Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

worm/im.sohanat.b (worm)and tr/crypt.xpack.gen (trojan)


  • This topic is locked This topic is locked
2 replies to this topic

#1 kymberly

kymberly

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 02 July 2010 - 06:38 PM

I have restored and restored can someone please help! I cant update my Avira!

Avira AntiVir Personal - Free Antivirus Updater
Complete product update

Creation time: Fri Jul 02 16:39:53 2010


Operating system:
Windows Vista () [6.0.6000] 32 bit

Product information:
Product version: 10.0.0.567
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.29
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0

Temp Directory: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\ProgramData\Avira\AntiVir Desktop\

Proxy settings:
System settings used

16:39:57 [UPD] [INFO] Checking whether newer files are available.
16:39:57 [UPD] [INFO] Select update server 'http://62.146.66.188/update'.
16:39:57 [UPD] [INFO] Downloading of 'http://62.146.66.188/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:57 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.188/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:57 [UPD] [INFO] Select update server 'http://62.146.66.189/update'.
16:39:57 [UPD] [INFO] Downloading of 'http://62.146.66.189/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:57 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.189/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:57 [UPD] [INFO] Select update server 'http://62.146.66.178/update'.
16:39:57 [UPD] [INFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:57 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.178/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:57 [UPD] [INFO] Select update server 'http://62.146.66.179/update'.
16:39:57 [UPD] [INFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:57 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.179/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:57 [UPD] [INFO] Select update server 'http://62.146.66.180/update'.
16:39:57 [UPD] [INFO] Downloading of 'http://62.146.66.180/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:57 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.180/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://62.146.66.181/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:58 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.181/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://62.146.66.182/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:58 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.182/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://62.146.66.183/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:58 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.183/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://62.146.66.184/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:58 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.184/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://62.146.66.185/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://62.146.66.185/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:58 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.185/update/idx/master.idx' failed. Error: A connection with the server could not be established
16:39:58 [UPD] [INFO] Select update server 'http://perspeak.avira-update.com/update'.
16:39:58 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:59 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
16:39:59 [UPDLIB] [ERROR] Retry...
16:39:59 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:59 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
16:39:59 [UPDLIB] [ERROR] Retry...
16:39:59 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
16:39:59 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
16:39:59 [UPDLIB] [ERROR] No additional servers found, the update will be canceled.
16:39:59 [UPD] [ERROR] Generation of update structure failed. UpdateLib delivers error 537.


Summary:
********
0 Files downloaded
0 Files installed

Fri Jul 02 16:39:59 2010
The update failed!

Edited by kymberly, 02 July 2010 - 06:41 PM.


BC AdBot (Login to Remove)

 


#2 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 02 July 2010 - 06:53 PM

DDS (Ver_10-03-17.01) - NTFSx86
Run by Grow Up at 16:50:09.74 on Fri 07/02/2010
Internet Explorer: 7.0.6000.16982
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.942 [GMT -7:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! Internet Security *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: avast! Internet Security *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
svchost.exe
svchost.exe
svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Users\Grow Up\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.att.net/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Presario&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Presario&pf=desktop
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

============= SERVICES / DRIVERS ===============

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2010-6-25 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2010-6-25 196048]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2010-6-25 102736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-25 162768]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-26 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-26 267432]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-25 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-25 51792]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-25 40384]
R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2010-6-25 119200]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-26 60936]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-25 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-25 40384]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-6-25 297552]
S3 netr73;Amigo RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [2010-6-24 255488]

=============== Created Last 30 ================


==================== Find3M ====================


============= FINISH: 16:51:38.51 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/24/2010 5:47:35 PM
System Uptime: 7/2/2010 4:28:25 PM (0 hours ago)

Motherboard: ECS | | Nettle2
Processor: AMD Athlon™ 64 X2 Dual Core Processor 4000+ | Socket M2 | 2000/201mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 289 GiB total, 243.728 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 0.997 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 8
avast! Internet Security
Avira AntiVir Personal - Free Antivirus
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
Hardware Diagnostic Tools
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP Picasso Media Center Add-In
HP Total Care Advisor
LightScribe 1.4.142.1
Malwarebytes' Anti-Malware
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.0
My HP Games
Norton Internet Security (Symantec Corporation)
NVIDIA Drivers
Python 2.4.3
RealPlayer
Realtek High Definition Audio Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Soft Data Fax Modem with SmartCP
ThreatExpert Memory Scanner 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)

==== Event Viewer Messages From Past Week ========

6/26/2010 3:08:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
6/26/2010 3:08:23 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/26/2010 2:15:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800736cc: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86.
6/26/2010 2:15:05 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB958483 (Update) into Staging(Staging) state
6/26/2010 1:51:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938194_3 (Update) into Staging(Staging) state
6/26/2010 1:51:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938194_2 (Update) into Staging(Staging) state
6/26/2010 1:51:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938194_1 (Update) into Staging(Staging) state
6/26/2010 1:51:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938194 (Update) into Staging(Staging) state

==== End Of File ===========================


I have tried gmer and not able to run!

Edited by kymberly, 02 July 2010 - 07:24 PM.


#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:01:04 AM

Posted 02 July 2010 - 09:47 PM

QUOTE(kymberly @ Jul 2 2010, 04:38 PM) View Post
I have restored and restored can someone please help! I cant update my Avira!

I have already explained to you Bleeping Computer's stance on this. You say you "have restored and restored" when the directions I gave you stated to reformat and reinstall your operating system. We can see by the logs that you post again that this did not occur. Bleeping Computer will be unable to assist you if you continue to ask for help without following the procedures we ask of you. Choosing to disregard our suggestions is perfectly within your rights to do so. But we also have the right to say we cannot help you unless you follow our suggestions.

Again for your review:
QUOTE(Animal @ Jul 1 2010, 08:22 PM) View Post
kymberly,

I am sorry, but multiple malware removal team members have tried everything they can. In some cases there is just no way to resolve the issues a computer may be having and we suggest that you reformat your computer. If there is malware installed, and I as well as others are unsure if there is at this point, then reformatting and reinstalling will make this malware inactive and you can then use your computer in peace knowing that there is nothing actively running on your computer that can pose as a security risk.

I am sorry that we at Bleeping Computer are not able to help you further, but my suggestion at this time is to reformat and reinstall your computer's operating system. If you have any questions about reinstalling Windows, please feel free to ask in our Windows forums.

Thank you and I am now closing this topic.


This topic is closed as well. Unless we see evidence in the future logs you may post, that you have reformatted, further requests for assistance will be ignored.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users