Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pup.crossfire.sa removed??


  • Please log in to reply
21 replies to this topic

#1 jpfischer

jpfischer

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 21 December 2012 - 06:24 PM

I have ran super anti spyware and malware bytes and it appears that the virus is removed, but I have no connectivity to the interenet. My wireless sends packets but will not receive and now my ethernet will not connect. Please let me know what to do?

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 21 December 2012 - 07:30 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 21 December 2012 - 09:34 PM

Here are the requested logs:

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Free Antivirus
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Temp File Cleaner
Java™ 6 Update 37
Java version out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast avastUI.exe
AVAST Software Avast AvastEmUpdate.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Farbar Service Scanner Version: 10-12-2012
Ran by Diana (administrator) on 21-12-2012 at 20:16:21
Running from "C:\Documents and Settings\Diana\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(11) Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x0B00000005000000010000000200000003000000040000000B0000000A00000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****


MiniToolBox by Farbar Version: 25-11-2012
Ran by Diana (administrator) on 21-12-2012 at 20:22:22
Running from "C:\Documents and Settings\Diana\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC = Local Area Connection (Connected)
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : dyer-laptop-xp

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : Yes

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin

Belkin



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-22-19-E0-36-C9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.9

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Friday, December 21, 2012 8:11:11 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 9:14:07 PM



Ethernet adapter Wireless Network Connection 2:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter

Physical Address. . . . . . . . . : 00-17-C4-50-0B-AD

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.7

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Friday, December 21, 2012 8:11:16 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 9:14:07 PM

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 22 19 e0 36 c9 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 17 c4 50 0b ad ...... Atheros AR5007EG Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 25
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.7 192.168.1.7 25
192.168.1.0 255.255.255.0 192.168.1.9 192.168.1.9 20
192.168.1.7 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.9 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.7 192.168.1.7 25
192.168.1.255 255.255.255.255 192.168.1.9 192.168.1.9 20
224.0.0.0 240.0.0.0 192.168.1.7 192.168.1.7 25
224.0.0.0 240.0.0.0 192.168.1.9 192.168.1.9 20
255.255.255.255 255.255.255.255 192.168.1.7 192.168.1.7 1
255.255.255.255 255.255.255.255 192.168.1.9 192.168.1.9 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/21/2012 02:00:32 PM) (Source: Application Hang) (User: )
Description: Hanging application AvastUI.exe, version 7.0.1474.765, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/09/2012 07:53:33 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (08/16/2012 08:38:51 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (02/11/2012 06:31:53 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crt> with error: This operation returned because the timeout period expired.

Error: (02/09/2012 06:16:14 PM) (Source: Application Hang) (User: )
Description: Hanging application soffice.bin, version 3.3.9556.500, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/07/2012 00:34:04 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crt> with error: The specified server cannot perform the requested operation.

Error: (02/07/2012 00:34:04 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crt> with error: This operation returned because the timeout period expired.

Error: (01/29/2012 06:36:32 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 16.0.912.77, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000116f4.
Processing media-specific event for [chrome.exe!ws!]

Error: (01/15/2012 07:26:40 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (12/13/2011 09:05:36 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (12/21/2012 08:11:37 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.7,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (12/21/2012 08:11:21 PM) (Source: Service Control Manager) (User: )
Description: The aswFsBlk service failed to start due to the following error:
%%2

Error: (12/21/2012 07:12:11 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.7,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (12/21/2012 07:11:49 PM) (Source: Service Control Manager) (User: )
Description: The aswFsBlk service failed to start due to the following error:
%%2

Error: (12/21/2012 06:44:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/21/2012 04:54:20 PM) (Source: DCOM) (User: DYER-LAPTOP-XP)
Description: DCOM got error "%%1084" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (12/21/2012 04:46:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
aswSnx
aswSP
aswTdi
Fips
intelppm

Error: (12/21/2012 04:44:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/21/2012 04:44:26 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.7,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (12/21/2012 04:44:26 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service ALG with arguments ""
in order to run the server:
{D6015EC3-FA16-4813-9CA1-DA204574F5DA}


Microsoft Office Sessions:
=========================
Error: (12/21/2012 02:00:32 PM) (Source: Application Hang)(User: )
Description: AvastUI.exe7.0.1474.765hungapp0.0.0.000000000

Error: (10/09/2012 07:53:33 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (08/16/2012 08:38:51 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (02/11/2012 06:31:53 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crtThis operation returned because the timeout period expired.

Error: (02/09/2012 06:16:14 PM) (Source: Application Hang)(User: )
Description: soffice.bin3.3.9556.500hungapp0.0.0.000000000

Error: (02/07/2012 00:34:04 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crtThe specified server cannot perform the requested operation.

Error: (02/07/2012 00:34:04 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8782C6C304353BCFD29692D2593E7D44D934FF11.crtThis operation returned because the timeout period expired.

Error: (01/29/2012 06:36:32 PM) (Source: Application Error)(User: )
Description: chrome.exe16.0.912.77ntdll.dll5.1.2600.6055000116f4

Error: (01/15/2012 07:26:40 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (12/13/2011 09:05:36 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.3.0.3650)
Atheros Driver Installation Program (Version: 7.1)
Atheros Wireless LAN Client Adapter (Version: 1.0.5.0725)
avast! Free Antivirus (Version: 7.0.1474.0)
CCleaner (Version: 3.25)
Conexant HD Audio (Version: 3.49.4.50)
Coupon Companion (Version: 1.24.151.151)
Dell Touchpad (Version: 7.1.104.2)
Dropbox (Version: 1.4.7)
Foxit Reader (Version: 4.3.1.218)
Google Chrome (Version: 23.0.1271.97)
Google Update Helper (Version: 1.3.21.123)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.74.00.50)
Intel® Graphics Media Accelerator Driver
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
join.me (Version: 1.7.0.131)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicnotes Software Suite 1.5.5 (Version: 1.5.5)
OpenOffice.org 3.3 (Version: 3.3.9567)
PMB (Version: 5.2.00.03250)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.16.0001)
Sheet Music Plus Digital Print (Version: 255.11.14)
Sheet Music Plus Digital Print (Version: v2011.11.14)
SUPERAntiSpyware (Version: 5.6.1014)
Temp File Cleaner (Version: 4.2.1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
VLC media player 1.1.10 (Version: 1.1.10)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)

========================= Devices: ================================

Name: Base System Device
Description: Base System Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 1014.3 MB
Available physical RAM: 496.5 MB
Total Pagefile: 2441.68 MB
Available Pagefile: 2027.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.78 GB) (Free:97.91 GB) NTFS
3 Drive e: (CRUZER) (Removable) (Total:3.77 GB) (Free:2.8 GB) FAT32

========================= Users: ========================================

User accounts for \\DYER-LAPTOP-XP

Administrator Diana Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****


Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.21.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Diana :: DYER-LAPTOP-XP [administrator]

Protection: Enabled

12/20/2012 11:59:26 PM
mbam-log-2012-12-20 (23-59-26).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222469
Time elapsed: 33 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: dc8bce5b024246f6c6db366863547fd4 -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\215 Apps|4493 (PUP.CrossFire.SA) -> Data: Coupon Companion -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Will post aswmbr when completes

#4 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 21 December 2012 - 10:06 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-21 20:45:23
-----------------------------
20:45:23.703 OS Version: Windows 5.1.2600 Service Pack 3
20:45:23.703 Number of processors: 1 586 0x1601
20:45:23.703 ComputerName: DYER-LAPTOP-XP UserName: Diana
20:45:28.546 Initialize success
20:45:29.484 AVAST engine defs: 12121700
20:45:33.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:45:33.984 Disk 0 Vendor: WDC_WD1200BEVT-75ZCT2 11.01A11 Size: 114473MB BusType: 3
20:45:34.062 Disk 0 MBR read successfully
20:45:34.062 Disk 0 MBR scan
20:45:34.062 Disk 0 Windows XP default MBR code
20:45:34.062 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114463 MB offset 63
20:45:34.109 Disk 0 scanning sectors +234420480
20:45:34.234 Disk 0 scanning C:\WINDOWS\system32\drivers
20:45:56.343 Service scanning
20:46:07.000 Modules scanning
20:46:58.296 Disk 0 trace - called modules:
20:46:58.375 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
20:46:58.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d55030]
20:46:58.875 3 CLASSPNP.SYS[f75ddfd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86d55d98]
20:46:59.250 AVAST engine scan C:\WINDOWS
20:47:18.140 AVAST engine scan C:\WINDOWS\system32
20:51:16.875 AVAST engine scan C:\WINDOWS\system32\drivers
20:52:00.265 AVAST engine scan C:\Documents and Settings\Diana
20:58:47.921 AVAST engine scan C:\Documents and Settings\All Users
21:00:19.984 Scan finished successfully
21:00:34.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Diana\Desktop\MBR.dat"
21:00:34.453 The log file has been saved successfully to "C:\Documents and Settings\Diana\Desktop\aswMBR.txt"

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 12:56 PM

Download Windows Repair (all in one) from this site

Install the program then run it.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Posted Image



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Posted Image


Go to Step 4 and under "System Restore" click on Create button:

Posted Image


Go to Start Repairs tab and click Start button.

Posted Image


Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):

Posted Image

Click on box next to the Restart System when Finished. Then click on Start.

Post new FSS log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#6 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 22 December 2012 - 02:44 PM

Wired Connection is now working but still no luck on the wireless end. Here is the FSS

Farbar Service Scanner Version: 10-12-2012
Ran by Diana (administrator) on 22-12-2012 at 13:39:30
Running from "C:\Documents and Settings\Diana\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(11) Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x0B00000005000000010000000200000003000000040000000B0000000A00000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 02:58 PM

Re-run MiniToolbox with just this item checked:
List IP configuration

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 22 December 2012 - 03:36 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Diana (administrator) on 22-12-2012 at 14:36:11
Running from "C:\Documents and Settings\Diana\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC = Local Area Connection (Connected)
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : dyer-laptop-xp

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin

Belkin



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-22-19-E0-36-C9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.12

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Saturday, December 22, 2012 2:16:25 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 9:14:07 PM



Ethernet adapter Wireless Network Connection 2:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter

Physical Address. . . . . . . . . : 00-17-C4-50-0B-AD

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.10

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Saturday, December 22, 2012 1:34:00 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 9:14:07 PM

Server:
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.227.72, 74.125.227.73, 74.125.227.78, 74.125.227.64
74.125.227.65, 74.125.227.66, 74.125.227.67, 74.125.227.68, 74.125.227.69
74.125.227.70, 74.125.227.71



Pinging google.com [74.125.227.39] with 32 bytes of data:



Reply from 74.125.227.39: bytes=32 time=27ms TTL=55

Reply from 74.125.227.39: bytes=32 time=28ms TTL=55



Ping statistics for 74.125.227.39:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 28ms, Average = 27ms

Server:
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=63ms TTL=51

Reply from 98.138.253.109: bytes=32 time=71ms TTL=51



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 63ms, Maximum = 71ms, Average = 67ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 22 19 e0 36 c9 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC
0x10004 ...00 17 c4 50 0b ad ...... Atheros AR5007EG Wireless Network Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.10 25
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.12 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.10 192.168.2.10 25
192.168.2.0 255.255.255.0 192.168.2.12 192.168.2.12 20
192.168.2.10 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.12 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.10 192.168.2.10 25
192.168.2.255 255.255.255.255 192.168.2.12 192.168.2.12 20
224.0.0.0 240.0.0.0 192.168.2.10 192.168.2.10 25
224.0.0.0 240.0.0.0 192.168.2.12 192.168.2.12 20
255.255.255.255 255.255.255.255 192.168.2.10 192.168.2.10 1
255.255.255.255 255.255.255.255 192.168.2.12 192.168.2.12 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None

**** End of log ****

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 04:04 PM

Wireless settings look just fine so I'm not sure why it doesn't connect...

Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Posted Image
Make sure "DNS" tab looks like this:
Posted Image
Make sure "WINS" tab looks like this:
Posted Image
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.


If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

If that doesn't work, bypass router, and connect computer straight to the modem.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 22 December 2012 - 05:41 PM

tried all of those and no luck. I did some research and found that people had compatibility issues with aeth 5700eg. I looked for driver updates but when I restart the laptop it just shows a blue screen with windows xp on it. Not sure what to do.

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 06:55 PM

Did you actually make any changes before BSOD happened?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#12 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 22 December 2012 - 07:30 PM

I downloaded the driver diagnostic tool but it said my win needed to be 2.0 or greater. I noticied the Atheros driver disappeared and computer started bsod. Tryed last previous and safe but no luck so far.

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 08:14 PM

Can you start your computer at all?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#14 jpfischer

jpfischer
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 22 December 2012 - 08:32 PM

It will restart. Just stops at the blue screen. Safe mode pulls up a black screen with safe mode for 2 seconds and then goes blue screen. No errors or anything reported on start.

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:55 AM

Posted 22 December 2012 - 09:59 PM

Do you have Windows XP, CD?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users