband package to a faster speed?

I honestly don't know. In a typical home network, IP addresses are set automatically by dhcp. The only reason for an IP conflict that I've seen is when a laptop is put in Sleep mode. Dchp doesn't see the address as being used and assigns it to a new computer that logs into the network. The sleeping computer is "woken up" and tries to attach to the network with the address that had been assigned to it (if it had been re-booted it would have asked for a new address) and then finds that while it was sleeping, the dhcp gave it's address away.
If you have your network set up with the computers on static addresses (which is what I do at my house and office) then there would only be a conflict if somehow two computers got assigned the same address (not likely to go unnoticed) or if some computers have static addresses and some are assigned by dhcp and the addresses available to dhcp include the static addresses. (I have static address 1-50 and allow dhcp to assign 51-100).

I also got a Blue Screen of Death, please see details below.

Product
Windows

Problem
Shut down unexpectedly

Date
14/10/2009 19:31

Status
Not Reported

Problem signature
Problem Event Name:	BlueScreen
OS Version:	6.0.6002.2.2.0.768.2
Locale ID:	2057

Files that help describe the problem (some files may no longer be available)
Mini101409-01.dmp
sysdata.xml
Version.txt

Extra information about the problem
BCCode:	ce
BCP1:	8F3A1EA6
BCP2:	00000008
BCP3:	8F3A1EA6
BCP4:	00000000
OS Version:	6_0_6002
Service Pack:	2_0
Product:	768_1


Here is my Kaspersky log as requested:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
 Tuesday, October 13, 2009
 Operating system: Microsoft Windows Vista Home Basic Edition, 32-bit Service Pack 2 (build 6002)
 Kaspersky Online Scanner version: 7.0.26.13
 Last database update: Tuesday, October 13, 2009 22:00:46
 Records in database: 2970027
--------------------------------------------------------------------------------

Scan settings:
	scan using the following database: extended
	Scan archives: yes
	Scan e-mail databases: yes

Scan area - My Computer:
	C:\
	D:\
	E:\

Scan statistics:
	Objects scanned: 102797
	Threats found: 0
	Infected objects found: 0
	Suspicious objects found: 0
	Scan duration: 01:36:44

No threats found. Scanned area is clean.

Selected area has been scanned.

Thank you.

As far as I can tell this should relate to a driver issue. Typically I'd suspect a non compatible driver. Have you installed any new drivers recently?

Look in your device manager and see if anything is flagged


This appears to not be a malware problem. You will probably get better help in the Tech forums. I suggest you try the hardware forum. If you post there, please provide a link there back to this thread so that they can see the information you have provided.

Does this make sense to you?

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#5 manicd

manicd

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 585 posts

Posted 15 October 2009 - 03:00 PM

Hi TomK

I honestly don't know. In a typical home network, IP addresses are set automatically by dhcp. The only reason for an IP conflict that I've seen is when a laptop is put in Sleep mode. Dchp doesn't see the address as being used and assigns it to a new computer that logs into the network. The sleeping computer is "woken up" and tries to attach to the network with the address that had been assigned to it (if it had been re-booted it would have asked for a new address) and then finds that while it was sleeping, the dhcp gave it's address away.
If you have your network set up with the computers on static addresses (which is what I do at my house and office) then there would only be a conflict if somehow two computers got assigned the same address (not likely to go unnoticed) or if some computers have static addresses and some are assigned by dhcp and the addresses available to dhcp include the static addresses. (I have static address 1-50 and allow dhcp to assign 51-100).

Does this make sense to you?


Yes & No. I understand your explanation of what may be causing the problem but my computer isn't part of a network is it?
There also seems to be a problem with a couple of the Microsoft Network Drivers which are flagged as not working, but I have been aware of this problem for a while. I'll put this problem to the Hardware Forum as suggested.

Thanks for you help TomK


#6 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 15 October 2009 - 05:00 PM

manicd,

From your event viewer:

09/10/2009 20:42:44, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{750EE0BE-F080-47C9-9D63-768AD75FA706} because another computer on the network has the same name. The server could not start.

That sounds like you're on a network. If you aren't, that may be a problem.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#7 manicd

manicd

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 585 posts

Posted 16 October 2009 - 02:44 AM

Thank you TomK I have now requested help from the Hardware forum, thanks again for your time & help, much appreciated.

#8 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 16 October 2009 - 08:40 AM

manicd, You are very welcome. Good Luck and Be Well. :thumbup:

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#9 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 16 October 2009 - 08:40 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users