Jump to content

Recommended Posts

Hello and :welcome:

You have not told us what version of Windows your using nor what version of Norton Internet Security... Here is something you can try....

Please exclude the following files from your Antivirus Software (not sure what version of you are using):

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows XP:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbampt.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\ mbamscheduler.exe

For Windows Vista or Windows 7 & 8:
  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbampt.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\ mbamscheduler.exe
For 64 bit versions of Windows Vista or Windows 7 & 8:
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware \ mbamscheduler.exe
Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE and MBAMSERVICE.EXE from it as well

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:

data-cdn.mbamupdates.com

The FAQ contains examples of setting file exclusions for some known AV products

Please post back and let us know how it went.

Link to post
Share on other sites

Lets take a deeper look....

Please run the tools below and ATTACH (do not copy and paste) the logs so someone can better assist you.

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply
Next:

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply "as an attachment": DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites

  • Root Admin

Based on the Event Logs the computer is either infected, damaged from a previous infection, or has a critical software conflict.   As we cannot run specific scan tools in this sub-forum you will need to post your logs in the other malware removal forum and someone will assist you as soon as they can.  Note that it can potentially take up to 48 hours before a response please do not bump or reply again to your post or it may get bypassed.  If no one has replied within 48 hours send me PM and I'll check on it.

 

Is this a Virtual Machine or a Physical Machine?  It shows that a virtual machine process is running.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

 

 

 

==== Event Viewer Messages From Past Week ========.2/19/2014 9:07:26 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service.2/19/2014 9:06:56 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.2/19/2014 9:06:26 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.2/19/2014 9:05:56 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.2/18/2014 8:33:32 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer VIRTUALXP-55107 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{451C5E07-7896-4A48-A208-D6954FD0E2B9}. The master browser is stopping or an election is being forced.2/17/2014 11:14:43 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.2/16/2014 9:47:33 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:32 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}2/16/2014 9:47:32 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}2/16/2014 9:47:31 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}2/16/2014 9:47:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}2/16/2014 9:47:23 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx64 ccSet_NIS CSC DfsC discache IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Wanarpv6 WfpLwf2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.2/16/2014 9:47:23 PM, Error: Service Control Manager [7001]  - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error:  The dependency service or group failed to start.2/16/2014 6:48:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2909921).2/16/2014 5:00:33 PM, Error: Service Control Manager [7023]  - The Superfetch service terminated with the following error:  The service has not been started..==== End Of File ===========================
Link to post
Share on other sites

  • Root Admin

Unless you're a magician those are the Events from the current OS and not from XP.

Sorry nothing else we can really do for you in this sub-forum. The logs indicate an issue that will require the use of scanning tools used to detect or remove infections.

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.