Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP antispyware 2012


  • Please log in to reply
18 replies to this topic

#1 jenn31708

jenn31708

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 30 December 2011 - 08:26 AM

So I was soing a little internet surfing, and I started getting pop ups that said 'XP Antispyware 2012'

I've seen things like this, and I thought I had it under control. I ran SuperAntiWareSpyware and Malware Bytes (?) and it worked. But then my google searches were getting hijacked, and so I tried to do a system restore. Now none of my programs work, and I can't connect to the internet. I really think I made things worse!!!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 30 December 2011 - 05:38 PM

Welcome aboard Posted Image

Now none of my programs work

More details please.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 02 January 2012 - 10:56 AM

I can't get onto internet explorer, I can't get into other programs. When I try to do a system restore, I can't go to any date. It does it and then tells me that the system cannot be restored to that date, any date I try.

I can't print anything, it doesn't recognize my printer anymore. Something about not connecting to the network.

I know I'm probably babbling, but it seems like everything is messed up.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 02 January 2012 - 11:35 AM

Can you check if you have issues in Safe Mode with Networking?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 02 January 2012 - 11:46 AM

I just checked, I have the same problems

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 02 January 2012 - 11:56 AM

What happens when you try to open programs?
ALL programs are affected?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 03 January 2012 - 07:41 AM

MIcrosoft Word and Excel seem to be okay, but when I try to connect to a network program, it says "Trying to connect, not connected to the network" And I still can't get on the internet

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 03 January 2012 - 11:44 AM

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 03 January 2012 - 02:29 PM

Here is the FSS log.

Farbar Service Scanner
Ran by JennB (administrator) on 03-01-2012 at 14:24:38
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2007-07-27 07:00] - [2006-05-19 07:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2007-07-27 07:00] - [2008-08-14 04:51] - 0138368 ____A () 40054C3AF99EE0711C228645746EC505

C:\WINDOWS\system32\Drivers\netbt.sys
[2007-07-27 07:00] - [2007-07-27 07:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2007-07-27 07:00] - [2008-06-20 05:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2011-10-07 07:04] - [2007-07-27 07:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2007-07-27 07:00] - [2008-02-20 00:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2007-07-27 07:00] - [2005-08-22 13:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-01-29 14:40] - [2007-07-27 07:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2008-01-29 14:42] - [2007-07-27 07:00] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-01-29 14:40] - [2007-07-27 07:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2007-07-27 07:00] - [2008-07-07 15:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2007-07-27 07:00] - [2007-07-27 07:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2007-07-27 07:00] - [2009-02-09 05:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2007-07-27 07:00] - [2009-02-06 12:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 03 January 2012 - 06:28 PM

I don't see any internet connection issue from the above log.

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 04 January 2012 - 08:06 AM

MiniToolBox results


MiniToolBox by Farbar
Ran by JennB (administrator) on 04-01-2012 at 07:59:47
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.1.135 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.1.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=192.168.1.10 register=PRIMARY
add dns name="Local Area Connection" addr=167.206.254.2 index=2
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : BackOffice_17

Primary Dns Suffix . . . . . . . : intergy.local

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : intergy.local



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-1C-C0-59-69-29

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.1.135

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.10

167.206.254.2

Server: UnKnown
Address: 192.168.1.10

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 192.168.1.10

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 192.168.1.10

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 1c c0 59 69 29 ...... Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.135 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.135 192.168.1.135 20
192.168.1.135 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.135 192.168.1.135 20
224.0.0.0 240.0.0.0 192.168.1.135 192.168.1.135 20
255.255.255.255 255.255.255.255 192.168.1.135 192.168.1.135 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/04/2012 07:26:12 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 06:25:10 AM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted.
Enrollment will not be performed.

Error: (01/04/2012 06:11:08 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 05:44:11 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 04:14:07 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 04:02:09 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 02:20:08 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 02:18:05 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 00:38:06 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Error: (01/04/2012 00:38:04 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.


System errors:
=============
Error: (01/03/2012 02:28:27 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1460

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The SAVRT service failed to start due to the following error:
%%31

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The Automatic Updates service terminated with the following error:
%%2147952450

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SAVRT

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error:
%%10050

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service terminated with the following error:
%%10050

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).

Error: (01/03/2012 02:24:35 PM) (Source: Service Control Manager) (User: )
Description: The Net Logon service terminated with the following error:
%%10050

Error: (01/03/2012 02:23:55 PM) (Source: 0) (User: )
Description:

Error: (01/03/2012 02:23:12 PM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (01/04/2012 07:26:12 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 06:25:10 AM) (Source: AutoEnrollment)(User: )
Description: local system0x8007054bThe specified domain either does not exist or could not be contacted.

Error: (01/04/2012 06:11:08 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 05:44:11 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 04:14:07 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 04:02:09 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 02:20:08 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 02:18:05 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 00:38:06 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.

Error: (01/04/2012 00:38:04 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The specified domain either does not exist or could not be contacted.


=========================== Installed Programs ============================

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
G3WebToolkit (Version: 2.0.0)
GoToAssist Customer 1.6.0.309 (Version: 1.6.0.309)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Intel® Graphics Media Accelerator Driver
Intergy (Version: 4.00.02)
Intergy 4.00 Primer Utility (Version: 4.00.01)
Intergy Imaging (Version: 4.00.04.05)
IntergyInteropInstall (Version: 6.20.00.14)
IntergyPracticePortal (Version: 2.0.0)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 7 (Version: 1.6.0.70)
LiveUpdate 3.0 (Symantec Corporation) (Version: 3.0.0.160)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office Basic Edition 2003 (Version: 11.0.5614.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft XML Parser (Version: 8.70.1104.04)
MiniMed Solutions CGMS iPro (Version: 1.00.0000)
Module SDK (Version: 1.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Nero 7 Essentials (Version: 7.02.5521)
PowerDVD (Version: 7.0.2414.0)
Radmin Server 3.4 (Version: 3.41.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5473)
rmss (Version: 1.00.000)
Sage Intergy - Progress 10.2A Runtime (Version: 10.2)
Sage Intergy (Version: 6.20.00)
Sage Intergy EHR (Version: 6.20.00.14)
Sage Intergy EHR WA_USB_32 (Version: 1.00.0000)
SUPERAntiSpyware (Version: 5.0.1142)
Symantec AntiVirus (Version: 10.1.4000.4)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 2037.18 MB
Available physical RAM: 1010.05 MB
Total Pagefile: 3930.27 MB
Available Pagefile: 3074.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.08 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.53 GB) (Free:51.47 GB) NTFS
3 Drive e: () (Removable) (Total:3.72 GB) (Free:3.7 GB) FAT32

========================= Users: ========================================

User accounts for \\BACKOFFICE_17

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0 User


**** End of log ****

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 04 January 2012 - 11:32 AM

Thanks to my colleague now I can see you may have corrupted/infected afd.sys file.

Restart in Safe Mode (not safe mode with networking), delete afd.sys in the C:\WINDOWS\system32\Drivers directory, wait about 10 second and reboot to normal mode, test the connection and run FSS again.
If Windows will find healthy copy it'll replace the file.
If not we'll go from there.

Edited by Broni, 04 January 2012 - 11:46 AM.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 04 January 2012 - 01:27 PM

New Rss file

Farbar Service Scanner
Ran by JennB (administrator) on 04-01-2012 at 13:22:18
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2007-07-27 07:00] - [2006-05-19 07:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

Attention! C:\WINDOWS\system32\Drivers\afd.sys is missing.
C:\WINDOWS\system32\Drivers\netbt.sys
[2007-07-27 07:00] - [2007-07-27 07:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2007-07-27 07:00] - [2008-06-20 05:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2011-10-07 07:04] - [2007-07-27 07:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2007-07-27 07:00] - [2008-02-20 00:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2007-07-27 07:00] - [2005-08-22 13:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-01-29 14:40] - [2007-07-27 07:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2008-01-29 14:42] - [2007-07-27 07:00] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-01-29 14:40] - [2007-07-27 07:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2008-01-29 14:42] - [2007-07-27 07:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2007-07-27 07:00] - [2008-07-07 15:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2007-07-27 07:00] - [2007-07-27 07:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2007-07-27 07:00] - [2007-07-27 07:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2007-07-27 07:00] - [2009-02-09 05:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2007-07-27 07:00] - [2009-02-06 12:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:10 AM

Posted 04 January 2012 - 03:34 PM

We still have afd.sys file missing.

Please run Farbar Service Scanner.
Type the following in the edit box after "Search:".

afd.sys

Click Search Files button and post the log (FSS.txt) it makes to your reply.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 jenn31708

jenn31708
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:10 AM

Posted 05 January 2012 - 12:33 PM

Farbar Service Scanner
Ran by JennB (administrator) on 05-01-2012 at 11:38:36
Microsoft Windows XP Service Pack 2 (X86)

************************************************
================== Search: "afd.sys" ===================

C:\WINDOWS\system32\dllcache\afd.sys
[2007-07-27 07:00] - [2008-08-14 04:51] - 0138368 ___AC (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\afd.sys
[2008-09-18 07:29] - [2008-04-13 14:19] - 0138112 ____A (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\afd.sys
[2008-06-20 05:44] - [2008-06-20 05:44] - 0138368 ____A (Microsoft Corporation) 944CA435BFCFC82CC1ED9E3A7D731AA9

C:\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3QFE\afd.sys
[2011-12-17 03:02] - [2008-08-14 05:34] - 0138496 ____A (Microsoft Corporation) 4D43E74F2A1239D53929B82600F1971C

C:\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3GDR\afd.sys
[2011-12-17 03:02] - [2008-08-14 05:04] - 0138496 ____A (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2QFE\afd.sys
[2011-12-17 03:02] - [2008-08-14 04:48] - 0138368 ____A (Microsoft Corporation) 6A0397376853E604DE8E1E7A87FC08AC

C:\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2GDR\afd.sys
[2011-12-17 03:02] - [2008-08-14 04:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2008-10-15 02:01] - [2008-06-20 05:44] - 0138368 ____C (Microsoft Corporation) 944CA435BFCFC82CC1ED9E3A7D731AA9

C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008-07-09 16:45] - [2007-07-27 07:00] - 0138496 ____C (Microsoft Corporation) 5AC495F4CB807B2B98AD2AD591E6D92E

C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008-10-14 20:45] - [2008-08-14 05:34] - 0138496 ____A (Microsoft Corporation) 4D43E74F2A1239D53929B82600F1971C

C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008-10-14 20:45] - [2008-08-14 05:04] - 0138496 ____A (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008-10-14 20:45] - [2008-08-14 04:48] - 0138368 ____A (Microsoft Corporation) 6A0397376853E604DE8E1E7A87FC08AC

C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008-06-20 06:48] - [2008-06-20 06:48] - 0138496 ____A (Microsoft Corporation) D6EE6014241D034E63C49A50CB2B442A

C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008-06-20 06:40] - [2008-06-20 06:40] - 0138496 ____A (Microsoft Corporation) E3049B90FE06F3F740B7CFDA44995E2C

C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008-06-20 05:44] - [2008-06-20 05:44] - 0138368 ____A (Microsoft Corporation) D99DDFFB33DEACDCF20717CB520379F6

====== End Of Search ======




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users