Jump to content

Vee

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Yes it is failing after uninstalling McAffee. Can I downgrade IE8 to IE7 at all perhaps? How do I do this?
  2. Hi, thanks for your reply. I've done both of these and I'm now back online, thanks for that, it's great! I have one more issue though, I have a web based admin system we are trying to login to and it doesn't work with IE8, it works with firefox but I don't know why I can't login with IE as again it works on every other PC we have tried. Sorry to ask more questions but any pointers on why this might be? Thanks again
  3. Thanks, have done all this and posted new topic as suggested with logs. Thanks again.
  4. I ran Malwarebytes and since then, I can't connect to the internet using IE8 or Firefox or any other browser. I'm doing this on behalf of a friend who has just switched broadband providers and as such seems to have let her anti virus slip so clearly had problems. She had 34 issues come up after the Malware was run which have been removed. But... since then, we can't get on the internet at all either via wireless or LAN (plugging in wire). I'm writing this from a PC in the house that can connect so there's no issue with the modem or anything. When I try to connect I get issues with can't acquire an IP address. The operating system is Windows XP, the laptop is and oldish IBM Think Pad. There is no anti virus on the system - there used to be McAffee and its still there but not fully updated as subscription lapsed (clearly the start of my friend's issues!). The firewall is on but I get an error when I try to open Windows Firewall it says "Windows cannot start the Windows Firewall/Internet Connection Sharing (ICS) service." I've tried to disable and enable the connection, also tried to repair but the error with repair is about not being able to get the IP address. I ran Malwarebytes again and below are the logs, it says nothing detected: Malwarebytes' Anti-Malware 1.40 Database version: 2622 Windows 5.1.2600 Service Pack 2 17/08/2009 08:43:50 mbam-log-2009-08-17 (08-43-50).txt Scan type: Quick Scan Objects scanned: 96620 Time elapsed: 5 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I also ran Hijackthis and here are the logs: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:23:49, on 17/08/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe C:\Program Files\Support.com\bin\tgcmd.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\ThinkPad\CONNEC~1\QCTray.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\IBM\Messages By IBM\ibmmessages.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\System32\QCONSVC.EXE C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\TpKmpSVC.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [storageGuard] "c:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [s3TRAY2] S3Tray2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE O4 - HKLM\..\Run: [QCTray] C:\PROGRA~1\ThinkPad\CONNEC~1\QCTray.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE O4 - HKLM\..\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://gltadmin.golearnto.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1215602168267 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe -- End of file - 8288 bytes I'm NOT technical or experienced (just enthusiastic about trying to learn and help my friend!) - I can just follow specific instructions so if you are kindly able to offer any advice, would appreciate if you give step by step details to help me as otherwise I might be stuck! Thanks so much!
  5. I ran Malwarebytes and since then, I can't connect to the internet using IE8 or Firefox or any other browser. I'm doing this on behalf of a friend who has just switched broadband providers and as such seems to have let her anti virus slip so clearly had problems. She had 34 issues come up after the Malware was run which have been removed. But... since then, we can't get on the internet at all either via wireless or LAN (plugging in wire). I'm writing this from a PC in the house that can connect so there's no issue with the modem or anything. When I try to connect I get issues with can't acquire an IP address. The operating system is Windows XP, the laptop is and oldish IBM Think Pad. There is no anti virus on the system - there used to be McAffee and its still there but not fully updated as subscription lapsed (clearly the start of my friend's issues!). I am now sure the malware has gone. The firewall is on but I get an error when I try to open Windows Firewall it says "Windows cannot start the Windows Firewall/Internet Connection Sharing (ICS) service." I've tried to disable and enable the connection, also tried to repair but the error with repair is about not being able to get the IP address. I'm NOT technical or experienced (just enthusiastic about trying to learn and help my friend!) - I can just follow specific instructions so if you are kindly able to offer any advice, would appreciate if you give step by step details to help me as otherwise I might be stuck! Thanks so much!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.