|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
11-13-2009, 06:11 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 20
OS: Windows7 Ultimate
|
Hi... I am using Kaspersky Internet Security 2010 (v9.0.0.736) Just today when I tried to update my Windows 7 OS via Windows Update, it kept failing to update and gave me error: C0000022.
Also, in my system properties window, under Windows Activation tab, it shows the "Status Not Available" and "Product ID: Not Available" (which is why i think the update isnt happening. There is a keylogger activity detected in KIS, labelled under "status: suspicious" and has its detailed description in chinese fonts (hence cant even define it properly :( I suspect the update and activation failure are because of this "riskware" Could someone please help even identify what this is? Thanks An addition to above problem: Unable to perform a system restore either. And I have attached the report (.txt) files of Kaspersky Internet Security for reference... I apologise as I hadnt been through the "first steps" before posting my concerns. Dont know if this post will be look into by someone. Below is the diagnostic report by DDS.SCR : DDS (Ver_09-10-26.01) - NTFSx86 Run by Aijaz at 22:28:43.07 on 13-11-2009 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.91.1033.18.1014.242 [GMT 5.5:30] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe C:\Windows\system32\Dwm.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Windows\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Windows\system32\igfxsrvc.exe C:\FGuard\Folder Guard\FGKey.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Avira\AntiVir Desktop\avmailc.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Windows\system32\taskmgr.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Windows\system32\locator.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\migwiz\migwiz.exe C:\Windows\system32\dllhost.exe C:\Windows\System32\msdtc.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\migwiz\mighost.exe C:\Windows\system32\conhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Aijaz\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = about:blank BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe" mRun: [FG_Monitor] c:\fguard\folder guard\FGKey.exe /Start mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll LSP: c:\program files\avira\antivir desktop\avsda.dll DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: igfxcui - igfxdev.dll Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll ============= SERVICES / DRIVERS =============== R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880] R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2009-10-26 97608] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 21520] R2 AntiVirFirewallService;Avira Firewall;c:\program files\avira\antivir desktop\avfwsvc.exe [2009-10-26 388865] R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2009-10-26 194817] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-10-26 108289] R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2009-10-26 434945] R2 FGUARD32;FGUARD32;c:\fguard\folder guard\FGUARD32.SYS [2009-10-30 54008] R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2009-10-26 69632] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] =============== Created Last 30 ================ 2009-11-13 11:02:05 3664 ------w- C:\bootsqm.dat 2009-11-02 13:22:11 0 d-----w- c:\users\aijaz\appdata\roaming\BitTorrent 2009-11-02 10:44:22 0 d-----w- c:\program files\BitTorrent 2009-10-30 01:45:04 0 d-----w- c:\users\aijaz\appdata\roaming\Folder Guard 2009-10-30 01:42:18 0 d-----w- C:\FGuard 2009-10-26 15:24:42 0 d-----w- c:\programdata\Yahoo! 2009-10-26 15:24:35 0 d-----w- c:\program files\Yahoo! 2009-10-26 13:23:14 0 d-----w- c:\windows\Panther 2009-10-26 01:48:16 0 d-----w- c:\programdata\Adobe 2009-10-26 01:10:14 257024 ----a-w- c:\windows\system32\msv1_0.dll 2009-10-26 01:05:27 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-10-26 01:05:27 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2009-10-26 01:05:26 71168 ----a-w- c:\windows\system32\fontsub.dll 2009-10-26 01:05:26 507568 ----a-w- c:\windows\system32\winload.exe 2009-10-26 01:05:26 442920 ----a-w- c:\windows\system32\winresume.exe 2009-10-26 01:05:26 293888 ----a-w- c:\windows\system32\atmfd.dll 2009-10-26 01:05:26 2613248 ----a-w- c:\windows\explorer.exe 2009-10-26 01:05:26 108544 ----a-w- c:\windows\system32\t2embed.dll 2009-10-26 01:05:24 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2009-10-26 01:04:17 34816 ----a-w- c:\windows\system32\msasn1.dll 2009-10-26 00:47:44 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 00:32:43 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-10-26 00:32:43 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-10-26 00:32:15 0 d-----w- c:\users\aijaz\appdata\roaming\Avira 2009-10-26 00:31:56 0 d-----w- c:\programdata\Kaspersky Lab 2009-10-26 00:31:56 0 d-----w- c:\program files\Kaspersky Lab 2009-10-26 00:29:49 0 d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-10-26 00:28:09 0 d-----w- c:\program files\VideoLAN 2009-10-26 00:25:07 398336 ----a-w- c:\windows\system32\TVWizudlg.exe 2009-10-26 00:25:07 140288 ----a-w- c:\windows\system32\igfxtvcx.dll 2009-10-26 00:25:07 0 d-----w- c:\windows\system32\Lang 2009-10-26 00:21:47 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys 2009-10-26 00:21:47 69632 ----a-w- c:\windows\system32\drivers\avfwim.sys 2009-10-26 00:21:47 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-10-26 00:21:45 0 d-----w- c:\programdata\Avira 2009-10-26 00:21:45 0 d-----w- c:\program files\Avira 2009-10-26 00:15:02 997912 ----a-w- c:\windows\system32\igxpun.exe 2009-10-26 00:15:02 0 d-----w- c:\windows\system32\x64 2009-10-26 00:13:52 0 d-sh--w- c:\windows\Installer 2009-10-26 00:10:09 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI 2009-10-26 00:09:13 0 d-----w- c:\windows\system32\wbem\Performance 2009-10-26 00:08:19 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-10-26 00:03:42 0 d-sh--w- C:\Recovery 2009-10-20 15:04:56 219664 ----a-w- c:\windows\system32\klogon.dll ==================== Find3M ==================== 2009-10-14 15:48:34 36880 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-02 14:09:36 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 22:32:08.77 =============== I am also attaching the other log files as needed to look into the problem. Please help!!! Last edited by tetonbob; 11-13-2009 at 11:53 AM. Reason: to retain 0 reply status for queue |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
