Tech Support banner

Status
Not open for further replies.
1 - 6 of 6 Posts

·
Registered
Joined
·
127 Posts
Discussion Starter #1
Bit of a strange problem this..

When ever i try and open a program including paint, IE, firefox, AVG, malware bytes, even my music folder the "which user account do you want to use this program with RUN AS" window appears. If i then say click "current user" then press ok an error message appears.


this service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


I cannot "save" screen shots as i get the "access denied" message and a

"the my documents folder could not be found. Right click the documents icon , click properties, and then check that the path to your target folder location is correct.



i also get this error message


c\:WINDOWS\system32\rundll32.exe

The service cannot be started, either because it is disabled or becasue it has no enabled devices associated with it
------------------
I am UNABLE to run GMER though due to the ststem32dll error message as above.

I have managed to do a full virus scan using avg 2011, registry cleaner and spybot search and destroy.
 

·
Registered
Joined
·
127 Posts
Discussion Starter #2
heres my log and files :)

GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-04-25 15:06:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e Hitachi_HDP725050GLA360 rev.GM4OA52A
Running: gmer.exe; Driver: C:\DOCUME~1\Tiz\LOCALS~1\Temp\awkdrkog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xEC86D6C0]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xEC86D770]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xEC86D810]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xEC86D8B0]

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF7063F80]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2672] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2912] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10402024 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{909FCFE5-19B5-D007-74EB-19EE542DABFF}\[email protected] ?K^_zBU\OzfmiiAFZAAhiuugRfp
Reg HKLM\SOFTWARE\Classes\CLSID\{909FCFE5-19B5-D007-74EB-19EE542DABFF}\[email protected] KmF|wjxqIO}DL

---- EOF - GMER 1.0.15 ----
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Follow the instructions on this page for running the XP_RunAsShortcutFix.exe:

Run As Shortcut Fix

------------------------------------------------------

I need to see the 2 dds logs:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

------------------------------------------------------
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Still with us, tizza2k? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.

------------------------------------------------------
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

------------------------------------------------------
 
1 - 6 of 6 Posts
Status
Not open for further replies.
Top