Jump to content

Cant update ANY antivirus/malware removal programs


Recommended Posts

Hello I had some viruses/malware and used malwarebytes to get rid of them but I can`t seem to update this program or any other programs now. Here are my log files. I went through every step on other ppls posts but no help.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_27

Run by Owner at 12:50:13 on 2011-12-11

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.66 [GMT -6:00]

.

AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\System32\dmadmin.exe

C:\Program Files\NetZero\exec.exe

C:\Program Files\NetZero\exec.exe

C:\Program Files\NetZero\qsacc\x1exec.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Opera\opera.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://my.netzero.net/s/search?r=minisearch

uSearch Bar = hxxp://my.netzero.net/s/search?r=minisearch

uInternet Settings,ProxyOverride = searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;cf.netzero.net;qs.netzero.net;*.quicken.com;feed.untd.com;*.pogo.com;<local>

uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch

uURLSearchHooks: H - No File

BHO: Pop-up Blocker: {52706ef7-d7a2-49ad-a615-e903858cf284} - c:\program files\netzero\qsacc\X1IEBHO.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: NetZero Toolbar Helper: {fe3098b0-04a3-41fd-8ca9-bea39cb14c87} - c:\program files\netzero\ucreg.dll

TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\program files\netzero\Toolbar.dll

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\{1d47e~1.lnk - c:\windows\system32\rundll32.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\{e50f9~1.lnk - c:\windows\system32\rundll32.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{48FFC7FE-337A-49BB-AD6A-D66558EAEDFB} : NameServer = 64.136.52.75 64.136.44.75

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\tfy4ie8f.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z131&form=ZGAADF&install_date=20110914&q=

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

.

============= SERVICES / DRIVERS ===============

.

R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [2011-10-1 149376]

R1 {E50F9C0C-2835-4cfa-9A24-350171F56E36};{E50F9C0C-2835-4cfa-9A24-350171F56E36};c:\program files\common files\microsoft shared\triedit\{E50F9C0C-2835-4cfa-9A24-350171F56E36}.sys [2011-12-8 636744]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-9-4 11608]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-9-4 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-9-4 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-9-4 66616]

R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-9-4 25704]

R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-9-4 25704]

R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-9-4 25704]

R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-9-4 25704]

R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-9-4 25704]

S1 {1D47EE5A-9DA3-4a87-A380-1CA71EEF4A9A};{1D47EE5A-9DA3-4a87-A380-1CA71EEF4A9A};c:\program files\common files\microsoft shared\triedit\{1D47EE5A-9DA3-4a87-A380-1CA71EEF4A9A}.sys [2011-12-9 636744]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-9-30 13192]

S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-9-30 8456]

S3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2006-5-1 48768]

S3 WOEM_40b1;WinPcap Packet Driver (WOEM_40b1); [x]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-11 16:59:36 -------- d-sh--w- c:\documents and settings\owner\IECompatCache

2011-12-11 08:57:53 -------- d-sha-r- C:\cmdcons

2011-12-09 16:12:08 98816 ----a-w- c:\windows\sed.exe

2011-12-09 16:12:08 518144 ----a-w- c:\windows\SWREG.exe

2011-12-09 16:12:08 256000 ----a-w- c:\windows\PEV.exe

2011-12-09 16:12:08 208896 ----a-w- c:\windows\MBR.exe

2011-12-09 12:32:59 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll

2011-12-09 12:32:57 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-12-09 12:32:56 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-12-09 12:32:49 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys

2011-12-09 12:31:38 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-12-09 11:16:02 636744 ----a-w- c:\program files\common files\microsoft shared\triedit\{1D47EE5A-9DA3-4a87-A380-1CA71EEF4A9A}.sys

2011-12-08 20:58:59 -------- d-----w- C:\Users

2011-12-08 20:33:47 636744 ----a-w- c:\program files\common files\microsoft shared\triedit\{E50F9C0C-2835-4cfa-9A24-350171F56E36}.sys

.

==================== Find3M ====================

.

.

============= FINISH: 12:51:17.42 ===============

attach.zip

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.