READ ME logs

coldeve · Jul 20, 2012

So after getting a second case of Security Shield malware... I was getting Firefox/Google forwarding issues. I ran MBAM and combofix and combofix seemed to have fixed the problem for 2 days. Security Shield no longer pops up..... Then Windows Security Essentials stopped working. Then my wireless router stopped working. I had to connect directly without wireless for it to connect. Here are my logs.

TimW · Jul 20, 2012

Please re-run ComboFix and attach the log.

coldeve · Jul 22, 2012

I ran combofix again and now MS Security Essentials works.

coldeve · Jul 22, 2012

Cancel that. Rebooted and MS SE is not running again. It wont let my router connect to the internet either. I had to go direct in from the modem. I tried resetting router to factory, and firmware upgrade. no go.

TimW · Jul 23, 2012

Sorry for the delay, I lost internet service on Sat. and just got it back.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
Code:
ClearJavaCache::
KILLALL::

File::
c:\users\owner\AppData\Local\Temp\0053DB5.tmp

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Note: If after running Combofix you discover none of your programs will open up, and you recieve the following error: "Illegal operation attempted on a registry key that has been marked for deletion". Then the answer is to REBOOT the machine, and all will be corrected.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

C:\MGlogs.zip

Make sure you tell me how things are working now!

coldeve · Jul 23, 2012

same situation after reboot

TimW · Jul 24, 2012

I am not seeing any issues in your logs. Tell me what problems you are still having, if any.

coldeve · Jul 24, 2012

Ms security essentials wont start ever. Even with manual attempts. My wireless router stopped connecting to internet. I uninstalled and re upped firmware and reinstalled and no go. Direct connection modem to pc connects fine. Web forwarding very occasionally

TimW · Jul 24, 2012

Sounds like issues you need to address in either the software or networking forums.

Log in or Sign up

READ ME logs

coldeve Private E-2

Attached Files:

RKreport[1].txt

mbam-log-2012-07-19 (21-50-16).txt

MGlogs.zip

hitmanlog.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

coldeve Private E-2

Attached Files:

combofix.txt

coldeve Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

coldeve Private E-2

Attached Files:

MGlogs.zip

ComboFix.txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

coldeve Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member