hello jwang01;
it turns out i only have one AV program on my puter so i'm not feeling so dumb; and that is a-squared free. i didn't have clam AV installed in this install. that must've been the last reformat, ha! i tried clamAV when avast went belly up for the third or 4th time. the last reformat i decided to try a new av and picked a-squared free. i also have a-squared anti-malware 30 day trial license and a few of their other freebies like anti-dialer.
--------
in re to your questions:
not sure which thread to answer the flash drive question on, since it involves both threads! but yes, i ran flash drive disinfector with my flash drive plugged in to my friend's computer that i am using, but i believe i ran it from the flash drive itself. it was not installed yet on his desktop. i now have it on both my friend's desktop now, and on my desktop at home. have not run it there yet. here, it said it could not quarantine the w32.worm infection that clam AV kept finding and quarantining. the clamAV worms that it kept finding and quarantining were all dropped by either firefox or AVG; that is when i suspected major compatibility issues with those two AVs and wrote you (yesterday). hoping TFC cleared them out. i left my flash drive at home for now.
i have reformatted my hard drive from the disks four times; three in one weekend! when i tried to use the disks for that e-machine for the second and third reformat, it kept saying the install was corrupt (!), it would not do a clean install. so i decided to try the disks from my old emachine. those reinstalled fine, but still same problem with shutting things down on the internet; so it may be a compatibility issue, even though those were also from my e-machine, which is newer than this one i am using.
each time, the white-screen internet problems came back within a day or two each time i reformatted; sometimes sooner. the only reason i got on the i-net at all is that i kept poking around and in my services and reclaiming ownership of services folders and permissions as administrator. my admin. priviliges and permissions got stripped every time. i have used passwords on my admin. accounts too, ever since the first reformat. somehow these malware get by those too. now it has gone farther, into windows and my disk files. there are less work arounds every time i reformat.
at the last reformat, the internet shut down within a day and malwarebytes was destroyed, as well as a lot of files this time. it shuts down the i-net so i can't update my anti malware programs, then goes after the program files. sometimes and in some cases, the files are still 'there', just not available for me, if that makes sense. it's like they are in another partition or memory or something. this is why i still feel i'm remotely hacked somehow. or just a mess of trojans that can do this sort of stuff because of my own idiocy and over-curiosity.
---------
RE: LOGS and findings:
i have no kaspersky logs to share with you because i am on same friend's computer, because my internet from home does not work. i ran kaspersky and it showed no important events or crucial events; there were about 25 password protected files, all the important ones (and i would wager not with my passwords!) and the same amount of locked files; big files that i need to have the computer run properly.
diskcheck would not run for long, kept stalling and going to totally black screen with a white blinking dash up in left hand corner. i have ran diskcheck before, it's usually a blue screen with things whizzing by that you can read. something shut it down 3 times so i gave up trying.
------
i'm very impressed with it and thinking of going for the paid license when my trial is up. on whatever computer i may have. tried from their interface to turn some services back on, but no luck. this morning, i set up something in a-squared anti-malware called hijack free. in the settings, you could set up the guard to be on at boot time, thus catching things as they load and reporting what is found. in there, you can look at all kinds of processes, autostart stuff, autoruns, registry stuff, services, hosts, active x, etc. and read what they say about it and where it came from or what put it there. the suspect files are in yellow and the really bad active-x ones in red. i got rid of all the active x in red with that program: most were aol (which i had deleted off my programs in the beginning of every reformat) and norton (also deleted, which i guess the cleanup did not get?)
but... many of my important services are controlled by something called Win32.Jeefo.a.
that doesn't sound good!
the event log and portable media were infected by Email-Worm.Win32.Sober.z.
the worm list goes on and on from there; either worms that dropped the files in, (BHARAT.A worm, RAIDYs, SPYHOAX-A, JUEGO-B, BRONTOK-BS, SMALL-EW, SILLYFDC-AP worm, SCLOG-AL, etc!!!)or were in some way involved.
after deleting some services that were dropped by these (ctfmon.exe, which it said was a parasite variant in the 'current user' files), i ran another a-squared anti malware scan and caught trojan Win32.Bagle which is in quarantine.
Before that, q-squared anti-malware wasn't picking up anything, except that every time i updated it, it says the junk in quarantine might false positives (trojan.vilsel files, mostly) and would i like to restore those? but i am keeping them quarantined; i already fell for that once and restored them the program just picked them up again in the scan. ugh!!! and i'm not sure how the program is updating; if i can't get internet, how can it update? maybe i am helping my computer self destruct and maybe malware is directing that program too by now. who knows? but i think not.
so.....
is it time to reformat or get a new hand-me-down 'puter? (i am at the bottom of the income barrel. i usually get hand me downs from someone. this could have been the problem all along with this one).
if i do reformat, even totally again, can i ever truly trust my hard drive again? and worse, could the infections be lurking somehow in the bios or bowels of the box, in usb drives or the cd drive or something?
ok well that is the entire report; i'm sorry it's novel length. trying to be thorough.
now i am going onto the other thread to run those scans you asked for. i think i will update mbam on friend's machine, run that and AVG and maybe even do a spybot boot scan (that is his only 'real time' protection). then on to the scans you asked for and hopefully at least save HIS computer. i figure mine is probably toast.
if you think there is any hope for my computer, i could reformat again and then just do nothing on there except to let windows download all the service packs, updates, and security patches while using my trial license of a squared to stop the perps. that would take awhile and then i could get back to you or start a new thread if you still wanna help me. i only made it up to service pack two with the last reformat. and java is ancient, etc. etc. what do you think? it's your time and i will do whatever you think now. nothing to lose anymore and don't wanna waste your time beating a dead horse. would rather save friend's computer and redeem myself in his eyes. so if you wanna close this thread we can do that too. whatever you say.
sorry for the small novella!
do you like windows 7? maybe i should upgrade to a more modern OS!