Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help removing TR/ATRAPS.gen trojan


  • Please log in to reply

#1
Everyone82

Everyone82

    Member

  • Member
  • PipPip
  • 63 posts
Hello. I recently had a few pop ups from avira that I cant seem to get rid of. Its the same files over and over and same type of trojan it says but the quarantine and delete process or denying access, etc. never work. If you could help I'd greatly appreciate it. I also ran malwarebytes but it found nothing. Included I have pasted the avira report. Thankyou.

Avira AntiVir Personal
Report file date: Friday, January 15, 2010 15:12

Scanning for 1531073 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : SCOTT-CB7764725

Version information:
BUILD.DAT : 9.0.0.418 21723 Bytes 12/2/2009 16:28:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 10/13/2009 16:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 12:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 10:41:54
VBASE002.VDF : 7.10.1.1 2048 Bytes 11/19/2009 10:41:54
VBASE003.VDF : 7.10.1.2 2048 Bytes 11/19/2009 10:41:54
VBASE004.VDF : 7.10.1.3 2048 Bytes 11/19/2009 10:41:54
VBASE005.VDF : 7.10.1.4 2048 Bytes 11/19/2009 10:41:55
VBASE006.VDF : 7.10.1.5 2048 Bytes 11/19/2009 10:41:55
VBASE007.VDF : 7.10.1.6 2048 Bytes 11/19/2009 10:41:55
VBASE008.VDF : 7.10.1.7 2048 Bytes 11/19/2009 10:41:55
VBASE009.VDF : 7.10.1.8 2048 Bytes 11/19/2009 10:41:55
VBASE010.VDF : 7.10.1.9 2048 Bytes 11/19/2009 10:41:55
VBASE011.VDF : 7.10.1.10 2048 Bytes 11/19/2009 10:41:56
VBASE012.VDF : 7.10.1.11 2048 Bytes 11/19/2009 10:41:56
VBASE013.VDF : 7.10.1.79 209920 Bytes 11/25/2009 10:42:00
VBASE014.VDF : 7.10.1.128 197632 Bytes 11/30/2009 10:42:09
VBASE015.VDF : 7.10.1.178 195584 Bytes 12/7/2009 10:42:13
VBASE016.VDF : 7.10.1.224 183296 Bytes 12/14/2009 10:42:17
VBASE017.VDF : 7.10.1.247 182272 Bytes 12/15/2009 10:42:24
VBASE018.VDF : 7.10.2.30 198144 Bytes 12/21/2009 10:42:29
VBASE019.VDF : 7.10.2.63 187392 Bytes 12/24/2009 10:42:33
VBASE020.VDF : 7.10.2.93 195072 Bytes 12/29/2009 10:42:37
VBASE021.VDF : 7.10.2.131 201216 Bytes 1/7/2010 10:43:42
VBASE022.VDF : 7.10.2.158 192000 Bytes 1/11/2010 10:43:46
VBASE023.VDF : 7.10.2.186 200704 Bytes 1/14/2010 10:39:52
VBASE024.VDF : 7.10.2.187 2048 Bytes 1/14/2010 10:39:52
VBASE025.VDF : 7.10.2.188 2048 Bytes 1/14/2010 10:39:52
VBASE026.VDF : 7.10.2.189 2048 Bytes 1/14/2010 10:39:52
VBASE027.VDF : 7.10.2.190 2048 Bytes 1/14/2010 10:39:53
VBASE028.VDF : 7.10.2.191 2048 Bytes 1/14/2010 10:39:53
VBASE029.VDF : 7.10.2.192 2048 Bytes 1/14/2010 10:39:53
VBASE030.VDF : 7.10.2.193 2048 Bytes 1/14/2010 10:39:53
VBASE031.VDF : 7.10.2.196 31232 Bytes 1/15/2010 10:39:53
Engineversion : 8.2.1.142
AEVDF.DLL : 8.1.1.2 106867 Bytes 11/8/2009 12:38:52
AESCRIPT.DLL : 8.1.3.7 594296 Bytes 1/14/2010 10:44:43
AESCN.DLL : 8.1.3.1 127348 Bytes 1/14/2010 10:44:37
AESBX.DLL : 8.1.1.1 246132 Bytes 11/8/2009 12:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 1/14/2010 10:44:37
AEPACK.DLL : 8.2.0.5 422262 Bytes 1/14/2010 10:44:32
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 11/8/2009 12:38:38
AEHEUR.DLL : 8.1.0.195 2232695 Bytes 1/14/2010 10:44:27
AEHELP.DLL : 8.1.10.0 237942 Bytes 1/14/2010 10:44:04
AEGEN.DLL : 8.1.1.83 369014 Bytes 1/14/2010 10:44:01
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/8/2009 12:38:26
AECORE.DLL : 8.1.9.5 184693 Bytes 1/14/2010 10:43:55
AEBB.DLL : 8.1.0.3 53618 Bytes 11/8/2009 12:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 8/26/2009 20:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 10/13/2009 17:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, H:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Friday, January 15, 2010 15:12

Starting search for hidden objects.
'233240' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'uTorrent.exe' - '1' Module(s) have been scanned
Scan process 'wpabaln.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
C:\WINDOWS\aIg.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
Scan process 'aIg.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\aIg.exe'
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Process 'aIg.exe' has been terminated
C:\WINDOWS\aIg.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4bb7d433.qua'!

29 processes with 28 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '42' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\System Volume Information\_restore{BFC28500-B12D-4BE7-BA29-937BE1C0A217}\RP35\A0001785.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
Begin scan in 'H:\' <New Volume>

Beginning disinfection:
C:\System Volume Information\_restore{BFC28500-B12D-4BE7-BA29-937BE1C0A217}\RP35\A0001785.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4b821c04.qua'!


End of the scan: Saturday, January 16, 2010 15:04
Used time: 4:17:07 Hour(s)

The scan has been done completely.

26013 Scanned directories
625808 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
625803 Files not concerned
9043 Archives were scanned
2 Warnings
4 Notes
233240 Objects were scanned with rootkit scan
0 Hidden objects were found
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP