Hi Essexboy ~
If you go through my posts over the last six weeks or so, you will see that I have had an unresolved problem with the Avast Firewall suddenly not being active any longer, and multiple failed attmepts to reinstall the program. (You can see my last post at http://forum.avast.com/index.php?topic=82163.msg671268#msg671268) Since all attempts to re-load have failed, I am convinced there must be some kind of rogue virus or some other such issue.
I followed your directions to install MBAM and OTS, and am attaching the MBAM and OTS logfiles to this post. Can you please help me fsgure out what I have to do next? Every time I get on the internet, I fear I am opening my computer up to hackers…
If you are using a Router you will have a built in firewall, you can check to see if you are protected from the link below. A router firewall should not interfer with a software firewall.
You can protect yourself with windows firewall untill you get this sorted.
I would download & run Eusing free registry cleaner, Also I would check to see if any other old antivirus or firewall programs that have been deleted in the past is interfering with Avast.
I wonder if this is causing problems with the avast firewall k9filter.exe → C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe and i also see a couple of remnants of symantec in your logs so it might pay to run the norton removal tool if you haven’t already, number 25a in the list http://thewebatom.net/uninstallers/security-software/
The error code indicates a permissions error with DCom - so I will have a little rummage around. For background info: Did this happen the first time you installed AIS or did it occur after it had been installed a while.
It happened after I had it installed for over 6 months and there had been no apparent issues. I’m surprised Norton was still showing up, as I had removed that years ago! I will try the tool from that link you sent.
Here is an additional piece of information I realized a few days ago: This problem showed up not long after I had a problem while on facebook. It was one of those Nigerian scams, where the guy posed as one of my friends and sai dhe was stuck in London, asked for money, etc.
I had just seen a Television program on this type of scam a few days earlier, so I was not falling for it. But, I forgot one of the key pieces of information they sai don the program: Do not interact with these people at all, because once you do, they load some kind of software that can get through firewalls and then logs every keystroke from that point forward. I replied to the guy, telling him he was never gonna get anything from me, and he left me alone. I only remembered the thing about the keylogging stuff afterwards! I contacted FB, and they temporarily shut down my account while they investigated the situation. I asked them if it was true that they might have loaded something onto my computer, but the FB people said they knew nothing about this.
I never connected this to the firewall problem, because it didn’t happen right away. But it was probably about 2 months after that, when suddenly I started getting those error messages about the firewall being disabled.
So, if I understand you correctly, you think what might be causing this is the fact that there is still some Norton left over on the hard drive? Do you think there could be something running in the background that this Nigerian scammer loaded, or is that even really possible? The show I saw about this scam was a reputable news program, with that guy who is always catching predators and such. Seemed legit to me.
“The error code indicates a permissions error with DCom - so I will have a little rummage around.”
Can you give me a little more information on what this means, exactly? Where are you going rummage around? Lol. Sorry. I’m not a techie even a little bit. Don’t know what DCom even refers to.
Also, I clicked on the link for the Norton remover tool, but the problem is, I don’t have any idea which version of Norton I had on this computer. Is there a way for me to tell???
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please include the C:\ComboFix.txt in your next reply for further review.