Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Big Problem With Google Redirect & csrss.exe Virus for XP

Started by jerosakireno , Aug 29 2011 04:16 PM

  • Please log in to reply

#16
RKinner
Posted 02 September 2011 - 04:54 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I think it's a permissions issue. The bug you had likes to change the permissions on files when it sees them used against it.

Try uninstalling MalwareBytes and then download and install it again.

Ron
  • 0

Advertisements

#17
jerosakireno
Posted 06 September 2011 - 04:37 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
That worked!

These were the results of my last scan:



Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7645

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

9/3/2011 8:00:18 PM
mbam-log-2011-09-03 (20-00-12).txt

Scan type: Quick scan
Objects scanned: 180326
Time elapsed: 17 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\02000000f12dedc91270c.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270o.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270p.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270s.manifest (Malware.Trace) -> No action taken.


Still some slight freezing/slow issues but a lot better than what it was!
  • 0

#18
RKinner
Posted 06 September 2011 - 05:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Files Infected:
c:\WINDOWS\system32\02000000f12dedc91270c.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270o.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270p.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\02000000f12dedc91270s.manifest (Malware.Trace) -> No action taken.


Measn you did not:

When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

Run it again.

Try downloading the free Avast again:
http://www.avast.com...ivirus-download
Save it then uninstall the old avast. Reboot and install the new one.

Ron


Ron
  • 0

#19
jerosakireno
Posted 07 September 2011 - 04:59 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
OK I think I accidentally sent you the log it produced even before I checked them off & removed them, I just did another scan in Malwarebytes it came up clean this time.

I re-installed avast, registered & everything, still the same result:

Cannot connect to download713.avast.com(then it gives what looks like an ip address here)

I did realize a couple things. Not sure how and if they are in any relation to this:

1- When my computer starts acting up (slowing down/freezing), I get a popup from Avast asking me if I want to open this potentially unsafe thing in sandbox:

C\Program Files\DAEMON Tools Pro\DTProShellHlp.exe

(I think I used DAEMON Tools a long time ago, I needed it to play a game, or open a program, or something, I forget. I just remember the name.)

2- When I shut down, I get this:

dwwin.exe DLL Initialization Failed

SwiAcroRd32.exe

The instruction at "0x5ad71531" referenced memory at "0x00000014". The memory could not be "read"

Then I just exit that out & it shuts down like its supposed to.
  • 0

#20
RKinner
Posted 07 September 2011 - 05:43 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Uninstall Spybot - Search & Destroy. It can interfere with removing programs. (probably best to go back into msconfig and check it on then reboot before you uninstall it so the uninstaller will see all of it)

Also uninstall PeerBlock 1.1 (r518). Appears it acts as a firewall and it may be blocking your Avast updates.

Then uninstall Adobe Reader 7.0.8. Go to Adobe.com and get the latest version of Adobe Reader. That should fix the shutdown error.

DAEMON Tools Pro doesn't show up in the uninstall list. It's used to trick a DVD based game to run from your hard drive. Let's see if we can remove it.

The official way is to find the file uninst.exe in C:\Program Files\DAEMON Tools Pro\ and run it. If that fails they suggest just deleting the files in the folder and also the file C:\Windows\System32\Drivers\dtscsi.sys. I would also download ShellExView.

http://www.nirsoft.n...s/shexview.html

Use this download:
http://www.nirsoft.n...xview_setup.exe

Once you get it installed, run it and look in the third or fourth column from the RIGHT. It should say MICROSOFT. Click once or twice on MICROSOFT so that items with NO are at the top. Now look through the top entries and see if you find one that refers to DTProShellHlp.exe or anything with DaemonTools. If you find it click on the red dot at the top right to disable it.
Close ShellExView.

Right click on My Computer and select Manage then Device Manager then View, Show Hidden Devices. Then on the right side you look in non plug and play devices (click on the + in front). See if you find dtscsi or sptd. If you do then right click and DISABLE.

Ron
  • 0

#21
jerosakireno
Posted 08 September 2011 - 09:01 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Spybot uninstalled. Peerblock uninstalled. Adobe Reader uninstalled. DAEMON tools had an uninstall file in the program files, I did that too. I found sptd in device manager & disabled it. Then rebooted... Tried Avast & it still wouldnt update. I got the same error.
  • 0

#22
RKinner
Posted 08 September 2011 - 11:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Let's see if we can figure out what is going wrong with the updates.

Start, Run, cmd, OK to open a command window. Type with an enter after each line:

nslookup  download713.avast.com  >>  \junk2.txt

ping download713.avast.com  >>  \junk2.txt

tracert  -d  download713.avast.com  >>  \junk2.txt

notepad  \junk2.txt

(I use two spaces in the code box so you can be sure to see where one space goes)

Copy and paste the text from notepad.

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Let's also try the bitdefender quickscan. (much faster)

http://quickscan.bitdefender.com/

When it finishes there is a report option. Click on it and copy and paste the report (even if it says nothing found).
  • 0

#23
jerosakireno
Posted 09 September 2011 - 07:25 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Junk2 Notepad text:

Server: dslrouter.westell.com
Address: 192.168.1.1

Name: download713.avast.com
Address: 67.228.112.202



Pinging download713.avast.com [67.228.112.202] with 32 bytes of data:



Reply from 67.228.112.202: bytes=32 time=112ms TTL=51

Reply from 67.228.112.202: bytes=32 time=112ms TTL=51

Reply from 67.228.112.202: bytes=32 time=113ms TTL=51

Reply from 67.228.112.202: bytes=32 time=113ms TTL=51



Ping statistics for 67.228.112.202:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 112ms, Maximum = 113ms, Average = 112ms



Tracing route to download713.avast.com [67.228.112.202]

over a maximum of 30 hops:



1 <1 ms <1 ms <1 ms 192.168.1.1

2 24 ms 23 ms 24 ms 10.9.77.1

3 25 ms 25 ms 25 ms 130.81.44.54

4 25 ms 25 ms 25 ms 130.81.151.218

5 25 ms 25 ms 26 ms 152.63.16.137

6 34 ms 34 ms 34 ms 152.63.0.166

7 34 ms 35 ms 35 ms 152.63.20.97

8 33 ms 33 ms 33 ms 157.130.255.206

9 35 ms 85 ms 35 ms 213.155.131.117

10 36 ms 35 ms 36 ms 213.248.72.174

11 59 ms 58 ms 58 ms 173.192.18.132

12 58 ms 58 ms 57 ms 173.192.18.171

13 90 ms 89 ms 90 ms 173.192.18.131

14 90 ms 90 ms 90 ms 173.192.18.168

15 112 ms 112 ms 112 ms 173.192.18.144

16 112 ms 112 ms 149 ms 173.192.18.159

17 112 ms 113 ms 112 ms 67.228.118.138

18 112 ms 112 ms 112 ms 67.228.112.202



Trace complete.



ESET Scan Results:

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam3.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam4.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam5.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam6.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinFakealertttam7.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\defender.exe.vir a variant of Win32/Kryptik.RYF trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Mouth\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\dwm.exe.vir a variant of Win32/Kryptik.SEA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Microsoft\conhost.exe.vir a variant of Win32/Kryptik.SEA trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{1bea190a-a5a8-468d-b10f-c1c2166dd90c}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{20865922-f6b8-4386-bc6d-09cf3a167844}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{6e63418e-b8ef-434f-8d0e-55c24833d871}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{da24410f-e635-488c-bb93-4b2c818e15c6}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{f2901742-7aee-485b-881e-11e8906e3763}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan deleted - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir Win32/Sirefef.CH trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\afd.sys.vir Win32/Sirefef.CO trojan cleaned by deleting - quarantined


BitDefender Scan Results:



QuickScan Beta 32-bit v0.9.9.99
-------------------------------
Scan date: Fri Sep 09 21:21:32 2011
Machine ID: CC6B177F



No infection found.
-------------------



Processes
---------
avast! Antivirus 1152 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
avast! Antivirus 2308 C:\Program Files\AVAST Software\Avast\AvastUI.exe
Firefox 2196 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 112 C:\Program Files\Mozilla Firefox\plugin-container.exe
Firefox 508 C:\Program Files\Mozilla Firefox\plugin-container.exe
Java™ Platform SE 6 U27 1572 C:\Program Files\Java\jre6\bin\jqs.exe
Java™ Platform SE Auto Updater 2 0 2292 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Microsoft® Windows® Operating System 2164 C:\WINDOWS\explorer.exe
Microsoft® Windows® Operating System 2036 C:\WINDOWS\system32\alg.exe
Microsoft® Windows® Operating System 540 C:\WINDOWS\system32\csrss.exe
Microsoft® Windows® Operating System 2384 C:\WINDOWS\system32\ctfmon.exe
Microsoft® Windows® Operating System 620 C:\WINDOWS\system32\lsass.exe
Microsoft® Windows® Operating System 608 C:\WINDOWS\system32\services.exe
Microsoft® Windows® Operating System 484 C:\WINDOWS\system32\smss.exe
Microsoft® Windows® Operating System 1432 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 768 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 844 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 884 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 952 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1036 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 1496 C:\WINDOWS\system32\svchost.exe
Microsoft® Windows® Operating System 208 C:\WINDOWS\system32\wbem\wmiprvse.exe
Microsoft® Windows® Operating System 256 C:\WINDOWS\system32\wbem\wmiprvse.exe
Microsoft® Windows® Operating System 564 C:\WINDOWS\system32\winlogon.exe
Systems Management Server 1720 C:\WINDOWS\system32\CCM\CcmExec.exe
Systems Management Server 1688 C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe
(verified) Microsoft® Visual Studio .NET 1600 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


Network activity
----------------
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 74.125.226.109
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 184.179.111.230
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 209.170.75.176
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 69.171.229.13
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 74.125.226.109
Process AvastSvc.exe (1152) connected on port 80 (HTTP) --> 209.170.75.184

Process svchost.exe (768) listens on ports: 3389 (Terminal Server)
Process svchost.exe (844) listens on ports: 135 (RPC)
Process Wuser32.exe (1688) listens on ports: 2701 (SMS Remote Control (control)), 2702 (SMS Remote Control (data))


Autoruns and critical files
---------------------------
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe
Glary Utilities C:\Program Files\Glary Utilities\initialize.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxsrvc.dll
Java™ Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
MadMACs.exe C:\extracted\MadMACs\MadMACs.exe
Microsoft® Windows® Operating System C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE
Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
PhotoStage Slideshow Producer C:\Program Files\NCH Software\PhotoStage\photostage.exe
VideoPad Video Editor C:\Program Files\NCH Software\VideoPad\videopad.exe
(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
avast! WebRep c:\program files\avast software\avast\aswwebrepie.dll
BitDefender QuickScan C:\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
Burn4Free Toolbar c:\program files\burn4free toolbar\v3.3.0.3\burn4free_toolbar.dll
Java Deployment Toolkit 6.0.270.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java™ Platform SE 6 U27 c:\program files\java\jre6\bin\jp2ssv.dll
Java™ Platform SE 6 U27 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java™ Platform SE 6 U27 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
unagiuninst.exe C:\WINDOWS\Downloaded Program Files\unagiuninst.exe
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll


Scan
----
MD5: f4a569f89a90205a095965ae628625e1 C:\Documents and Settings\theonyxserpent\Application Data\Mozilla\Firefox\Profiles\og0g7s2n.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: 377aa5f5f75b4bfe39b208d94e0a356a C:\extracted\MadMACs\MadMACs.exe
MD5: d244d86cbee4de76ec4d151d9836e808 C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: 08914bc785004fb29cb58ff435ec0a7b C:\Program Files\AVAST Software\Avast\1033\Base.dll
MD5: afde47adfc785bffe2ccaebd31617871 C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll
MD5: 48d892b1b3adb0a6502095ab0014d368 C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MD5: b14242184207da229a3ac25168ffc44a C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MD5: 14e6721d9883753a3c4bcf0159fa9ca8 C:\Program Files\AVAST Software\Avast\AhResBhv.dll
MD5: 8b476d677dfe35efe7b3edbf377f0038 C:\Program Files\AVAST Software\Avast\AhResJs.dll
MD5: 958eae9951d450c33785aaa3e8c18643 C:\Program Files\AVAST Software\Avast\AhResMai.dll
MD5: fae73418fe3e9d62d1dc275c1a6470f7 C:\Program Files\AVAST Software\Avast\AhResMes.dll
MD5: ea273c786c0f7537b84cb91dafc33079 C:\Program Files\AVAST Software\Avast\AhResNS.dll
MD5: 8941988b4aaf4713a3b3fcb294b2edf7 C:\Program Files\AVAST Software\Avast\AhResP2P.dll
MD5: a333dd2e324c6ba76a3d3e4bbcb94f3c C:\Program Files\AVAST Software\Avast\AhResStd.dll
MD5: 9fb89dbf8a2a3c26d036b8569b154590 C:\Program Files\AVAST Software\Avast\AhResWS.dll
MD5: ace9981252e1f262ac276b7615ef6feb C:\Program Files\AVAST Software\Avast\ashBase.dll
MD5: effc885db306a3677cc3a62647c6ad08 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
MD5: f0fe90c1f71fe7f6ddeaef8c0b6c4a24 C:\Program Files\AVAST Software\Avast\ashServ.dll
MD5: f24bdd5c07249766e15078d6a7bf9055 C:\Program Files\AVAST Software\Avast\ashShell.dll
MD5: 96ffbb4c8e32325c1b49a393284f77ee C:\Program Files\AVAST Software\Avast\ashTask.dll
MD5: 53fa4e859b6440eaf6673e813caa7c4e C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MD5: af4a3cca045eee5f7a2280284052e361 C:\Program Files\AVAST Software\Avast\ashWebSv.dll
MD5: 5a312e660ba43a3233efc11146d3a318 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
MD5: 9ad6a0464da99fada8677f495ff84043 C:\Program Files\AVAST Software\Avast\aswAux.dll
MD5: 3992d00ea19fcde5710e31b1768efa20 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MD5: a822e400eb848449368a2d6c99dee8e8 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MD5: d662f9567979fcacac8301b6ce18971b C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MD5: 19c6484fd56c29dee30f1c6f8cbd374d C:\Program Files\AVAST Software\Avast\aswData.dll
MD5: 2fd69aee607066766930ceb925db0459 C:\Program Files\AVAST Software\Avast\aswDld.dll
MD5: dc9ec6dbb7b5ac6d1ec070df4e8ed903 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MD5: 95ffe45120788d0bac3071a913172a58 C:\Program Files\AVAST Software\Avast\aswIdle.dll
MD5: fd2d867fe775cc5357cecf2f14515b61 C:\Program Files\AVAST Software\Avast\aswLog.dll
MD5: 464fdfa22c63d742de476a83042d53f9 C:\Program Files\AVAST Software\Avast\aswProperty.dll
MD5: acd4e66d0abdcd3e74a1673cdeb38fcc C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MD5: f01e06906743d0bc93d51328f4cdb8ce C:\Program Files\AVAST Software\Avast\aswUtil.dll
MD5: 75d85bd73b985dd443ea640c0a907b4f c:\program files\avast software\avast\aswwebrepie.dll
MD5: d16c826f375a44802bf317982e81a7e2 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
MD5: e7cf222185411c6a3e68273c452b3283 C:\Program Files\AVAST Software\Avast\AvastUI.exe
MD5: d28f68d1b224e4b254fd5fcecc941340 C:\Program Files\AVAST Software\Avast\CommonRes.dll
MD5: 4b9c0beca446074297be59623c940a67 C:\Program Files\AVAST Software\Avast\defs\11070401\algo.dll
MD5: ec39064baeb0819098de2ea8814300b9 C:\Program Files\AVAST Software\Avast\defs\11070401\arPot.dll
MD5: b6fcc5d3a69e64c1dc0d9da4059804f9 C:\Program Files\AVAST Software\Avast\defs\11070401\aswCmnBS.dll
MD5: aedcfcd587a453774106aaba9c07fec8 C:\Program Files\AVAST Software\Avast\defs\11070401\aswCmnIS.dll
MD5: dc161d83851521577c26a3f37c995db3 C:\Program Files\AVAST Software\Avast\defs\11070401\aswCmnOS.dll
MD5: ab0350e01c67b22ba5355ea20b16341d C:\Program Files\AVAST Software\Avast\defs\11070401\aswEngin.dll
MD5: a0c02cac04f066772a405d2ff6fa2394 C:\Program Files\AVAST Software\Avast\defs\11070401\aswScan.dll
MD5: fa97ad1885871c3184427138b7c1dd41 C:\Program Files\AVAST Software\Avast\snxhk.dll
MD5: 2a65bb6b66ffece9ffe1019e0420f3f5 c:\program files\burn4free toolbar\v3.3.0.3\burn4free_toolbar.dll
MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: feb7877fe918fb9549601666e6bc59ef C:\Program Files\Glary Utilities\initialize.exe
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 5efb2fb3bb35200434fce38d4819979c C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: 6f158c6029d841a5f37708cc2bbf3362 c:\program files\java\jre6\bin\jp2ssv.dll
MD5: 91061352084424820ac6268808cb8ee3 C:\Program Files\Java\jre6\bin\jqs.exe
MD5: 41700402834f793a8c06731e5cfba62a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 79ac29dbbda1f2e11a827ccbcfed5563 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
MD5: b560f7df9470ba84b19ad992d5133b37 C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MD5: 63346640e170b63970c093f720065dab C:\Program Files\Mozilla Firefox\firefox.exe
MD5: e7c477ea58f91e3876851f6de71bfbcb C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: a75c478bf320f842de2a88b9b1d89c22 C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: f05eaee54f55463c6f39b8690056bcac C:\Program Files\Mozilla Firefox\MOZCPP19.dll
MD5: 68e54f3a442e7760b4c30eb4730b847e C:\Program Files\Mozilla Firefox\MOZCRT19.dll
MD5: 82d22c25e4aa69ab6a9bfbbc18deadc4 C:\Program Files\Mozilla Firefox\mozjs.dll
MD5: f383435fb758553eaa0b676cbee40c9b C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MD5: 7e472227b3bd61985dede5db5c02e61a C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: 6f6b99d53bf0f259a84faba05cba9caa C:\Program Files\Mozilla Firefox\nss3.dll
MD5: 3770d810b47d9f78a35e630d845aea09 C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: 6fb83f9378a3caf028c069661d8128b6 C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: 6421a6afaa6c3c7b8072aefae3d8482a C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 6aeb7558a3cffd5b787419bb85e79e98 C:\Program Files\Mozilla Firefox\plc4.dll
MD5: d88a98a923f3f70a5b8b07a00ae3d64b C:\Program Files\Mozilla Firefox\plds4.dll
MD5: 7653cd0e8f2c0052185673b574db699e C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: 71daa9a24c288cb7df2dd5652a349a41 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 5abaedadcac3fedf7845fc2fd5998ae0 C:\Program Files\Mozilla Firefox\smime3.dll
MD5: ea815921e9c878fe50ad69caaeb763b8 C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: 845acd6333681f9a5aca20a884f77370 C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: bd928a46e7fef6489eaf6b87bfec8f4a C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: dab5dd6fabe6c371c11b1bfc637c63de C:\Program Files\Mozilla Firefox\xul.dll
MD5: 4eb9cff1d60d6fb1e84d0057c17e7cc3 C:\Program Files\NCH Software\PhotoStage\photostage.exe
MD5: 9ff2b5330dc0dfb3decfecc1ea326735 C:\Program Files\NCH Software\VideoPad\videopad.exe
MD5: bcdff548f7d31a2bcf1cf98da7eb5445 C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
MD5: fb537f29a827d78f756154cf397a113f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 6f678556a6fce04fc94f3435f6313705 C:\WINDOWS\Downloaded Program Files\unagiuninst.exe
MD5: 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\explorer.exe
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: cebed017c4965fc4407ccd986ae0a528 C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
MD5: 4fd22142f54692463a7b98b7de175573 C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE
MD5: 875d770f477e0ae0088be1810d537b23 c:\windows\system32\ACTIVEDS.dll
MD5: 13510490bea0997db625daa0178cbfca C:\WINDOWS\system32\actxprxy.dll
MD5: 8ddf0253e783e740bf053e0fe7d8b6fe C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
MD5: 1081c185aed0660b2b5f173c3e023b23 C:\WINDOWS\system32\ADVAPI32.dll
MD5: f1958fbf86d5c004cf19a5951a9514b7 C:\WINDOWS\system32\alg.exe
MD5: eca24ab73fcffa754d4070cdb03529e3 C:\WINDOWS\system32\Apphelp.dll
MD5: 5c3df25926729ebeef5cc7ff1933b360 C:\WINDOWS\system32\AUTHZ.dll
MD5: e3cfccdda4edd1d0dc9168b2e18f27b8 c:\windows\system32\browser.dll
MD5: 6dfa051ab639fda0f77d5a0068efb735 C:\WINDOWS\system32\BROWSEUI.dll
MD5: 08f0190ae201ec331b4ca3b0fa2d2cce C:\WINDOWS\System32\Cabinet.dll
MD5: 309b2b3e20352c7baf5e8324a7dc9721 C:\WINDOWS\system32\CCM\AdvertSched.dll
MD5: d00808b29b8f6f156e9281f42b7ad932 C:\WINDOWS\system32\CCM\CcmCTM.dll
MD5: 990ad28c4f5cec7f2b5533792f30c03e C:\WINDOWS\system32\CCM\CcmDTS.dll
MD5: 258ca873ea70292af5968b4a1676b550 C:\WINDOWS\system32\CCM\CcmExec.exe
MD5: a202b9735372a430676a78072425141b C:\WINDOWS\system32\CCM\CCMGenCert.dll
MD5: ab8933fe6b62eff35e45795aae1a6741 C:\WINDOWS\system32\CCM\ccmhttp.dll
MD5: 48028d82d21da6fcf5fb0326d3b42262 C:\WINDOWS\system32\CCM\ccmident.dll
MD5: 5ef2f287671809f6e757d3c204f8dc4b C:\WINDOWS\system32\CCM\ccmperf.dll
MD5: 1852ffb59ee106537e682f6962705df3 C:\WINDOWS\system32\CCM\CcmTask.dll
MD5: 171303e300d3227ad239482391769ea5 C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\1033\_wuser32.dll
MD5: 0c330a31646b841e9292bf16488b12fb C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\multprot.dll
MD5: 6f37150d5b4e3e1b812d9b6a8d8b6f0d C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\QUEUEBUF.dll
MD5: 71f0b274d222c26ee27e142bf001ab56 C:\WINDOWS\system32\CCM\clicomp\RemCtrl\Wuser32.exe
MD5: 3b6aff30a5b89280f7b200ef34fff872 C:\WINDOWS\system32\CCM\ContentAccess.dll
MD5: 30134f08d27f5c555be3edfb4a93c106 C:\WINDOWS\system32\CCM\CPApplet.dll
MD5: b8d3a1751c1ef5f2957dad10c59fbd39 C:\WINDOWS\system32\CCM\execmgr.dll
MD5: 74752555476a7ef006043c5044458aed C:\WINDOWS\system32\CCM\LSUtilities.dll
MD5: 3d444c7a18222aec1ee0b37952ebfef9 C:\WINDOWS\system32\CCM\MtrMgr.dll
MD5: de5fafae1350da7c1dc6e1d5ae2c1f77 C:\WINDOWS\system32\CCM\PatchInstall.dll
MD5: 9e9159c55f3575c5d4bc1ebb580abff0 C:\WINDOWS\system32\CCM\PatchUIMonitor.dll
MD5: f33e4fa50437e45bf50151020bb226b3 C:\WINDOWS\system32\CCM\PolicyAgent.dll
MD5: 9ad67b67b90733d9b72fb2b7c25e5794 C:\WINDOWS\system32\CCM\PolicyAgentEndpoint.dll
MD5: ac50bda0bef6aab2831c4f9816c91541 C:\WINDOWS\system32\CCM\PolicyAgentProvider.dll
MD5: 8545f7347e6bda4d9f57b3efff24b718 C:\WINDOWS\system32\CCM\Prep.dll
MD5: 08b7f59c6c17ebc7b74e9831072bb438 C:\WINDOWS\system32\CCM\Sched.dll
MD5: a5ce4496c4c16bb91daf2246e9fe188b C:\WINDOWS\system32\CCM\smsclient.dll
MD5: 72d075d0c63e1f5e5411e29f65c24b6a C:\WINDOWS\system32\CCM\smscore.dll
MD5: c5de3c6c86220012ab7bb9eb5b50451d C:\WINDOWS\system32\CCM\SrcUpdateMgr.dll
MD5: a1374bfec65b6873208be36c49c39c02 C:\WINDOWS\system32\CCM\StatusAgent.dll
MD5: 15a5e6f5933a13d7cc608e6df273dcdd C:\WINDOWS\system32\CCM\StatusAgentProxy.dll
MD5: 1a5e583a4254d558635c2afd6097a1d4 C:\WINDOWS\system32\ccmcore.dll
MD5: ad44c5bc21213f394f6afcb55cc39293 c:\windows\system32\certcli.dll
MD5: ec8a848fc4f17f3b3d9da4a0c43fb930 C:\WINDOWS\system32\CLBCATQ.DLL
MD5: 98c1ff6676e02d43da208802286a6ee7 C:\WINDOWS\System32\CLUSAPI.DLL
MD5: 01a04fb59e76697c9171b6327274d371 C:\WINDOWS\system32\colbact.DLL
MD5: b0124cb21d28b1c9f678b566b6b57d92 C:\WINDOWS\system32\comctl32.dll
MD5: 6728270cb7dbb776ed086f5ac4c82310 C:\WINDOWS\system32\COMRes.dll
MD5: 75deb92422d955373825a11f9f74ec6a C:\WINDOWS\system32\comsvcs.dll
MD5: 1ecb753d7ceec8f5a94c9781ca64ec44 c:\windows\system32\credui.dll
MD5: cad4aa32e7eca00c23cc39c0eb833f9d C:\WINDOWS\system32\cryptnet.dll
MD5: 10654f9ddcea9c46cfb77554231be73b c:\windows\system32\cryptsvc.dll
MD5: 587729679b4fe04ce06a5c61d6c56dcd C:\WINDOWS\system32\cscdll.dll
MD5: f12b178b1678d778cfd3ff1fc38c71fb C:\WINDOWS\system32\csrss.exe
MD5: 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe
MD5: 8d9210e9858d525646251dfa1fe37ebe C:\WINDOWS\system32\d3d8thk.dll
MD5: d67bdbbda86cc9aeebbaf3217c1717d8 C:\WINDOWS\system32\d3d9.dll
MD5: 6479a184873f7ca797ff0375d711e9a6 C:\WINDOWS\system32\dbghelp.dll
MD5: ef545e1a4b043da4c84e230dd471c55f c:\windows\system32\dhcpcsvc.dll
MD5: aac8ffbfd61e784fa3bac851d4a0bd5f c:\windows\system32\dnsrslvr.dll
MD5: 55e148c01296696588eafa425782c3e8 C:\WINDOWS\system32\DSOUND.dll
MD5: cacd2c63a79268d131ea37e85524cc44 C:\WINDOWS\system32\dssenh.dll
MD5: 50de118da580208b914b40dd47c90d52 c:\windows\system32\ESENT.dll
MD5: bf941d4aa1db64828fe5498d12f11213 C:\WINDOWS\system32\feclient.dll
MD5: 9376e6893e52b368abc6255bf54f0b28 c:\windows\system32\hidserv.dll
MD5: 765b30c776a1780b46b479fe614f707c C:\WINDOWS\system32\hnetcfg.dll
MD5: 9ad6e9918ee0d836a73790e50ec3635c C:\WINDOWS\system32\icm32.dll
MD5: 6474af152cd6025f781d7a5f2b8b6084 C:\WINDOWS\system32\igfxsrvc.dll
MD5: 5afce94e8286b2f57a04da37f01bf21a C:\WINDOWS\system32\IMAGEHLP.dll
MD5: 87ca7ce6469577f059297b9d6556d66d C:\WINDOWS\system32\IMM32.dll
MD5: f14a6bd840e4d7cd4c0535cb3cef2887 C:\WINDOWS\system32\inetpp.dll
MD5: 011eacf9153ef90e6cbce2987acae411 C:\WINDOWS\system32\iphlpapi.dll
MD5: 36cc8c01b5e50163037bef56cb96deff c:\windows\system32\ipnathlp.dll
MD5: b6acaed7588295129791e0e6a2b0fade C:\WINDOWS\system32\kernel32.dll
MD5: a1a688ee56cf3bbd24edeb815d48e9ba C:\WINDOWS\system32\LINKINFO.dll
MD5: 2e632f071817ad3758c386571cbd9858 C:\WINDOWS\system32\localspl.dll
MD5: 7db59fff2af32c27eb2276424fa5eddb C:\WINDOWS\system32\logonui.exe
MD5: 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe
MD5: af43092e55306659cf366f9b42e4a981 C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MD5: 0346da24de3c85909717d5997510a31f C:\WINDOWS\system32\mlang.dll
MD5: 2cfe80aa3428c09e6de67fac50da65cf C:\WINDOWS\system32\MPR.dll
MD5: 9f78f329b1858e845087b923b4dba0f3 C:\WINDOWS\System32\MPRAPI.dll
MD5: a9753f3343eb7a8bc3b498841c8be6fd C:\WINDOWS\system32\MSCTF.dll
MD5: 3d811bf538d6f359735d757c94f484b6 C:\WINDOWS\system32\msdbg2.dll
MD5: 892f4bc54d486feb4df03e4e2ecb14e0 c:\windows\system32\msi.dll
MD5: aa6741c359e11f101056a609d022e92a C:\WINDOWS\system32\mslbui.dll
MD5: f5ee7cacd1784241f138a5e55b715897 c:\windows\system32\mstlsapi.dll
MD5: 9eea0ca999a33c9d2eabe82e4c624cc3 C:\WINDOWS\system32\MSUTB.dll
MD5: 1f57eb5b92b2ac7f9d71a77d184d8c13 C:\WINDOWS\system32\MSVCP60.dll
MD5: b0fefa816d61ec66aa765ddf534eab5e C:\WINDOWS\system32\msvcrt.dll
MD5: 99f43b9b76c88acead42fe84744f8c87 C:\WINDOWS\system32\MTXCLU.DLL
MD5: e3ae8dc04643850d2dfd431443558b28 C:\WINDOWS\system32\netcfgx.dll
MD5: 36739b39267914ba69ad0610a0299732 c:\windows\system32\netman.dll
MD5: bf52a4d4eb4cfb3109667e429b93e21a c:\windows\system32\netshell.dll
MD5: 01520b46830c8178e1b2c05a4f3f6c16 C:\WINDOWS\System32\NETUI0.dll
MD5: 88b918e7fb3b09595dd8a0fd09a35b8f C:\WINDOWS\System32\NETUI1.dll
MD5: c06986b55981b355090dd34de809e4bb C:\WINDOWS\system32\ntdll.dll
MD5: 6201bacf384292a5fe94ce73364ae53a C:\WINDOWS\system32\NTDSAPI.dll
MD5: daa91b358e685fc6cca9aca72be6fe85 C:\WINDOWS\system32\NTMARTA.DLL
MD5: 385e9aec6e100dbebee5bd1f27a55e1d C:\WINDOWS\system32\ntshrui.dll
MD5: f79d7d98cd764499eccbaaf3f800d349 C:\WINDOWS\system32\ODBC32.dll
MD5: c237fb08f52f27823c4e4e6705ecd196 C:\WINDOWS\system32\odbcint.dll
MD5: ab8231d13692ac5088eb9c226b0c0576 C:\WINDOWS\system32\ole32.dll
MD5: 0144abc4c4a624b583d432ee478a711c C:\WINDOWS\system32\OLEAUT32.dll
MD5: db963459bea73867e50bc92d3a3f61bc C:\WINDOWS\system32\pdh.dll
MD5: 4d3ccdf22d2b4bae229ba73b81d13e26 C:\WINDOWS\system32\psbase.dll
MD5: 5f098bd2ae6b03044b085decffdf91ec C:\WINDOWS\system32\rasadhlp.dll
MD5: cd1f7ed9842138beadf9ecbf37818bef C:\WINDOWS\system32\RASAPI32.dll
MD5: ba5d5fd3cca6f64a429e2e0e1a1a0917 C:\WINDOWS\System32\RASDLG.dll
MD5: 30e244a707e6ce0a4b099cd6384ec6ca C:\WINDOWS\system32\rasman.dll
MD5: 49b5eed5fb89d39456a2f616ccd8ba5d C:\WINDOWS\System32\rasmans.dll
MD5: 04ecec0447f79419ad25227205b8277d C:\WINDOWS\System32\rasppp.dll
MD5: 1d536bebc30dd8d0d3b6ff3b0cd2d32b C:\WINDOWS\System32\rastapi.dll
MD5: 8487fcd4daba31132f317b03d168cabd C:\WINDOWS\system32\rdpwsx.dll
MD5: 899ed710fdc37eb7d0115c2932c2b1eb C:\WINDOWS\system32\REGAPI.dll
MD5: 3151427db7d87107d1c5be58fac53960 c:\windows\system32\regsvc.dll
MD5: 2738c8a33ff07dd3c99c7c8f0a85da72 C:\WINDOWS\System32\RESUTILS.DLL
MD5: 461b6e2f04112e659280314b7a414f30 C:\WINDOWS\system32\RPCRT4.dll
MD5: 01095febf33beea00c2a0730b9b3ec28 c:\windows\system32\rpcss.dll
MD5: 26acbd865f8cff730f1791c4d0854352 C:\WINDOWS\system32\rsaenh.dll
MD5: ebe12f403fde45e7312e7bf764bfb6c6 C:\WINDOWS\system32\SAMLIB.dll
MD5: e15154e7fda8a580a8f74c7cc16b1ffe C:\WINDOWS\system32\SAMSRV.dll
MD5: 0f78e27f563f2aaf74b91a49e2abf19a C:\WINDOWS\system32\scecli.dll
MD5: 9a42c1f3154545a4d32e5043038b01fa C:\WINDOWS\system32\SCESRV.dll
MD5: 92360854316611f6cc471612213c3d92 c:\windows\system32\schedsvc.dll
MD5: d636fa41e50671160d838ea2dace3330 C:\WINDOWS\system32\sclgntfy.dll
MD5: a624930228b698cf5b89f91caf23a908 C:\WINDOWS\system32\security.dll
MD5: 37561f8d4160d62da86d24ae41fae8de C:\WINDOWS\system32\services.exe
MD5: 9858cc4d73a4ccf2f852fae07c11a0b5 C:\WINDOWS\system32\sfc_os.dll
MD5: 695973bae443285beb2706eb36861c59 C:\WINDOWS\system32\SHDOCVW.dll
MD5: 06da8c5383aaf17127fc4b1658ba3f4f C:\WINDOWS\system32\SHELL32.dll
MD5: 43da983415ea533f9e667fdb415f4655 C:\WINDOWS\system32\ShimEng.dll
MD5: 6815def9b810aefac107eeaf72da6f82 C:\WINDOWS\system32\SHSVCS.dll
MD5: bd7fb0957c716f1a60333aee04de2178 C:\WINDOWS\system32\smss.exe
MD5: 063457262374b224226710d8db74c37c C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
MD5: 87b85bc1e1f6e0228876204a20a9c24c C:\WINDOWS\system32\SPOOLSS.DLL
MD5: ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\system32\spoolsv.exe
MD5: 92bdf74f12d6cbec43c94d4b7f804838 c:\windows\system32\srsvc.dll
MD5: 0cb3af149a0bac0836022ca307c7a0f8 c:\windows\system32\srvsvc.dll
MD5: 4b8d61792f7175bed48859cc18ce4e38 c:\windows\system32\ssdpsrv.dll
MD5: 297101a925ecffdcdf7f6341ffbb6c1a C:\WINDOWS\system32\stobject.dll
MD5: 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe
MD5: 0ff9fa27706fbe9048990c108c0d62f0 C:\WINDOWS\system32\sxs.dll
MD5: 9c28b09c8757065d74e662e5a3503c89 C:\WINDOWS\system32\t2embed.dll
MD5: 6307a1b82f6ca87d7e0cdf49e6e7bc00 C:\WINDOWS\system32\TAPI32.dll
MD5: fb78839b36025aa286a51289ed28b73e c:\windows\system32\tapisrv.dll
MD5: e6796d51ced309e46d29c0b787735615 C:\WINDOWS\system32\themeui.dll
MD5: 6d9ac544b30f96c57f8206566c1fb6a1 c:\windows\system32\trkwks.dll
MD5: 586211f4ff4bc49cc215c956919cd33b C:\WINDOWS\system32\umpnpmgr.dll
MD5: 339089d6c3fc3bc5ced8d9049c4d2101 C:\WINDOWS\system32\upnp.dll
MD5: b409909f6e2e8a7067076ed748abf1e7 C:\WINDOWS\system32\USER32.dll
MD5: 2b9b56a89a8a42e917511972a6db36e3 C:\WINDOWS\system32\USERENV.dll
MD5: 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\userinit.exe
MD5: 2cde496666a975a2ce8f969f3042c8db C:\WINDOWS\system32\uxtheme.dll
MD5: 2b281958f5d0cf99ed626e3ef39d5c8d C:\WINDOWS\system32\w32time.dll
MD5: de578e4e6844954823fc7688625f00c8 C:\WINDOWS\system32\wbem\esscli.dll
MD5: 950df6295d3c6b5f2d508dcb1b275b87 C:\WINDOWS\system32\wbem\FastProx.dll
MD5: 05cb782f2c7024aa92b1722a926bbd3a C:\WINDOWS\system32\wbem\framedyn.dll
MD5: 9a66728efe501d855d0ffe3de023ce32 C:\WINDOWS\system32\wbem\repdrvfs.dll
MD5: d815e16232969768d24406df48dd813a C:\WINDOWS\system32\wbem\stdprov.dll
MD5: 4e39c36213e95fb971a61a247bde2f61 C:\WINDOWS\system32\wbem\wbemcomn.dll
MD5: 36360b625d7290bba2cd03ad4975e1bc C:\WINDOWS\system32\wbem\wbemcore.dll
MD5: 6708e1ddf12cab2d5b5a2b66b76e0038 C:\WINDOWS\system32\wbem\wbemess.dll
MD5: 4a12919c441c351797261602997d5a54 C:\WINDOWS\system32\wbem\wmidcprv.dll
MD5: 80b1aa84cd23724c284ad5988f208eb3 C:\WINDOWS\system32\wbem\wmiprvsd.dll
MD5: 31fa172657e941e7cb15c5ccfe36a03e C:\WINDOWS\system32\wbem\wmiprvse.exe
MD5: 0a1161db4fccf7821736c70d70a0f5a3 C:\WINDOWS\system32\wbem\wmiutils.dll
MD5: 265f534ef76832435afbf771ec97176d c:\windows\system32\webclnt.dll
MD5: a1c10f87248529173f39f4b4734df14b C:\WINDOWS\system32\win32spl.dll
MD5: 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe
MD5: 90fdaa22f38d9e911f91fa3b8a1f7e5d C:\WINDOWS\system32\WINMM.dll
MD5: 2c8fdb176f22629ea5342db474fac391 C:\WINDOWS\System32\winrnr.dll
MD5: 7bcb23fa39ce266af4347a6beab60f8c C:\WINDOWS\system32\WINSCARD.DLL
MD5: 3d21b3be0c5768e76fd9780e9cf9e07c C:\WINDOWS\system32\winsrv.dll
MD5: 7bc4ba4c33adf3ef5cd370d99bc60b04 C:\WINDOWS\system32\WINSTA.dll
MD5: 10f36fa092d7a309a0647fcdc764ae6c C:\WINDOWS\system32\WLDAP32.dll
MD5: a599e5e366c1408e48aa5d37882d4e3e C:\WINDOWS\system32\WlNotify.dll
MD5: 4d59daa66c60858cdf4f67a900f42d4a c:\windows\system32\wscsvc.dll
MD5: 366196aaa5664115077aa17a2049a43f C:\WINDOWS\system32\wzcdlg.dll
MD5: 9a9bbc71d0ebcd400a33abcd5f0ab39c c:\windows\system32\WZCSAPI.DLL
MD5: 5a91e6feab9f901302fa7ff768c0120f c:\windows\system32\wzcsvc.dll
MD5: 1320aea7057a26a671d9548cc7bebda5 C:\WINDOWS\system32\xpsp2res.dll
MD5: c4e80875c1cf1222fc5efd0314ae5c01 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll

The following file(s) must be uploaded for server-side scanning:
c:\program files\burn4free toolbar\v3.3.0.3\burn4free_toolbar.dll

Upload started - 1 file(s)
burn4free_toolbar.dll (815104)
Upload speed - 40 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 20 sec
Total traffic - 0.79 MB sent, 1.21 KB recvd
Scanned 414 files and modules - 72 seconds
  • 0

#24
RKinner
Posted 09 September 2011 - 07:51 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
There appears to be nothing wrong with the network connection.

ESET just found stuff that spybot and Combofix had already removed. Quickscan didn't find anything active.

Have you tried a manual update? Right click on the Avast ball and Update, Engine and Virus Definitions. Does that work? Does it offer you a new update to Program?

Ron
  • 0

#25
jerosakireno
Posted 10 September 2011 - 07:48 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
I guess that's good news...

Yes, I tried it manually before, just tried it again, and it just brings me to that same thing where it opens avast, initializes, tries connecting, but doesn't. It says: "cannot connect to download770.avast.com(208.43......)"

& now for some reason BitDefender quickscan has installed itself on my address bar on the top of my screen. I never asked for it to be there, what's the deal with that.
  • 0

Advertisements

#26
RKinner
Posted 11 September 2011 - 12:08 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Just right click on Bitdefender on your bar and select Delete.

Let's see if we can get Avira to work instead of Avast. http://www.avira.com...-free-antivirus (I understand they are now offering the ask.com toolbar with avira. Try to uncheck it. IF you can't just go in and uninstall it afterward.)

Download and save the installer. Uninstall Avast, reboot and then install Avira. Let's see if it can update.

Ron
  • 0

#27
jerosakireno
Posted 13 September 2011 - 06:34 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
So far so good, Avira in, Avast out... Avira seems to have updated sucessfully, here is the log it produced:

Avira AntiVir Personal - Free Antivirus Updater
Engine/VDF update

Creation time: Tue Sep 13 20:24:29 2011


Operating system:
Windows XP (Service Pack 2) [5.1.2600] 32 bit

Product information:
Product version: 10.0.0.652
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.39
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0

Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\

Proxy settings:
System settings used

20:24:36 [UPD] [INFO] Checking whether newer files are available.
20:24:36 [UPD] [INFO] Select update server 'http://80.190.143.238/update'.
20:24:36 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
20:24:38 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/wks_avira10-win32-en-pecl.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.idx'.
20:24:38 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/wks_avira10-win32-en-pecl.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/webcat-common-int.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\webcat-common-int.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/vdf.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/rdf-common-int.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\rdf-common-int.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/ave2-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/wks_avira10-win32-en-pecl-info.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl-info.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/hips-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\hips-win32-int.info.gz'.
20:24:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/idx/detrep-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\detrep-win32-int.info.gz'.
20:24:40 [UPD] [INFO] Compare local files with status of update server
20:24:40 [UPD] [INFO] Checking module SELFUPDATE:
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/antivir.oem' (local, server): a7528c12b9ded5d8252882414f84843a != 4145285156783c9a0cd4a2c12a501201
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/antivir.oem' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avrestart.exe' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avrestart.exe' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/defaults.ini' (local, server): f0ad90d9dde543d607d0393ae451b5f4 != 21b8930469df48cb867c7280177855d0
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/defaults.ini' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/rcimage.dll' (local, server): 10.0.0.26 < 10.0.0.35
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/rcimage.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/rctext.dll' (local, server): 10.0.58.0 < 10.0.64.0
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/rctext.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/restartrc.dll' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/restartrc.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/updext.dll' (local, server): 10.0.0.8 < 10.0.0.10
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/updext.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/updgui.dll' (local, server): 10.0.2.0 < 10.0.2.2
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/updgui.dll' due to product update mode.
20:24:40 [UPD] [INFO] Checking module WEBCAT:
20:24:40 [UPD] [INFO] File 'webcat/common/int/webcat0.dat' does not exist and is being installed.
20:24:40 [UPD] [INFO] File 'webcat/common/int/webcat1.dat' does not exist and is being installed.
20:24:40 [UPD] [INFO] File 'webcat/common/int/webcat2.dat' does not exist and is being installed.
20:24:40 [UPD] [INFO] File 'webcat/common/int/webcat3.dat' does not exist and is being installed.
20:24:40 [UPD] [INFO] File 'webcat/common/int/webcat4.dat' does not exist and is being installed.
20:24:40 [UPD] [INFO] Checking module VDF:
20:24:40 [UPD] [INFO] File 'n_vdf/vbase006.vdf' (local, server): 7.11.10.252 < 7.11.13.60
20:24:40 [UPD] [INFO] File 'n_vdf/vbase007.vdf' (local, server): 7.11.10.253 < 7.11.13.61
20:24:40 [UPD] [INFO] File 'n_vdf/vbase008.vdf' (local, server): 7.11.10.254 < 7.11.13.62
20:24:40 [UPD] [INFO] File 'n_vdf/vbase009.vdf' (local, server): 7.11.10.255 < 7.11.13.63
20:24:40 [UPD] [INFO] File 'n_vdf/vbase010.vdf' (local, server): 7.11.11.0 < 7.11.13.64
20:24:40 [UPD] [INFO] File 'n_vdf/vbase011.vdf' (local, server): 7.11.11.1 < 7.11.13.65
20:24:40 [UPD] [INFO] File 'n_vdf/vbase012.vdf' (local, server): 7.11.11.2 < 7.11.13.66
20:24:40 [UPD] [INFO] File 'n_vdf/vbase013.vdf' (local, server): 7.11.11.75 < 7.11.13.95
20:24:40 [UPD] [INFO] File 'n_vdf/vbase014.vdf' (local, server): 7.11.11.104 < 7.11.13.125
20:24:40 [UPD] [INFO] File 'n_vdf/vbase015.vdf' (local, server): 7.11.11.137 < 7.11.13.157
20:24:40 [UPD] [INFO] File 'n_vdf/vbase016.vdf' (local, server): 7.11.11.138 < 7.11.13.201
20:24:40 [UPD] [INFO] File 'n_vdf/vbase017.vdf' (local, server): 7.11.11.139 < 7.11.13.234
20:24:40 [UPD] [INFO] File 'n_vdf/vbase018.vdf' (local, server): 7.11.11.140 < 7.11.14.16
20:24:40 [UPD] [INFO] File 'n_vdf/vbase019.vdf' (local, server): 7.11.11.141 < 7.11.14.48
20:24:40 [UPD] [INFO] File 'n_vdf/vbase020.vdf' (local, server): 7.11.11.142 < 7.11.14.78
20:24:40 [UPD] [INFO] File 'n_vdf/vbase021.vdf' (local, server): 7.11.11.143 < 7.11.14.109
20:24:40 [UPD] [INFO] File 'n_vdf/vbase022.vdf' (local, server): 7.11.11.144 < 7.11.14.137
20:24:40 [UPD] [INFO] File 'n_vdf/vbase023.vdf' (local, server): 7.11.11.145 < 7.11.14.166
20:24:40 [UPD] [INFO] File 'n_vdf/vbase024.vdf' (local, server): 7.11.11.146 < 7.11.14.167
20:24:40 [UPD] [INFO] File 'n_vdf/vbase025.vdf' (local, server): 7.11.11.147 < 7.11.14.168
20:24:40 [UPD] [INFO] File 'n_vdf/vbase026.vdf' (local, server): 7.11.11.148 < 7.11.14.169
20:24:40 [UPD] [INFO] File 'n_vdf/vbase027.vdf' (local, server): 7.11.11.149 < 7.11.14.170
20:24:40 [UPD] [INFO] File 'n_vdf/vbase028.vdf' (local, server): 7.11.11.150 < 7.11.14.171
20:24:40 [UPD] [INFO] File 'n_vdf/vbase029.vdf' (local, server): 7.11.11.151 < 7.11.14.172
20:24:40 [UPD] [INFO] File 'n_vdf/vbase030.vdf' (local, server): 7.11.11.152 < 7.11.14.173
20:24:40 [UPD] [INFO] File 'n_vdf/vbase031.vdf' (local, server): 7.11.11.179 < 7.11.14.189
20:24:40 [UPD] [INFO] File 'n_vdf/aevdf.dat' (local, server): 7.11.11.179 < 7.11.14.189
20:24:40 [UPD] [INFO] Checking module RDF:
20:24:40 [UPD] [INFO] File 'rdf/common/int/antivir0.rdf' (local, server): 10.0.0.79 < 10.0.0.83
20:24:40 [UPD] [INFO] Checking module AVE2:
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aecore.dll' (local, server): 8.1.22.4 < 8.1.23.0
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aegen.dll' (local, server): 8.1.5.6 < 8.1.5.9
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aehelp.dll' (local, server): 8.1.17.5 < 8.1.17.7
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aeheur.dll' (local, server): 8.1.2.144 < 8.1.2.167
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aeoffice.dll' (local, server): 8.1.2.12 < 8.1.2.13
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aepack.dll' (local, server): 8.2.9.5 < 8.2.10.10
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aerdl.dll' (local, server): 8.1.9.13 < 8.1.9.15
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aescript.dll' (local, server): 8.1.3.73 < 8.1.3.76
20:24:40 [UPD] [INFO] File 'ave2/win32/int/aeset.dat' (local, server): 8.2.6.16 < 8.2.6.60
20:24:40 [UPD] [INFO] Checking module MAIN:
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/alertcat.htm' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/alertcat.htm' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/alertpcc.htm' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/alertpcc.htm' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/alertpcu.htm' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/alertpcu.htm' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/alerttyp.htm' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/alerttyp.htm' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/alertvir.htm' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/alertvir.htm' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ApnIC.dll' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ApnIC.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ApnStub.exe' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ApnStub.exe' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ApnToolbarInstaller.exe' does not exist and is being installed.
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ApnToolbarInstaller.exe' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avarkt.dll' (local, server): 10.0.22.6 < 10.0.26.1
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avarkt.dll' due to product update mode.
20:24:40 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avcenter.exe' (local, server): 10.0.12.29 < 10.0.12.31
20:24:40 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avcenter.exe' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avconfig.dll' (local, server): 10.0.12.25 < 10.0.12.28
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avconfig.dll' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avconfig.exe' (local, server): 10.0.13.16 < 10.0.13.20
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avconfig.exe' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avesvc.dll' does not exist and is being installed.
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avesvc.dll' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/avesvcr.dll' does not exist and is being installed.
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/avesvcr.dll' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avevtlog.dll' (local, server): 10.0.0.8 < 10.0.0.9
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avevtlog.dll' due to product update mode.
20:24:41 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avgio.dll' (local, server): 10.0.8.2 < 10.0.26.1
20:24:41 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avgio.dll' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/xp/avgntflt.inf' (local, server): 9aea7baf904d4a87994e0ca2faacd482 != bfefbb86be35df0ad86fb2eb93202c26
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/xp/avgntflt.inf' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avguard.exe' (local, server): 10.0.1.58 < 10.0.1.59
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avguard.exe' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avhlp.exe' does not exist and is being installed.
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avhlp.exe' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/xp/avipbb.inf' (local, server): e6dda547dea9c5cadae0b566c9a30842 != 08d5b4a2627a542f04d5d81ee1b84eb3
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/xp/avipbb.inf' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avnetworkloader.dll' (local, server): 1.1.8.1 < 1.1.9.0
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avnetworkloader.dll' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avnetworkloadergui.dll' (local, server): 2.1.7.1 < 2.1.7.3
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avnetworkloadergui.dll' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avnotify.exe' (local, server): 10.0.10.14 < 10.0.10.16
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avnotify.exe' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avpref.dll' (local, server): 10.0.0.0 < 10.0.3.2
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avpref.dll' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/avscan.dll' (local, server): 10.0.3.0 < 10.0.5.0
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/avscan.dll' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avscan.exe' (local, server): 10.0.4.2 < 10.3.0.7
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avscan.exe' due to product update mode.
20:24:42 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avsda.dll' does not exist and is being installed.
20:24:42 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avsda.dll' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/avwebgrc.dll' does not exist and is being installed.
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/avwebgrc.dll' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avwebgrd.exe' does not exist and is being installed.
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avwebgrd.exe' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avwebloader.exe' (local, server): 1.1.8.3 < 1.1.8.4
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avwebloader.exe' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/avwmi.dll' (local, server): 10.0.12.1 < 10.0.13.0
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/avwmi.dll' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/build.dat' (local, server): 10.0.0.652 < 10.2.0.700
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/build.dat' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccavscanex.dll' (local, server): 10.0.34.0 < 10.0.35.6
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccavscanex.dll' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/ccavscanexrc.dll' (local, server): 10.0.34.0 < 10.0.35.0
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/ccavscanexrc.dll' due to product update mode.
20:24:43 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccev.dll' (local, server): 10.0.11.14 < 10.0.11.15
20:24:43 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccev.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccgen.dll' (local, server): 10.0.34.0 < 10.0.34.8
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccgen.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccgenw.dll' (local, server): 10.0.7.23 < 10.0.7.24
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccgenw.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccguard.dll' (local, server): 10.0.28.13 < 10.0.28.14
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccguard.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/cchips.dll' (local, server): 10.0.9.0 < 10.0.9.1
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/cchips.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/cclic.dll' (local, server): 10.0.9.23 < 10.0.9.24
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/cclic.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccmsg.dll' (local, server): 10.0.9.35 < 10.0.9.41
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccmsg.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/ccplg.xml' (local, server): b102a380928d43b454ec9feec4ce2476 != fcd473411b26d592cf733b73387c6a99
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/ccplg.xml' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccprofil.dll' (local, server): 10.0.18.4 < 10.0.18.5
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccprofil.dll' due to product update mode.
20:24:44 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccquamgr.dll' (local, server): 10.0.14.3 < 10.0.14.4
20:24:44 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccquamgr.dll' due to product update mode.
20:24:45 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccquaw.dll' (local, server): 10.0.8.25 < 10.0.8.26
20:24:45 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccquaw.dll' due to product update mode.
20:24:45 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccreport.dll' (local, server): 10.0.11.5 < 10.0.11.6
20:24:45 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccreport.dll' due to product update mode.
20:24:45 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccsched.dll' (local, server): 10.0.15.8 < 10.0.15.9
20:24:45 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccsched.dll' due to product update mode.
20:24:45 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/cctpc.dll' (local, server): 10.0.9.6 < 10.0.9.7
20:24:45 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/cctpc.dll' due to product update mode.
20:24:45 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccupdate.dll' (local, server): 10.0.29.10 < 10.0.29.12
20:24:45 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccupdate.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccupdw.dll' (local, server): 10.0.7.25 < 10.0.7.26
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccupdw.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccwgrd.dll' does not exist and is being installed.
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccwgrd.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/ccwgrdrc.dll' does not exist and is being installed.
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/ccwgrdrc.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/ccwgrdw.dll' does not exist and is being installed.
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/ccwgrdw.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/extdlgfw.dll' (local, server): 10.0.11.35 < 10.0.11.37
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/extdlgfw.dll' due to product update mode.
20:24:46 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/fact.exe' (local, server): 10.0.0.21 < 10.0.0.23
20:24:46 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/fact.exe' due to product update mode.
20:24:47 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/factrc.dll' (local, server): 10.0.7.3 < 10.0.8.0
20:24:47 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/factrc.dll' due to product update mode.
20:24:47 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/filelist.ini'. The file will therefore not be taken into account.
20:24:47 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/guardgui.exe' (local, server): 10.0.1.7 < 10.3.0.2
20:24:47 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/guardgui.exe' due to product update mode.
20:24:47 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/inetset.bin' does not exist and is being installed.
20:24:47 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/inetset.bin' due to product update mode.
20:24:47 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/insthlp.exe'. The file will therefore not be taken into account.
20:24:47 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/luke.dll' (local, server): 10.0.3.2 < 10.3.0.5
20:24:47 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/luke.dll' due to product update mode.
20:24:48 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/mgrs.dll' (local, server): 10.0.6.0 < 10.0.7.0
20:24:48 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/mgrs.dll' due to product update mode.
20:24:48 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/onlcfg.dll' does not exist and is being installed.
20:24:48 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/onlcfg.dll' due to product update mode.
20:24:48 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/presetup.exe'. The file will therefore not be taken into account.
20:24:48 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/quicksysscan.avp' is already installed and is not being updated.
20:24:48 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/rchelp.dll' (local, server): 10.0.0.1 < 10.0.0.7
20:24:48 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/rchelp.dll' due to product update mode.
20:24:49 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/setup.dll' (local, server): 10.0.10.0 < 10.0.17.3
20:24:49 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/setup.dll' due to product update mode.
20:24:50 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/setup.exe' (local, server): 10.0.0.36 < 10.0.0.57
20:24:50 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/setup.exe' due to product update mode.
20:24:50 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/sweb.zip' (local, server): cf7aec9385dd4151280fe96ecca06608 != 124aa4d42188c9391da49355a23fc1b5
20:24:50 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/sweb.zip' due to product update mode.
20:24:50 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/toolbar_eula.txt' does not exist and is being installed.
20:24:50 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/toolbar_eula.txt' due to product update mode.
20:24:50 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/vcredist_x86.exe'. The file will therefore not be taken into account.
20:24:50 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/webcat.dll' does not exist and is being installed.
20:24:50 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/webcat.dll' due to product update mode.
20:24:50 [UPD] [INFO] Checking module COMMAPPDATA_AV:
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/addr_file.html' is already installed and is not being updated.
20:24:50 [UPD] [INFO] Checking module COMMAPP:
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/produpd.avj' is already installed and is not being updated.
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/scanjob.avj' is already installed and is not being updated.
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/startupd.avj' is already installed and is not being updated.
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/updjob.avj' is already installed and is not being updated.
20:24:50 [UPD] [INFO] Checking module COMMAPDATA_AV_PROFILES:
20:24:50 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/folder.avp' is already installed and is not being updated.
20:24:50 [UPD] [INFO] Checking module TEXT:
20:24:51 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/avwin.chm' (local, server): 5fe1a0afbf8aac889ae3c1a3e13d4b9d != eabdb42dfeab6f535d52efb5998ca446
20:24:51 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/avwin.chm' due to product update mode.
20:24:51 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/en-us/eula.txt'. The file will therefore not be taken into account.
20:24:51 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/readme.txt' (local, server): 3a2d031fdf627b79b65d8ad7d85cb4ed != 1b0501d3fc55357ec6b56d613ae0d230
20:24:51 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/en-us/readme.txt' due to product update mode.
20:24:51 [UPD] [INFO] Checking module DRV:
20:24:51 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/xp/avgntflt.sys' (local, server): 10.0.8.7 < 10.0.26.9
20:24:51 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/xp/avgntflt.sys' due to product update mode.
20:24:51 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/xp/avipbb.sys' (local, server): 10.0.32.3 < 10.0.32.8
20:24:51 [UPD] [INFO] Excluding File'wks_avira10/win32/en/pecl/xp/avipbb.sys' due to product update mode.
20:24:52 [UPD] [INFO] Checking module PRODINFO:
20:24:52 [UPD] [INFO] File 'wks_avira10/win32/en/pecl/en-us/prodinfo.dat' (local, server): d7c281993b654b8f63b596a8699fbd2d != 82a517c5064690f294032114ef1e0c6a
20:24:52 [UPD] [INFO] Checking module HIPS:
20:24:52 [UPD] [INFO] File 'hips/win32/int/avbb.dll' (local, server): 10.0.11.3 < 10.0.19.1
20:24:52 [UPD] [INFO] Checking module DETREP:
20:24:52 [UPD] [INFO] File 'detrep/win32/int/avreg.dll' (local, server): 10.0.3.2 < 10.3.0.9
20:24:52 [UPD] [INFO] Excluding File'detrep/win32/int/avreg.dll' due to product update mode.
20:24:52 [UPD] [INFO] File 'detrep/win32/int/avrep.dll' (local, server): 10.0.0.8 < 10.0.0.10
20:24:52 [UPD] [INFO] Excluding File'detrep/win32/int/avrep.dll' due to product update mode.
20:24:52 [UPD] [INFO] File 'detrep/win32/int/avscplr.dll' (local, server): 10.0.4.2 < 10.3.0.7
20:24:52 [UPD] [INFO] Excluding File'detrep/win32/int/avscplr.dll' due to product update mode.
20:24:52 [UPD] [INFO] Checking dependencies for product update mode.
20:24:52 [UPD] [INFO] Dependencies have been executed.
20:24:53 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\' requires 10943287 bytes of free disk space.
20:24:53 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\' requires 40339431 bytes of free disk space.
20:24:53 [UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requires 24298641 bytes of free disk space.
20:24:53 [UPD] [INFO] Disk space OK.
20:24:53 [UPD] [INFO] Drive: C:\, free capacity: 3413639168 bytes.
20:24:53 [UPD] [INFO] New files are being downloaded...
20:24:53 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/webcat/common/int/webcat0.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat0.dat.gz'.
20:25:06 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/webcat/common/int/webcat1.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat1.dat.gz'.
20:25:08 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/webcat/common/int/webcat2.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat2.dat.gz'.
20:25:08 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/webcat/common/int/webcat3.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat3.dat.gz'.
20:25:09 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/webcat/common/int/webcat4.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat4.dat.gz'.
20:25:09 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase006.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase006.vdf.gz'.
20:25:23 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase007.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase007.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase008.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase008.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase009.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase009.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase010.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase010.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase011.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase011.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase012.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase012.vdf.gz'.
20:25:24 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase013.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase013.vdf.gz'.
20:25:25 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase014.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase014.vdf.gz'.
20:25:25 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase015.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase015.vdf.gz'.
20:25:26 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase016.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase016.vdf.gz'.
20:25:26 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase017.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase017.vdf.gz'.
20:25:27 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase018.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase018.vdf.gz'.
20:25:27 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase019.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase019.vdf.gz'.
20:25:28 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase020.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase020.vdf.gz'.
20:25:28 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase021.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase021.vdf.gz'.
20:25:29 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase022.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase022.vdf.gz'.
20:25:29 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase023.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase023.vdf.gz'.
20:25:29 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase024.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase024.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase025.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase025.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase026.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase026.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase027.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase027.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase028.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase028.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase029.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase029.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase030.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase030.vdf.gz'.
20:25:30 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/vbase031.vdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase031.vdf.gz'.
20:25:31 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/n_vdf/aevdf.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\aevdf.dat.gz'.
20:25:31 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/rdf/common/int/antivir0.rdf.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\rdf\common\int\antivir0.rdf.gz'.
20:25:32 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aecore.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aecore.dll.gz'.
20:25:32 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aegen.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aegen.dll.gz'.
20:25:33 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aehelp.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aehelp.dll.gz'.
20:25:33 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aeheur.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeheur.dll.gz'.
20:25:37 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aeoffice.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeoffice.dll.gz'.
20:25:38 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aepack.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aepack.dll.gz'.
20:25:39 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aerdl.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aerdl.dll.gz'.
20:25:40 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aescript.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aescript.dll.gz'.
20:25:41 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/ave2/win32/int/aeset.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeset.dat.gz'.
20:25:41 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/wks_avira10/win32/en/pecl/en-us/prodinfo.dat.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira10\win32\en\pecl\en-us\prodinfo.dat.gz'.
20:25:42 [UPD] [INFO] Downloading of 'http://80.190.143.238/update/hips/win32/int/avbb.dll.gz' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\hips\win32\int\avbb.dll.gz'.
20:25:42 [UPD] [INFO] The program is running as an unrestricted full version.
20:26:11 [UPD] [INFO] The engine was successfully validated.
20:26:12 [UPD] [INFO] Status of service 'AntiVirMailService': Not installed
20:26:12 [UPD] [INFO] Status of service 'antivirwebservice': Not installed
20:26:12 [UPD] [INFO] Status of service 'AntiVirService': running
20:26:15 [UPD] [INFO] The service 'AntiVirService' was successfully terminated.
20:26:20 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat0.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\webcat0.dat'.
20:26:20 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat1.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\webcat1.dat'.
20:26:20 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat2.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\webcat2.dat'.
20:26:20 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat3.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\webcat3.dat'.
20:26:20 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat4.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\webcat4.dat'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase006.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase006.vdf'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase007.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase007.vdf'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase008.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase008.vdf'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase009.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase009.vdf'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase010.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase010.vdf'.
20:26:24 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase011.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase011.vdf'.
20:26:25 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase012.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase012.vdf'.
20:26:26 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase013.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase013.vdf'.
20:26:27 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase014.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase014.vdf'.
20:26:27 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase015.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase015.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase016.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase016.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase017.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase017.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase018.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase018.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase019.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase019.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase020.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase020.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase021.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase021.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase022.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase022.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase023.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase023.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase024.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase024.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase025.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase025.vdf'.
20:26:28 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase026.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase026.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase027.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase027.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase028.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase028.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase029.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase029.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase030.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase030.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase031.vdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\vbase031.vdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\aevdf.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aevdf.dat'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\rdf\common\int\antivir0.rdf' was copied to 'C:\Program Files\Avira\AntiVir Desktop\antivir0.rdf'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aecore.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aecore.dll'.
20:26:29 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aegen.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aegen.dll'.
20:26:30 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aehelp.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aehelp.dll'.
20:26:33 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeheur.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aeheur.dll'.
20:26:34 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeoffice.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll'.
20:26:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aepack.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aepack.dll'.
20:26:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aerdl.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aerdl.dll'.
20:26:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aescript.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aescript.dll'.
20:26:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeset.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\aeset.dat'.
20:26:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\wks_avira10\win32\en\pecl\en-us\prodinfo.dat' was copied to 'C:\Program Files\Avira\AntiVir Desktop\prodinfo.dat'.
20:26:38 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\hips\win32\int\avbb.dll' was copied to 'C:\Program Files\Avira\AntiVir Desktop\avbb.dll'.
20:26:38 [UPD] [INFO] Ignoring re-initialization of 'AntiVirService' due to action '10 AntiVirService'.
20:26:57 [UPD] [INFO] The service 'AntiVirService' was started successfully.


Summary:
********
44 Files downloaded
44 Files installed
Downloaded file(s): webcat0.dat; webcat1.dat; webcat2.dat; webcat3.dat; webcat4.dat; vbase006.vdf 7.11.13.60; vbase007.vdf 7.11.13.61;
vbase008.vdf 7.11.13.62; vbase009.vdf 7.11.13.63; vbase010.vdf 7.11.13.64; vbase011.vdf 7.11.13.65; vbase012.vdf 7.11.13.66; vbase013.vdf 7.11.13.95; vbase014.vdf 7.11.13.125;
vbase015.vdf 7.11.13.157; vbase016.vdf 7.11.13.201; vbase017.vdf 7.11.13.234; vbase018.vdf 7.11.14.16; vbase019.vdf 7.11.14.48; vbase020.vdf 7.11.14.78; vbase021.vdf 7.11.14.109;
vbase022.vdf 7.11.14.137; vbase023.vdf 7.11.14.166; vbase024.vdf 7.11.14.167; vbase025.vdf 7.11.14.168; vbase026.vdf 7.11.14.169; vbase027.vdf 7.11.14.170; vbase028.vdf 7.11.14.171;
vbase029.vdf 7.11.14.172; vbase030.vdf 7.11.14.173; vbase031.vdf 7.11.14.189; aevdf.dat 7.11.14.189; antivir0.rdf 10.0.0.83; aecore.dll 8.1.23.0; aegen.dll 8.1.5.9;
aehelp.dll 8.1.17.7; aeheur.dll 8.1.2.167; aeoffice.dll 8.1.2.13; aepack.dll 8.2.10.10; aerdl.dll 8.1.9.15; aescript.dll 8.1.3.76; aeset.dat 8.2.6.60;
prodinfo.dat; avbb.dll 10.0.19.1;

Tue Sep 13 20:27:27 2011
The update was carried out successfully!
  • 0

#28
jerosakireno
Posted 13 September 2011 - 06:35 PM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
& Here are the results of my first scan:


Avira AntiVir Personal
Report file date: Tuesday, September 13, 2011 20:29

Scanning for 3371178 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : theonyxserpent
Computer name : WDT-BMARVELL

Version information:
BUILD.DAT : 10.0.0.652 31824 Bytes 7/20/2011 16:49:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 7/20/2011 15:30:06
AVSCAN.DLL : 10.0.3.0 46440 Bytes 7/20/2011 15:30:45
LUKE.DLL : 10.0.3.2 104296 Bytes 7/20/2011 15:30:32
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 11:53:55
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 11:53:56
VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 15:30:38
VBASE004.VDF : 7.11.8.178 2354176 Bytes 5/31/2011 15:30:40
VBASE005.VDF : 7.11.10.251 1788416 Bytes 7/7/2011 15:30:41
VBASE006.VDF : 7.11.13.60 6411776 Bytes 8/16/2011 00:25:23
VBASE007.VDF : 7.11.13.61 2048 Bytes 8/16/2011 00:25:24
VBASE008.VDF : 7.11.13.62 2048 Bytes 8/16/2011 00:25:24
VBASE009.VDF : 7.11.13.63 2048 Bytes 8/16/2011 00:25:24
VBASE010.VDF : 7.11.13.64 2048 Bytes 8/16/2011 00:25:24
VBASE011.VDF : 7.11.13.65 2048 Bytes 8/16/2011 00:25:24
VBASE012.VDF : 7.11.13.66 2048 Bytes 8/16/2011 00:25:24
VBASE013.VDF : 7.11.13.95 166400 Bytes 8/17/2011 00:25:25
VBASE014.VDF : 7.11.13.125 209920 Bytes 8/18/2011 00:25:25
VBASE015.VDF : 7.11.13.157 184832 Bytes 8/22/2011 00:25:26
VBASE016.VDF : 7.11.13.201 128000 Bytes 8/24/2011 00:25:26
VBASE017.VDF : 7.11.13.234 160768 Bytes 8/25/2011 00:25:27
VBASE018.VDF : 7.11.14.16 141312 Bytes 8/30/2011 00:25:27
VBASE019.VDF : 7.11.14.48 133120 Bytes 8/31/2011 00:25:28
VBASE020.VDF : 7.11.14.78 156160 Bytes 9/2/2011 00:25:28
VBASE021.VDF : 7.11.14.109 126976 Bytes 9/6/2011 00:25:29
VBASE022.VDF : 7.11.14.137 131584 Bytes 9/8/2011 00:25:29
VBASE023.VDF : 7.11.14.166 196096 Bytes 9/12/2011 00:25:29
VBASE024.VDF : 7.11.14.167 2048 Bytes 9/12/2011 00:25:30
VBASE025.VDF : 7.11.14.168 2048 Bytes 9/12/2011 00:25:30
VBASE026.VDF : 7.11.14.169 2048 Bytes 9/12/2011 00:25:30
VBASE027.VDF : 7.11.14.170 2048 Bytes 9/12/2011 00:25:30
VBASE028.VDF : 7.11.14.171 2048 Bytes 9/12/2011 00:25:30
VBASE029.VDF : 7.11.14.172 2048 Bytes 9/12/2011 00:25:30
VBASE030.VDF : 7.11.14.173 2048 Bytes 9/12/2011 00:25:30
VBASE031.VDF : 7.11.14.189 168448 Bytes 9/13/2011 00:25:31
Engineversion : 8.2.6.60
AEVDF.DLL : 8.1.2.1 106868 Bytes 4/21/2011 11:53:28
AESCRIPT.DLL : 8.1.3.76 1626490 Bytes 9/14/2011 00:25:41
AESCN.DLL : 8.1.7.2 127349 Bytes 4/21/2011 11:53:27
AESBX.DLL : 8.2.1.34 323957 Bytes 7/20/2011 15:29:54
AERDL.DLL : 8.1.9.15 639348 Bytes 9/14/2011 00:25:40
AEPACK.DLL : 8.2.10.10 684407 Bytes 9/14/2011 00:25:39
AEOFFICE.DLL : 8.1.2.13 201083 Bytes 9/14/2011 00:25:38
AEHEUR.DLL : 8.1.2.167 3690871 Bytes 9/14/2011 00:25:37
AEHELP.DLL : 8.1.17.7 254327 Bytes 9/14/2011 00:25:33
AEGEN.DLL : 8.1.5.9 401780 Bytes 9/14/2011 00:25:33
AEEMU.DLL : 8.1.3.0 393589 Bytes 4/21/2011 11:53:14
AECORE.DLL : 8.1.23.0 196983 Bytes 9/14/2011 00:25:32
AEBB.DLL : 8.1.1.0 53618 Bytes 4/21/2011 11:53:14
AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/21/2011 11:53:36
AVPREF.DLL : 10.0.0.0 44904 Bytes 7/20/2011 15:30:04
AVREP.DLL : 10.0.0.8 62209 Bytes 7/20/2011 15:30:04
AVREG.DLL : 10.0.3.2 53096 Bytes 7/20/2011 15:30:04
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 7/20/2011 15:30:06
AVARKT.DLL : 10.0.22.6 231784 Bytes 7/20/2011 15:29:58
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 7/20/2011 15:30:03
SQLITE3.DLL : 3.6.19.0 355688 Bytes 7/20/2011 20:40:24
AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/21/2011 11:53:36
NETNT.DLL : 10.0.0.0 11624 Bytes 4/21/2011 11:53:46
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 7/20/2011 15:30:48
RCTEXT.DLL : 10.0.58.0 97128 Bytes 7/20/2011 15:30:48

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Tuesday, September 13, 2011 20:29

The scan of running processes will be started
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CcmExec.exe' - '1' Module(s) have been scanned
Scan process 'Wuser32.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '1658' files ).



End of the scan: Tuesday, September 13, 2011 20:31
Used time: 02:11 Minute(s)

The scan has been done completely.

0 Scanned directories
2256 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2256 Files not concerned
9 Archives were scanned
0 Warnings
0 Notes
  • 0

#29
RKinner
Posted 13 September 2011 - 08:30 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
How is it running now? Any more problems?

Ron
  • 0

#30
jerosakireno
Posted 14 September 2011 - 08:24 AM

jerosakireno

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
For the most part it seems ok... Haven't really used it too much the past couple days... I'll test stuff out tonight & tomorrow, please give me a couple days to do this, I'll get back to you.

Thank you very much for helping out with everything, and your patience.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP