READ ME logs

[coldeve]

So after getting a second case of Security Shield malware... I was getting Firefox/Google forwarding issues. I ran MBAM and combofix and combofix seemed to have fixed the problem for 2 days. Security Shield no longer pops up..... Then Windows Security Essentials stopped working. Then my wireless router stopped working. I had to connect directly without wireless for it to connect. Here are my logs.

[TimW]

Please re-run ComboFix and attach the log.

[coldeve]

I ran combofix again and now MS Security Essentials works.

[coldeve]

Cancel that. Rebooted and MS SE is not running again. It wont let my router connect to the internet either. I had to go direct in from the modem. I tried resetting router to factory, and firmware upgrade. no go.

[TimW]

Sorry for the delay, I lost internet service on Sat. and just got it back.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

ClearJavaCache::
KILLALL::

File::
c:\users\owner\AppData\Local\Temp\0053DB5.tmp

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Note: If after running Combofix you discover none of your programs will open up, and you recieve the following error: "Illegal operation attempted on a registry key that has been marked for deletion". Then the answer is to REBOOT the machine, and all will be corrected.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

[coldeve]

same situation after reboot

[TimW]

I am not seeing any issues in your logs. Tell me what problems you are still having, if any.

[coldeve]

Ms security essentials wont start ever. Even with manual attempts. My wireless router stopped connecting to internet. I uninstalled and re upped firmware and reinstalled and no go. Direct connection modem to pc connects fine. Web forwarding very occasionally

[TimW]

Sounds like issues you need to address in either the software or networking forums.