Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can not start Windows XP Home Security Center


  • Please log in to reply
17 replies to this topic

#1 catnapgood

catnapgood

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 03 January 2012 - 11:28 PM

Howdy.

After some recent virus attacks that plagued my computer, I visited the Security Center to realize that I could no longer start my firewall or any of the security center features. It claims that it is turned off and asks for me to restart the computer or to turn it on. No matter what I tried I couldn't get it to start.

During all of this MBAM was constantly alerting me to outgoing signals it banned to various malicious addresses.

So I disconnected the internet and ran MBAM, MSE, and SPS&D. Got anything left over off of my computer, but I still can't activate the firewall or Security Center.

Can anyone help me? D :

Thank you.

Edited by Budapest, 04 January 2012 - 12:14 AM.
Moved from AntiVirus, Firewall and Privacy Products and Protection Methods ~Budapest


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 04 January 2012 - 12:05 AM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 04 January 2012 - 11:52 PM

Howdy, thank you. Sorry for the delayed reply.

One thing I think I should note now is that even though I'm physically connected to the internet, it will constantly say it is connecting and acquiring the IP Address or whatnot. I'm not connected to the internet though, and I'm not able to update software, or use Firefox. I'm not sure if this has anything to do with the current problems.

Here are the logs and results you requested. :>

_____________________________________
Security Check
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
ESET Online Scanner v3
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Spybot - Search & Destroy
Java™ 6 Update 22
Java™ 6 Update 26
Java™ 7
Java™ SE Development Kit 7
Out of date Java installed!
Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!
Adobe Reader X (10.1.0) Adobe Reader Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````



__________________________________________________
Farbar Service Scanner


Farbar Service Scanner
Ran by Courtney (administrator) on 04-01-2012 at 17:39:42
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open afd registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open afd registry key. The service key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: Attention! Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
Attention! C:\WINDOWS\system32\Drivers\afd.sys is missing.
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****


_____________________________________________________________

MiniToolBox

MiniToolBox by Farbar
Ran by Courtney (administrator) on 04-01-2012 at 17:42:44
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15129 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : courtney-home Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : NVIDIA nForce Networking Controller Physical Address. . . . . . . . . : 00-30-1B-B7-FA-05Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 30 1b b7 fa 05 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 2 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/04/2012 05:26:10 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/04/2012 05:18:19 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/04/2012 04:43:42 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/04/2012 02:02:13 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/03/2012 09:26:30 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 08:11:24 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 05:20:07 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007043c: InitEventCollector failed

Error: (01/03/2012 05:17:40 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007043c: InitEventCollector failed

Error: (01/03/2012 05:05:37 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 04:31:05 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/04/2012 05:46:10 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:10 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:10 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:10 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:09 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:09 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:09 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:09 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:09 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd

Error: (01/04/2012 05:46:08 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the following nonexistent service: Afd


Microsoft Office Sessions:
=========================
Error: (01/04/2012 05:26:10 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/04/2012 05:18:19 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/04/2012 04:43:42 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/04/2012 02:02:13 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/03/2012 09:26:30 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 08:11:24 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 05:20:07 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007043c: InitEventCollector failed

Error: (01/03/2012 05:17:40 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007043c: InitEventCollector failed

Error: (01/03/2012 05:05:37 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/03/2012 04:31:05 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


=========================== Installed Programs ============================

Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 10 Plugin (Version: 10.3.183.10)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Catalyst Control Center (Version: 1.2.2314.20337)
ATI Display Driver (Version: 8.252-060503a-038185C-ATI)
BlueJ 3.0.5
ESET Online Scanner v3
Greenfoot (Version: 2.1.0)
HiJackThis (Version: 1.0.0)
Java Auto Updater (Version: 2.1.5.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 (Version: 7.0.0)
Java™ SE Development Kit 7 (Version: 1.7.0.0)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Client EN-US Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager (Version: 2.03.467)
OpenOffice.org 3.3 (Version: 3.3.9567)
Project64 1.6 (Version: 1.6)
QuickTime (Version: 7.71.80.42)
SIW version 2011.10.29 (Version: 2011.10.29)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
Wacom Tablet
WebFldrs XP (Version: 9.50.6513)
WebTablet IE Plugin (Version: 1.1.0.4)
WebTablet Netscape Plugin (Version: 1.1.0.3)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Xfire (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 73%
Total physical RAM: 511.48 MB
Available physical RAM: 134.68 MB
Total Pagefile: 1248.53 MB
Available Pagefile: 697.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:93.36 GB) (Free:77.34 GB) NTFS
4 Drive h: () (Removable) (Total:1.9 GB) (Free:0.11 GB) FAT

========================= Users: ========================================

User accounts for \\COURTNEY-HOME

Administrator ASPNET Courtney
Guest HelpAssistant SUPPORT_388945a0


**** End of log ****


___________________________________________________________________________
MBAM

(The scan did not show up with any threats. But, I have old MBAM logs that name past removed threats if you need them.)
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.01.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Courtney :: COURTNEY-HOME [administrator]

Protection: Enabled

1/4/2012 5:52:56 PM
mbam-log-2012-01-04 (17-52-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 179386
Time elapsed: 9 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

_____________________________________________
GMER Results

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-04 20:41:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5 Maxtor_6L100M0 rev.BACE1G20
Running: cbfwwtnd.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxldrkod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB4305$\3200988686 0 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627 0 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\bckfg.tmp 863 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\cfg.ini 199 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\Desktop.ini 4608 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\keywords 140 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\kwrd.dll 223744 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\L 0 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\L\lnvxgvxn 138496 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\lsflt7.ver 5176 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U 0 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\00000001.@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\00000002.@ 224768 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\00000004.@ 1024 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\80000000.@ 11264 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\80000004.@ 12800 bytes
File C:\WINDOWS\$NtUninstallKB4305$\746732627\U\80000032.@ 77312 bytes

---- EOF - GMER 1.0.15 ----

______________________________________

Again, thank you for all of the help. : )

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 05 January 2012 - 12:27 AM

You have several issues there...

Let's start with finding a replacement for missing system file.

Please run Farbar Service Scanner.
Type the following in the edit box after "Search:".

afd.sys

Click Search Files button and post the log (FSS.txt) it makes to your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 05 January 2012 - 04:19 PM

Here is the Farbar report you wanted.

Farbar Service Scanner
Ran by Courtney (administrator) on 05-01-2012 at 13:13:14
Microsoft Windows XP Service Pack 3 (X86)

************************************************
================== Search: "afd.sys" ===================

C:\WINDOWS\system32\dllcache\afd.sys
[2003-03-31 04:00] - [2011-08-17 05:49] - 0138496 ___AC (Microsoft Corporation) 1E44BC1E83D8FD2305F8D452DB109CF9

C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2011-07-02 23:00] - [2008-04-13 11:19] - 0138112 ____N (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011-07-03 20:33] - [2008-06-20 03:40] - 0138496 ____C (Microsoft Corporation) E3049B90FE06F3F740B7CFDA44995E2C

C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2011-07-03 20:17] - [2008-04-13 11:19] - 0138112 ____C (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2011-10-14 11:17] - [2011-02-16 05:22] - 0138496 ____C (Microsoft Corporation) 355556D9E580915118CD7EF736653A89

C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011-07-03 21:09] - [2008-08-14 02:04] - 0138496 ____C (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2011-07-03 21:09] - [2008-10-16 06:43] - 0138496 ____C (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2011-07-03 20:01] - [2004-08-03 22:14] - 0138496 ____C (Microsoft Corporation) 5AC495F4CB807B2B98AD2AD591E6D92E

C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2011-07-03 19:57] - [2008-08-14 02:34] - 0138496 ____A (Microsoft Corporation) 4D43E74F2A1239D53929B82600F1971C

C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008-06-20 03:48] - [2008-06-20 03:48] - 0138496 ____A (Microsoft Corporation) D6EE6014241D034E63C49A50CB2B442A

C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
[2011-10-13 15:19] - [2011-08-17 05:41] - 0138496 ____A (Microsoft Corporation) F6B7B1ECD7B41736BDB6FF4B092BCB79

C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008-10-16 07:07] - [2008-10-16 07:07] - 0138496 ____A (Microsoft Corporation) 38D7B715504DA4741DF35E3594FE2099

C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2011-07-03 21:05] - [2011-02-16 05:25] - 0138496 ____A (Microsoft Corporation) 8D499B1276012EB907E7A9E0F4D8FDA4

====== End Of Search ======

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 05 January 2012 - 07:05 PM

Download following batch file: http://www.filedropper.com/fix_8
Double click on it.
Command prompt window will appear briefly.

Then....

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/


Download XP.zip file from here: http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/
Unzip the file.
You'll find several files inside.
Double click on afd.reg file and confirm the prompt.
Restart computer, check on internet connection and post new FSS log

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 05 January 2012 - 11:20 PM

Thank you, I can now connect to the internet. :3
Here is the new FSS log.
__________________________________


Farbar Service Scanner
Ran by Courtney (administrator) on 05-01-2012 at 19:54:29
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: Attention! Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Again, thank you for all of the help. : )

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 05 January 2012 - 11:47 PM

Very good :)

You seem to have couple more things not running because of missing registry keys.

1. Can you access Security Center?
2. Can you run Windows updates?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 06 January 2012 - 11:26 PM

Security Center still says it is down, but when I click on the Windows Firewall tab it appears to be running.

It also seems that I have automatic updates set to install automatically, but when I connect manually to the site, by either choosing express or custom install I'm told there is an error and I am not able to update.

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 07 January 2012 - 12:41 AM

OK, we'll try to fix it.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/



Please go to Start=>Run (alternatively use Windows key+R), type regedit and click OK.
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root
Right-Click Root and select Permissions...
Under Security type while Everyone is selected put a check mark in the box under Allow next to Full Control.
Click Apply and OK.

Download XP.zip file from here: http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/
You'll find several files inside.
Double-click legacy_wuauserv.reg and confirm the prompt.
Double-click wuauserv.reg and confirm the prompt.
Double-click legacy_wscsvc.reg and confirm the prompt.
Double-click wscsvc.reg and confirm the prompt.

Please go back to the the Root key again while Everyone is selected remove check mark in the box under Allow next to Full Control and close the registry.

Restart computer, update me on the issues and post new FSS log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 08 January 2012 - 03:18 AM

Heya Broni. Everything is working great now. My computer is running automatic updates and Security Center now. : ) Thank you so much!

Here is the new FSS log.
_________________________________________

Farbar Service Scanner
Ran by Courtney (administrator) on 08-01-2012 at 00:14:36
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****

_________________________________________

Again, Thank you so much. : )

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 08 January 2012 - 11:52 AM

Excellent!

Any current issues?

Couple more steps....

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 09 January 2012 - 07:31 PM

Howdy.
Ok, so I couldn't run TFC on the computer it would freeze up and I would have to reboot. It may be complications with MBAM (Has this occurred before?), which is still alerting me of blocking outgoing signals to odd IP Addresses. I think I may have at one point earlier this month tried to run TFC and after having no success shut down MBAM with the task manager and the computer froze.
Should I uninstall MBAM for the moment to see if it is the source of this problem, and to run TFC?

I ran ESET, Here are the results.
________________________________________________

C:\Documents and Settings\Courtney\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\17\6e684651-3cc11e30 a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\Courtney\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\29\1b0b81d-2adc0f8d a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\Courtney\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\4d809ea6-198467b4 a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\Courtney\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\55\1290de77-6f82e9e2 Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Documents and Settings\Courtney\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\61\6387dfbd-586b2632 Java/Agent.DY trojan deleted - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\59\33fc61bb-5b260350 a variant of Java/Agent.DZ trojan deleted - quarantined
________________________________________________


Thanks. : )

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:01 AM

Posted 09 January 2012 - 07:59 PM

which is still alerting me of blocking outgoing signals to odd IP Addresses


You'll need more advanced help.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 catnapgood

catnapgood
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:12:01 AM

Posted 10 January 2012 - 11:58 PM

I should have restarted my computer after the ESET scan. MBAM had stopped reporting signals after the scan but I didn't notice it. (I had saved the results onto a thumb drive and sent them here using a different computer right after.)

After restarting, I didn't receive any pop-ups from MBAM, so I browsed the web to make sure everything was good. Other than my computer's typical slowness everything is working fine again.
I'll keep an eye out for the next couple of days to see if the pop-ups start occurring again.
Do I still go through with seeking help from the Maleware team, or do I just stay vigilant to see that everything continues working smoothly?

Thank you Broni.

Edited by catnapgood, 11 January 2012 - 12:00 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users