Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with win32:malware-gen, I think


  • Please log in to reply
33 replies to this topic

#1 jsms1095

jsms1095

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 04:46 PM

Hi,

 

About a week ago (maybe 2?), Avast! found this virus on my computer.  I accidentally deleted the file instead of putting in quarantine and I've been having problems ever since.

 

I'm using XP sp3.

 

I've run multiple scans with Avast!, mbam, and super-antispyware; all of them come back clean.  I know that something is wrong, but I don't know how to track it down or get rid of it.  :(

 

Any advice would be much appreciated.  I can add my mbam log in my next post.  I wanted to run another super anti-spyware, and I don't know how to post my avast! logs.  

 

Thanks,

Janet

 



BC AdBot (Login to Remove)

 


#2 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 04:48 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user :: JANET [administrator]

1/14/2014 9:15:30 AM
mbam-log-2014-01-14 (09-15-30).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 506208
Time elapsed: 3 hour(s), 23 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 



#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 14 January 2014 - 04:48 PM

Step 1

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 2

 

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3.

 

 

Please download HitmanPro. to your desktop.

  • Launch the program by double clicking on HitmanPro.exe. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • Click on the next button and choose the option activate free license
  • Click on the next button and the infections where will be deleted.
  • Click now on the Save Log option and save this log to your desktop.
  • Click on the next button and restart the computer.
  • Copy the information of HitmanPro_20130116_1239.log in your next reply

Step 4.

 

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



#4 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 08:07 PM

Here we go:

 

# AdwCleaner v3.017 - Report created 14/01/2014 at 18:03:15
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - JANET
# Running from : C:\Documents and Settings\user\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1497 octets] - [14/01/2014 18:01:49]
AdwCleaner[S0].txt - [1428 octets] - [14/01/2014 18:03:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1488 octets] ##########
 



#5 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 08:08 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by user on Tue 01/14/2014 at 18:15:09.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E935F576-1993-41A2-87FC-861700161760}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\user\Application Data\mozilla\firefox\profiles\nzzqyfxn.default\minidumps [19 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/14/2014 at 18:22:53.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 08:10 PM

HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : JANET
   Windows . . . . . . . : 5.1.3.2600.X86/2
   User name . . . . . . : JANET\user
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-01-14 18:42:14
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 13m 22s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 71

   Objects scanned . . . : 1,163,540
   Files scanned . . . . : 237,815
   Remnants scanned  . . : 468,972 files / 456,753 keys

Suspicious files ____________________________________________________________

   C:\Documents and Settings\user\Local Settings\Application Data\Amazon Cloud Player\Amazon Music Helper.exe
      Size . . . . . . . : 3,145,536 bytes
      Age  . . . . . . . : 105.3 days (2013-10-01 11:12:39)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : A40A288FFB10C869C73E06121C31CCEFF83F5F64F638E29F90ED845AD8DF0BE3
      RSA Key Size . . . : 2048
      Authenticode . . . : Self-signed
      Running processes  : 200
      Fuzzy  . . . . . . : 24.0
         Program is code self-signed.
         This program is actively listening for inbound network connections.
         Uses the Windows Registry to run each time the user logs on.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program starts automatically without user intervention.
         The file is in use by one or more active processes.
      Startup
         HKU\S-1-5-21-839522115-1220945662-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Amazon Cloud Player
      Network Ports
         127.0.0.1:4750    


Cookies _____________________________________________________________________

   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:2o7.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:a1.interclick.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ad.doubleclick.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:adinterax.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:adlegend.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.bleepingcomputer.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.funnyjunk.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.p161.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.pointroll.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.pubmatic.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.socialvi.be
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.undertone.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.webkinz.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:ads.yahoo.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:adtechus.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:advertising.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:at.atwola.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:atdmt.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:burstnet.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:c.atdmt.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:casalemedia.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:collective-media.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:coxnet.112.2o7.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:dmtracker.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:doubleclick.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:fastclick.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:h.atdmt.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:in.getclicky.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:interclick.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:invitemedia.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:media6degrees.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:mediaplex.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:msnbc.112.2o7.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:overture.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:pointroll.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:questionmarket.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:serving-sys.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:smartadserver.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:specificclick.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:statcounter.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:stats.adotube.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:stats.paypal.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:track.adform.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:tribalfusion.com
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:verizontelecom.112.2o7.net
   C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\nzzqyfxn.default\cookies.sqlite:xiti.com
   C:\Documents and Settings\user\Cookies\1NF5I6UM.txt
   C:\Documents and Settings\user\Cookies\864AJM9R.txt
   C:\Documents and Settings\user\Cookies\GH7XGZO8.txt
   C:\Documents and Settings\user\Cookies\HJD3F1CU.txt
   C:\Documents and Settings\user\Cookies\KBGHBM2O.txt
   C:\Documents and Settings\user\Cookies\KTKWVUFD.txt
   C:\Documents and Settings\user\Cookies\N0IPM0E4.txt
   C:\Documents and Settings\user\Cookies\N9AJF5M1.txt
   C:\Documents and Settings\user\Cookies\Q4XRPINB.txt
   C:\Documents and Settings\user\Cookies\user@ads.biglots[2].txt
   C:\Documents and Settings\user\Cookies\user@ads.cnn[1].txt
   C:\Documents and Settings\user\Cookies\user@ads.financialcontent[1].txt
   C:\Documents and Settings\user\Cookies\user@ads.gametap[1].txt
   C:\Documents and Settings\user\Cookies\user@ads.nascar[1].txt
   C:\Documents and Settings\user\Cookies\user@ads.nba[1].txt
   C:\Documents and Settings\user\Cookies\user@ads.socialreach[1].txt
   C:\Documents and Settings\user\Cookies\user@stats.paypal[1].txt
   C:\Documents and Settings\user\Cookies\user@track.bestbuy[1].txt
   C:\Documents and Settings\user\Cookies\VKEGA9K1.txt
   C:\Documents and Settings\user\Cookies\ZBB6X242.txt
   C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net
 

#7 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 08:11 PM

MiniToolBox by Farbar  Version: 18-12-2013
Ran by user (administrator) on 14-01-2014 at 20:02:20
Running from "C:\Documents and Settings\user\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 49455
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
D-Link WDA-1320 Desktop Adapter = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : JANET

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet

        Physical Address. . . . . . . . . : 00-13-20-E9-C5-7E



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . : home

        Description . . . . . . . . . . . : D-Link WDA-1320 Desktop Adapter

        Physical Address. . . . . . . . . : 00-15-E9-47-77-C3

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.3

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

                                            71.252.0.12

        Lease Obtained. . . . . . . . . . : Tuesday, January 14, 2014 7:23:12 PM

        Lease Expires . . . . . . . . . . : Wednesday, January 15, 2014 7:23:11 PM

Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.228.98, 74.125.228.100, 74.125.228.99, 74.125.228.97
      74.125.228.101, 74.125.228.102, 74.125.228.96, 74.125.228.104, 74.125.228.110
      74.125.228.103, 74.125.228.105



Pinging google.com [74.125.228.99] with 32 bytes of data:



Reply from 74.125.228.99: bytes=32 time=16ms TTL=250

Reply from 74.125.228.99: bytes=32 time=15ms TTL=250



Ping statistics for 74.125.228.99:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 15ms, Maximum = 16ms, Average = 15ms

Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=164ms TTL=247

Reply from 98.138.253.109: bytes=32 time=68ms TTL=247



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 68ms, Maximum = 164ms, Average = 116ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 e9 c5 7e ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
0x10004 ...00 15 e9 47 77 c3 ...... D-Link WDA-1320 Desktop Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.3      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0      192.168.1.3     192.168.1.3      20
      192.168.1.0    255.255.255.0      192.168.1.3     192.168.1.3      25
      192.168.1.3  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.1.255  255.255.255.255      192.168.1.3     192.168.1.3      25
        224.0.0.0        240.0.0.0      192.168.1.3     192.168.1.3      25
  255.255.255.255  255.255.255.255      192.168.1.3               2      1
  255.255.255.255  255.255.255.255      192.168.1.3     192.168.1.3      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 02 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 03 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 04 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 05 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 06 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 07 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 08 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 09 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 10 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 11 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 12 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 13 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 14 mswsock.dll [File not found] (Microsoft Corporation)
Catalog9 15 mswsock.dll [File not found] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/14/2014 06:47:07 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:07 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:07 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.


System errors:
=============
Error: (05/13/2014 10:29:28 PM) (Source: W32Time) (User: )
Description: The time service has detected that the system time needs to be
changed by -10364584 seconds. The time service will not change the system
time by more than -54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.3:123->65.55.56.206:123) is working properly.

Error: (05/13/2014 10:29:06 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.3 on the
Network Card with network address 0015E94777C3.

Error: (01/05/2014 07:37:41 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (12/31/2013 00:09:11 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (12/31/2013 00:09:11 AM) (Source: Service Control Manager) (User: )
Description: The aswFsBlk service failed to start due to the following error:
%%2

Error: (01/30/2014 10:19:12 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (01/30/2014 09:46:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (01/30/2014 09:46:29 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Windows Search service to connect.

Error: (01/30/2014 09:46:29 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/30/2014 09:46:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).


Microsoft Office Sessions:
=========================
Error: (01/14/2014 06:47:07 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:07 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:07 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (01/14/2014 06:47:06 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.


=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
AbiWord 2.8.6 (Version: 2.8.6)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
AiO_Scan_CDA (Version: 70.0.149.000)
AiOSoftwareNPI (Version: 70.0.149.000)
Alice in Vivaldi's Four Seasons 1.0
Amazon Cloud Player (Version: 2.2.0.399)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.750.0)
ATI Display Driver (Version: 8.671-091104a-091523C-ATI)
avast! Free Antivirus (Version: 9.0.2011)
Barbie™ Beauty Boutique™ CD-ROM
Beauty and the Beast Magical Ballroom
BioWare Premium Module: Neverwinter Nights™ Kingmaker
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 70.0.170.000)
C3100 (Version: 70.0.149.000)
c3100_Help (Version: 70.0.149.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1104.959.17837)
Catalyst Control Center Graphics Full Existing (Version: 2009.1104.959.17837)
Catalyst Control Center Graphics Full New (Version: 2009.1104.959.17837)
Catalyst Control Center Graphics Light (Version: 2009.1104.959.17837)
Catalyst Control Center Graphics Previews Common (Version: 2009.1104.959.17837)
Catalyst Control Center HydraVision Full (Version: 2009.1104.959.17837)
Catalyst Control Center InstallProxy (Version: 2009.1104.959.17837)
CCC Help English (Version: 2009.1104.0958.17837)
ccc-core-preinstall (Version: 2009.1104.959.17837)
ccc-core-static (Version: 2009.1104.959.17837)
ccc-utility (Version: 2009.1104.959.17837)
Cisco WebEx Meeting Center for Firefox or Chrome (Version: 8.29.3212)
Creative Driver
Creative Memories Memory Manager 2 (Version: 2.0)
D&D Character Generator Demo
Destinations (Version: 70.0.170.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 7.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Dungeon and Dragons: Neverwinter Nights Complete (Version: 1.0.0)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax_CDA (Version: 70.0.149.000)
FreeStyle Auto-Assist
GameFly (Version: 1.2.364)
Google Chrome (Version: 32.0.1700.76)
Google Update Helper (Version: 1.3.22.3)
Heroes of Might and Magic II
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Photosmart and Deskjet 7.0.A
HP Photosmart Essential (Version: 1.9.1.3)
HP Product Assistant (Version: 100.000.001.000)
HP Product Detection (Version: 11.14.0001)
HP Solution Center 7.0 (Version: 7.0)
HP Update (Version: 5.005.000.002)
HPPhotoSmartExpress (Version: 70.0.170.000)
HPProductAssistant (Version: 70.0.170.000)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevicesMFC (Version: 70.0.170.000)
ISODisk 1.1
iTunes (Version: 11.1.3.8)
Japanese Fonts Support For Adobe Reader X (Version: 10.0.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 30 (Version: 6.0.300)
Little Mermaid II Return to the Sea
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Memory Manager Shared Components Update (Version: 2.00.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Compatibility Toolkit 5.6 (Version: 5.6.7324.0)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 97, Professional Edition
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Might and Magic IX (Version: 1.0)
Might and Magic® VI
Monsters Jr
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero Blu-ray Player (Version: 12.0.14300)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Core Components (Version: 11.0.18100)
Nero Kwik Media (Version: 1.18.18500)
Nero Kwik Media (Version: 12.0.01300)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
NewCopy_CDA (Version: 70.0.149.000)
Nutcracker Game 2.3
OCR Software by I.R.I.S 7.0 (Version: 7.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
PanoStandAlone (Version: 70.0.170.000)
Prerequisite installer (Version: 12.0.0002)
ProductContextNPI (Version: 70.0.149.000)
QuickTime (Version: 7.74.80.86)
Reader Rabbit Personalized Preschool
Reader Rabbit Toddler
Readme (Version: 70.0.149.000)
Rhapsody
Rosetta Stone Version 3 (Version: 3.3.5.2)
Scan (Version: 7.0.0.0)
ScannerCopy (Version: 7.0.0.0)
Secret Agent™ Barbie™
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
SolutionCenter (Version: 70.0.170.000)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 70.0.170.000)
SUPERAntiSpyware (Version: 5.0.1142)
swMSM (Version: 12.0.0.1)
The Elder Scrolls IV - Oblivion Game of the Year Deluxe
 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 14 January 2014 - 10:04 PM

Please run winsock fix.

http://www.majorgeeks.com/files/details/winsock_xp_fix.html

 

 

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#9 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 10:55 PM

Nevermind--answered my own question.  [I hate to ask a stupid question, but am I supposed to run the repair after downloading the Reimage repair program?  I feel a little nervous about it because it doesn't actually list the problems that it says it found on my system.]

 

 

thanks,

Janet


Edited by jsms1095, 14 January 2014 - 11:01 PM.


#10 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 14 January 2014 - 11:04 PM

Farbar Service Scanner Version: 08-01-2014
Ran by user (administrator) on 14-01-2014 at 23:04:22
Running from "C:\Documents and Settings\user\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 14 January 2014 - 11:33 PM

 

 

 

Reimage repair program?

 

 

 

I linked you to winsock fix please do not use reimage repair.



#12 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 15 January 2014 - 05:48 AM

I followed the link, and when I tried to scan or whatever, it redirected me to reimage repair.   I went back and forth, trying to figure out what was happening. There was an icon for "download locations" and an icon for "download now".  I clicked on "download now" and was redirected.  I already ran reimage repair, unfortunately.  I should have clicked on "download locations".  Have I done any damage by running reimage repair?  ugh. 



#13 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 15 January 2014 - 06:24 AM

And now, I think that I've messed up again.  I ran Eset and went to bed.  The window (and therefore the log file) was gone when I checked on it.  I have no idea how to find the log file, so I am re-running the scan, but just figured out that won't work because it should have already cleaned out any problems.  I'm sorry.  It's no excuse, but I was really distracted last night.  I never thought that the window would close after the scan was complete. 

 

Janet



#14 jsms1095

jsms1095
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:02 AM

Posted 15 January 2014 - 09:28 AM

At this point, I've run Reimage Repair by mistake, FarbarServiceScanner, Eset twice, and winsock fix -- in that order.  The computer seemed to reboot a little more quickly, and one or two other things that were strange seem to working correctly now.  It's also showing the correct date/time right now.  Is there anything else I should do, because I ran Reimage Repair? 

 

thanks,

 

Janet



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 AM

Posted 15 January 2014 - 10:26 AM

Un install Reimage reapair please then run this for me.

 

Please download the Kaspersky Virus Removal Tool from here to your Desktop.



Double-click the Removal Tool.

Click the cog in the upper right corner:




AVPfront.gif




Select down to and including your main drive.

Go to the actions tab and tick select actions by default both boxes are ticked leave them as they are.

Once done please select the Automatic Scan tab and press Start Scan.




avpsettings.gif




Allow the tool to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users