We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Problems with my computer
Options
Comments
-
ComboFix 10-10-17.04 - Chris 18/10/2010 16:08:47.8.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.894.282 [GMT 1:00]
Running from: c:\users\Chris\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2010-09-18 to 2010-10-18 )))))))))))))))))))))))))))))))
.
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\Public\AppData\Local\temp
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\Janna\AppData\Local\temp
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\georgina\AppData\Local\temp
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\Default\AppData\Local\temp
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\Clare\AppData\Local\temp
2010-10-18 15:19 . 2010-10-18 15:19
d
w- c:\users\Chris\AppData\Local\temp
2010-10-18 15:02 . 2010-10-18 15:03
d
w- C:\32788R22FWJFW
2010-10-18 08:54 . 2010-09-09 22:52 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3678401A-F75C-42C9-ABDC-00D8BBC86CAD}\mpengine.dll
2010-10-16 15:17 . 2010-10-16 15:17
d
w- c:\programdata\Yahoo! Companion
2010-10-12 20:11 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-12 20:11 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-12 20:10 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-10-12 20:10 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-12 20:10 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-10-12 20:10 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-12 20:10 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-12 20:10 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-12 20:10 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-12 20:10 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-12 20:10 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-10-11 11:41 . 2010-10-11 11:41
d
w- c:\program files\AOL Toolbar
2010-10-03 19:15 . 2010-10-04 18:24
d
w- c:\users\Chris\DoctorWeb
2010-10-03 12:39 . 2010-10-03 12:39
d
w- c:\users\Clare\.jagex_cache_32
2010-10-03 12:24 . 2010-10-03 12:25
d
w- C:\.jagex_cache_32
2010-09-30 19:50 . 2010-10-17 17:07
d
w- c:\users\Chris\AppData\Roaming\Skype
2010-09-30 19:50 . 2010-10-18 04:53
d
w- c:\program files\Common Files\Skype
2010-09-30 19:50 . 2010-10-18 04:53
d
r- c:\program files\Skype
2010-09-29 15:54 . 2010-09-29 15:54
d
w- c:\program files\iPod
2010-09-29 15:44 . 2010-09-29 15:44
d
w- c:\program files\Bonjour
2010-09-29 14:40 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 14:38 . 2010-08-26 04:23 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-09-22 11:06 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-23 4435968]
"ShowWnd"="ShowWnd.exe" [2005-01-27 36864]
"ModPS2"="ModPS2Key.exe" [2006-11-07 53248]
"HostManager"="c:\program files\Common Files\AOL\1197983138\ee\AOLSoftware.exe" [2008-06-24 41824]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-20 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-20 92704]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-08 185896]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-06-07 4176760]
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AOL Desktop.lnk - c:\program files\Common Files\AOL\Launch\aollaunch.exe [2008-6-24 41824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.0.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.0.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 5.0.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AOL Desktop.lnk]
path=c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop.lnk
backup=c:\windows\pss\AOL Desktop.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Chris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PMB Media Check Tool.lnk]
path=c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
backup=c:\windows\pss\PMB Media Check Tool.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2006-11-07 21:08 547840 ----a-w- c:\windows\zHotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 01:10 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
c:\program files\Logitech\Logitech Vid\Vid.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-10-14 13:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 10:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 10:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-09-29 13224]
R3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ECACHE
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
2010-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1370036104-811610254-1484745332-1003Core.job
- c:\users\Clare\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-11 09:02]
2010-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1370036104-811610254-1484745332-1003UA.job
- c:\users\Clare\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-11 09:02]
2010-10-17 c:\windows\Tasks\User_Feed_Synchronization-{64BBF93D-2222-46DE-B919-EA8BFBFD6EFB}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
2010-10-17 c:\windows\Tasks\User_Feed_Synchronization-{BBFFB24D-0D1A-47DA-BD32-B0082C4E4345}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
2010-10-17 c:\windows\Tasks\User_Feed_Synchronization-{F248A71E-67A9-4B53-B6F2-9ECAEC6BF257}.job
- c:\windows\system32\msfeedssync.exe [2010-10-12 04:25]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.aol.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_GB&Sys=DTP&M=E4252
uInternet Settings,ProxyOverride = *.local
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-US\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\Windows Live\Companion\companioncore.dll
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\5slfsi5y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - hxxp://uk.msn.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Chris\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\5slfsi5y.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
HKLM-RunOnce-<NO NAME> - (no file)
.
LOCKED REGISTRY KEYS
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-10-18 16:23:43
ComboFix-quarantined-files.txt 2010-10-18 15:23
ComboFix2.txt 2010-10-17 16:06
ComboFix3.txt 2010-09-07 14:23
ComboFix4.txt 2010-06-24 08:13
ComboFix5.txt 2010-10-18 09:06
Pre-Run: 67,853,299,712 bytes free
Post-Run: 67,836,010,496 bytes free
- - End Of File - - 6D47794CAAD9382BCC580424EFED8FAD0 -
I don't think I have one of those disc sorry to say mate I'm abit of a nofise when it comes to computers I know a little amount to get me by but that's it. So that means you'll have to go into more details about that, sorry lol0
-
Well it seems a futile attempt going on as we dont seem to be getting anywhere at the moment
A guaranteed fix (assuming the hardware is fine) is to reinstall windows
You really need to post a new thread about that and see if anyone comes to your aid (Im afraid I dont deal with reinstalls on here, too much hassle for me)
One thing we can try though ~ bring up DEVICE MANAGER and see if there are any yellow exclamation marks
Press the WINDOWS key and the PAUSE/BREAK keys together, then goto DEVICE MANAGER:idea:0 -
Well i got that up and i can't see any yellow exclamation marks on there.0
-
Well im sorry Timbo, but im all out of ideas:idea:0
-
-
- <Log computer="CHRIS-PC" scan="Normal" version="3.5.7.116" date="2010-10-18T16:56:39" timeSpentInSecs="401" filesProcessed="67820">
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.yieldmanager[2].txt" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@content.yieldmanager[1].txt" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@yieldmanager[1].txt" />
</Item>
- <Item type="Malware" malwareName="Malware" score="117.0" status="Quarantiend">
- <Scanners>
<Scanner id="DrWeb" name="Infected" />
</Scanners>
<File path="C:\Users\Chris\Desktop\ComboFix.exe" hash="D2FA74CE36CB6891E49D5313B479CB68857D6A5774BA0F92ED405E170843032F" />
- <References>
<Key path="HKU\S-1-5-21-1370036104-811610254-1484745332-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Chris\Desktop\ComboFix.exe" />
</References>
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:ad.yieldmanager.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:advertising.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:apmebf.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:atdmt.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:bs.serving-sys.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:doubleclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:mediaplex.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:msnportal.112.2o7.net" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:questionmarket.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:serving-sys.com" />
</Item>
- <Item type="Repair" score="0.0" status="Deleted">
<File path="C:\Users\Janna\Application Data\Mozilla\Firefox\Profiles\6407s990.default\cookies.sqlite:https://www.googleadservices.com" />
</Item>
</Log>0 -
I think it got rid of ComboFix from my computer.0
-
Avira AntiVir Personal
Report file date: 01 November 2010 16:45
Scanning for 2992847 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : CHRIS-PC
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 17/05/2010 09:30:09
AVSCAN.DLL : 10.0.3.0 46440 Bytes 17/05/2010 09:30:09
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 18:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 16:24:15
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 16:22:47
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 14:16:38
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 16:18:54
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 07:02:11
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 15:26:23
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 12:09:22
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 20:49:59
VBASE008.VDF : 7.10.11.133 3454464 Bytes 13/09/2010 11:37:31
VBASE009.VDF : 7.10.11.134 2048 Bytes 13/09/2010 11:37:31
VBASE010.VDF : 7.10.11.135 2048 Bytes 13/09/2010 11:37:31
VBASE011.VDF : 7.10.11.136 2048 Bytes 13/09/2010 11:37:31
VBASE012.VDF : 7.10.11.137 2048 Bytes 13/09/2010 11:37:31
VBASE013.VDF : 7.10.11.165 172032 Bytes 15/09/2010 13:24:12
VBASE014.VDF : 7.10.11.202 144384 Bytes 18/09/2010 13:35:12
VBASE015.VDF : 7.10.11.231 129024 Bytes 21/09/2010 10:19:56
VBASE016.VDF : 7.10.12.4 126464 Bytes 23/09/2010 13:17:24
VBASE017.VDF : 7.10.12.38 146944 Bytes 27/09/2010 11:30:23
VBASE018.VDF : 7.10.12.64 133120 Bytes 29/09/2010 15:36:00
VBASE019.VDF : 7.10.12.99 134144 Bytes 01/10/2010 08:55:00
VBASE020.VDF : 7.10.12.122 131584 Bytes 05/10/2010 05:16:36
VBASE021.VDF : 7.10.12.148 119296 Bytes 07/10/2010 05:26:41
VBASE022.VDF : 7.10.12.175 142848 Bytes 11/10/2010 09:58:47
VBASE023.VDF : 7.10.12.198 131584 Bytes 13/10/2010 15:11:31
VBASE024.VDF : 7.10.12.216 133120 Bytes 14/10/2010 15:11:31
VBASE025.VDF : 7.10.12.238 137728 Bytes 18/10/2010 09:24:38
VBASE026.VDF : 7.10.12.254 129536 Bytes 20/10/2010 09:24:38
VBASE027.VDF : 7.10.13.22 137728 Bytes 22/10/2010 06:31:11
VBASE028.VDF : 7.10.13.39 124416 Bytes 26/10/2010 21:10:54
VBASE029.VDF : 7.10.13.62 141312 Bytes 28/10/2010 05:11:25
VBASE030.VDF : 7.10.13.73 137216 Bytes 29/10/2010 06:54:31
VBASE031.VDF : 7.10.13.76 36864 Bytes 01/11/2010 16:43:24
Engineversion : 8.2.4.86
AEVDF.DLL : 8.1.2.1 106868 Bytes 02/08/2010 16:10:15
AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 20/09/2010 13:35:15
AESCN.DLL : 8.1.6.1 127347 Bytes 17/05/2010 09:30:07
AESBX.DLL : 8.1.3.1 254324 Bytes 17/05/2010 09:30:08
AERDL.DLL : 8.1.9.2 635252 Bytes 22/09/2010 10:20:00
AEPACK.DLL : 8.2.3.11 471416 Bytes 13/10/2010 09:58:56
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 26/07/2010 20:50:17
AEHEUR.DLL : 8.1.2.37 2974072 Bytes 01/11/2010 16:43:33
AEHELP.DLL : 8.1.14.0 246134 Bytes 13/10/2010 09:58:50
AEGEN.DLL : 8.1.3.23 401779 Bytes 01/10/2010 15:36:05
AEEMU.DLL : 8.1.2.0 393588 Bytes 17/05/2010 09:30:07
AECORE.DLL : 8.1.17.0 196982 Bytes 26/09/2010 13:22:46
AEBB.DLL : 8.1.1.0 53618 Bytes 17/05/2010 09:30:06
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 12:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 12:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 16:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 17/05/2010 09:30:10
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 17/05/2010 09:30:10
AVARKT.DLL : 10.0.0.14 227176 Bytes 17/05/2010 09:30:08
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 09:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 12:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 15:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 14:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 17/05/2010 09:30:06
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +GAME,
Start of the scan: 01 November 2010 16:45
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '33' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '53' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'plugin-container.exe' - '77' Module(s) have been scanned
Scan process 'firefox.exe' - '100' Module(s) have been scanned
Scan process 'mcupdate.EXE' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '56' Module(s) have been scanned
Scan process 'avscan.exe' - '81' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'avguard.exe' - '65' Module(s) have been scanned
Scan process 'iPodService.exe' - '30' Module(s) have been scanned
Scan process 'AOLDesktop.exe' - '87' Module(s) have been scanned
Scan process 'ehmsas.exe' - '19' Module(s) have been scanned
Scan process 'ArcCon.ac' - '62' Module(s) have been scanned
Scan process 'mcupdate.EXE' - '33' Module(s) have been scanned
Scan process 'taskeng.exe' - '24' Module(s) have been scanned
Scan process 'taskeng.exe' - '49' Module(s) have been scanned
Scan process 'avcenter.exe' - '78' Module(s) have been scanned
Scan process 'ehtray.exe' - '26' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '48' Module(s) have been scanned
Scan process 'avgnt.exe' - '49' Module(s) have been scanned
Scan process 'realsched.exe' - '32' Module(s) have been scanned
Scan process 'rundll32.exe' - '31' Module(s) have been scanned
Scan process 'mobsync.exe' - '35' Module(s) have been scanned
Scan process 'aolsoftware.exe' - '70' Module(s) have been scanned
Scan process 'ModPS2Key.exe' - '13' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '49' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '16' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '64' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '68' Module(s) have been scanned
Scan process 'svchost.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'SeaPort.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '23' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '31' Module(s) have been scanned
Scan process 'AOLAcsd.exe' - '44' Module(s) have been scanned
Scan process 'ACService.exe' - '24' Module(s) have been scanned
Scan process 'Explorer.EXE' - '134' Module(s) have been scanned
Scan process 'taskeng.exe' - '79' Module(s) have been scanned
Scan process 'Dwm.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'spoolsv.exe' - '86' Module(s) have been scanned
Scan process 'svchost.exe' - '94' Module(s) have been scanned
Scan process 'rundll32.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '82' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '161' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '1666' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Users\Chris\AppData\Roaming\javaw8.dll
[DETECTION] Is the TR/Vundo.79360.AV Trojan
Begin scan in 'D:\' <RECOVERY>
Beginning disinfection:
C:\Users\Chris\AppData\Roaming\javaw8.dll
[DETECTION] Is the TR/Vundo.79360.AV Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] The file could not be deleted!
[NOTE] The file is scheduled for deleting after reboot.
The repair notes were written to the file 'C:\avrescue\rescue.avp'.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards