Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown device detected !


  • Please log in to reply
23 replies to this topic

#1 ramaflore

ramaflore

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 06:56 AM

Hi,

 

Under my Vista Business 32 bits, every time I reboot my laptop, Vista is detecting an hardware device.

 

I tried to install with the recommended windows drivers, but nothing is changing. I have still this unknow devices detected.

 

The last programs I installed was VPnium. But for this one, I hadn't noticed anything wrong.

 

After that, the next day, I installed Malwarebytes Anti-Exploit  and after that, I uninstalled 'ExploitShield'  from Zerovulnerability Labs.

 

Running Malwarebytes Anti-Exploit, it detected Ukash virus (an old infection I had, that I thought I removed all the traces) and the famous 'hellomoto' folder with 2 dat files.

 

I forgot to mention that I deleted all left behind traces from the ExploitShield on my registry and on my computer, to make sure that I removed this program. The uninstallation process was done with RevoUninstall.

 

Please check the attached files: Device Manager screenshots (sorry, in french).

 

Thanks in advance

Attached Files


Edited by ramaflore, 11 September 2013 - 06:59 AM.


BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 08:02 AM

Please Download Minitoolbox from here and save to your desktop.

Run it and select following options:

  • List last 10 Event Viewer Errors
  • List Installed programs
  • List Devices (only problems)

Click GO and let it run, after it finished it will produce you a log, please copy the entire log and paste in your next reply. (Don't attach.)

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:02 AM

Posted 11 September 2013 - 10:12 AM

Does this translate to other device?

 

What is shown when you double click on this?

 

Please translate this to English.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 10:30 AM

dc3, for your FYI, the device having problem is Other Device > Unknown Device. (I think you know but a bit info never bad.) :)

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,364 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:02 AM

Posted 11 September 2013 - 10:56 AM

Sirawit, the op has a error showing in the Device Manager.  If they double click on this it should provide more information which could be useful.

 

And yes, I am aware of the other device. :thumbup2:


Edited by dc3, 11 September 2013 - 10:57 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:08 AM

I have this driver not set correctly (code 1). Please, reinstall it.... --- my english translation

 

Which info do you need ?  On 'Details' tab ?

 

 

Does this translate to other device?

 

What is shown when you double click on this?

 

Please translate this to English.



#7 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 11:15 AM

No, Under General Tab. Take a screenshot and post. I understand a bit of French but translated one will be better.

 

Thank you


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#8 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:22 AM

Here you are SIrawit, the log file :

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Flore (administrator) on 11-09-2013 at 18:20:51
Running from "C:\Users\Transparence\Desktop"
Microsoft® Windows Vista™ Professionnel  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/11/2013 00:16:36 PM) (Source: Perflib) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll4

Error: (09/11/2013 11:56:24 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (09/11/2013 02:54:31 AM) (Source: Application Error) (User: )
Description: Application défaillante u32.exe, version 0.0.0.0, horodatage 0x514e2c76, module défaillant MSVCR100D.dll, version 6.0.6002.18541, horodatage 0x4ec3e3d5, code d’exception 0xc0000135, décalage d’erreur 0x00009f5d,
ID du processus 0xeac, heure de début de l’application 0xu32.exe0.

Error: (09/11/2013 02:53:52 AM) (Source: VSS) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005.
Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.


Opération :
   Données du rédacteur en cours de collecte

Contexte :
   ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
   Nom du rédacteur: System Writer
   ID d’instance du rédacteur: {4017e0d6-3970-4688-8b88-c32cce05f824}

Error: (09/10/2013 08:28:15 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/10/2013 08:28:14 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (09/10/2013 10:53:29 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (09/09/2013 05:59:28 PM) (Source: RasClient) (User: )
Description: CoID={D213680A-E66F-4002-BC29-B3CC7FD56C23} : L’utilisateur PC-de-Flore\Transparence a composé le numéro de la connexion VpnBook USA Manassas Washington. La connexion a échoué. Code d’erreur retourné : 619.

Error: (09/09/2013 01:36:40 PM) (Source: RasClient) (User: )
Description: CoID={C42265BB-CBBB-46F9-9931-0EC528CF3045} : L’utilisateur PC-de-Flore\Transparence a composé le numéro de la connexion VpnBook USA Manassas Washington. La connexion a échoué. Code d’erreur retourné : 691.

Error: (09/09/2013 01:35:06 PM) (Source: RasClient) (User: )
Description: CoID={0B5DA064-0757-4F6D-B108-D87EE8E83FB3} : L’utilisateur PC-de-Flore\Transparence a composé le numéro de la connexion VpnBook USA Manassas Washington. La connexion a échoué. Code d’erreur retourné : 691.


System errors:
=============
Error: (09/11/2013 02:49:12 PM) (Source: Server) (User: )
Description: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{0715894B-ECB5-4952-9353-8D28432CB016} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error: (09/11/2013 02:04:31 PM) (Source: Server) (User: )
Description: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{0715894B-ECB5-4952-9353-8D28432CB016} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error: (09/11/2013 01:22:01 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: AUTORITE NT)
Description: 0x80070032

Error: (09/11/2013 01:21:22 PM) (Source: EventLog) (User: )
Description: L'arrêt système précédant à 12:59:56 le 11/09/2013 n'était pas prévu.

Error: (09/11/2013 01:21:11 PM) (Source: pcmcia) (User: )
Description: Le contrôleur PCMCIA a rencontré une erreur lors de la lecture des données de configuration du périphérique.

Error: (09/11/2013 00:37:15 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: AUTORITE NT)
Description: 0x80070032

Error: (09/11/2013 00:35:46 PM) (Source: pcmcia) (User: )
Description: Le contrôleur PCMCIA a rencontré une erreur lors de la lecture des données de configuration du périphérique.

Error: (09/11/2013 11:55:58 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: AUTORITE NT)
Description: 0x80070032

Error: (09/11/2013 11:55:12 AM) (Source: pcmcia) (User: )
Description: Le contrôleur PCMCIA a rencontré une erreur lors de la lecture des données de configuration du périphérique.

Error: (09/11/2013 03:05:54 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: AUTORITE NT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (09/11/2013 00:16:36 PM) (Source: Perflib)(User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll4

Error: (09/11/2013 11:56:24 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (09/11/2013 02:54:31 AM) (Source: Application Error)(User: )
Description: u32.exe0.0.0.0514e2c76MSVCR100D.dll6.0.6002.185414ec3e3d5c000013500009f5deac01ceae8971b4e032

Error: (09/11/2013 02:53:52 AM) (Source: VSS)(User: )
Description: 0x80070005

Opération :
   Données du rédacteur en cours de collecte

Contexte :
   ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
   Nom du rédacteur: System Writer
   ID d’instance du rédacteur: {4017e0d6-3970-4688-8b88-c32cce05f824}

Error: (09/10/2013 08:28:15 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/10/2013 08:28:14 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (09/10/2013 10:53:29 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (09/09/2013 05:59:28 PM) (Source: RasClient)(User: )
Description: {D213680A-E66F-4002-BC29-B3CC7FD56C23}PC-de-Flore\TransparenceVpnBook USA Manassas Washington619

Error: (09/09/2013 01:36:40 PM) (Source: RasClient)(User: )
Description: {C42265BB-CBBB-46F9-9931-0EC528CF3045}PC-de-Flore\TransparenceVpnBook USA Manassas Washington691

Error: (09/09/2013 01:35:06 PM) (Source: RasClient)(User: )
Description: {0B5DA064-0757-4F6D-B108-D87EE8E83FB3}PC-de-Flore\TransparenceVpnBook USA Manassas Washington691


CodeIntegrity Errors:
===================================
  Date: 2013-09-11 12:43:04.980
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:43:04.075
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:43:03.280
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:43:02.578
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:10.800
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:10.052
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:09.443
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:08.616
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:08.008
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

  Date: 2013-09-11 12:32:07.446
  Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume1\Windows\System32\drivers\BrnFileLock.sys car le jeu de hachages d’images par page n’a pas été trouvé sur le système.


=========================== Installed Programs ============================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Autorun Angel 1.0.34
Blue Ridge Networks AppGuard ® Consumer (Version: 3.4.2.3)
BurnAware Free 5.1
CutePDF Writer 2.8
Daum PotPlayer 1.5.33948
doPDF 7.3 printer
DriverMax 6 (Version: 6.35.0.349)
ERUNT 1.1j
FuturixImager (Version: 6.0.3)
Google Books Downloader version 2.3 (Version: 2.3)
HitmanPro 3.7 (Version: 3.7.0.185)
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver (Version: 7.14.10.1103)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Exploit version 0.09.3.1000 (Version: 0.09.3.1000)
Marvell Miniport Driver (Version: 9.12.4.3)
MAXA Cookie Manager Pro 5.3
Microsoft .NET Framework 3.5 Language Pack SP1 - fra (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Minimem (Version: 2.1.1)
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
Module linguistique Microsoft .NET Framework 4 Extended FRA (Version: 4.0.30319)
Mozilla Firefox 23.0.1 (x86 fr) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MPC-HC 1.6.8 (Version: 1.6.8.7417)
Nitro PDF Express (Version: 2.0.1.8)
PDF to Word
Privatefirewall 7.0 (Version: 7.0.28.1)
Proxy Goblin (Version: 2.5.8)
Puran Defrag Free Edition 7.3
Realtek High Definition Audio Driver
Replay Video Capture 6 (Version: 6.0.3)
Revo Uninstaller 1.95 (Version: 1.95)
Secunia PSI (3.0.0.2004) (Version: 3.0.0.2004)
Shadow Defender (Version: 1.1.0.331)
SopCast 3.8.2 (Version: 3.8.2)
StreamTransport version: 1.0.2.2171
SumatraPDF (Version: 2.3.2)
System Requirements Lab for Intel (Version: 4.5.5.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Veetle TV (Version: 0.9.19)
VirusTotal Uploader 2.0
VLC media player 2.0.5 (Version: 2.0.5)
VPNium  (Version: )
WhoCrashed 3.04
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)

========================= Devices: ================================


**** End of log ****
 



#9 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:26 AM

Sirawit,

 

Here you are the general tab screenshots ;)

 

 

1837551832419c271224b315b5da4b095b00cf49

 

 

PS: I couldn't upload the photo on attached file here as my pic is bigger than 49 kb. ;)


Edited by ramaflore, 11 September 2013 - 11:29 AM.


#10 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 11:33 AM

I'm trying to help you as much as I can with all lang in your computer French.

 

Go to driver tab and click update driver. Follow the prompth and see it ok or not, if yes, it will be move from other devices to other categories.

If not, click driver details and take screenshot.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#11 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:39 AM

Have you checked the  log file ?

 

I already tried to update on this way with no results.



#12 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 11:40 AM

I already checked it, but it is not what I expected to see.

 

Now please take a screenshot in driver details button. (The button above update driver.)

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#13 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:41 AM

1837554540d044cded40c361000f299389574898

 

 

If I click on the arrow I have more options. ;)  Need to know which do you need ?



#14 ramaflore

ramaflore
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 11 September 2013 - 11:43 AM

183755502a56998e1f2712ca748d90d84c116fd8



#15 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:10:02 PM

Posted 11 September 2013 - 11:50 AM

I mean this, like this picture:

 

6rSEG6T.png

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users