Firstly Hello To Everyone Here...
Well... 2 days ago I went outside and letted my pc opened with utorrent and a webpage. (I use IE8, Avira AntiVir PE & Windows Firewall)
When I comed back on the browser was opened a new webpage "www.google.com"
of course not by me...and it's not my HomePage..my HomePage is www.google.ro not .com and I use Pop-Up blocker On with High settings.
Along with that the Security Center was announced that firewall is turned of... verry strange.
After I use some minutes the browser ..I see that it was taking the whole processor.
After that if I was started it..it was load extrely hard and again takeing the whole processor speed.
Did a full scand with Avira and:
Avira AntiVir Personal
Report file date: 9 iulie 2010 23:02
Scanning for 2329261 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : VECTRA
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19.04.2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 20.04.2010 09:58:15
AVSCAN.DLL : 10.0.3.0 46440 Bytes 20.04.2010 09:58:14
LUKE.DLL : 10.0.2.3 104296 Bytes 07.03.2010 16:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.02.2010 21:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 16:54:49
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 20:55:03
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.01.2010 00:08:49
VBASE003.VDF : 7.10.3.75 996864 Bytes 26.01.2010 23:04:09
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05.03.2010 15:42:06
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15.04.2010 20:28:31
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02.06.2010 17:02:24
VBASE007.VDF : 7.10.7.219 2048 Bytes 02.06.2010 17:02:24
VBASE008.VDF : 7.10.7.220 2048 Bytes 02.06.2010 17:02:24
VBASE009.VDF : 7.10.7.221 2048 Bytes 02.06.2010 17:02:24
VBASE010.VDF : 7.10.7.222 2048 Bytes 02.06.2010 17:02:24
VBASE011.VDF : 7.10.7.223 2048 Bytes 02.06.2010 17:02:24
VBASE012.VDF : 7.10.7.224 2048 Bytes 02.06.2010 17:02:24
VBASE013.VDF : 7.10.8.37 270336 Bytes 10.06.2010 15:08:55
VBASE014.VDF : 7.10.8.69 138752 Bytes 14.06.2010 16:56:28
VBASE015.VDF : 7.10.8.102 130560 Bytes 16.06.2010 10:23:36
VBASE016.VDF : 7.10.8.135 152064 Bytes 21.06.2010 12:39:54
VBASE017.VDF : 7.10.8.163 432128 Bytes 23.06.2010 17:55:49
VBASE018.VDF : 7.10.8.194 133632 Bytes 27.06.2010 19:15:41
VBASE019.VDF : 7.10.8.220 134656 Bytes 29.06.2010 21:41:33
VBASE020.VDF : 7.10.8.252 171520 Bytes 04.07.2010 16:13:53
VBASE021.VDF : 7.10.9.19 131072 Bytes 06.07.2010 16:26:10
VBASE022.VDF : 7.10.9.36 297472 Bytes 07.07.2010 20:29:47
VBASE023.VDF : 7.10.9.37 2048 Bytes 07.07.2010 20:29:47
VBASE024.VDF : 7.10.9.38 2048 Bytes 07.07.2010 20:29:47
VBASE025.VDF : 7.10.9.39 2048 Bytes 07.07.2010 20:29:47
VBASE026.VDF : 7.10.9.40 2048 Bytes 07.07.2010 20:29:47
VBASE027.VDF : 7.10.9.41 2048 Bytes 07.07.2010 20:29:47
VBASE028.VDF : 7.10.9.42 2048 Bytes 07.07.2010 20:29:47
VBASE029.VDF : 7.10.9.43 2048 Bytes 07.07.2010 20:29:47
VBASE030.VDF : 7.10.9.44 2048 Bytes 07.07.2010 20:29:47
VBASE031.VDF : 7.10.9.56 112640 Bytes 09.07.2010 18:13:56
Engineversion : 8.2.4.10
AEVDF.DLL : 8.1.2.0 106868 Bytes 23.04.2010 20:32:35
AESCRIPT.DLL : 8.1.3.39 1335674 Bytes 07.07.2010 16:26:12
AESCN.DLL : 8.1.6.1 127347 Bytes 13.05.2010 00:54:45
AESBX.DLL : 8.1.3.1 254324 Bytes 23.04.2010 20:32:35
AERDL.DLL : 8.1.4.6 541043 Bytes 17.04.2010 20:28:37
AEPACK.DLL : 8.2.2.5 430453 Bytes 23.06.2010 17:56:36
AEOFFICE.DLL : 8.1.1.6 201081 Bytes 07.07.2010 16:26:11
AEHEUR.DLL : 8.1.1.38 2724214 Bytes 23.06.2010 17:56:28
AEHELP.DLL : 8.1.11.6 242038 Bytes 23.06.2010 17:55:59
AEGEN.DLL : 8.1.3.13 381300 Bytes 07.07.2010 16:26:11
AEEMU.DLL : 8.1.2.0 393588 Bytes 23.04.2010 20:32:34
AECORE.DLL : 8.1.15.3 192886 Bytes 13.05.2010 00:54:45
AEBB.DLL : 8.1.1.0 53618 Bytes 23.04.2010 20:32:33
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 10:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 10:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18.02.2010 14:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 20.04.2010 09:58:15
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 20.04.2010 09:58:15
AVARKT.DLL : 10.0.0.14 227176 Bytes 20.04.2010 09:58:14
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 07:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 10:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 13:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 12:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 11:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 20.04.2010 09:58:14
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 9 iulie 2010 23:02
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '67' Module(s) have been scanned
Scan process 'ymsgr_tray.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '23' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '24' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '10' Module(s) have been scanned
Scan process 'jqs.exe' - '53' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'uTorrent.exe' - '51' Module(s) have been scanned
Scan process 'ctfmon.exe' - '23' Module(s) have been scanned
Scan process 'winampa.exe' - '16' Module(s) have been scanned
Scan process 'avgnt.exe' - '48' Module(s) have been scanned
Scan process 'Rundll32.exe' - '26' Module(s) have been scanned
Scan process 'sched.exe' - '44' Module(s) have been scanned
Scan process 'spoolsv.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'Explorer.EXE' - '104' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '158' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '26' Module(s) have been scanned
Scan process 'winlogon.exe' - '62' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '474' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Documents & Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\57\1cca24f9-607aed3a
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/AdgredY.class
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/DyesyasZ.class
[DETECTION] Contains recognition pattern of the EXP/Java.2502 exploit
--> dev/s/LoaderX.class
[DETECTION] Contains recognition pattern of the EXP/Java.3243 exploit
Begin scan in 'D:\'
Begin scan in 'E:\'
E:\Programe\eMule v0.49c.exe
[WARNING] Insufficient memory. The file was not scanned.
Beginning disinfection:
C:\Documents & Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\57\1cca24f9-607aed3a
[DETECTION] Contains recognition pattern of the EXP/Java.3243 exploit
[NOTE] The file was moved to the quarantine directory under the name '462d11b5.qua'.
End of the scan: 10 iulie 2010 02:46
Used time: 1:56:33 Hour(s)
The scan has been done completely.
7928 Scanned directories
433840 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
433837 Files not concerned
2604 Archives were scanned
1 Warnings
1 Notes
457204 Objects were scanned with rootkit scan
1 Hidden objects were found
However nothing has changed...
Till now I have fixed the browser problem.
Inside the Internet Explorer directory it was a setupapi.dll wich was the problem.
Seems that Firefox was haveing that file too but was not visibly affected (slowed or something).This one was detected by Malware. Find It In Log.
So the remaining problem is that if I restart my PC the Firewall is getting off almost everytime & also with that the Security Center Alerts, all of them go off along with firewall.
I tested some things to see the simptoms:
So i start the computer and alerts and firewall is off.
I turned them on.
1. If i turn the PC off and then on or restart they are back to off.
2. If i switch off (user) and then log on, or standby or hibernate is logically they will remain on so this tell me is something on startup that closed them.
3. but strangely if I logoff and then I logon (Windows Started Again) the Firewall and Alerts remain On...so what I should understand from 2 and 3 if they are completly opposite eachother.
4. And also something that is opposite to 3 is that sometimes i restart and enter in Security Center I see the green light on Firewall but one second later it's get red and the popup on systemtray appears telling me that is off.
Hope everybody understand my english.
Thank You.
Well... 2 days ago I went outside and letted my pc opened with utorrent and a webpage. (I use IE8, Avira AntiVir PE & Windows Firewall)
When I comed back on the browser was opened a new webpage "www.google.com"
of course not by me...and it's not my HomePage..my HomePage is www.google.ro not .com and I use Pop-Up blocker On with High settings.
Along with that the Security Center was announced that firewall is turned of... verry strange.
After I use some minutes the browser ..I see that it was taking the whole processor.
After that if I was started it..it was load extrely hard and again takeing the whole processor speed.
Did a full scand with Avira and:
Avira AntiVir Personal
Report file date: 9 iulie 2010 23:02
Scanning for 2329261 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : VECTRA
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19.04.2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 20.04.2010 09:58:15
AVSCAN.DLL : 10.0.3.0 46440 Bytes 20.04.2010 09:58:14
LUKE.DLL : 10.0.2.3 104296 Bytes 07.03.2010 16:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.02.2010 21:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 16:54:49
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 20:55:03
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.01.2010 00:08:49
VBASE003.VDF : 7.10.3.75 996864 Bytes 26.01.2010 23:04:09
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05.03.2010 15:42:06
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15.04.2010 20:28:31
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02.06.2010 17:02:24
VBASE007.VDF : 7.10.7.219 2048 Bytes 02.06.2010 17:02:24
VBASE008.VDF : 7.10.7.220 2048 Bytes 02.06.2010 17:02:24
VBASE009.VDF : 7.10.7.221 2048 Bytes 02.06.2010 17:02:24
VBASE010.VDF : 7.10.7.222 2048 Bytes 02.06.2010 17:02:24
VBASE011.VDF : 7.10.7.223 2048 Bytes 02.06.2010 17:02:24
VBASE012.VDF : 7.10.7.224 2048 Bytes 02.06.2010 17:02:24
VBASE013.VDF : 7.10.8.37 270336 Bytes 10.06.2010 15:08:55
VBASE014.VDF : 7.10.8.69 138752 Bytes 14.06.2010 16:56:28
VBASE015.VDF : 7.10.8.102 130560 Bytes 16.06.2010 10:23:36
VBASE016.VDF : 7.10.8.135 152064 Bytes 21.06.2010 12:39:54
VBASE017.VDF : 7.10.8.163 432128 Bytes 23.06.2010 17:55:49
VBASE018.VDF : 7.10.8.194 133632 Bytes 27.06.2010 19:15:41
VBASE019.VDF : 7.10.8.220 134656 Bytes 29.06.2010 21:41:33
VBASE020.VDF : 7.10.8.252 171520 Bytes 04.07.2010 16:13:53
VBASE021.VDF : 7.10.9.19 131072 Bytes 06.07.2010 16:26:10
VBASE022.VDF : 7.10.9.36 297472 Bytes 07.07.2010 20:29:47
VBASE023.VDF : 7.10.9.37 2048 Bytes 07.07.2010 20:29:47
VBASE024.VDF : 7.10.9.38 2048 Bytes 07.07.2010 20:29:47
VBASE025.VDF : 7.10.9.39 2048 Bytes 07.07.2010 20:29:47
VBASE026.VDF : 7.10.9.40 2048 Bytes 07.07.2010 20:29:47
VBASE027.VDF : 7.10.9.41 2048 Bytes 07.07.2010 20:29:47
VBASE028.VDF : 7.10.9.42 2048 Bytes 07.07.2010 20:29:47
VBASE029.VDF : 7.10.9.43 2048 Bytes 07.07.2010 20:29:47
VBASE030.VDF : 7.10.9.44 2048 Bytes 07.07.2010 20:29:47
VBASE031.VDF : 7.10.9.56 112640 Bytes 09.07.2010 18:13:56
Engineversion : 8.2.4.10
AEVDF.DLL : 8.1.2.0 106868 Bytes 23.04.2010 20:32:35
AESCRIPT.DLL : 8.1.3.39 1335674 Bytes 07.07.2010 16:26:12
AESCN.DLL : 8.1.6.1 127347 Bytes 13.05.2010 00:54:45
AESBX.DLL : 8.1.3.1 254324 Bytes 23.04.2010 20:32:35
AERDL.DLL : 8.1.4.6 541043 Bytes 17.04.2010 20:28:37
AEPACK.DLL : 8.2.2.5 430453 Bytes 23.06.2010 17:56:36
AEOFFICE.DLL : 8.1.1.6 201081 Bytes 07.07.2010 16:26:11
AEHEUR.DLL : 8.1.1.38 2724214 Bytes 23.06.2010 17:56:28
AEHELP.DLL : 8.1.11.6 242038 Bytes 23.06.2010 17:55:59
AEGEN.DLL : 8.1.3.13 381300 Bytes 07.07.2010 16:26:11
AEEMU.DLL : 8.1.2.0 393588 Bytes 23.04.2010 20:32:34
AECORE.DLL : 8.1.15.3 192886 Bytes 13.05.2010 00:54:45
AEBB.DLL : 8.1.1.0 53618 Bytes 23.04.2010 20:32:33
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 10:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 10:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18.02.2010 14:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 20.04.2010 09:58:15
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 20.04.2010 09:58:15
AVARKT.DLL : 10.0.0.14 227176 Bytes 20.04.2010 09:58:14
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 07:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 10:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 13:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 12:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 11:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 20.04.2010 09:58:14
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 9 iulie 2010 23:02
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
The scan of running processes will be started
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '67' Module(s) have been scanned
Scan process 'ymsgr_tray.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '23' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '24' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '10' Module(s) have been scanned
Scan process 'jqs.exe' - '53' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'uTorrent.exe' - '51' Module(s) have been scanned
Scan process 'ctfmon.exe' - '23' Module(s) have been scanned
Scan process 'winampa.exe' - '16' Module(s) have been scanned
Scan process 'avgnt.exe' - '48' Module(s) have been scanned
Scan process 'Rundll32.exe' - '26' Module(s) have been scanned
Scan process 'sched.exe' - '44' Module(s) have been scanned
Scan process 'spoolsv.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'Explorer.EXE' - '104' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '158' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '26' Module(s) have been scanned
Scan process 'winlogon.exe' - '62' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '474' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Documents & Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\57\1cca24f9-607aed3a
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/AdgredY.class
[DETECTION] Contains recognition pattern of the EXP/Java.CVE-2009-3867.8861 exploit
--> dev/s/DyesyasZ.class
[DETECTION] Contains recognition pattern of the EXP/Java.2502 exploit
--> dev/s/LoaderX.class
[DETECTION] Contains recognition pattern of the EXP/Java.3243 exploit
Begin scan in 'D:\'
Begin scan in 'E:\'
E:\Programe\eMule v0.49c.exe
[WARNING] Insufficient memory. The file was not scanned.
Beginning disinfection:
C:\Documents & Settings\Alex\Application Data\Sun\Java\Deployment\cache\6.0\57\1cca24f9-607aed3a
[DETECTION] Contains recognition pattern of the EXP/Java.3243 exploit
[NOTE] The file was moved to the quarantine directory under the name '462d11b5.qua'.
End of the scan: 10 iulie 2010 02:46
Used time: 1:56:33 Hour(s)
The scan has been done completely.
7928 Scanned directories
433840 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
433837 Files not concerned
2604 Archives were scanned
1 Warnings
1 Notes
457204 Objects were scanned with rootkit scan
1 Hidden objects were found
However nothing has changed...
Till now I have fixed the browser problem.
Inside the Internet Explorer directory it was a setupapi.dll wich was the problem.
Seems that Firefox was haveing that file too but was not visibly affected (slowed or something).This one was detected by Malware. Find It In Log.
So the remaining problem is that if I restart my PC the Firewall is getting off almost everytime & also with that the Security Center Alerts, all of them go off along with firewall.
I tested some things to see the simptoms:
So i start the computer and alerts and firewall is off.
I turned them on.
1. If i turn the PC off and then on or restart they are back to off.
2. If i switch off (user) and then log on, or standby or hibernate is logically they will remain on so this tell me is something on startup that closed them.
3. but strangely if I logoff and then I logon (Windows Started Again) the Firewall and Alerts remain On...so what I should understand from 2 and 3 if they are completly opposite eachother.
4. And also something that is opposite to 3 is that sometimes i restart and enter in Security Center I see the green light on Firewall but one second later it's get red and the popup on systemtray appears telling me that is off.
Hope everybody understand my english.
Thank You.