[Closed] 8 steps .. will update as it go

Status
Not open for further replies.
M

misschievous

Posts: 53   +0
DL Avira Free ... installed ... run ... here is the log



Avira AntiVir Personal
Report file date: Saturday, October 16, 2010 13:09

Scanning for 2939810 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : KJOLT1

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 18:37:38
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 3/8/2010 00:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 01:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 23:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 17:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 18:01:17
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 18:01:25
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 18:01:42
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 18:01:57
VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 18:01:57
VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 18:01:58
VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 18:01:58
VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 18:01:58
VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 18:01:59
VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 18:02:00
VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 18:02:01
VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 18:02:01
VBASE017.VDF : 7.10.12.38 146944 Bytes 9/27/2010 18:02:02
VBASE018.VDF : 7.10.12.64 133120 Bytes 9/29/2010 18:02:03
VBASE019.VDF : 7.10.12.99 134144 Bytes 10/1/2010 18:02:03
VBASE020.VDF : 7.10.12.122 131584 Bytes 10/5/2010 18:02:04
VBASE021.VDF : 7.10.12.148 119296 Bytes 10/7/2010 18:02:05
VBASE022.VDF : 7.10.12.175 142848 Bytes 10/11/2010 18:02:06
VBASE023.VDF : 7.10.12.198 131584 Bytes 10/13/2010 18:02:06
VBASE024.VDF : 7.10.12.216 133120 Bytes 10/14/2010 18:02:07
VBASE025.VDF : 7.10.12.217 2048 Bytes 10/14/2010 18:02:07
VBASE026.VDF : 7.10.12.218 2048 Bytes 10/14/2010 18:02:07
VBASE027.VDF : 7.10.12.219 2048 Bytes 10/14/2010 18:02:08
VBASE028.VDF : 7.10.12.220 2048 Bytes 10/14/2010 18:02:08
VBASE029.VDF : 7.10.12.221 2048 Bytes 10/14/2010 18:02:08
VBASE030.VDF : 7.10.12.222 2048 Bytes 10/14/2010 18:02:08
VBASE031.VDF : 7.10.12.230 66048 Bytes 10/16/2010 18:02:09
Engineversion : 8.2.4.82
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/16/2010 18:02:23
AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 10/16/2010 18:02:22
AESCN.DLL : 8.1.6.1 127347 Bytes 10/16/2010 18:02:21
AESBX.DLL : 8.1.3.1 254324 Bytes 10/16/2010 18:02:23
AERDL.DLL : 8.1.9.2 635252 Bytes 10/16/2010 18:02:20
AEPACK.DLL : 8.2.3.11 471416 Bytes 10/16/2010 18:02:19
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 10/16/2010 18:02:18
AEHEUR.DLL : 8.1.2.35 2961784 Bytes 10/16/2010 18:02:17
AEHELP.DLL : 8.1.14.0 246134 Bytes 10/16/2010 18:02:13
AEGEN.DLL : 8.1.3.23 401779 Bytes 10/16/2010 18:02:12
AEEMU.DLL : 8.1.2.0 393588 Bytes 10/16/2010 18:02:11
AECORE.DLL : 8.1.17.0 196982 Bytes 10/16/2010 18:02:11
AEBB.DLL : 8.1.1.0 53618 Bytes 10/16/2010 18:02:10
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 18:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 18:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 22:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 18:35:46
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 18:39:51
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 18:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 15:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 18:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 21:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 20:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 20:14:29

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Saturday, October 16, 2010 13:09

Starting search for hidden objects.
c:\windows\system32\regsvr32.exe
c:\Windows\System32\regsvr32.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'Solitaire.exe' - '77' Module(s) have been scanned
Scan process 'iexplore.exe' - '163' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'vssvc.exe' - '53' Module(s) have been scanned
Scan process 'avscan.exe' - '83' Module(s) have been scanned
Scan process 'avcenter.exe' - '110' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'avgnt.exe' - '60' Module(s) have been scanned
Scan process 'sched.exe' - '58' Module(s) have been scanned
Scan process 'avshadow.exe' - '37' Module(s) have been scanned
Scan process 'avguard.exe' - '69' Module(s) have been scanned
Scan process 'iexplore.exe' - '166' Module(s) have been scanned
Scan process 'iexplore.exe' - '86' Module(s) have been scanned
Scan process 'Taskmgr.exe' - '64' Module(s) have been scanned
Scan process 'hphc_service.exe' - '32' Module(s) have been scanned
Scan process 'hpswp_clipbook.exe' - '37' Module(s) have been scanned
Scan process 'hpqgpc01.exe' - '49' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '31' Module(s) have been scanned
Scan process 'hpqSTE08.exe' - '67' Module(s) have been scanned
Scan process 'ehmsas.exe' - '31' Module(s) have been scanned
Scan process 'xaudio.exe' - '21' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '97' Module(s) have been scanned
Scan process 'sidebar.exe' - '60' Module(s) have been scanned
Scan process 'ehtray.exe' - '34' Module(s) have been scanned
Scan process 'realsched.exe' - '39' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '26' Module(s) have been scanned
Scan process 'SynTPStart.exe' - '31' Module(s) have been scanned
Scan process 'SeaPort.exe' - '61' Module(s) have been scanned
Scan process 'RichVideo.exe' - '24' Module(s) have been scanned
Scan process 'Explorer.EXE' - '135' Module(s) have been scanned
Scan process 'mozybackup.exe' - '30' Module(s) have been scanned
Scan process 'Dwm.exe' - '37' Module(s) have been scanned
Scan process 'QPCapSvc.exe' - '83' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'mozybackup.exe' - '50' Module(s) have been scanned
Scan process 'MDM.EXE' - '27' Module(s) have been scanned
Scan process 'taskeng.exe' - '84' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '36' Module(s) have been scanned
Scan process 'rundll32.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'taskeng.exe' - '53' Module(s) have been scanned
Scan process 'spoolsv.exe' - '112' Module(s) have been scanned
Scan process 'WLANExt.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '103' Module(s) have been scanned
Scan process 'rundll32.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '95' Module(s) have been scanned
Scan process 'SLsvc.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'AUDIODG.EXE' - '48' Module(s) have been scanned
Scan process 'svchost.exe' - '149' Module(s) have been scanned
Scan process 'svchost.exe' - '122' Module(s) have been scanned
Scan process 'svchost.exe' - '77' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'winlogon.exe' - '44' Module(s) have been scanned
Scan process 'lsm.exe' - '30' Module(s) have been scanned
Scan process 'lsass.exe' - '68' Module(s) have been scanned
Scan process 'services.exe' - '41' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '34' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
C:\Program Files\Dogpile Toolbar\Helper.dll
[DETECTION] Is the TR/Agent.219648.E Trojan

The registry was scanned ( '1922' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\$RECYCLE.BIN\S-1-5-21-3672029275-632256824-2228662446-1000\$RNGE8E3.exe
[DETECTION] Is the TR/FraudPack.bjxo Trojan
C:\Program Files\Dogpile Toolbar\Helper.dll
[DETECTION] Is the TR/Agent.219648.E Trojan
C:\ProgramData\WildTangent\My HP Game Console\Downloads\en-us\Installers\fliporflop-setup.exe
[0] Archive type: NSIS
[DETECTION] Is the TR/Peed.877168 Trojan
--> [ProgramFilesDir]/HP Games/Flip Or Flop/FlipOrFlop-WT.exe
[DETECTION] Is the TR/Peed.877168 Trojan
C:\Users\owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2478564f-415313a2
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/Agent.EX Java virus
--> a0ee3d65141.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.EX Java virus
--> a4cb9b1a8a5.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.EY Java virus
--> a66d578f084.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.EZ Java virus
--> aa79d1019d8.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.FB Java virus
--> ab16db71cdc.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.FH Java virus
--> ab5601d4848.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.FI Java virus
--> ae28546890f.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.FJ Java virus
--> af439f03798.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.FK Java virus
C:\Users\owner\Desktop\YahDecode.exe
[DETECTION] Is the TR/Rozena.gpv Trojan
C:\Windows\Fnicea.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\Windows\Temp\3g7iQGMY.sys
[DETECTION] Contains recognition pattern of the RKIT/TDss.D root kit
Begin scan in 'D:\' <HP_RECOVERY>

Beginning disinfection:
C:\Windows\Temp\3g7iQGMY.sys
[DETECTION] Contains recognition pattern of the RKIT/TDss.D root kit
[NOTE] The file was moved to the quarantine directory under the name '48579ac9.qua'.
C:\Windows\Fnicea.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '5112b565.qua'.
C:\Users\owner\Desktop\YahDecode.exe
[DETECTION] Is the TR/Rozena.gpv Trojan
[NOTE] The file was moved to the quarantine directory under the name '034cefb8.qua'.
C:\Users\owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2478564f-415313a2
[DETECTION] Contains recognition pattern of the JAVA/Agent.FK Java virus
[NOTE] The file was moved to the quarantine directory under the name '64a8a009.qua'.
C:\ProgramData\WildTangent\My HP Game Console\Downloads\en-us\Installers\fliporflop-setup.exe
[DETECTION] Is the TR/Peed.877168 Trojan
[NOTE] The file was moved to the quarantine directory under the name '20fe8d7f.qua'.
C:\$RECYCLE.BIN\S-1-5-21-3672029275-632256824-2228662446-1000\$RNGE8E3.exe
[DETECTION] Is the TR/FraudPack.bjxo Trojan
[NOTE] The file was moved to the quarantine directory under the name '5fceb544.qua'.
C:\Program Files\Dogpile Toolbar\Helper.dll
[DETECTION] Is the TR/Agent.219648.E Trojan
[NOTE] The registration entry <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlSearchHooks\{19A0F032-27D7-4227-BBB5-51AA9E5904F5}> was removed successfully.
[WARNING] The file could not be copied to quarantine!
[WARNING] The file does not exist!
[NOTE] The registration entry <HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlSearchHooks\{19A0F032-27D7-4227-BBB5-51AA9E5904F5}> was removed successfully.
[NOTE] The file is scheduled for deleting after reboot.
The repair notes were written to the file 'C:\avrescue\rescue.avp'.
 
Status
Not open for further replies.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
Daniel Sims
Each Mortal Kombat 1 crash report occupies up to 1GB of storage space
Replies
7
Views
351
texasrattler
T

Latest posts

Back