malaware problem

Hallo
I used avast until yesterday, when i realized that it dosen't work any more. The symbols in system tray appeared, but i coudn't enter avast any more. I did am online scanner with kaspersky, and found out that i have some viruses. Can anyone help me get rid of them?
I attatched the kaspersky log, and the others i red in forum.
Do i still have the virus?And how can i protect against it?
Thank you for help

 

here are the other 2 logs

 

Please go to the Safer Networking forums and advise them that you are being helped elsewhere so nobody puts time into your logs unnecessarily. pc infected, need some help

Please download SystemLook from one of the links below and save it to your desktop.

Download Mirror #1
Download Mirror #2

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

• Double-click SystemLook.exe to run it.
• Copy the contents of the following codebox into the main textfield.

Code:

:filefind 
wuauclt.exe
wscntfy.exe
ctfmon.exe
regsvc.dll
schedsvc.dll

• Click the Look button to start the scan.
• Note: The scan may take some time so please just let it do its work and be patient (or do something else unrelated to the computer).
• When finished, a notepad window will open with the results of the scan. Please post the log. The log can also be found on your desktop entitled SystemLook.txt

 

from the last time i did the post, i reinstalled windows, and deleted some files.
This is the report, from a few minutes ago.
(how do i know if the malaware is ther or not?..)

 

You didn't do something right because those files should be found on a new install and all of the files I do see are not from a fresh install of Windows.

I suggest you go to the Software forum and ask for help with reinstalling properly.

 

i installed
Env = 0.99.8 beta 3.573.Microsoft Windows NT 5.1.2600.0
Target = Windows XP Professional SP2 - build 2180 - English (United States)
the boot CD has 172MB
should i wait untill i get reply there?

 

Where is this download coming from?

 

that's what it says in Last Session file from the windows CD. i thought it will help u to understand what i was installing

 

Yes, ask in the Software forum please.

 

After you get finished in the Software forum have a look here. How to Protect yourself from malware!

 

the first time, i did that karsperski scan, and i deleted the files from quarantine. Afther that, i did that from How to Protect yourself from malware! and got the reults attached.
if the procedures from there detect nothing, does it mean that i'm safe?)

 

Everything detected by the Kaspersky was already in ComboFix's Quarantine so was not actually a threat.

Your biggest problem from what I see is this.

Those files are critical for Windows and need to be replaced.

Did you format the disk before doing the new install?

 

before doing the new install i might have deleted some files, including those.(no format was done)
But after i installed this windows, i did not delete anything. I didn't even installed the drivers, only waited for relpyes.

 

Go to Microsoft Windows Update and tell me if yoou can check for updates.

 

Under system, i don't got the Automatic Updates tab. I got the hardware tab, drivers, and the Windows Update button. That oppens Connect to windows update window, and i checked the :"If my device needs a driver, go to Windows update without asking me" radio button. I did restart, but nothing happened

 

i am a student , should i get a licensed windows xp from microsoft? i think that it would save me some trouble. would that help?

 

If it isn't licensed we can't help much. Get a legitimate key and your issues will likely disappear.

 

I installed Windows XP Professional with SP3.
Here is the report from SystemLook

 

Run a new ComboFix and MGtools scan and post the logs.

combofix.exe

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Now run a new scan with MGtools and attach the log. Using MGtools

 

here are the logs
thank you for helping me

 

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX Checked until you exit all browser sessions including the one you are reading in right now:

- O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

After clicking Fix checked, exit HijackThis.


You need to get an antivirus installed. Only install ONE!

1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal



Now run this online scanner and post the log.

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

 

i got avira now. I coudn't attack any log because nothing suspicious was found after the eset scan.

 

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

thank you very much for your help and patience.
I wanted to ask avout the avira antivirus i installed, since i don't see it in the list of anti virus programs in the How to Protect yourself from malware! link. Should i uninstall avira and install one from those?

 

Avira is listed. It's full name is Avira AntiVir.

• AntiVir Personal Edition - for Win 2K/XP/ Vista 32bit and 64 bit

Your welcome.

Safe surfing...

 

hallo
I did the last steps, but avira and comodo can't do update anymore.
Before installing comodo and the other programs from the lasts steps, avira had no problems; i do not know why this is happening. I unsinstalled all of those programms but, avira's update still dosen't work.

 

Have you tried re-installing Avira?

 

yes, i did, but since i followed those steps from protect from malaware; i get the same problem(i simply wait for the update and nothing happens). I got the same update problem with Comodo, here is the message i get

 

What happens when you follow the new version link? Is it to the full security suite? (paid version)

 

when i go to the link, i get the lower window.
If that's the paid versoin, how do i update comodo as a free user?

 

I'm not a Comodo user. You might try posting in the Software forum. Someone there will likely have seen this before.

 

I got this problem with avira after i followed the How to Protect yourself from malware! procedure. I also did that Disabling AutoRuns procedure. Thought the problem could lie somehwere around here. Thank you very much for your help

 

Your welcome.

The Software forum should get you straightened out. Once we get the malware removed we send users there for any remaining issues.