Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange activity breeds suspicion


  • Please log in to reply
7 replies to this topic

#1 germandog

germandog

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 17 February 2012 - 12:00 PM

I haven't been all that careful with my laptop, so I wouldn't be surprised if it were infected with something. But at any rate, a few days ago my recently installed Comodo Firewall mysteriously...deleted itself. It was not a proper uninstall, and several files were still on my HDD. When I attempted to use add/remove files, Windows notified me that the Comodo Firewall had already been removed, and when I tried to reinstall it I was greeted with a 1603 fatal error halfway through the process. I used a cleaning tool provided by Comodo to fix this kind of problem, but to no avail. I have scanned the computer with a number of programs, but with no particular method, so I can't be sure I did good.
Can somebody pick up the case and tell me where to go from here?
Thanks in advance.

P.S.: I believe when I first tried to reinstall the firewall, I got the Blue Screen of Death.

Edited by germandog, 17 February 2012 - 12:06 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 17 February 2012 - 03:03 PM

Hello it may be corrupted System files now.

Run SFC

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 germandog

germandog
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 18 February 2012 - 05:11 AM

A slight caveat here is that I have no Windows CD for that laptop. Nevertheless, I performed the scan, which reported that "Windows Resource Protection did not find any integrity violations".

However, another issue has popped up that I was not fully aware of 'till now: It seems as if my Wireless network adapter is no longer functioning. Any network I connect to leaves me with "limited access".

Edited by germandog, 18 February 2012 - 05:13 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 18 February 2012 - 08:17 PM

Lets see if the dervice is running

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 germandog

germandog
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 20 February 2012 - 01:01 PM

Ok, here's the log:

Farbar Service Scanner Version: 14-02-2012
Ran by Percival (administrator) on 20-02-2012 at 18:52:37
Running from "C:\Users\Percival\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


My wireless network adapter is still not functioning. I think the issue is with the driver because I could browse online with a generic driver bundled with Lubuntu.

The adapter is: "Broadcom 802.11n Network Adapter" Driver version: 5.100.82.95

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 21 February 2012 - 09:32 PM

Please start a topic in Internal Hardware and they will find the exact driver for you.
Include
adapter is: "Broadcom 802.11n Network Adapter" Driver version: 5.100.82.95

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Edited by boopme, 22 February 2012 - 04:44 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 germandog

germandog
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 22 February 2012 - 08:46 AM

Ok, thanks for your help!

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:32 PM

Posted 22 February 2012 - 04:44 PM

YOu're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users