Cannot Run Applications - Avira Detects Malware

If you downloaded the current version of ComboFix, it does run on 64 bit systems.

What malware issues are you having? I am not seeing any malware in your logs.

 

Yes but not on Windows 2003 which this user is running.

 

You do not have Win XP. You have Win 2003.

 

Sorry. I just looked at your HijackThis log and it reported >> Platform: Windows 2003 SP2 (WinNT 5.02.3790)


Your sysinfo.txt log does report >> OS Name Microsoft(R) Windows(R) XP Professional x64 Edition

Is the ws2_32.dll file coming up in new scans as still being infected? If yes, do you have your XP Pro x64 boot disk and you may need to boot to the Recovery Console to replace it with a clean copy.

 

Could you please get this: ws2_32.dll into a zipped file and attach it for me in your next post? To do this, see the below:

Please go to start > Run and paste in the following:

log retrievable @ C:\collect.zip

Also...

Please go to Jotti's malware scan

(If more than one file needs scanned they must be done separately and logs posted for each one)

• Copy the file path in the below Code box:
  
  Code:

  c:\windows\sysWOW64\ws2_32.dll

• At the upload site, click once inside the window next to Browse.
• Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
• Next click Submit file
• Your file will possibly be entered into a queue which normally takes less than a minute to clear.
• This will perform a scan across multiple different virus scanning engines.
• Important: Wait for all of the scanning engines to complete.
• Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.

 

Do you have your XP Pro x64 boot disk? The file is infected and needs replacing.

 

Already asked and answered in messages 7 & 8.

 

No! You need your XP Pro x64 boot disk. Another possibility may be that updating to Service Pack 3 could update it.

 

We are happy to hear you have it fixed.


If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
8. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

Sounds more like an issue with the browsers themselves or add-ons. Close all Firefox, Opera, and Internet Explorer sessions. Also exit any other unnecessary applications. Then right click on your IE icon and select Start Without Add-ons

Does that work any differently?