network sheild

[SafeSurf]

You should turn your MS Updates on in your Security Center, or at least to notify you so you can do the update but not leave it off completely for better security.

I know...that's why I suggested the above.  He has lots of security holes that we can help him fix.

[krypton]

i m using windows xp

if i put my fw on then it starts updating whenever i switch on my pc. it makes my pc speed slow. and my net is dial up so it cant download heavy update about more than 35 mb. what to do in this problem?

[SafeSurf]

I suggest you make sure your Avast definitions are up to date, then run a FULL Avast scan.  

If you have a 32-bit machine and you feel on the paranoid side (no offense, but if you want to be extra careful), you can a Boot-time scan.  If you have on-demand scanners like MBAM, you can update the definitions and also run a scan.

After running the scans from Avast, see if anything goes into the Virus Chest.

I would do as I posted above to see if you have malware since this is what prompted you to make your post...correct?

Then you can concern yourself with a third-party FW instead of the Windows FW, which you can download from another machine via a USB flash drive perhaps (if you know it is clean and your machine is clean) or buy a CD since you have dial-up.

[Hermite15]

what do you mean "your firewall starts updating", updating what, how

[krypton]

What is your OS (XP SP?, Vista, Win7, other)?  You said you have a 32-bit.

You should turn your MS Updates on in your Security Center, or at least to notify you so you can do the update but not leave it off completely for better security.

Check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
·   Download free http://www.malwarebytes.org/ for an on-demand scanner.
·   Double Click mbam-setup.exe to install the application.
·   After install, click update so you have latest database before scanning.
·   Under Settings:
o   General: Automatically Save File After Scan Completes is checked off
o   Scanner Settings:  Check all boxes
o   Updater: Download and install update if available is checked off
·   Once the program has loaded, select "Perform FULL Scan", then click Scan.
·   The scan may take some time to finish, so please be patient.
·   When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
·   Click the “remove selected” button to quarantine anything found.  You will find the infection details under the Quarantine tab.
·   The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
·   Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts -- Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.

Do you have any questions?


 

i posting log here as u said.

wat i do now.

[krypton]

what do you mean "your firewall starts updating", updating what, how

i mean fw updates automatcally when i start pc.

i put my fw on now. but i switch off auto updates of fw

[krypton]

help me please. wat to do after mbam scan. i posted logs above.

[SafeSurf]

MBAM indicates the following:

Windows 5.1.2600 Service Pack 2

C:\Tally\Patch.exe (Trojan.Bancos) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Click the “remove selected” button to quarantine anything found.  You will find the infection details under the Quarantine tab.

It appears from your log that nothing was put into quarantine.  Can you confirm this by looking in the MBAM quarantine tab to see if anything is there?  If not, recheck your Setting of MBAM and make sure ALL boxes are checked -- re-read my directions for Settings.

In addition, you are only running XP SP2 and should be running SP3.  SP2 support ran out. 

As you can see from the MBAM report, by disabling the MS Security Center, you have put your machine at great risk for malware, which you now have.  The fact that you are unable or do not want to enable your Security Center for MS Updates and FW has me questioning if you are using a cracked version of Windows, or if I am wrong please forgive me and explain your reasoning so that we can assist you better.  Note, if you are using a cracked version, we cannot help you.

[krypton]

no there is nothing in quarantine.

wat i do now.


i shoulg ignore or remove selected

[SafeSurf]

You need to update MBAM again > do a FULL scan with MBAM > remove to quarantine the infected items (see my directions).

You also need to get a registered version of MS Windows.  Until you do this, there is nothing more I can do to assist you.  I also suggest once you have done this, you update it to SP3 and complete all MS Updates to reduce your risk of getting more malware.  Thank you.

[krypton]

how can i enable ms updates?

[YoKenny]

how can i enable ms updates?

Genuine Microsoft software is published by Microsoft, properly licensed, and supported by Microsoft or an authorized partner – giving you full capabilities, access to all the latest updates, and confidence that you are getting the experience you expect. Validation is a quick and easy process that helps you to verify that your Microsoft software is genuine:

http://www.microsoft.com/genuine/validate/ValidateNow.aspx?displaylang=en