Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows couldn't automatically bind the ip protocol stack to the network adapter


  • Please log in to reply
6 replies to this topic

#1 nova9

nova9

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 17 March 2014 - 07:10 AM

Hi,

 

My computer was infected yesterday with the syshost.exe virus, inspite of having AVG installed and running. Zonealarm alerted me of syshost.exe trying to access the internet and I stopped it. I ran malwarebytes and was able to remove the infection.

 

Upon reboot I have no internet connection and get the message "windows couldn't automatically bind the ip protocol stack to the network adapter" when I run the windows trouble shooter

 

I have stopped and started the network adapter, reset winsock and the ip4 stack, but no luck

 

 

The computer is a dell vostro desktop running  windows 7 professional, 64 bit

 

The connection is a wired connection and the adapter is a Broadcom Gigabit Lan adapter

 

 

Minitoolbox Log as instructed follows

 

 

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by satya (administrator) on 17-03-2014 at 17:16:25
Running from "C:\Users\satya\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 173.213.96.229:7808

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.backup.ftp", "127.0.0.1"
"network.proxy.backup.ftp_port", 8888
"network.proxy.backup.socks", "127.0.0.1"
"network.proxy.backup.socks_port", 8888
"network.proxy.backup.ssl", "127.0.0.1"
"network.proxy.backup.ssl_port", 8888
"network.proxy.ftp", "127.0.0.1"
"network.proxy.ftp_port", 8888
"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 8888
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "127.0.0.1"
"network.proxy.socks_port", 8888
"network.proxy.ssl", "127.0.0.1"
"network.proxy.ssl_port", 8888
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

127.0.0.1 localhost

 

========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : satya-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/17/2014 01:34:17 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume (C:) was not defragmented because an error was encountered: Access is denied. (0x80070005)

Error: (03/12/2014 08:11:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: CamtasiaStudio.exe, version: 8.0.3.1018, time stamp: 0x50a1d941
Faulting module name: d2d1.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7aa
Exception code: 0xc0000005
Fault offset: 0x0003664c
Faulting process id: 0x6c4
Faulting application start time: 0xCamtasiaStudio.exe0
Faulting application path: CamtasiaStudio.exe1
Faulting module path: CamtasiaStudio.exe2
Report Id: CamtasiaStudio.exe3

Error: (03/12/2014 06:07:05 PM) (Source: Application Hang) (User: )
Description: The program avgui.exe version 10.0.0.1428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2dbc

Start Time: 01cf3def27db4c19

Termination Time: 6

Application Path: C:\Program Files (x86)\AVG\AVG10\avgui.exe

Report Id: 032e8085-a9e3-11e3-9270-a4badbf9990f

Error: (03/05/2014 09:38:43 PM) (Source: Application Hang) (User: )
Description: The program Photoshop.exe version 11.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ffc

Start Time: 01cf388020503c3f

Termination Time: 4376

Application Path: C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe

Report Id: 5a91866b-a480-11e3-9270-a4badbf9990f

Error: (03/04/2014 07:48:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: CamtasiaStudio.exe, version: 8.0.3.1018, time stamp: 0x50a1d941
Faulting module name: mfc100u.dll, version: 10.0.40219.1, time stamp: 0x4d5f29b6
Exception code: 0xc0000005
Fault offset: 0x0014ddb6
Faulting process id: 0x1a78
Faulting application start time: 0xCamtasiaStudio.exe0
Faulting application path: CamtasiaStudio.exe1
Faulting module path: CamtasiaStudio.exe2
Report Id: CamtasiaStudio.exe3

Error: (03/04/2014 07:48:55 PM) (Source: .NET Runtime) (User: )
Description: Application: CamtasiaStudio.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 05D849D4 (05C00000) with exit code 80131506.

Error: (02/28/2014 06:51:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: CamtasiaStudio.exe, version: 8.0.3.1018, time stamp: 0x50a1d941
Faulting module name: clr.dll, version: 4.0.30319.296, time stamp: 0x50484aa9
Exception code: 0xc0000005
Fault offset: 0x0001cd97
Faulting process id: 0x1378
Faulting application start time: 0xCamtasiaStudio.exe0
Faulting application path: CamtasiaStudio.exe1
Faulting module path: CamtasiaStudio.exe2
Report Id: CamtasiaStudio.exe3

Error: (02/28/2014 06:51:31 PM) (Source: .NET Runtime) (User: )
Description: Application: CamtasiaStudio.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 6425CD97 (64240000) with exit code 80131506.

Error: (02/28/2014 05:34:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: CamtasiaStudio.exe, version: 8.0.3.1018, time stamp: 0x50a1d941
Faulting module name: d2d1.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7aa
Exception code: 0xc0000005
Fault offset: 0x0003664c
Faulting process id: 0x1a70
Faulting application start time: 0xCamtasiaStudio.exe0
Faulting application path: CamtasiaStudio.exe1
Faulting module path: CamtasiaStudio.exe2
Report Id: CamtasiaStudio.exe3

Error: (02/27/2014 07:44:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: AfterFX.exe, version: 10.5.0.253, time stamp: 0x4d89ac97
Faulting module name: AfterFXLib.dll, version: 0.0.0.0, time stamp: 0x4d89e92b
Exception code: 0xc0000005
Fault offset: 0x000000000030051b
Faulting process id: 0x1b20
Faulting application start time: 0xAfterFX.exe0
Faulting application path: AfterFX.exe1
Faulting module path: AfterFX.exe2
Report Id: AfterFX.exe3

System errors:
=============
Error: (03/17/2014 05:16:33 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error:
%%31

Error: (03/17/2014 05:16:33 PM) (Source: Service Control Manager) (User: )
Description: The Zone Alarm Firewall Driver service failed to start due to the following error:
%%31

Error: (03/17/2014 05:16:32 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error:
%%31

Error: (03/17/2014 05:16:32 PM) (Source: Service Control Manager) (User: )
Description: The Zone Alarm Firewall Driver service failed to start due to the following error:
%%31

Error: (03/17/2014 05:16:31 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error:
%%31

Error: (03/17/2014 05:16:31 PM) (Source: Service Control Manager) (User: )
Description: The Zone Alarm Firewall Driver service failed to start due to the following error:
%%31

Error: (03/17/2014 05:16:30 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error:
%%31

Error: (03/17/2014 05:16:30 PM) (Source: Service Control Manager) (User: )
Description: The Zone Alarm Firewall Driver service failed to start due to the following error:
%%31

Error: (03/17/2014 05:16:29 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error:
%%31

Error: (03/17/2014 05:16:29 PM) (Source: Service Control Manager) (User: )
Description: The Zone Alarm Firewall Driver service failed to start due to the following error:
%%31

Microsoft Office Sessions:
=========================
Error: (03/17/2014 01:34:17 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (C:)Access is denied. (0x80070005)

Error: (03/12/2014 08:11:23 PM) (Source: Application Error)(User: )
Description: CamtasiaStudio.exe8.0.3.101850a1d941d2d1.dll6.1.7601.175144ce7b7aac00000050003664c6c401cf3e00e238a9b8C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\system32\d2d1.dll61c13590-a9f4-11e3-9270-a4badbf9990f

Error: (03/12/2014 06:07:05 PM) (Source: Application Hang)(User: )
Description: avgui.exe10.0.0.14282dbc01cf3def27db4c196C:\Program Files (x86)\AVG\AVG10\avgui.exe032e8085-a9e3-11e3-9270-a4badbf9990f

Error: (03/05/2014 09:38:43 PM) (Source: Application Hang)(User: )
Description: Photoshop.exe11.0.0.01ffc01cf388020503c3f4376C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe5a91866b-a480-11e3-9270-a4badbf9990f

Error: (03/04/2014 07:48:59 PM) (Source: Application Error)(User: )
Description: CamtasiaStudio.exe8.0.3.101850a1d941mfc100u.dll10.0.40219.14d5f29b6c00000050014ddb61a7801cf379edf064687C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\system32\mfc100u.dlled417837-a3a7-11e3-9b3a-a4badbf9990f

Error: (03/04/2014 07:48:55 PM) (Source: .NET Runtime)(User: )
Description: Application: CamtasiaStudio.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 05D849D4 (05C00000) with exit code 80131506.

Error: (02/28/2014 06:51:33 PM) (Source: Application Error)(User: )
Description: CamtasiaStudio.exe8.0.3.101850a1d941clr.dll4.0.30319.29650484aa9c00000050001cd97137801cf34860436e3bcC:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll3d46cda0-a07b-11e3-9330-a4badbf9990f

Error: (02/28/2014 06:51:31 PM) (Source: .NET Runtime)(User: )
Description: Application: CamtasiaStudio.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 6425CD97 (64240000) with exit code 80131506.

Error: (02/28/2014 05:34:58 PM) (Source: Application Error)(User: )
Description: CamtasiaStudio.exe8.0.3.101850a1d941d2d1.dll6.1.7601.175144ce7b7aac00000050003664c1a7001cf3478b0ac7e43C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exeC:\Windows\system32\d2d1.dll8ae9df45-a070-11e3-9330-a4badbf9990f

Error: (02/27/2014 07:44:13 PM) (Source: Application Error)(User: )
Description: AfterFX.exe10.5.0.2534d89ac97AfterFXLib.dll0.0.0.04d89e92bc0000005000000000030051b1b2001cf33b57fdccdffC:\Program Files\Adobe\Adobe After Effects CS5.5\Support Files\AfterFX.exeC:\Program Files\Adobe\Adobe After Effects CS5.5\Support Files\AfterFXLib.dll6ecb1f69-9fb9-11e3-9330-a4badbf9990f

CodeIntegrity Errors:
===================================
  Date: 2014-03-16 20:33:06.211
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\5d76610.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-16 20:33:06.174
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\5d76610.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

.NET Reactor
.NET Reactor (Version: 4.4.0.0)
µTorrent (Version: 3.3.0.29625)
1400 (Version: 130.0.365.000)
1400_Help (Version: 82.0.242.000)
1400Trb (Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Acrobat XI Pro (Version: 11.0.00)
Adobe After Effects CS5.5 (Version: 10.5)
Adobe AIR (Version: 3.6.0.5970)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS6 (Version: 16.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Reader XI (Version: 11.0.00)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Adobe Story (Version: 1.0.571)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2011 (Version: 10.0.1427)
AVG 2011 (Version: 10.0.1430)
AVG 2011 (Version: 10.0.1432)
AVG 2011 (Version: 10.0.3722)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
BufferChm (Version: 130.0.331.000)
Bullzip PDF Printer 7.1.0.1218 (Version: 7.1.0.1218)
Camtasia Studio 8 (Version: 8.0.3.1018)
Captcha Sniper
Charles 3.6.4 (Version: 3.6.4.0)
Connect (Version: 1.0.0.1)
ConvertXtoDVD 4.0.12.327 (Version: 4.0.12.327)
Copy (Version: 130.0.428.000)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CuteFTP 5.0 XP
CuteFTP 8 Professional (Version: 8.00.0000)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
Download Accelerator Plus Beta
Dragon NaturallySpeaking 11 (Version: 11.0.200)
Expired Domain Gold (Version: 1.0.0)
Expresso (Version: 3.0.2766)
Fax (Version: 130.0.418.000)
Google Talk Plugin (Version: 5.1.7.17873)
GPBaseService2 (Version: 130.0.371.000)
GPL Ghostscript Lite 9.04
GSA Captcha Breaker v1.86 (Version: 1.86)
GSA Search Engine Ranker v7.88 (Version: 7.88)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet 3510 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3510 series Help (Version: 28.0.0)
HP Deskjet 3510 series Product Improvement Study (Version: 28.0.1315.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (Version: 1.0.0.7702)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
ImageMagick 6.7.0-0 Q16 (2011-06-01) (Version: 6.7.0)
Intel® Management Engine Components (Version: 6.0.0.1179)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Jing (Version: 2.8.13007.1)
Kayako WinApp
kuler (Version: 2.0)
Loquendo TTS 7 Elizabeth Multimedia High Quality (Version: 7.3.0)
Loquendo TTS 7 Engine Full Distribution (Version: 7.5.0)
Loquendo TTS 7 English (Version: 7.4.0)
Loquendo TTS 7 Kate Multimedia High Quality (Version: 7.3.0)
Loquendo TTS 7 SDK Distribution (Version: 7.3.1)
Loquendo TTS 7 Simon Multimedia High Quality (Version: 7.3.0)
MailWasher Pro
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Market Samurai (Version: 0.92.56)
MarketResearch (Version: 130.0.374.000)
MetaStock Professional 11.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft Office XP Professional with FrontPage (Version: 10.0.2627.01)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MorphVOX Pro (Version: 4.4.8)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
Network64 (Version: 130.0.572.000)
NextUp.com-NeoSpeech Kate16 Voice (Version: 3.01.0000)
NextUp.com-NeoSpeech Paul16 Voice (Version: 3.01.0000)
NextUp-Acapela Elan Heather22 US English Voice (Version: 6.00.0000)
NVIDIA Drivers (Version: 1.9)
PDF Settings CS4 (Version: 9.0)
PDF Settings CS6 (Version: 11.0)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
QuickTime (Version: 7.73.80.64)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 13.0.0.0)
Screaming Frog SEO Spider (Version: 0.01)
Second Copy (7.0) (Version: 7.0)
SEO SpyGlass
Skype™ 6.11 (Version: 6.11.102)
Smart Type Assistant
SolutionCenter (Version: 130.0.373.000)
Sparkol VideoScribe (Version: 1.3.26)
Status (Version: 130.0.469.000)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
Tata Photon+ (Version: 11.030.01.28.628)
TextAloud (Version: 2.0)
TextPad 4.7 (Version: 4.7.2)
Toolbox (Version: 130.0.648.000)
Trapcode Suite 64-bit (Version: 11.0.3)
TrayApp (Version: 130.0.422.000)
Tube Automator (Version: 6.0.0)
U2bviews Software (Version: 2.0.2)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 2.1.1 (Version: 2.1.1)
WebReg (Version: 130.0.132.017)
WinRAR archiver
ZoneAlarm (Version: 9.2.106.000)

========================= Devices: ================================

Name: Zone Alarm Firewall Driver
Description: Zone Alarm Firewall Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Vsdatant
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 8119.11 MB
Available physical RAM: 6439.1 MB
Total Pagefile: 16236.43 MB
Available Pagefile: 14450.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3952.44 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:195.21 GB) (Free:48.79 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:341.8 GB) (Free:234.4 GB) NTFS
3 Drive e: (Novasoft) (Fixed) (Total:394.4 GB) (Free:336.24 GB) NTFS
5 Drive g: (SATYA) (Removable) (Total:3.72 GB) (Free:3.72 GB) FAT32
6 Drive x: (Data Backup Freeagent) (Fixed) (Total:195.31 GB) (Free:87.89 GB) NTFS
7 Drive y: (Novasoft Backup Freeagent) (Fixed) (Total:195.31 GB) (Free:137.16 GB) NTFS
8 Drive z: (FreeAgent GoFlex Drive) (Fixed) (Total:540.89 GB) (Free:422.95 GB) NTFS

========================= Users: ========================================

User accounts for \\SATYA-PC

Administrator            Guest                    satya                   

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-03-2014 19:56:13 Scheduled Checkpoint
15-03-2014 11:47:37 Installed Microsoft Fix it 50756
17-03-2014 10:20:04 Installed Broadcom Gigabit NetLink Controller.
17-03-2014 10:20:51 Installed Broadcom Gigabit NetLink Controller.
17-03-2014 10:21:34 Installed Broadcom Gigabit NetLink Controller.
17-03-2014 10:53:33 Installed Broadcom Gigabit NetLink Controller.
17-03-2014 10:54:18 Installed Broadcom Gigabit NetLink Controller.

**** End of log ****

 

 

 

Could someone please help

 

Thanks



BC AdBot (Login to Remove)

 


#2 briggs&straton

briggs&straton

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:20 PM

Posted 17 March 2014 - 11:59 AM

I think that virus gave you a redirect,  which means it changed your host file in system32.  Can you look at your host file, and if you just see this:

 

# Copyright © 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#    127.0.0.1       localhost
#    ::1             localhost
 

 

 

Then you are fine, but if you see anything else then that should be the problem.

 

 

Because when you I saw this, that is what i thought of.  Hope that is the issue.

 


Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

 



#3 nova9

nova9
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 17 March 2014 - 04:20 PM

Hi,

 

Thanks for your help but unfortunately, its not as simple as that. The hosts file hasn't been modified by the virus. Since my last post ive also uninstalled and reinstalled the adapter and also uninstalled AVG as some posts I found on some forums said that uninstalling the antivirus helped ( plus the virus deleted the driver for the "avg online resident shield" so it wasn't doing any good anyway).

 

Anybody else have any ideas how to fix this?

 

Thanks



#4 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:20 PM

Posted 17 March 2014 - 05:00 PM

If you really have that virus, the first link I find on Google is to this site where there are 2 pages of stuff the person ran and posted. It was a bit more than just run malwarebytes and it's cleaned. Perhaps it's not cleaned out? I say this because you can't install something that should easily be installed. just a suggestion.


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#5 nova9

nova9
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 20 March 2014 - 06:12 AM

If you really have that virus, the first link I find on Google is to this site where there are 2 pages of stuff the person ran and posted. It was a bit more than just run malwarebytes and it's cleaned. Perhaps it's not cleaned out? I say this because you can't install something that should easily be installed. just a suggestion.

 

The link you refer to was of a person whose machine was full infected by the virus post downloading the payload from the site(s) the virus contacts. In my case, once the trojan was dropped and tried to contact the server to download further code it was stopped by zonealarm. After which I ran malware bytes which removed the infection. It was just one registry entry and one file,  syshost.exe in the windows\installer\{xxxxx} folder.

 

Sicne then I have run trial versions of kaspersky, webroot and trend micro and all show the machine as not infected.

 

I did manage to solve the issue by uninstalling zonealarm and AVG.

 

I installed a different antivirus that has a built in firewall as well and now the issue is resolved.

 

Thanks for you effort anyway.


Edited by nova9, 20 March 2014 - 06:13 AM.


#6 quality85

quality85

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:20 AM

Posted 07 July 2014 - 09:50 AM

What antivirus did you install to solve the problem?

I am experiencing the same issues as you did,



#7 nova9

nova9
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 07 July 2014 - 10:37 AM

 

What antivirus did you install to solve the problem?

I am experiencing the same issues as you did,

 


 

 

 

Basically i ran malwarebytes to get rid of the infection. The virus had messed up AVG and Zonealarm, and reinstalling them didnt solve the problem, so i uninstalled both and then installed Webroot SecureAnywhere, which is a antivirus+ firewall

 

Hope this helps


Edited by nova9, 07 July 2014 - 10:37 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users