We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

OMG 334 infected files found

13468917

Comments

  • Reluctant_spender
    Reluctant_spender Posts: 2,785 Forumite
    Part of the Furniture Combo Breaker
    Not sure you may have to tell it to - when you get to that stage, give us a shout with your options and we will help you through it.
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    Hi have 33 items in quarantine cant seem to copy and past them or add to a file any sugestions, pc crashing all the time now. thanks steph
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    think this might be it

    Start of the scan: 14 March 2009 15:28
    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'notepad.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'aoltpspd.exe' - '1' Module(s) have been scanned
    Scan process 'shellmon.exe' - '1' Module(s) have been scanned
    Scan process 'waol.exe' - '1' Module(s) have been scanned
    Scan process 'aolsoftware.exe' - '1' Module(s) have been scanned
    Scan process 'AOLSP Scheduler.exe' - '1' Module(s) have been scanned
    Scan process 'sistray.exe' - '1' Module(s) have been scanned
    Scan process 'STImgBrowser.exe' - '1' Module(s) have been scanned
    Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'dslagent.exe' - '1' Module(s) have been scanned
    Scan process 'dslstat.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'brctrcen.exe' - '1' Module(s) have been scanned
    Scan process 'pptd40nt.exe' - '1' Module(s) have been scanned
    Scan process 'AOLSP Scheduler.exe' - '1' Module(s) have been scanned
    Scan process 'QTTask.exe' - '1' Module(s) have been scanned
    Scan process 'aolsoftware.exe' - '1' Module(s) have been scanned
    Scan process 'PCMService.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'CLSched.exe' - '1' Module(s) have been scanned
    Scan process 'wanmpsvc.exe' - '1' Module(s) have been scanned
    Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
    Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'slserv.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'HidService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
    Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Brmfrmps.exe' - '1' Module(s) have been scanned
    Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
    Scan process 'brss01a.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'brsvc01a.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    57 processes with 57 modules were scanned
    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] System error [21]: The device is not ready.
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] System error [21]: The device is not ready.
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] System error [21]: The device is not ready.
    Master boot sector HD4
    [INFO] No virus was found!
    [WARNING] System error [21]: The device is not ready.
    Master boot sector HD5
    [INFO] No virus was found!
    [WARNING] System error [21]: The device is not ready.
    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!
    Starting to scan the registry.
    The registry was scanned ( '77' files ).

    Starting the file scan:
    Begin scan in 'C:\' <HDD>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Program Files\Common Files\AOL\Backup\ACS\Rollback\ACSLAN~1.EXE
    [0] Archive type: NSIS
    --> [PluginsDir]/utility.dll
    [DETECTION] Is the TR/StartPage.bah.1 Trojan
    [NOTE] The file was moved to '4a0ed0ca.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146176.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd3f0.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146179.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd3f6.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146180.DLL
    [DETECTION] Is the TR/Drop.Softomat.AN Trojan
    [NOTE] The file was moved to '49ecd3fb.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146181.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd3fe.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146182.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd402.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146183.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd409.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146184.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd40a.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146185.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '486f3af3.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146186.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd40c.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146187.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd40b.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146188.DLL
    [DETECTION] Is the TR/Killav.28714 Trojan
    [NOTE] The file was moved to '486f3af4.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146189.DLL
    [DETECTION] Is the TR/Drop.Softomat.AN Trojan
    [NOTE] The file was moved to '49ecd40d.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146190.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '486f3af5.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146191.scr
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '48985295.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146192.dll
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '48985296.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146193.dll
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd40f.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146194.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '48985288.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146195.SCR
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd411.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146196.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd40e.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146197.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '48985297.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146198.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd400.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146200.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '4898528a.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146201.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd413.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146202.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '4898528c.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146203.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd410.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146205.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '48985289.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146206.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd412.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146207.EXE
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd415.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146208.DLL
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '4898528e.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP668\A0146215.exe
    [DETECTION] Is the TR/Trash.Gen Trojan
    [NOTE] The file was moved to '49ecd417.qua'!
    C:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP677\A0149881.EXE
    [0] Archive type: NSIS
    --> [PluginsDir]/utility.dll
    [DETECTION] Is the TR/StartPage.bah.1 Trojan
    [NOTE] The file was moved to '49ecd426.qua'!
    Begin scan in 'D:\' <DATA>
    D:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\8FQAJE8U\v=4%3Bm=2%3Bl=5689%3Bc=8719%3Bb=39558%3Bts=20070411105146%3Bdct=;ord=20070411105146[1].htm
    [DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
    [NOTE] The file was moved to '49efde8e.qua'!

    End of the scan: 14 March 2009 18:01
    Used time: 2:33:36 Hour(s)
    The scan has been done completely.
    8648 Scanning directories
    246178 Files were scanned
    33 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    33 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    246144 Files not concerned
    6924 Archives were scanned
    6 Warnings
    33 Notes
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Can you try a COMBOFIX scan now? (try safe mode if normal keeps crashing)

    Id suggest backing up anything you need to keep too in case the worst happens
    :idea:
  • Reluctant_spender
    Reluctant_spender Posts: 2,785 Forumite
    Part of the Furniture Combo Breaker
    Not sure why it has become unstable - most of the files deleted were in System Restore.
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    combofix still not loading in normal mode, tryed it in safe mode but still cant log onto the internet, just keeps saying please restart your computer. :confused:
    some of the issues are pages not loading or very slow at loading
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Id say try DR WEBS CURE IT
    It will auto QUICK scan. Once thats finished start a FULL scan (it will almost certainly take hours so upto you when you try it)
    :idea:
  • Reluctant_spender
    Reluctant_spender Posts: 2,785 Forumite
    Part of the Furniture Combo Breaker
    Good Call

    Dr Web Cure IT has a high number of false positives - If you can post the log here before deleting anything
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    doing a quick scan now,
    what shall i do with the trojand in quarantine in avira.
    thanks steph

    Edit
    no infections found on quick scan, now doing a full scan
  • Reluctant_spender
    Reluctant_spender Posts: 2,785 Forumite
    Part of the Furniture Combo Breaker
    leave it where it is. It is quite safe there and will not bother you.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352K Banking & Borrowing
  • 253.5K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245K Work, Benefits & Business
  • 600.6K Mortgages, Homes & Bills
  • 177.4K Life & Family
  • 258.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.2K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture