I was trying to download a program so I could view The Long Beach Grand Prix live and got infected. Malwarebytes cannot remove it. Having problems downloading DDS as Comodo tells me it's a malicious threat and prevents it. Avira comes out clean.
I just post the SAS and Malwarebytes scans and we'll go from there.
What the heck?????? The following is a full Malwarebytes scan and it comes up as an Avira scan. I checked twice.
Avira AntiVir Personal
Report file date: Sunday, April 15, 2012 15:37
Scanning for 3625013 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : STEVE-HP
Version information:
BUILD.DAT : 10.2.0.707 36070 Bytes 1/25/2012 13:11:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 7/21/2011 19:12:28
AVSCAN.DLL : 10.0.5.0 47464 Bytes 7/21/2011 19:15:00
LUKE.DLL : 10.3.0.5 45416 Bytes 7/21/2011 19:13:59
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 07:40:49
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 7/21/2011 19:12:28
AVREG.DLL : 10.3.0.9 90472 Bytes 7/21/2011 19:12:21
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 17:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 14:53:55
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 17:13:42
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 04:32:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 19:49:27
VBASE005.VDF : 7.11.26.45 2048 Bytes 3/28/2012 19:49:27
VBASE006.VDF : 7.11.26.46 2048 Bytes 3/28/2012 19:49:27
VBASE007.VDF : 7.11.26.47 2048 Bytes 3/28/2012 19:49:27
VBASE008.VDF : 7.11.26.48 2048 Bytes 3/28/2012 19:49:27
VBASE009.VDF : 7.11.26.49 2048 Bytes 3/28/2012 19:49:27
VBASE010.VDF : 7.11.26.50 2048 Bytes 3/28/2012 19:49:27
VBASE011.VDF : 7.11.26.51 2048 Bytes 3/28/2012 19:49:27
VBASE012.VDF : 7.11.26.52 2048 Bytes 3/28/2012 19:49:27
VBASE013.VDF : 7.11.26.53 2048 Bytes 3/28/2012 19:49:27
VBASE014.VDF : 7.11.26.107 221696 Bytes 3/30/2012 19:49:27
VBASE015.VDF : 7.11.26.179 224768 Bytes 4/2/2012 19:49:27
VBASE016.VDF : 7.11.26.241 142336 Bytes 4/4/2012 19:49:27
VBASE017.VDF : 7.11.27.41 247808 Bytes 4/8/2012 21:33:36
VBASE018.VDF : 7.11.27.107 161280 Bytes 4/12/2012 22:36:21
VBASE019.VDF : 7.11.27.159 148992 Bytes 4/13/2012 22:36:23
VBASE020.VDF : 7.11.27.160 2048 Bytes 4/13/2012 22:36:23
VBASE021.VDF : 7.11.27.161 2048 Bytes 4/13/2012 22:36:23
VBASE022.VDF : 7.11.27.162 2048 Bytes 4/13/2012 22:36:23
VBASE023.VDF : 7.11.27.163 2048 Bytes 4/13/2012 22:36:24
VBASE024.VDF : 7.11.27.164 2048 Bytes 4/13/2012 22:36:24
VBASE025.VDF : 7.11.27.165 2048 Bytes 4/13/2012 22:36:24
VBASE026.VDF : 7.11.27.166 2048 Bytes 4/13/2012 22:36:24
VBASE027.VDF : 7.11.27.167 2048 Bytes 4/13/2012 22:36:25
VBASE028.VDF : 7.11.27.168 2048 Bytes 4/13/2012 22:36:25
VBASE029.VDF : 7.11.27.169 2048 Bytes 4/13/2012 22:36:25
VBASE030.VDF : 7.11.27.170 2048 Bytes 4/13/2012 22:36:25
VBASE031.VDF : 7.11.27.178 32768 Bytes 4/15/2012 22:36:26
Engineversion : 8.2.10.42
AEVDF.DLL : 8.1.2.2 106868 Bytes 11/2/2011 14:45:47
AESCRIPT.DLL : 8.1.4.16 446842 Bytes 4/4/2012 19:49:27
AESCN.DLL : 8.1.8.2 131444 Bytes 2/7/2012 04:33:38
AESBX.DLL : 8.2.5.5 606579 Bytes 3/20/2012 01:54:01
AERDL.DLL : 8.1.9.15 639348 Bytes 9/27/2011 03:33:24
AEPACK.DLL : 8.2.16.9 807287 Bytes 4/4/2012 19:49:27
AEOFFICE.DLL : 8.1.2.27 201082 Bytes 4/4/2012 19:49:27
AEHEUR.DLL : 8.1.4.15 4628855 Bytes 4/15/2012 22:36:45
AEHELP.DLL : 8.1.19.1 254327 Bytes 4/4/2012 19:49:27
AEGEN.DLL : 8.1.5.23 409973 Bytes 3/9/2012 02:11:44
AEEXP.DLL : 8.1.0.29 82293 Bytes 4/15/2012 22:36:45
AEEMU.DLL : 8.1.3.0 393589 Bytes 4/21/2011 14:53:14
AECORE.DLL : 8.1.25.6 201078 Bytes 3/20/2012 01:53:39
AEBB.DLL : 8.1.1.0 53618 Bytes 4/21/2011 14:53:14
AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/21/2011 14:53:36
AVPREF.DLL : 10.0.3.2 44904 Bytes 7/21/2011 19:12:20
AVREP.DLL : 10.0.0.10 174120 Bytes 7/21/2011 19:12:22
AVARKT.DLL : 10.0.26.1 255336 Bytes 7/21/2011 19:12:00
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 7/21/2011 19:12:10
SQLITE3.DLL : 3.6.19.0 355688 Bytes 7/21/2011 22:12:31
AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/21/2011 14:53:36
NETNT.DLL : 10.0.0.0 11624 Bytes 4/21/2011 14:53:46
RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 7/21/2011 19:15:09
RCTEXT.DLL : 10.0.64.0 97640 Bytes 7/21/2011 19:15:09
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: Default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, F:, Q:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: Advanced
Start of the scan: Sunday, April 15, 2012 15:37
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'avscan.exe' - '77' Module(s) have been scanned
Scan process 'avscan.exe' - '32' Module(s) have been scanned
Scan process 'avcenter.exe' - '76' Module(s) have been scanned
Scan process 'hpCMSrv.exe' - '51' Module(s) have been scanned
Scan process 'hpqWmiEx.exe' - '47' Module(s) have been scanned
Scan process 'YCMMirage.exe' - '39' Module(s) have been scanned
Scan process 'jusched.exe' - '28' Module(s) have been scanned
Scan process 'HPOSD.exe' - '51' Module(s) have been scanned
Scan process 'HPMSGSVC.exe' - '56' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '71' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '46' Module(s) have been scanned
Scan process 'EEventManager.exe' - '66' Module(s) have been scanned
Scan process 'avgnt.exe' - '60' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '62' Module(s) have been scanned
Scan process 'EasyShare.exe' - '176' Module(s) have been scanned
Scan process 'sftlist.exe' - '66' Module(s) have been scanned
Scan process 'sftvsa.exe' - '31' Module(s) have been scanned
Scan process 'SeaPort.EXE' - '53' Module(s) have been scanned
Scan process 'RNowSvc.exe' - '30' Module(s) have been scanned
Scan process 'HPWMISVC.exe' - '41' Module(s) have been scanned
Scan process 'HPDrvMntSvc.exe' - '21' Module(s) have been scanned
Scan process 'ezSharedSvcHost.exe' - '30' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned
Scan process 'avguard.exe' - '70' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'ACService.exe' - '27' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Starting to scan executable files (registry).
The registry was scanned ( '189' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'F:\' <HP_TOOLS>
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.
End of the scan: Sunday, April 15, 2012 16:38
Used time: 1:01:07 Hour(s)
The scan has been done completely.
28582 Scanned directories
634798 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
634798 Files not concerned
1867 Archives were scanned
0 Warnings
0 Notes
489832 Objects were scanned with rootkit scan
0 Hidden objects were found
I just post the SAS and Malwarebytes scans and we'll go from there.
What the heck?????? The following is a full Malwarebytes scan and it comes up as an Avira scan. I checked twice.
Avira AntiVir Personal
Report file date: Sunday, April 15, 2012 15:37
Scanning for 3625013 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : STEVE-HP
Version information:
BUILD.DAT : 10.2.0.707 36070 Bytes 1/25/2012 13:11:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 7/21/2011 19:12:28
AVSCAN.DLL : 10.0.5.0 47464 Bytes 7/21/2011 19:15:00
LUKE.DLL : 10.3.0.5 45416 Bytes 7/21/2011 19:13:59
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 07:40:49
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 7/21/2011 19:12:28
AVREG.DLL : 10.3.0.9 90472 Bytes 7/21/2011 19:12:21
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 17:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 14:53:55
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 17:13:42
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 04:32:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 19:49:27
VBASE005.VDF : 7.11.26.45 2048 Bytes 3/28/2012 19:49:27
VBASE006.VDF : 7.11.26.46 2048 Bytes 3/28/2012 19:49:27
VBASE007.VDF : 7.11.26.47 2048 Bytes 3/28/2012 19:49:27
VBASE008.VDF : 7.11.26.48 2048 Bytes 3/28/2012 19:49:27
VBASE009.VDF : 7.11.26.49 2048 Bytes 3/28/2012 19:49:27
VBASE010.VDF : 7.11.26.50 2048 Bytes 3/28/2012 19:49:27
VBASE011.VDF : 7.11.26.51 2048 Bytes 3/28/2012 19:49:27
VBASE012.VDF : 7.11.26.52 2048 Bytes 3/28/2012 19:49:27
VBASE013.VDF : 7.11.26.53 2048 Bytes 3/28/2012 19:49:27
VBASE014.VDF : 7.11.26.107 221696 Bytes 3/30/2012 19:49:27
VBASE015.VDF : 7.11.26.179 224768 Bytes 4/2/2012 19:49:27
VBASE016.VDF : 7.11.26.241 142336 Bytes 4/4/2012 19:49:27
VBASE017.VDF : 7.11.27.41 247808 Bytes 4/8/2012 21:33:36
VBASE018.VDF : 7.11.27.107 161280 Bytes 4/12/2012 22:36:21
VBASE019.VDF : 7.11.27.159 148992 Bytes 4/13/2012 22:36:23
VBASE020.VDF : 7.11.27.160 2048 Bytes 4/13/2012 22:36:23
VBASE021.VDF : 7.11.27.161 2048 Bytes 4/13/2012 22:36:23
VBASE022.VDF : 7.11.27.162 2048 Bytes 4/13/2012 22:36:23
VBASE023.VDF : 7.11.27.163 2048 Bytes 4/13/2012 22:36:24
VBASE024.VDF : 7.11.27.164 2048 Bytes 4/13/2012 22:36:24
VBASE025.VDF : 7.11.27.165 2048 Bytes 4/13/2012 22:36:24
VBASE026.VDF : 7.11.27.166 2048 Bytes 4/13/2012 22:36:24
VBASE027.VDF : 7.11.27.167 2048 Bytes 4/13/2012 22:36:25
VBASE028.VDF : 7.11.27.168 2048 Bytes 4/13/2012 22:36:25
VBASE029.VDF : 7.11.27.169 2048 Bytes 4/13/2012 22:36:25
VBASE030.VDF : 7.11.27.170 2048 Bytes 4/13/2012 22:36:25
VBASE031.VDF : 7.11.27.178 32768 Bytes 4/15/2012 22:36:26
Engineversion : 8.2.10.42
AEVDF.DLL : 8.1.2.2 106868 Bytes 11/2/2011 14:45:47
AESCRIPT.DLL : 8.1.4.16 446842 Bytes 4/4/2012 19:49:27
AESCN.DLL : 8.1.8.2 131444 Bytes 2/7/2012 04:33:38
AESBX.DLL : 8.2.5.5 606579 Bytes 3/20/2012 01:54:01
AERDL.DLL : 8.1.9.15 639348 Bytes 9/27/2011 03:33:24
AEPACK.DLL : 8.2.16.9 807287 Bytes 4/4/2012 19:49:27
AEOFFICE.DLL : 8.1.2.27 201082 Bytes 4/4/2012 19:49:27
AEHEUR.DLL : 8.1.4.15 4628855 Bytes 4/15/2012 22:36:45
AEHELP.DLL : 8.1.19.1 254327 Bytes 4/4/2012 19:49:27
AEGEN.DLL : 8.1.5.23 409973 Bytes 3/9/2012 02:11:44
AEEXP.DLL : 8.1.0.29 82293 Bytes 4/15/2012 22:36:45
AEEMU.DLL : 8.1.3.0 393589 Bytes 4/21/2011 14:53:14
AECORE.DLL : 8.1.25.6 201078 Bytes 3/20/2012 01:53:39
AEBB.DLL : 8.1.1.0 53618 Bytes 4/21/2011 14:53:14
AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/21/2011 14:53:36
AVPREF.DLL : 10.0.3.2 44904 Bytes 7/21/2011 19:12:20
AVREP.DLL : 10.0.0.10 174120 Bytes 7/21/2011 19:12:22
AVARKT.DLL : 10.0.26.1 255336 Bytes 7/21/2011 19:12:00
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 7/21/2011 19:12:10
SQLITE3.DLL : 3.6.19.0 355688 Bytes 7/21/2011 22:12:31
AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/21/2011 14:53:36
NETNT.DLL : 10.0.0.0 11624 Bytes 4/21/2011 14:53:46
RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 7/21/2011 19:15:09
RCTEXT.DLL : 10.0.64.0 97640 Bytes 7/21/2011 19:15:09
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: Default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, F:, Q:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: Advanced
Start of the scan: Sunday, April 15, 2012 15:37
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'avscan.exe' - '77' Module(s) have been scanned
Scan process 'avscan.exe' - '32' Module(s) have been scanned
Scan process 'avcenter.exe' - '76' Module(s) have been scanned
Scan process 'hpCMSrv.exe' - '51' Module(s) have been scanned
Scan process 'hpqWmiEx.exe' - '47' Module(s) have been scanned
Scan process 'YCMMirage.exe' - '39' Module(s) have been scanned
Scan process 'jusched.exe' - '28' Module(s) have been scanned
Scan process 'HPOSD.exe' - '51' Module(s) have been scanned
Scan process 'HPMSGSVC.exe' - '56' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '71' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '46' Module(s) have been scanned
Scan process 'EEventManager.exe' - '66' Module(s) have been scanned
Scan process 'avgnt.exe' - '60' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '62' Module(s) have been scanned
Scan process 'EasyShare.exe' - '176' Module(s) have been scanned
Scan process 'sftlist.exe' - '66' Module(s) have been scanned
Scan process 'sftvsa.exe' - '31' Module(s) have been scanned
Scan process 'SeaPort.EXE' - '53' Module(s) have been scanned
Scan process 'RNowSvc.exe' - '30' Module(s) have been scanned
Scan process 'HPWMISVC.exe' - '41' Module(s) have been scanned
Scan process 'HPDrvMntSvc.exe' - '21' Module(s) have been scanned
Scan process 'ezSharedSvcHost.exe' - '30' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned
Scan process 'avguard.exe' - '70' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'ACService.exe' - '27' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Starting to scan executable files (registry).
The registry was scanned ( '189' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'F:\' <HP_TOOLS>
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.
End of the scan: Sunday, April 15, 2012 16:38
Used time: 1:01:07 Hour(s)
The scan has been done completely.
28582 Scanned directories
634798 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
634798 Files not concerned
1867 Archives were scanned
0 Warnings
0 Notes
489832 Objects were scanned with rootkit scan
0 Hidden objects were found