Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

So I've contacted law enforcement.. Latest threat w/ no anti virus.


  • This topic is locked This topic is locked
8 replies to this topic

#1 SeekerOfAnswers

SeekerOfAnswers

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 10:44 AM

This is a log that the VIRUS created, it's super spyware.. I can't get logs from any programs myself, nothing sees the darn thing.

Direct link to log

http://www.fileswap.com/dl/DerTzKQbxd/CBS.persist.log.html

Link to page containing the log for d/l

http://www.fileswap.com/dl/DerTzKQbxd/

Anyone care to browse through the 73.5 mb log file? lmao



BC AdBot (Login to Remove)

 


#2 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 10:50 AM

So close to ... Not gonna say it, it's spooky..!

 

;////////////////////////////////////////////////////////////////////////////////
;//
;//                     Copyright (c) Lumanate, Inc. 2005-2006
;//      All rights are reserved.  Reproduction in whole or in part is prohibited
;//      without the written consent of the copyright owner.
;//
;//      Lumanate, Inc. reserves the right to make changes without notice at any time.
;//      Lumanate, Inc. makes no warranty, expressed, implied or statutory, including
;//      but not limited to any implied warranty of merchantibility of fitness
;//      for any particular purpose, or that the use will not infringe any
;//      third party patent, copyright or trademark.
;//      Lumanate, Inc. must not be liable for any loss or damage arising from its use.
;//
;////////////////////////////////////////////////////////////////////////////////

;////////////////////////////////////////////////////////////////////////////////
;//
;// Angel64.inf
;//
;// This file contains installation information
;// for the Angel Device.
;//
;// Modification History:
;// Date      By            Description
;// --------  ------------  --------------------------------------------------
;// 07/04/04  L.Kegulskiy   Created
;//
;////////////////////////////////////////////////////////////////////////////////

[Version]
signature="$CHICAGO$"
Class=MEDIA
ClassGUID={4d36e96c-e325-11ce-bfc1-08002be10318}
Provider=%Angel.Provider%
PNPLockDown=1
DriverVer=06/21/2006,6.0.6000.16386

[ControlFlags]
ExcludeFromSelect=*

[Manufacturer]
%Angel.Manufacturer%=Angel.Device,NTamd64...1


[Angel.Device.NTamd64...1]
%Angel.DeviceDesc%=Angel.Install.NTamd64,PCI\VEN_1033&DEV_013A&SUBSYS_001A1809
%Angel.DeviceDesc%=Angel.Install.NTamd64,EZD\ANGEL_CH2_REV0

;;;;;;;;;; NO ROM
;%Angel.DeviceDesc%=Angel.Install.NTamd64,PCI\VEN_1033&DEV_013A&SUBSYS_00000000&REV_09
;;;;;;;;;; EMPTY ROM
;%Angel.DeviceDesc%=Angel.Install.NTamd64,PCI\VEN_1033&DEV_013A&SUBSYS_FFFFFFFF&REV_09


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Angel PCI Dual Tuner ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

;----------------------------------------DDInstall Section -----------------------------
[Angel.Install.NTamd64]
Include     = ks.inf, kscaptur.inf, ksfilter.inf, wdmaudio.inf
Needs       = KS.Registration,KSCAPTUR.Registration.NT,WDMAUDIO.Registration
DelReg      = Angel.DelReg
CopyFiles   = Angel.CopyFiles,EzdFilters.CopyFiles,uCode.CopyFiles	;;;diag;;;,Diag.CopyFiles
AddReg      = Angel.AddReg,Angel.PinNames
RegisterDlls= Angel.RegisterDlls
AddProperty = Angel.AddProp

; ---------------------------- Interface Installation Sections ----------------------------
[Angel.Install.NTamd64.Interfaces]
AddInterface=%KSCATEGORY_CAPTURE%,%KSNAME_CAPTURE_FILTER%,VideoCaptureTV,
AddInterface=%KSCATEGORY_CROSSBAR%,%KSNAME_CAPTURE_FILTER%,VideoCrossbar,
AddInterface=%KSCATEGORY_TVTUNER%,%KSNAME_CAPTURE_FILTER%,VideoTvTuner,
AddInterface=%KSCATEGORY_TVAUDIO%,%KSNAME_CAPTURE_FILTER%,VideoTvAudio,
AddInterface=%KSCATEGORY_ENCODER%,%KSNAME_ENCODER_FILTER%,VideoEncoder,
AddInterface=%KSCATEGORY_MULTIPLEXER%,%KSNAME_ENCODER_FILTER%,VideoEncoder,
AddInterface=%KSCATEGORY_AUDIO%,%KSNAME_AUDIO_FILTER%,AudioCapture,
AddInterface=%KSCATEGORY_AUDIO_DEVICE%,%KSNAME_AUDIO_FILTER%,AudioCapture,
AddInterface=%KSCATEGORY_AUDIO_INPUT_DEVICE%,%KSNAME_AUDIO_FILTER%,AudioCapture,

; ---------------------------- Service Installation Sections---------------------------------------
[Angel.Install.NTamd64.Services]
AddService = Angel,0x00000002,Angel.ServiceInstall

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Angel PCI Dual Tuner ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


;----------------------------------------File Copy related Sections ---------------------------------
[DestinationDirs]
Angel.CopyFiles=10,system32\drivers
uCode.CopyFiles=10,system32\drivers\Angel
	;;;diag;;;Diag.CopyFiles=10,system32\drivers\Angel
EzdFilters.CopyFiles=11

[Angel.CopyFiles]
Angel.sys

[uCode.CopyFiles]
;;;MainFwPci.bin
;;;AudFwPci.bin
;;;MainFwSpi.bin
;;;AudFwSpi.bin
;;;MainFwUsb.bin
;;;AudFwUsb.bin


[EzdFilters.CopyFiles]
;;;EzRating.dll 

	;;;diag;;;[Diag.CopyFiles]
	;;;diag;;;AnglDiag.exe
	;;;diag;;;AnglDiag.cfg
	;;;diag;;;Angel.dev


[SourceDisksNames]
777=%Angel.InstallationDir%,,,

[SourceDisksFiles]
Angel.sys=777
;;;MainFwPci.bin=777
;;;AudFwPci.bin=777
;;;MainFwSpi.bin=777
;;;AudFwSpi.bin=777
;;;MainFwUsb.bin=777
;;;AudFwUsb.bin=777
;;;EzRating.dll=777
	;;;diag;;;AnglDiag.exe=777
	;;;diag;;;AnglDiag.cfg=777
	;;;diag;;;Angel.dev=777


[Angel.ServiceInstall]
DisplayName   = %Angel.DeviceDesc%
ServiceType   = 1 ;SERVICE_KERNEL_DRIVER
StartType     = 3 ;SERVICE_DEMAND_START
ErrorControl  = 1 ;SERVICE_ERROR_NORMAL
ServiceBinary = %12%\Angel.sys



;--------------------------------------- RegisterDLL sections  -------------------------------------
[Angel.RegisterDlls]
;;;11,,EzRating.dll,1 ;FLG_REGSVR_DLLREGISTER


;----------------------------------------DelReg sections  ------------------------------------------
[Angel.DelReg]
; Clear the tree first
HKR,HwConfig
HKR,AvFront
HKR,Persist
HKR,Msp34x5
HKR,uPD64011b
HKR,,PageOutWhenUnopened


;----------------------------------------AddReg sections  ------------------------------------------
[Angel.AddReg]
HKR,,DevLoader,,*NTKERN
HKR,,NTMPDriver,,Angel.sys
;HKR,,PageOutWhenUnopened,3,01
HKR,,DontSuspendIfStreamsAreRunning,3,01

;
; FileNames
;
;;;HKR,AvFront\Fw,LoadFwFromFile, 0x10001, 1
HKR,AvFront\Fw,MainFwPci,,\SystemRoot\system32\drivers\Angel\MainFwPci.bin
HKR,AvFront\Fw,AudFwPci,,\SystemRoot\system32\drivers\Angel\AudFwPci.bin
HKR,AvFront\Fw,MainFwSpi,,\SystemRoot\system32\drivers\Angel\MainFwSpi.bin
HKR,AvFront\Fw,AudFwSpi,,\SystemRoot\system32\drivers\Angel\AudFwSpi.bin
HKR,AvFront\Fw,MainFwUsb,,\SystemRoot\system32\drivers\Angel\MainFwUsb.bin
HKR,AvFront\Fw,AudFwUsb,,\SystemRoot\system32\drivers\Angel\AudFwUsb.bin


; disable messenger from using TV graphs
;;;HKU, ".DEFAULT\Software\Microsoft\RTC\VideoCapture\%Angel.DeviceDesc%","DoNotUseDShow", 0x10001, 0x00000001
;;;HKCU, "Software\Microsoft\RTC\VideoCapture\%Angel.DeviceDesc%","DoNotUseDShow", 0x10001, 0x00000001


;----------------------------------------AddProp section  ------------------------------------------
[Angel.AddProp]
GenericDriverInstalled,,,,1


[VideoCaptureTV]
AddReg=VideoCaptureTV.AddReg

[VideoCrossbar]
AddReg=VideoXBar.AddReg

[VideoTvTuner]
AddReg=VideoTvTuner.AddReg

[VideoTvAudio]
AddReg=VideoTvAudio.AddReg

[VideoEncoder]
AddReg=VideoEncoder.AddReg

[AudioCapture]
AddReg=AudioCapture.AddReg


[VideoCaptureTV.AddReg]
HKR,,CLSID,,%ProxyGenericWdmFilter.CLSID%
HKR,,FriendlyName,,%Angel.DeviceDesc%

[VideoXBar.AddReg]
HKR,,CLSID,,%ProxyXBar.CLSID%
HKR,,FriendlyName,,%Angel.Crossbar%

[VideoTvTuner.AddReg]
HKR,,CLSID,,%ProxyTvTuner.CLSID%
HKR,,FriendlyName,,%Angel.TvTuner%

[VideoTvAudio.AddReg]
HKR,,CLSID,,%ProxyTvAudio.CLSID%
HKR,,FriendlyName,,%Angel.TvAudio%

[VideoEncoder.AddReg]
HKR,,CLSID,,%ProxyGenericWdmFilter.CLSID%
HKR,,FriendlyName,,%Angel.Encoder%
HKR,Interfaces\{B43C4EEC-8C32-4791-9102-508ADA5EE8E7},,,
;
; Dynamic bitrate change
;
HKR,Capabilities,"{BB4FAA02-596C-4129-8FB3-74E75421FA02}", 0x00010001,1

[AudioCapture.AddReg]
HKR,,CLSID,,%ProxyGenericWdmFilter.CLSID%
;;HKR,,CLSID,,%AudioCaptureFilter.CLSID%
HKR,,FriendlyName,,%Angel.AudioDevice%


[Angel.PinNames]
HKLM,%MediaCategories%\%GUID.PINNAME_MPEG_OUT%,Name,,%STRING.PINNAME_MPEG_OUT%
HKLM,%MediaCategories%\%GUID.PINNAME_VIRT_VIDEO_OUT%,Name,,%STRING.PINNAME_VIRT_VIDEO_OUT%
HKLM,%MediaCategories%\%GUID.PINNAME_VIRT_VIDEO_IN%,Name,,%STRING.PINNAME_VIRT_VIDEO_IN%
HKLM,%MediaCategories%\%GUID.PINNAME_VIRT_AUDIO_OUT%,Name,,%STRING.PINNAME_VIRT_AUDIO_OUT%
HKLM,%MediaCategories%\%GUID.PINNAME_VIRT_AUDIO_IN%,Name,,%STRING.PINNAME_VIRT_AUDIO_IN%
HKLM,%MediaCategories%\%GUID.PINNAME_ANALOG_AUDIO_IN%,Name,,%STRING.PINNAME_ANALOG_AUDIO_IN%


[Strings]
; non-localizeable
ProxyGenericWdmFilter.CLSID = "{17CCA71B-ECD7-11D0-B908-00A0C9223196}"
ProxyXBar.CLSID             = "{71F96460-78F3-11d0-A18C-00A0C9118956}"
ProxyTvTuner.CLSID          = "{266EEE40-6C63-11cf-8A03-00AA006ECB65}"
ProxyTvAudio.CLSID          = "{71F96462-78F3-11d0-A18C-00A0C9118956}"
AudioCaptureFilter.CLSID    = "{E30629D2-27E5-11CE-875D-00608CB78066}"

MediaCategories="SYSTEM\CurrentControlSet\Control\MediaCategories"

GUID.PINNAME_MPEG_OUT       = "{21CD80CC-F4D3-4289-B203-EDC0F4EECDF4}"
GUID.PINNAME_VIRT_VIDEO_OUT = "{5DEDF652-71F0-48c3-98D8-DE564D10AE96}"
GUID.PINNAME_VIRT_VIDEO_IN  = "{476878CB-A52C-4efe-9975-03A8C7DDB440}"
GUID.PINNAME_VIRT_AUDIO_OUT = "{9A990B97-05FB-4d92-B496-C6ADFD2B07A6}"
GUID.PINNAME_VIRT_AUDIO_IN  = "{E751FC26-9583-4cfc-81F7-0A36FBA2B4ED}"
GUID.PINNAME_ANALOG_AUDIO_IN= "{2C0B4FFB-3CE8-4f34-AE98-618BAD6EAAAF}"

KSCATEGORY_CAPTURE  = "{65e8773d-8f56-11d0-a3b9-00a0c9223196}"
KSCATEGORY_CROSSBAR = "{a799a801-a46d-11d0-a18c-00a02401dcd4}"
KSCATEGORY_TVTUNER  = "{a799a800-a46d-11d0-a18c-00a02401dcd4}"
KSCATEGORY_TVAUDIO  = "{a799a802-a46d-11d0-a18c-00a02401dcd4}"
KSCATEGORY_ENCODER  = "{19689BF6-C384-48fd-AD51-90E58C79F70B}"
KSCATEGORY_MULTIPLEXER  = "{7A5DE1D3-01A1-452c-B481-4FA2B96271E8}"
KSCATEGORY_AUDIO = "{6994AD04-93EF-11D0-A3CC-00A0C9223196}"
KSCATEGORY_AUDIO_DEVICE = "{FBF6F530-07B9-11D2-A71E-0000F8004788}"
KSCATEGORY_AUDIO_INPUT_DEVICE = "{33D9A762-90C8-11d0-BD43-00A0C911CE86}"

// Filters reference GUIDs
KSNAME_CAPTURE_FILTER = "{A5D44047-56A5-4afd-A61C-176BB4ED375B}"
KSNAME_ENCODER_FILTER = "{84518C0D-BD1B-4299-BC30-6831A228138C}"
KSNAME_AUDIO_FILTER = "{A49D272D-44DC-4357-BC16-CBF8BCADDDA2}"



;----------------
; Localizable
;----------------
STRING.PINNAME_MPEG_OUT       = "MPEG Out"
STRING.PINNAME_VIRT_VIDEO_OUT = "Virtual Video Out"
STRING.PINNAME_VIRT_VIDEO_IN  = "Virtual Video In"
STRING.PINNAME_VIRT_AUDIO_OUT = "Virtual Audio Out"
STRING.PINNAME_VIRT_AUDIO_IN  = "Virtual Audio In"
STRING.PINNAME_ANALOG_AUDIO_IN= "Analog Audio In"

Angel.InstallationDir       = "Lumanate Angel Device Drivers"
Angel.Provider              = "Lumanate, Inc."
Angel.Manufacturer          = "Lumanate, Inc."
Angel.DeviceDesc            = "Angel MPEG Device"
Angel.Capture               = "Angel Capture"
Angel.TvTuner               = "Angel TvTuner"
Angel.Crossbar              = "Angel Crossbar"
Angel.TvAudio               = "Angel TvAudio"
Angel.Encoder               = "Angel Encoder"
Angel.AudioDevice           = "Angel Audio"

You seeing what I'm seeing? Invading my pc :(
Edit:: && Smart phones && tablets && tapping my land lines =/


Edited by SeekerOfAnswers, 16 March 2014 - 10:55 AM.


#3 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 10:57 AM

Btw, anyone using vlc media player.. Don't use it.. it's spyware. They've found a vulnerability in some picture file and are exploiting it.

Edit:: Without opening the files, you can tell this by installing the program again and watching the files it installs. The last bit of the installation a .dll is loaded into memory and it shows it doing it. That's not done in an installation.


Edited by SeekerOfAnswers, 16 March 2014 - 11:17 AM.


#4 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 10:59 AM

Also.. Anyone with an android..

Kitkat, android 4.4 is about to be released..
This will had HCE, an RFID emulator. Meaning anyone who has an android will have RFID on their phone whether they have the hardware for it or not.

Meaning they will have an ALWAYS ON listening device for near field communication. -- Put two and two together, I'm done here.



#5 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 11:05 AM

Don't all respond at once, the boogie man ain't gonna getcha.. I don't think? =/

 

Edit:: 2 members, 3 guests, 1 anonymous users -- Who b you?


Edited by SeekerOfAnswers, 16 March 2014 - 11:18 AM.


#6 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 16 March 2014 - 11:25 AM

In reference to post #4

; SMARTCRD.INF
; Copyright (c) Microsoft Corporation.  All rights reserved.



;;++ Added by AddSDisk.cmd
[SourceDisksNames]
3426=windows cd

[SourceDisksFiles]
bulltlp3.sys 		= 3426
gpr400.sys 		= 3426
grserial.sys 		= 3426
lit220p.sys 		= 3426
pscr.sys 		= 3426
scmstcs.sys 		= 3426
stcusb.sys 		= 3426
scr111.sys 		= 3426
cmbp0wdm.sys 		= 3426
cxbp0wdm.sys		= 3426
sccmn50m.sys 		= 3426
sccmusbm.sys 		= 3426
;;--

[Version]
Signature="$Windows NT$"
Class=SmartCardReader
ClassGuid={50DD5230-BA8A-11D1-BF5D-0000F805F530}
Provider=%Msft%
DriverVer=06/21/2006,6.0.6001.18000
;; Commented by AddSDisk.cmd
;; LayoutFile=layout.inf

[Manufacturer]
%COMPAQ%=COMPAQ,NTamd64
%HP%=HP,NTamd64
%SCM%=SCM,NTamd64
%SLB%=SLB,NTamd64
%SNI%=SNI,NTamd64
%GEMPLUS%=GEMPLUS,NTamd64
%OMNIKEY%=OMNIKEY,NTamd64

; ============ Add reg for all readers ===============

[Reader.Install.AddReg]
HKLM, Software\Microsoft\Cryptography\Calais\Readers,,,
HKLM, System\CurrentControlSet\Services\SCardSvr,Start,0x00010001,2
HKLM, System\CurrentControlSet\Services\CertPropSvc,Start,0x00010001,2


; ========================================
; =========== Compaq readers =============
; ========================================

[COMPAQ.NTamd64]
; DisplayName            Section            DeviceId
; -----------            -------            --------
%COMPAQ410.DeviceDesc% = COMPAQ410.Install, SERENUM\CPQB18D

[COMPAQ410.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = GCR410P.Install.CopyFiles

[COMPAQ410.Install.NT.HW]
AddReg          = COMPAQ410.Install.AddReg.HW

[COMPAQ410.Install.AddReg.HW]
HKR,,"VendorName",,"COMPAQ"
HKR,,"IfdType",,"GCR410P Serial Smart Card Reader"

[COMPAQ410.Install.NT.Services]
AddService = GCR410P, 2, GCR410P.Service, GCR410P.EventLog

; ===================================================
; =============== Gemplus readers ===================
; ===================================================

[GEMPLUS.NTamd64]
; DisplayName           Section           DeviceId
; -----------           -------           --------
%GPR400.DeviceDesc% =   GPR400.Install,   PCMCIA\GEMPLUS-GPR400-72B1
%GPR400.DeviceDesc% =   GPR400.Install,   PCMCIA\GEMPLUS-GPR400-43E8
%GCR410P.DeviceDesc% =  GCR410P.Install,  SERENUM\GEM0410

[GPR400.Install.NT]
AddReg          = GPR400.Install.AddReg,Reader.Install.AddReg
CopyFiles       = GPR400.Install.CopyFiles

[GPR400.Install.AddReg]
HKR,,PcmciaExclusiveIrq,0x00010001,1

[GPR400.Install.NT.LogConfigOverride]
LogConfig=GPR400.LogConfigOverride

[GPR400.LogConfigOverride]
ConfigPriority=NORMAL
IOConfig=22@100-FCFF%FF00
IRQConfig=3,4,5,7,9,10,11,12,13,14,15
PcCardConfig=1(S0)

[GPR400.Install.CopyFiles]
gpr400.sys,,,2

[GPR400.Install.NT.Services]
AddService = GPR400, 2, GPR400.Service, GPR400.EventLog

[GPR400.Service]
DisplayName     = %GPR400.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\gpr400.sys

[GPR400.EventLog]
AddReg = GPR400.AddEventLog.reg

[GPR400.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\GPR400.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
GPR400.Install.CopyFiles = 12

; ***************
; Gemplus GCR 410
; ***************

[GCR410P.Install.NT]
AddReg           = GCR410P.Install.AddReg,Reader.Install.AddReg
CopyFiles        = GCR410P.Install.CopyFiles

[GCR410P.Install.AddReg]
HKR,, MaximalBaudRate,0x00010001,38400

[GCR410P.Install.CopyFiles]
grserial.sys,,,2

[GCR410P.Install.NT.Services]
AddService = GCR410P, 2, GCR410P.Service, GCR410P.EventLog

[GCR410P.Service]
DisplayName     = %GCR410P.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\grserial.sys

[GCR410P.EventLog]
AddReg = GCR410P.AddEventLog.reg

[GCR410P.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\grserial.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
GCR410P.Install.CopyFiles = 12


; ==================================================
; ================= HP readers =====================
; ==================================================

[HP.NTamd64]
; DisplayName           Section           DeviceId
; -----------           -------           --------
%HPSCR111.DeviceDesc% = HPSCR111.Install, SERENUM\SCM0009

[HPSCR111.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMSCR111.Install.CopyFiles

[HPSCR111.Install.NT.HW]
AddReg          = HPSCR111.Install.AddReg.HW

[HPSCR111.Install.AddReg.HW]
HKR,,"VendorName",,"Hewlett Packard"
HKR,,"IfdType",,"ProtectTools Smart Card reader"

[HPSCR111.Install.NT.Services]
AddService = SCR111, 2, SCMSCR111.Service, SCMSCR111.EventLog

; ============================================================
; ================= Schlumberger readers =====================
; ============================================================

[SLB.NTamd64]
; DisplayName           Section          DeviceId
; -----------           -------          --------
%SLBREFLEX20.DeviceDesc% =      SLBREFLEX20.Install, PCMCIA\PSCR-SLB_REFLEX_20-18F3
%SLBREFLEX30.DeviceDesc% =      SLBREFLEX30.Install, PCMCIA\Reflex_30-smart_card_reader-E8F8
%SLBREFLEX30.DeviceDesc% =      SLBREFLEX30.Install, PCMCIA\SLB-Reflex30_SmartCard_Reader-12C6
%SLBREFLEX72.DeviceDesc% =      SLBREFLEX72.Install, SERENUM\SCM0003
%SLBSCR111.DeviceDesc% =        SLBSCR111.Install,   SERENUM\SCM000F

; ****************************
; SLB PCMCIA Smart Card Reader
; ****************************
; This is actually an SCM pcmcia reader, so we reference the SCM reader here
[SLBREFLEX20.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCM488C.Install.CopyFiles

[SLBREFLEX20.Install.NT.HW]
AddReg          = SLBREFLEX20.Install.AddReg.HW

[SLBREFLEX20.Install.AddReg.HW]
HKR,,"VendorName",,"Schlumberger"
HKR,,"IfdType",, "Reflex 20"

[SLBREFLEX20.Install.NT.Services]
AddService = SCM488C, 2, SCM488C.Service, SCM488C.EventLog

; ***************************
; SLB Reflex 30 PCMCIA reader
; ***************************
; This is actually an OMNIKEY reader, so we reference this reader here

[SLBREFLEX30.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = OMNCMBP.Install.CopyFiles

[SLBREFLEX30.Install.NT.HW]
AddReg          = SLBREFLEX30.Install.AddReg.HW

[SLBREFLEX30.Install.AddReg.HW]
HKR,,"VendorName",,"Schlumberger"
HKR,,"IfdType",,"Reflex 30"

[SLBREFLEX30.Install.NT.Services]
AddService = OMNCMBP, 2, OMNCMBP.Service, OMNCMBP.EventLog

; ****************************
; SLB Serial Smart Card Reader
; ****************************
; This is actually an SCM serial reader, so we reference the SCM reader here

[SLBREFLEX72.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMSTCS.Install.CopyFiles

[SLBREFLEX72.Install.NT.HW]
AddReg          = SLBREFLEX72.Install.AddReg.HW

[SLBREFLEX72.Install.AddReg.HW]
HKR,,"VendorName",,"Schlumberger"
HKR,,"IfdType",, "Reflex 72"

[SLBREFLEX72.Install.NT.Services]
AddService = SCMSTCS, 2, SCMSTCS.Service, SCMSTCS.EventLog

; *************************************
; SLB Serial Smart Card Reader (SCR111)
; *************************************
; This is actually an SCM serial reader, so we reference the SCM reader here

[SLBSCR111.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMSCR111.Install.CopyFiles

[SLBSCR111.Install.NT.HW]
AddReg          = SLBSCR111.Install.AddReg.HW

[SLBSCR111.Install.AddReg.HW]
HKR,,"VendorName",,"Schlumberger"
HKR,,"IfdType",,"Reflex Lite"

[SLBSCR111.Install.NT.Services]
AddService = SCR111, 2, SCMSCR111.Service, SCMSCR111.EventLog

; ===================================================
; ================= SCM readers =====================
; ===================================================

[SCM.NTamd64]
; DisplayName             Section            DeviceId
; -----------             -------            --------
%SCM488C.DeviceDesc% =    SCM488C.Install,   PCMCIA\PSCR-Smart_Card_Reader-488C
%SCMSTCS.DeviceDesc% =    SCMSTCS.Install,   SERENUM\SCM0002
%SCMUSB.DeviceDesc%  =    SCMUSB.Install,    USB\VID_0066&PID_1001
%ACTIVECARD.DeviceDesc% = SCMUSB.Install,    USB\VID_04E6&PID_1001
%SCMSCR111.DeviceDesc% =  SCMSCR111.Install, SERENUM\SCM000B
%SCMSCR111.DeviceDesc% =  SCMSCR111.Install, SERENUM\SCM000C

; ****************************
; SCM PCMCIA Smart Card Reader
; ****************************

[SCM488C.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCM488C.Install.CopyFiles

[SCM488C.Install.NT.HW]
AddReg          = SCM488C.Install.AddReg.HW

[SCM488C.Install.AddReg.HW]
HKR,,"VendorName",,"SCM Microsystems"
HKR,,"IfdType",, "SCR120"

[SCM488C.Install.CopyFiles]
pscr.sys,,,2

[SCM488C.Install.NT.Services]
AddService = SCM488C, 2, SCM488C.Service, SCM488C.EventLog

[SCM488C.Service]
DisplayName     = %SCM488C.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\pscr.sys

[SCM488C.EventLog]
AddReg = SCM488C.AddEventLog.reg

[SCM488C.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\pscr.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
SCM488C.Install.CopyFiles = 12

; ***********************************
; SCM Serial Smart Card Reader (STCS)
; ***********************************

[SCMSTCS.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMSTCS.Install.CopyFiles

[SCMSTCS.Install.NT.HW]
AddReg          = SCMSTCS.Install.AddReg.HW

[SCMSTCS.Install.AddReg.HW]
HKR,,"VendorName",,"SCM Microsystems"
HKR,,"IfdType",, "SCR200"

[SCMSTCS.Install.CopyFiles]
scmstcs.sys,,,2

[SCMSTCS.Install.NT.Services]
AddService = SCMSTCS, 2, SCMSTCS.Service, SCMSTCS.EventLog

[SCMSTCS.Service]
DisplayName     = %SCMSTCS.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\scmstcs.sys

[SCMSTCS.EventLog]
AddReg = SCMSTCS.AddEventLog.reg

[SCMSTCS.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\scmstcs.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
SCMSTCS.Install.CopyFiles = 12

; *************************
; SCM USB Smart Card Reader
; *************************

[SCMUSB.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMUSB.Install.CopyFiles

[SCMUSB.Install.NT.HW]
AddReg          = SCMUSB.Install.AddReg.HW

[SCMUSB.Install.AddReg.HW]
HKR,,"VendorName",,"SCM Microsystems"
HKR,,"IfdType",, "SCR300"

[SCMUSB.Install.CopyFiles]
stcusb.sys,,,2

[SCMUSB.Install.NT.Services]
AddService = SCMUSB, 2, SCMUSB.Service, SCMUSB.EventLog

[SCMUSB.Service]
DisplayName     = %SCMUSB.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\stcusb.sys

[SCMUSB.EventLog]
AddReg = SCMUSB.AddEventLog.reg

[SCMUSB.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\stcusb.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
SCMUSB.Install.CopyFiles = 12

; ***********************************
; SCM SCR111 Serial Smart Card Reader
; ***********************************

[SCMSCR111.Install.NT]
AddReg          = SCMSCR111.Install.AddReg
CopyFiles       = SCMSCR111.Install.CopyFiles

[SCMSCR111.Install.CopyFiles]
SCR111.sys,,,2

[SCMSCR111.Install.NT.HW]
AddReg          = SCMSCR111.Install.AddReg.HW

[SCMSCR111.Install.AddReg.HW]
HKR,,"VendorName",,"SCM Microsystems"
HKR,,"IfdType",,"SCR111 Serial SmartCard Reader"


[SCMSCR111.Install.NT.Services]
AddService = SCR111, 2, SCMSCR111.Service, SCMSCR111.EventLog

[SCMSCR111.Service]
DisplayName     = %SCMSCR111.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\SCR111.sys

[SCMSCR111.EventLog]
AddReg = SCMSCR111.AddEventLog.reg

[SCMSCR111.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\SCR111.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
SCMSCR111.Install.CopyFiles = 12

; =======================================================
; ================= Siemens readers =====================
; =======================================================

[SNI.NTamd64]
; DisplayName                   Section                 DeviceId
; -----------                   -------                 --------
%SNISCR111.DeviceDesc% =        SNISCR111.Install,      SERENUM\SCM000D

[SNISCR111.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = SCMSCR111.Install.CopyFiles

[SNISCR111.Install.NT.HW]
AddReg          = SNISCR111.Install.AddReg.HW

[SNISCR111.Install.AddReg.HW]
HKR,,"VendorName",,"Systemneeds, Inc."
HKR,,"IfdType",, "Systemneeds Smart Card Reader"

[SNISCR111.Install.NT.Services]
AddService = SCR111, 2, SCMSCR111.Service, SCMSCR111.EventLog

; =======================================================
; ================= OMNIKEY readers =====================
; =======================================================

[OMNIKEY.NTamd64]
; DisplayName           Section          DeviceId
; -----------           -------          --------
%OMNCMBP.DeviceDesc% =  OMNCMBP.Install, PCMCIA\CardMan-Mobile-379F
%OMNCMBP.DeviceDesc% =  OMNCMBP.Install, PCMCIA\CardMan-4000-5626
%OMNCMBP.DeviceDesc% =  OMNCMBP.Install, PCMCIA\Smart_Card_Reader-PC-Card-324D
%OMNCXBP.DeviceDesc% =  OMNCXBP.Install, PCMCIA\OMNIKEY-CardMan_4040-FE82

; ********************************
; OMNIKEY PCMCIA Smart Card Reader
; ********************************

[OMNCMBP.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = OMNCMBP.Install.CopyFiles

[OMNCMBP.Install.NT.HW]
AddReg    = OMNCMBP.Install.AddReg.HW

[OMNCMBP.Install.AddReg.HW]
HKR,,"VendorName",,"OMNIKEY"
HKR,,"IfdType",, "CardMan 4000"

[OMNCMBP.Install.CopyFiles]
cmbp0wdm.sys,,,2

[OMNCMBP.Install.NT.Services]
AddService = OMNCMBP, 2, OMNCMBP.Service, OMNCMBP.EventLog

[OMNCMBP.Service]
DisplayName     = %OMNCMBP.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\cmbp0wdm.sys

[OMNCMBP.EventLog]
AddReg = OMNCMBP.AddEventLog.reg

[OMNCMBP.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\cmbp0wdm.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
OMNCMBP.Install.CopyFiles = 12

; **************************************
; OMNIKEY Cardman 4040 Smart Card Reader
; **************************************

[OMNCXBP.Install.NT]
AddReg          = Reader.Install.AddReg
CopyFiles       = OMNCXBP.Install.CopyFiles

[OMNCXBP.Install.NT.HW]
AddReg    = OMNCXBP.Install.AddReg.HW

[OMNCXBP.Install.AddReg.HW]
HKR,,"VendorName",,"OMNIKEY"
HKR,,"IfdType",, "CardMan 4040"

[OMNCXBP.Install.CopyFiles]
cxbp0wdm.sys,,,2

[OMNCXBP.Install.NT.Services]
AddService = OMNCXBP, 2, OMNCXBP.Service, OMNCXBP.EventLog

[OMNCXBP.Service]
DisplayName     = %OMNCXBP.DeviceDesc%
ServiceType     = 1 ;%SERVICE_KERNEL_DRIVER%
StartType       = 3 ;%SERVICE_AUTO_START%
ErrorControl    = 1 ;%SERVICE_ERROR_NORMAL%
ServiceBinary   = %12%\cxbp0wdm.sys

[OMNCXBP.EventLog]
AddReg = OMNCXBP.AddEventLog.reg

[OMNCXBP.AddEventLog.reg]
HKR,, EventMessageFile, 0x00020000, "%%SystemRoot%%\System32\drivers\cxbp0wdm.sys"
HKR,, TypesSupported,   0x00010001, 7

[DestinationDirs]
OMNCXBP.Install.CopyFiles = 12



[Strings]
Msft                    = "Microsoft"
COMPAQ                  = "COMPAQ"
COMPAQ410.DeviceDesc    = "COMPAQ GCR410P Serial Smart Card Reader"
GEMPLUS                 = "GEMPLUS"
GPR400.DeviceDesc       = "GEMPLUS GPR400 PCMCIA Smart Card Reader"
GCR410P.DeviceDesc      = "GEMPLUS GCR410P Serial Smart Card Reader"
HP                      = "Hewlett Packard"
HPSCR111.DeviceDesc     = "HP ProtectTools Serial smart Card reader"
SLB                     = "Schlumberger"
SLBREFLEX20.DeviceDesc  = "Schlumberger Reflex 20 PCMCIA Smart Card Reader"
SLBREFLEX30.DeviceDesc  = "Schlumberger Reflex 30 PCMCIA Smart Card Reader"
SLBREFLEX72.DeviceDesc  = "Schlumberger Reflex 72 Serial Smart Card Reader"
SLBSCR111.DeviceDesc    = "Schlumberger Reflex Lite Serial Smart Card Reader"
SCM                     = "SCM Microsystems"
SCM488C.DeviceDesc      = "SCM Microsystems SCR120 PCMCIA Smart Card Reader"
SCMSTCS.DeviceDesc      = "SCM Microsystems SCR200 Serial Smart Card Reader"
SCMUSB.DeviceDesc       = "SCM Microsystems SCR300 USB Smart Card Reader"
SCMSCR111.DeviceDesc    = "SCM Microsystems SCR111 Serial SmartCard Reader"
ACTIVECARD.DeviceDesc   = "ActivCard SCR301 USB Smart Card Reader"
SNI                     = "Systemneeds Inc."
SNISCR111.DeviceDesc    = "Systemneeds External Serial Smart Card Reader"
OMNIKEY                 = "Omnikey AG"
OMNCMBP.DeviceDesc      = "Omnikey AG CardMan 4000 PCMCIA Smart Card Reader"
OMNCXBP.DeviceDesc	= "Omnikey AG CardMan 4040 PCMCIA Smart Card Reader"



#7 SeekerOfAnswers

SeekerOfAnswers
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 18 March 2014 - 01:45 PM

Did I mention there are quite a few 'legit looking' files with so called legit digitally signed files.. Either they're pirated, or the companies signed are in on it.. I'm definitely not making this stuff up.
Here are a couple things controlling access the flow of my internet, I believe?

<?xml version="1.0" encoding="UTF-8" ?>
<xs:schema targetNamespace="http://www.microsoft.com/networking/WLAN/profile/v1"
    xmlns="http://www.microsoft.com/networking/WLAN/profile/v1" 
    xmlns:xs="http://www.w3.org/2001/XMLSchema"
    elementFormDefault="qualified">

  <!-- type definition section -->
  <xs:simpleType name="nameType">
    <xs:restriction base="xs:string">
      <xs:minLength value="1" />
      <xs:maxLength value="255" />
    </xs:restriction>
  </xs:simpleType>

  <xs:element name="WLANProfile">
    <xs:complexType>
      <xs:sequence>
        <!-- Profile name is required. -->
        <xs:element name="name" type="nameType" />

        <!-- WLAN network settings -->
        <!-- SSID's and connectionType are required. -->
        <xs:element name="SSIDConfig" maxOccurs="256">
          <xs:complexType>
            <xs:sequence>
              <!-- In this version, only one <SSID> is supported from UI -->
              <xs:element name="SSID" maxOccurs="256">
                <xs:complexType>
                  <xs:sequence>                  
                    <!-- Either Hex or named SSID must be present. -->
                    <!-- Hex SSID takes precedence over named SSID. -->
                    <xs:element name="hex" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:hexBinary">
                          <xs:minLength value="1" />
                          <xs:maxLength value="32" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <xs:element name="name" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:string">
                          <xs:minLength value="1" />
                          <xs:maxLength value="32" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <!-- extension point for other namespaces -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- 
                  Flag to indicate whether SSIDs within the same SSIDConfig group will be 
                  broadcasted or not. Default value is "false"
              -->
              <xs:element name="nonBroadcast" type="xs:boolean" minOccurs="0" />

              <!-- extension point for other namespaces -->
              <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />                       
            </xs:sequence>
          </xs:complexType>
        </xs:element>
                
        <xs:element name="connectionType">
          <xs:simpleType>
            <xs:restriction base="xs:string">
              <xs:enumeration value="IBSS" />
              <xs:enumeration value="ESS" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>

        <!--
            Specify connection mode when a network is in range
            Default value = "auto"
        -->
        <xs:element name="connectionMode" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:string">
              <xs:enumeration value="auto" />
              <xs:enumeration value="manual" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
                    
        <!-- 
            Flag to determine roaming behavior when a more preferred network is in range 
            Default value = "true"
        -->
        <xs:element name="autoSwitch" type="xs:boolean" minOccurs="0" />
	
        <!-- wireless LAN MSM settings -->
        <xs:element name="MSM" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <xs:element name="connectivity" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <xs:element name="phyType" minOccurs="0" maxOccurs="4">
                      <xs:simpleType>
                        <xs:restriction base="xs:string">
                          <xs:enumeration value="a" />
                          <xs:enumeration value="b" />
                          <xs:enumeration value="g" />
                          <!-- this value is reserved for future use -->
                          <xs:enumeration value="n" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <!-- extension point for other namespaces -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- security settings -->
              <xs:element name="security" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <!-- AuthEncryptions is required except for when IHV extensibility uses 1X. -->
                    <xs:element name="authEncryption" minOccurs="0">
                      <xs:complexType>
                        <xs:sequence>
                          <!-- valid authentication methods -->
                          <xs:element name="authentication">
                            <xs:simpleType>
                              <xs:restriction base="xs:string">
                                <xs:enumeration value="open" />
                                <xs:enumeration value="shared" />
                                <xs:enumeration value="WPA" />
                                <xs:enumeration value="WPAPSK" />
                                <xs:enumeration value="WPA2" />
                                <xs:enumeration value="WPA2PSK" />
                              </xs:restriction>
                            </xs:simpleType>
                          </xs:element>

                          <!-- valid encryption methods -->
                          <xs:element name="encryption">
                            <xs:simpleType>
                              <xs:restriction base="xs:string">
                                <xs:enumeration value="none" />
                                <xs:enumeration value="WEP" />
                                <xs:enumeration value="TKIP" />
                                <xs:enumeration value="AES" />
                              </xs:restriction>
                            </xs:simpleType>
                          </xs:element>

                          <!-- flag indicating use of 802.1X -->
                          <xs:element name="useOneX" type="xs:boolean" minOccurs="0" />

                          <!-- flag indicating FIPS mode (v2 namespace) -->
                          <!-- 
                          <xs:element name="FIPSMode" type="xs:boolean" minOccurs="0" 
                            namespace = "http://www.microsoft.com/networking/WLAN/profile/v2"/>
                          -->

                          <!-- extension point for other namespaces -->
                          <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                        </xs:sequence>
                      </xs:complexType>
                    </xs:element>

                    <!-- Optional MSM security settings. -->
                    <!-- there is no default value for shareKey if absent -->
                    <xs:element name="sharedKey" minOccurs="0">
                      <xs:complexType>
                        <xs:sequence>
                          <xs:element name="keyType">
                            <xs:simpleType>
                              <xs:restriction base="xs:string">
                                <xs:enumeration value="networkKey" />
                                <xs:enumeration value="passPhrase" />
                              </xs:restriction>
                            </xs:simpleType>
                          </xs:element>
                          <xs:element name="protected" type="xs:boolean" />
                          <xs:element name="keyMaterial" type="xs:string" />

                          <!-- extension point for other namespaces -->
                          <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                        </xs:sequence>
                      </xs:complexType>
                    </xs:element>

                    <!-- the default value is 0 when the shared key is present -->        
                    <xs:element name="keyIndex" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:integer">
                          <xs:minInclusive value="0" />
                          <xs:maxInclusive value="3" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <!--
                        For WPA2, the default value is "enabled"
                        for all others, the default value is "disabled"
                    -->
                    <xs:element name="PMKCacheMode" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:string">
                          <xs:enumeration value="disabled" />
                          <xs:enumeration value="enabled" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>
                                
                    <!-- the default value is 720 minutes -->           
                    <xs:element name="PMKCacheTTL" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:integer">
                          <xs:minInclusive value="5" />
                          <xs:maxInclusive value="1440" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>
                                      
                    <!-- the default value is 128 entries -->    
                    <xs:element name="PMKCacheSize" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:integer">
                          <xs:minInclusive value="1" />
                          <xs:maxInclusive value="255" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <!-- the default value is "disabled" -->
                    <xs:element name="preAuthMode" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:string">
                          <xs:enumeration value="disabled" />
                          <xs:enumeration value="enabled" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>
                       
                    <!-- the default value is 3 times -->
                    <xs:element name="preAuthThrottle" minOccurs="0">
                      <xs:simpleType>
                        <xs:restriction base="xs:integer">
                          <xs:minInclusive value="1" />
                          <xs:maxInclusive value="16" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>
                                                                  
                    <!-- extension point for other namespaces -->
                    <!-- this is also the insertion point for OneX namespace -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- extension point for other namespaces -->
              <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- IHV specific settings -->
        <xs:element name="IHV" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <!-- 
                  OUI info of the IHV. Required. First three (3) bytes represented by eight (6) 
                  hex chars (0-9, A-F)indicates the OUI, the 4th byte represented by two (2) hex
                  chars (0-9, A-F) indicates the type of the OUI. 
              -->
              <xs:element name="OUIHeader">
                <xs:complexType>
                  <xs:sequence>
                    <xs:element name="OUI">
                      <xs:simpleType>
                        <xs:restriction base="xs:hexBinary">
                          <xs:length value="3" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>
                    <xs:element name="type">
                      <xs:simpleType>
                        <xs:restriction base="xs:hexBinary">
                          <xs:length value="1" />
                        </xs:restriction>
                      </xs:simpleType>
                    </xs:element>

                    <!-- extension point for other namespaces -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- Either <connectivity> or <security> must be present -->
              <!-- IHV specific connectivity settings -->
              <xs:element name="connectivity" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <!-- Must be a single top-level element -->
                    <xs:any namespace="##other" processContents="lax" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- IHV specific security settings -->
              <xs:element name="security" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <!-- Must be a single top-level element -->
                    <xs:any namespace="##other" processContents="lax" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- optional flag indicating whether IHV security uses MS 1X settings (default false) -->
              <xs:element name="useMSOneX" type="xs:boolean" minOccurs="0" />

              <!-- extension point for other namespaces -->
              <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- extension point for other namespaces -->
        <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
      </xs:sequence>
    </xs:complexType>
  </xs:element>
</xs:schema>
<?xml version="1.0" encoding="utf-8" ?>
<xs:schema targetNamespace="http://www.microsoft.com/networking/WLAN/policy/v1"
   xmlns="http://www.microsoft.com/networking/WLAN/policy/v1"
   xmlns:xs="http://www.w3.org/2001/XMLSchema"
   elementFormDefault="qualified">

  <!-- 
  ##################################################################
  #                    type definitions section                    #
  ##################################################################
  -->
  <!-- type definition for policy name and description -->
  <xs:simpleType name="nameType">
    <xs:restriction base="xs:string">
      <xs:minLength value="1" />
      <xs:maxLength value="255" />
    </xs:restriction>
  </xs:simpleType>

  <!-- type definition for SSID -->
  <xs:simpleType name="networkNameType">
    <xs:restriction base="xs:string">
      <xs:minLength value="1" />
      <xs:maxLength value="32" />
    </xs:restriction>
  </xs:simpleType>

  <!-- type definition for 802.11 network types, adhoc (IBSS) vs infrastructure (ESS) -->
  <xs:simpleType name="networkTypeType">
    <xs:restriction base="xs:string">
      <xs:enumeration value="IBSS" />
      <xs:enumeration value="ESS" />
    </xs:restriction>
  </xs:simpleType>

  <!-- type definition for a list item in either allow or block list -->
  <xs:complexType name="networkItemType">
    <xs:sequence>
      <xs:element name="networkName" type="networkNameType" />
      <xs:element name="networkType" type="networkTypeType" />
      
      <!-- extension point for other namespaces -->
      <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
    </xs:sequence>
  </xs:complexType>
  
  <!-- 
  ##################################################################
  #                  element definitions section                   #
  ##################################################################
  -->
  <xs:element name="WLANPolicy">
    <xs:complexType>
      <xs:sequence>
        <!-- this is the name of the policy -->
        <xs:element name="name" type="nameType" />
        <!-- brief description of the policy, optional -->
        <xs:element name="description" type="nameType" minOccurs="0" />

        <!-- Wireless LAN global settings -->
        <!-- A/C flags, currently there is only one -->
        <xs:element name="globalFlags">
          <xs:complexType>
            <xs:sequence>
              <!-- flag to indicate whether A/C is used or not -->
              <xs:element name="enableAutoConfig" type="xs:boolean" />
              <!-- flag to indicate whether A/C shall show denied network in VAN UI -->
              <xs:element name="showDeniedNetwork" type="xs:boolean" />
              <!-- flag to indicate whether A/C shall allow everyone to create all user profiles -->
              <xs:element name="allowEveryoneToCreateAllUserProfiles" type="xs:boolean" />               

              <!-- flag to indicate whether to restrict networks configured by GP to use GP profiles only (V2 namespace) -->
              <!--
              <xs:element name="onlyUseGPProfilesForAllowedNetworks" type="xs:boolean" minOccurs="0"  maxOccurs="1"
                namespace="http://www.microsoft.com/networking/WLAN/policy/v2" />
              -->

              <!-- extension point for other namespaces -->
              <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- network filter list specification, could be empty -->
        <xs:element name="networkFilter" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <!-- Allow list of networks, always take precedence over block list or deny all -->
              <xs:element name="allowList" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <xs:element name="network" type="networkItemType" maxOccurs="unbounded" />

                    <!-- extension point for future namespaces -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- Block list of networks, specified one by one -->
              <xs:element name="blockList" minOccurs="0">
                <xs:complexType>
                  <xs:sequence>
                    <xs:element name="network" type="networkItemType" maxOccurs="unbounded" />

                    <!-- extension point for future namespaces -->
                    <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
                  </xs:sequence>
                </xs:complexType>
              </xs:element>

              <!-- flag for denying access to any adhoc network, default is "false" -->
              <xs:element name="denyAllIBSS" type="xs:boolean" minOccurs="0" />

              <!-- flag for denying access to any infrastructure network, default is "false" -->
              <xs:element name="denyAllESS" type="xs:boolean" minOccurs="0" />

              <!-- extension point for other namespaces -->
              <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!--
            List of profiles within the policy. It is optional. 
            When present, it shall contain at least one profile.
        -->
        <xs:element name="profileList" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <!--
                  Placeholder to hook in profile namespace, code must enforce only the profile
                  namespace is imported here. All other namespaces shall be ignored.
              -->
              <xs:any namespace="##other" processContents="lax" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- extension point for other namespaces -->
        <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />

      </xs:sequence>
    </xs:complexType>
  </xs:element>
</xs:schema>
<?xml version="1.0" encoding="utf-8"?>
<xs:schema targetNamespace="http://www.microsoft.com/networking/OneX/v1" 
    xmlns="http://www.microsoft.com/networking/OneX/v1"
    xmlns:xs="http://www.w3.org/2001/XMLSchema"
    elementFormDefault="qualified">
   
  <!-- top-level element -->
  <xs:element name="OneX">
    <xs:complexType>
      <!-- Optional 802.1X settings -->
      <xs:sequence>
        <!-- the default value is "false" -->
        <xs:element name="cacheUserData" type="xs:boolean" minOccurs="0" />
    
        <!-- the default value is 60 seconds -->
        <xs:element name="heldPeriod" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="1" />
              <xs:maxInclusive value="3600" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- the default value is 30 seconds -->                
        <xs:element name="authPeriod" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="1" />
              <xs:maxInclusive value="3600" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- the default value is 5 seconds -->                
        <xs:element name="startPeriod" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="1" />
              <xs:maxInclusive value="3600" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- the default value is 3 times -->          
        <xs:element name="maxStart" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="1" />
              <xs:maxInclusive value="100" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- the default value is 3 times -->                
        <xs:element name="maxAuthFailures" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:integer">
              <xs:minInclusive value="1" />
              <xs:maxInclusive value="100" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- This setting is applicable only for wired Lan. The default value is "compliant" -->   
        <xs:element name="supplicantMode" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:string">
              <xs:enumeration value="inhibitTransmission" />
              <xs:enumeration value="includeLearning" />
              <xs:enumeration value="compliant" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
    
        <!-- default value is "machineOrUser" -->
        <xs:element name="authMode" minOccurs="0">
          <xs:simpleType>
            <xs:restriction base="xs:string">
              <xs:enumeration value="machineOrUser" />
              <xs:enumeration value="machine" />
              <xs:enumeration value="user" />
              <xs:enumeration value="guest" />
            </xs:restriction>
          </xs:simpleType>
        </xs:element>
   
        <!-- Optional Single Sign On parameters for 802.1X -->
        <xs:element name="singleSignOn" minOccurs="0">
          <xs:complexType>
            <xs:sequence>
              <!-- Prelogon or Post Logon Integration -->
              <xs:element name="type">
                <xs:simpleType>
                  <xs:restriction base="xs:string">
                    <xs:enumeration value="preLogon" />
                    <xs:enumeration value="postLogon" />
                  </xs:restriction>
                </xs:simpleType>
              </xs:element>

              <!-- Maximum duration to wait for connection -->
              <xs:element name="maxDelay" minOccurs="0">
                <xs:simpleType>
                  <xs:restriction base="xs:integer">
                    <xs:minInclusive value="0" />
                    <xs:maxInclusive value="120" />
                  </xs:restriction>
                </xs:simpleType>
              </xs:element>

              <!-- whether EAP dialogs can be displayed at logon time. The default is false -->
              <xs:element name="allowAdditionalDialogs" type="xs:boolean" minOccurs="0" />

              <!-- Maximum duration to wait for connection in case UI is to be displayed -->
              <xs:element name="maxDelayWithAdditionalDialogs" minOccurs="0">
                <xs:simpleType>
                  <xs:restriction base="xs:integer">
                    <xs:minInclusive value="0" />
                    <xs:maxInclusive value="120" />
                  </xs:restriction>
                </xs:simpleType>
              </xs:element>

              <!-- whether the network uses different VLANs for machine and user authentication. The default is false -->
              <xs:element name="userBasedVirtualLan" type="xs:boolean" minOccurs="0" />

            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- mandatory parameter for 802.1X -->
        <xs:element name="EAPConfig">
          <xs:complexType>
            <xs:sequence>
              <!-- extension point for other namespaces, especially for EAPHostConfig: EAP namespece -->
              <xs:any namespace="##other" processContents="lax" minOccurs="1" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>

        <!-- extension point for other namespaces -->
        <xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
      </xs:sequence>
    </xs:complexType>
  </xs:element>
</xs:schema>

There's a couple for my wireless as well, but, this post is long enough as is.

 

The investigator is due to show up in 30 minutes, I've contacted 'others' as well.



#8 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:54 AM

Posted 21 March 2014 - 10:45 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/527694 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#9 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:54 AM

Posted 26 March 2014 - 10:50 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users