Jump to content

Recommended Posts

My name is malware_hater. I am new to the forums here. I have went without an anti-virus unfortunately because I couldn't decide which one to use for at least a week. Now, I have Avira.

I ran rkill and MBAM just to make sure my computer was clean and rkill came back with 3 error messages "Installation failed". I decided to not install MBAM and came here to seek some assistance. Thank you for all the help!

Here is the DDS log:

.

DDS (Ver_2011-08-26.01) - FAT32x86

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 10.5.1

Run by Ken at 11:18:11 on 2012-06-27

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1502 [GMT -7:00]

.

AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

D:\Superantispyware\SASCORE.EXE

C:\Acer\Empowering Technology\admServ.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://www.yahoo.com/?.home=ytie

uInternet Connection Wizard,ShellNext = iexplore

uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [X-keys Programming] c:\program files\piengineering\x-keys\XKWdkApp.exe

mRun: [LXCRCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCRtime.dll,RunDLLEntry

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "d:\quicktime\QTTask.exe" -atboottime

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: eset.com\go

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {00134F72-5284-44F7-95A8-52A619F70751} - hxxps://tmos.dpns.ais.ucla.edu/officescan/console/html/ClientInstall/WinNTChk.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{B71C78A1-D096-4D44-B5D2-754D11E381EE} : DhcpNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: !SASWinLogon - d:\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - d:\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\ken\application data\mozilla\firefox\profiles\xokre92i.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: d:\quicktime\plugins\npqtplugin.dll

FF - plugin: d:\quicktime\plugins\npqtplugin2.dll

FF - plugin: d:\quicktime\plugins\npqtplugin3.dll

FF - plugin: d:\quicktime\plugins\npqtplugin4.dll

FF - plugin: d:\quicktime\plugins\npqtplugin5.dll

FF - plugin: d:\quicktime\plugins\npqtplugin6.dll

FF - plugin: d:\quicktime\plugins\npqtplugin7.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-6-27 36000]

R1 SASDIFSV;SASDIFSV;d:\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;d:\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;d:\superantispyware\SASCore.exe [2011-8-11 116608]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-6-27 86224]

R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-6-27 110032]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-6-27 83392]

R2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-6-22 116648]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-11 257696]

S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\safedrv.sys --> d:\garena\safedrv.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-6-22 116648]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-27 113120]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 POWERKEY;POWERKEY;c:\program files\launch manager\POWERKEY.SYS [2006-7-29 2343]

.

=============== Created Last 30 ================

.

2012-06-27 18:04:07 -------- d-----w- c:\documents and settings\ken\application data\Avira

2012-06-27 17:58:17 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-06-27 17:58:17 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-06-27 17:58:16 -------- d-----w- c:\program files\Avira

2012-06-27 16:51:00 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-06-26 18:51:57 -------- d-----w- c:\program files\ESET

2012-06-26 17:42:12 -------- d-----w- c:\documents and settings\ken\application data\SUPERAntiSpyware.com

2012-06-26 17:39:51 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2012-06-26 17:39:18 -------- d-----w- c:\documents and settings\all users\application data\SUPERSetup

2012-06-25 18:51:08 -------- d-----w- c:\documents and settings\ken\local settings\application data\visi_coupon

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2012-06-21 16:11:10 -------- d-----w- c:\documents and settings\ken\local settings\application data\Apple

2012-06-20 22:27:29 -------- d-----w- c:\documents and settings\all users\application data\boost_interprocess

2012-06-18 19:01:30 -------- d-----w- c:\windows\Microsoft Antimalware

2012-06-18 17:52:52 62976 ------w- c:\windows\system32\dllcache\cdrom.sys

2012-06-18 17:52:52 465920 ------w- c:\windows\system32\imapi2fs.dll

2012-06-18 17:52:52 465920 ------w- c:\windows\system32\dllcache\imapi2fs.dll

2012-06-18 17:52:52 317952 ------w- c:\windows\system32\imapi2.dll

2012-06-18 17:52:52 317952 ------w- c:\windows\system32\dllcache\imapi2.dll

2012-06-17 04:20:11 -------- d-----w- c:\program files\VideoLAN

2012-06-15 17:52:39 -------- d-sh--w- c:\documents and settings\ken\UserData

2012-06-14 23:23:23 -------- d-----w- c:\program files\Panda Security

2012-06-14 23:09:04 -------- d-s---w- C:\Combo-Fix32091C

2012-06-14 23:02:46 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-06-14 23:02:21 -------- d-----w- c:\program files\Oracle

2012-06-12 16:09:13 -------- d-----w- c:\program files\HitmanPro

2012-06-12 16:09:00 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro

2012-06-11 17:11:50 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-11 17:10:53 -------- d-----w- c:\documents and settings\ken\local settings\application data\Sun

2012-06-11 16:57:30 -------- d-sh--w- C:\Recycled

2012-06-08 18:37:49 -------- d-----w- c:\documents and settings\ken\application data\QuickScan

2012-06-08 18:27:53 -------- d-----w- c:\program files\trend micro

2012-06-07 21:58:25 -------- d-----w- c:\documents and settings\all users\application data\Sophos

.

==================== Find3M ====================

.

2012-06-21 19:44:08 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 22:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 22:18:58 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 22:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22:10 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll

2012-05-15 13:20:34 1863168 ----a-w- c:\windows\system32\win32k.sys

2012-05-05 02:29:50 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-05-05 02:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:20 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-29 17:54:18 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-04-23 14:46:48 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-04-23 14:46:48 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2012-04-23 14:46:48 17408 ----a-w- c:\windows\system32\corpol.dll

2012-04-19 03:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-04-19 03:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

============= FINISH: 11:18:39.20 ===============

And here is the attach.txt log:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 7/29/2006 6:07:42 PM

System Uptime: 6/27/2012 9:16:00 AM (2 hours ago)

.

Motherboard: Acer | | Garda-910

Processor: Intel® Celeron® M processor 1.50GHz | U1 | 1496/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (FAT32) - 17 GiB total, 4.485 GiB free.

D: is FIXED (FAT32) - 17 GiB total, 12.505 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Acer Arcade

Acer eDataSecurity Management

Acer eDataSecurity Management 1.00.21

Acer eLock Management

Acer Empowering Technology framework

Acer GridVista

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

Apple Application Support

Apple Software Update

Avira Free Antivirus

Berlitz Before You Know It Flash Cards

CCleaner

Critical Update for Windows Media Player 11 (KB959772)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

ERUNT 1.1j

ESET Online Scanner v3

Google Update Helper

GS Typing Tutor 2.51

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB932716-v2)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel® Graphics Media Accelerator Driver for Mobile

Java Auto Updater

Java DB 10.5.3.0

Java 7 Update 5

Java SE Development Kit 6 Update 20

JavaFX 2.1.1

Launch Manager V1.0.9.3

Lexmark 2400 Series

Lexmark Fax Solutions

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 14

Microsoft User-Mode Driver Framework Feature Pack 1.7

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WinUsb 1.0

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NTI Backup NOW! 4

NTI CD & DVD-Maker

OneTouch USB Driver

PL-2303 USB-to-Serial

QuickTime

Realtek AC'97 Audio

Revo Uninstaller 1.94

SBC Yahoo! Applications

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB2675157)

Security Update for Windows Internet Explorer 7 (KB2699988)

Security Update for Windows Internet Explorer 7 (KB928090)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB917734)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Soft Data Fax Modem with SmartCP

SoftV90 Data Fax Modem with SmartCP

SpanishNow! - Advanced Beginner

SpanishNow! - Beginner

SpanishNow! ToolKit CD - Alphabet Reference

SpanishNow! ToolKit CD - Grammar Basics

Speccy

SpongeBob SquarePants Typing

STK017_V2.01

SUPERAntiSpyware

swMSM

Symantec KB-DocID:2003093015493306

Synaptics Pointing Device Driver

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

X-keys

Yahoo! Detect

.

==== Event Viewer Messages From Past Week ========

.

6/26/2012 4:43:36 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

6/26/2012 10:49:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL

6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

6/26/2012 10:49:28 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

6/26/2012 10:49:13 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/26/2012 10:49:12 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

6/20/2012 1:17:22 PM, error: Print [19] - Sharing printer failed + 1722, Printer LexmarkFax share name LexmarkFax.

6/20/2012 1:17:20 PM, error: Service Control Manager [7000] - The osaio service failed to start due to the following error: The process cannot access the file because it is being used by another process.

6/20/2012 1:15:57 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).

6/20/2012 1:15:57 PM, error: Service Control Manager [7034] - The AdminWorks Agent X6 service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Why-o-why would you think of running RKILL?? It is not meant as a general or front-line tool. It is intended to be used only under guidance and only if called for.

What is most important, is: Have you run MBAM and did it find a "problem"? If yes, copy & paste that log.

Have you fully updated your Avira? and have you run a scan with it? Did it find a problem? If yes, copy and paste that log.

If none detect an infection, I tend to think you are being somewhat paranoid. We recently completed a help topic and system was good to go.

Note also, in my closure of your last topic I listed several sites where you can do online scans. http://forums.malwarebytes.org/index.php?showtopic=110796

Link to post
Share on other sites

Sorry Maurice. I thought rkill would be helpful by killing any rootkits that would otherwise be undetectable. I had read this article here: http://www.ghacks.net/2011/07/29/use-rkill-to-stop-malware-processes/

And here is another article:

http://www.smartcomputing.com/editorial/article.asp?guid=&bJumpto=true&Isfrm=IN&article=articles/webonly/techsupport/570w10/570w10.asp&ArticleID=63639

I do indeed think I am paranoid, but I have been told that no malware scanner is 100% effective. Maybe I should learn to clean my own machine for a change?

Panda ActiveScan frooze up IE and F-Secure keeps failing to download the neccessary files to download.

Link to post
Share on other sites

Rkill is -not- a rootkit-removal tool! You should not use it willy-nilly on your own, anyhow.

Yes, you do need to keep your system clean on your own.

I asked you (advised you) to do a complete scan with your Avira and see what the result is. do that first !

as to the online scans, a) you need to turn off your antvirus first (before the scan) & then you can run the online. After all done, turn back on your antivirus program.

Note that having an active antivirus on & then starting an online scan, likely result in "deadlocks".

Do your Avira scan first !!!!! Avira is an excellent antivirus.

Link to post
Share on other sites

Sorry if I did anything wrong, but I uninstalled Avira and installed Avast. Avira was a great solution for me, but the constant popups about asking for you to purchase the premium version annoyed me. Avast full scan found nothing. Currently about to run a full scan with MBAM, then SAS, Housecall, and Sophos Virus Removal Tool.

Link to post
Share on other sites

allright, substitute word Avast for Avira. I am only suggesting you do that scan. and install MBAM and do a scan with it.

If nothing found, we can warp up this episode.

I would suggest to you that MBAM is enough. and you don't need to grab up 3 additional things.

Link to post
Share on other sites

Follow the principles you have learned here. And do a bit more reading on malware prevention and safety practices.

http://www.malwareva...prevention.html

and http://miekiemoes.bl...nt-malware.html

If I may also remark, given your outlook, I'd suggest you no longer lend out your system.

Stay safer. Cheers.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.