Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I have a virus and can't run antivirus etc :( [Solved]


  • This topic is locked This topic is locked

#151
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
 
 
Avira Free Antivirus
Report file date: Sunday, 22 March 2015  14:05
 
 
The program is running as an unrestricted full version.
Online services are available.
 
Licensee        : Avira Antivirus Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Microsoft Windows XP
Windows version : (Service Pack 3)  [5.1.2600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : COMPUTER
 
Version information:
BUILD.DAT       : 15.0.8.656     91858 Bytes   3/17/2015 13:02:00
AVSCAN.EXE      : 15.0.8.652   1014064 Bytes   3/17/2015 03:01:55
AVSCANRC.DLL    : 15.0.8.652     54064 Bytes   3/17/2015 03:01:55
LUKE.DLL        : 15.0.8.652     60664 Bytes   3/17/2015 03:02:00
AVSCPLR.DLL     : 15.0.8.652     93488 Bytes   3/17/2015 03:01:55
REPAIR.DLL      : 15.0.8.652    365360 Bytes   3/17/2015 03:01:55
REPAIR.RDF      : 1.0.6.52      808024 Bytes   3/22/2015 03:55:53
AVREG.DLL       : 15.0.8.652    265464 Bytes   3/17/2015 03:01:55
AVLODE.DLL      : 15.0.8.656    645368 Bytes   3/17/2015 03:01:54
AVLODE.RDF      : 14.0.4.54      78895 Bytes   3/17/2015 03:01:54
XBV00017.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00018.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00019.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00020.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00021.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00022.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00023.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00024.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00025.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00026.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00027.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00028.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00029.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00030.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00031.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00032.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00033.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00034.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00035.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00036.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00037.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00038.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00039.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00040.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00041.VDF    : 8.11.165.190     2048 Bytes    8/7/2014 03:02:04
XBV00200.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00201.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00202.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00203.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00204.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00205.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00206.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00207.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00208.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00209.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00210.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00211.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00212.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00213.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00214.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00215.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00216.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00217.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00218.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00219.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00220.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00221.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00222.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00223.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00224.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00225.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00226.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00227.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00228.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00229.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00230.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00231.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00232.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00233.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00234.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00235.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00236.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00237.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00238.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00239.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00240.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00241.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00242.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00243.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00244.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00245.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00246.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00247.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00248.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00249.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00250.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00251.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00252.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00253.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00254.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00255.VDF    : 8.11.213.176     2048 Bytes    3/5/2015 03:02:04
XBV00000.VDF    : 7.11.70.0   66736640 Bytes    4/4/2013 03:02:04
XBV00001.VDF    : 7.11.74.226  2201600 Bytes   4/30/2013 03:02:04
XBV00002.VDF    : 7.11.80.60   2751488 Bytes   5/28/2013 03:02:04
XBV00003.VDF    : 7.11.85.214  2162688 Bytes   6/21/2013 03:02:04
XBV00004.VDF    : 7.11.91.176  3903488 Bytes   7/23/2013 03:02:04
XBV00005.VDF    : 7.11.98.186  6822912 Bytes   8/29/2013 03:02:04
XBV00006.VDF    : 7.11.139.38 15708672 Bytes   3/27/2014 03:02:04
XBV00007.VDF    : 7.11.152.100  4193792 Bytes    6/2/2014 03:02:04
XBV00008.VDF    : 8.11.165.192  4251136 Bytes    8/7/2014 03:02:04
XBV00009.VDF    : 8.11.172.30  2094080 Bytes   9/15/2014 03:02:04
XBV00010.VDF    : 8.11.178.32  1581056 Bytes  10/14/2014 03:02:04
XBV00011.VDF    : 8.11.184.50  2178560 Bytes  11/11/2014 03:02:04
XBV00012.VDF    : 8.11.190.32  1876992 Bytes   12/3/2014 03:02:04
XBV00013.VDF    : 8.11.201.28  2973696 Bytes   1/14/2015 03:02:04
XBV00014.VDF    : 8.11.206.252  2695680 Bytes    2/4/2015 03:02:04
XBV00015.VDF    : 8.11.213.84  3175936 Bytes    3/3/2015 03:02:04
XBV00016.VDF    : 8.11.213.176   212480 Bytes    3/5/2015 03:02:04
XBV00042.VDF    : 8.11.213.202     3584 Bytes    3/5/2015 03:02:04
XBV00043.VDF    : 8.11.213.204     2048 Bytes    3/5/2015 03:02:04
XBV00044.VDF    : 8.11.213.230    40960 Bytes    3/5/2015 03:02:04
XBV00045.VDF    : 8.11.214.2     29184 Bytes    3/5/2015 03:02:04
XBV00046.VDF    : 8.11.214.28    25088 Bytes    3/5/2015 03:02:04
XBV00047.VDF    : 8.11.214.30    14848 Bytes    3/5/2015 03:02:04
XBV00048.VDF    : 8.11.214.32     3072 Bytes    3/5/2015 03:02:04
XBV00049.VDF    : 8.11.214.34     2048 Bytes    3/6/2015 03:02:04
XBV00050.VDF    : 8.11.214.38    39424 Bytes    3/6/2015 03:02:04
XBV00051.VDF    : 8.11.214.40     6656 Bytes    3/6/2015 03:02:04
XBV00052.VDF    : 8.11.214.42     4608 Bytes    3/6/2015 03:02:04
XBV00053.VDF    : 8.11.214.44     5120 Bytes    3/6/2015 03:02:04
XBV00054.VDF    : 8.11.214.46    23552 Bytes    3/6/2015 03:02:04
XBV00055.VDF    : 8.11.214.48     3072 Bytes    3/6/2015 03:02:04
XBV00056.VDF    : 8.11.214.50    25600 Bytes    3/6/2015 03:02:04
XBV00057.VDF    : 8.11.214.72     2048 Bytes    3/6/2015 03:02:04
XBV00058.VDF    : 8.11.214.92    48128 Bytes    3/6/2015 03:02:04
XBV00059.VDF    : 8.11.214.112    12800 Bytes    3/6/2015 03:02:04
XBV00060.VDF    : 8.11.214.114     2560 Bytes    3/6/2015 03:02:04
XBV00061.VDF    : 8.11.214.136    32256 Bytes    3/6/2015 03:02:04
XBV00062.VDF    : 8.11.214.138     2048 Bytes    3/6/2015 03:02:04
XBV00063.VDF    : 8.11.214.140     2048 Bytes    3/7/2015 03:02:04
XBV00064.VDF    : 8.11.214.144    34304 Bytes    3/7/2015 03:02:04
XBV00065.VDF    : 8.11.214.146     2048 Bytes    3/7/2015 03:02:04
XBV00066.VDF    : 8.11.214.168    33792 Bytes    3/7/2015 03:02:04
XBV00067.VDF    : 8.11.214.188    71168 Bytes    3/8/2015 03:02:04
XBV00068.VDF    : 8.11.214.190     2048 Bytes    3/8/2015 03:02:04
XBV00069.VDF    : 8.11.214.192     2048 Bytes    3/8/2015 03:02:04
XBV00070.VDF    : 8.11.214.212     2048 Bytes    3/8/2015 03:02:04
XBV00071.VDF    : 8.11.214.232    28672 Bytes    3/8/2015 03:02:04
XBV00072.VDF    : 8.11.214.252    69120 Bytes    3/9/2015 03:02:04
XBV00073.VDF    : 8.11.215.14     3584 Bytes    3/9/2015 03:02:04
XBV00074.VDF    : 8.11.215.32     7168 Bytes    3/9/2015 03:02:04
XBV00075.VDF    : 8.11.215.50    12800 Bytes    3/9/2015 03:02:04
XBV00076.VDF    : 8.11.215.52     5120 Bytes    3/9/2015 03:02:04
XBV00077.VDF    : 8.11.215.70    17920 Bytes    3/9/2015 03:02:04
XBV00078.VDF    : 8.11.215.90     2048 Bytes    3/9/2015 03:02:04
XBV00079.VDF    : 8.11.215.110     2048 Bytes    3/9/2015 03:02:04
XBV00080.VDF    : 8.11.215.132    29696 Bytes    3/9/2015 03:02:04
XBV00081.VDF    : 8.11.215.134    11264 Bytes    3/9/2015 03:02:04
XBV00082.VDF    : 8.11.215.136    11264 Bytes    3/9/2015 03:02:04
XBV00083.VDF    : 8.11.215.138    12288 Bytes   3/10/2015 03:02:04
XBV00084.VDF    : 8.11.215.140    35840 Bytes   3/10/2015 03:02:04
XBV00085.VDF    : 8.11.215.158     6144 Bytes   3/10/2015 03:02:04
XBV00086.VDF    : 8.11.215.174     5632 Bytes   3/10/2015 03:02:04
XBV00087.VDF    : 8.11.215.190     8704 Bytes   3/10/2015 03:02:04
XBV00088.VDF    : 8.11.215.206    19968 Bytes   3/10/2015 03:02:04
XBV00089.VDF    : 8.11.215.222    12800 Bytes   3/10/2015 03:02:04
XBV00090.VDF    : 8.11.215.226     2048 Bytes   3/10/2015 03:02:04
XBV00091.VDF    : 8.11.215.230    14336 Bytes   3/10/2015 03:02:04
XBV00092.VDF    : 8.11.215.234    26112 Bytes   3/10/2015 03:02:04
XBV00093.VDF    : 8.11.215.236    11776 Bytes   3/10/2015 03:02:04
XBV00094.VDF    : 8.11.215.240    22016 Bytes   3/11/2015 03:02:04
XBV00095.VDF    : 8.11.215.242     2048 Bytes   3/11/2015 03:02:04
XBV00096.VDF    : 8.11.215.244     2048 Bytes   3/11/2015 03:02:04
XBV00097.VDF    : 8.11.216.4      7680 Bytes   3/11/2015 03:02:04
XBV00098.VDF    : 8.11.216.20    12800 Bytes   3/11/2015 03:02:04
XBV00099.VDF    : 8.11.216.36    19968 Bytes   3/11/2015 03:02:04
XBV00100.VDF    : 8.11.216.52     2560 Bytes   3/11/2015 03:02:04
XBV00101.VDF    : 8.11.216.54    22016 Bytes   3/11/2015 03:02:04
XBV00102.VDF    : 8.11.216.56     8192 Bytes   3/11/2015 03:02:04
XBV00103.VDF    : 8.11.216.58     4608 Bytes   3/11/2015 03:02:04
XBV00104.VDF    : 8.11.216.60    16896 Bytes   3/11/2015 03:02:04
XBV00105.VDF    : 8.11.216.76    14336 Bytes   3/11/2015 03:02:04
XBV00106.VDF    : 8.11.216.90    30208 Bytes   3/11/2015 03:02:04
XBV00107.VDF    : 8.11.216.104     5632 Bytes   3/12/2015 03:02:04
XBV00108.VDF    : 8.11.216.118     6656 Bytes   3/12/2015 03:02:04
XBV00109.VDF    : 8.11.216.120    24576 Bytes   3/12/2015 03:02:04
XBV00110.VDF    : 8.11.216.122    16896 Bytes   3/12/2015 03:02:04
XBV00111.VDF    : 8.11.216.124     2048 Bytes   3/12/2015 03:02:04
XBV00112.VDF    : 8.11.216.138    16896 Bytes   3/12/2015 03:02:04
XBV00113.VDF    : 8.11.216.140     2048 Bytes   3/12/2015 03:02:04
XBV00114.VDF    : 8.11.216.154     3584 Bytes   3/12/2015 03:02:04
XBV00115.VDF    : 8.11.216.168     2048 Bytes   3/12/2015 03:02:04
XBV00116.VDF    : 8.11.216.182    70144 Bytes   3/12/2015 03:02:04
XBV00117.VDF    : 8.11.216.196     2048 Bytes   3/13/2015 03:02:04
XBV00118.VDF    : 8.11.216.200    46080 Bytes   3/13/2015 03:02:04
XBV00119.VDF    : 8.11.216.214    11776 Bytes   3/13/2015 03:02:04
XBV00120.VDF    : 8.11.216.228     4096 Bytes   3/13/2015 03:02:04
XBV00121.VDF    : 8.11.216.242     2560 Bytes   3/13/2015 03:02:04
XBV00122.VDF    : 8.11.216.254     2560 Bytes   3/13/2015 03:02:04
XBV00123.VDF    : 8.11.217.10     7680 Bytes   3/13/2015 03:02:04
XBV00124.VDF    : 8.11.217.14     2048 Bytes   3/13/2015 03:02:04
XBV00125.VDF    : 8.11.217.16    24576 Bytes   3/13/2015 03:02:04
XBV00126.VDF    : 8.11.217.22    17408 Bytes   3/13/2015 03:02:04
XBV00127.VDF    : 8.11.217.24     2048 Bytes   3/13/2015 03:02:04
XBV00128.VDF    : 8.11.217.26     2048 Bytes   3/13/2015 03:02:04
XBV00129.VDF    : 8.11.217.28    15872 Bytes   3/13/2015 03:02:04
XBV00130.VDF    : 8.11.217.42    84480 Bytes   3/14/2015 03:02:04
XBV00131.VDF    : 8.11.217.54     2048 Bytes   3/14/2015 03:02:04
XBV00132.VDF    : 8.11.217.66     2048 Bytes   3/14/2015 03:02:04
XBV00133.VDF    : 8.11.217.78    19456 Bytes   3/14/2015 03:02:04
XBV00134.VDF    : 8.11.217.90    71680 Bytes   3/15/2015 03:02:04
XBV00135.VDF    : 8.11.217.102     2048 Bytes   3/15/2015 03:02:04
XBV00136.VDF    : 8.11.217.124     6656 Bytes   3/15/2015 03:02:04
XBV00137.VDF    : 8.11.217.136    76800 Bytes   3/16/2015 03:02:04
XBV00138.VDF    : 8.11.217.146     3584 Bytes   3/16/2015 03:02:04
XBV00139.VDF    : 8.11.217.156     3584 Bytes   3/16/2015 03:02:04
XBV00140.VDF    : 8.11.217.166     4096 Bytes   3/16/2015 03:02:04
XBV00141.VDF    : 8.11.217.176    12288 Bytes   3/16/2015 03:02:04
XBV00142.VDF    : 8.11.217.186    13312 Bytes   3/16/2015 03:02:04
XBV00143.VDF    : 8.11.217.188    24064 Bytes   3/16/2015 03:02:04
XBV00144.VDF    : 8.11.217.194     7680 Bytes   3/16/2015 03:02:04
XBV00145.VDF    : 8.11.217.198    31232 Bytes   3/16/2015 03:02:04
XBV00146.VDF    : 8.11.217.208    13824 Bytes   3/16/2015 03:55:04
XBV00147.VDF    : 8.11.217.216     7680 Bytes   3/16/2015 03:55:04
XBV00148.VDF    : 8.11.217.224     2048 Bytes   3/17/2015 03:55:04
XBV00149.VDF    : 8.11.217.232    23552 Bytes   3/17/2015 03:55:04
XBV00150.VDF    : 8.11.217.240     7168 Bytes   3/17/2015 03:55:04
XBV00151.VDF    : 8.11.217.242     9216 Bytes   3/17/2015 03:55:04
XBV00152.VDF    : 8.11.217.244    13824 Bytes   3/17/2015 03:55:04
XBV00153.VDF    : 8.11.217.252     4608 Bytes   3/17/2015 03:55:04
XBV00154.VDF    : 8.11.218.4     10240 Bytes   3/17/2015 03:55:04
XBV00155.VDF    : 8.11.218.6     12800 Bytes   3/17/2015 03:55:04
XBV00156.VDF    : 8.11.218.16    14848 Bytes   3/17/2015 03:55:05
XBV00157.VDF    : 8.11.218.20     2048 Bytes   3/17/2015 03:55:05
XBV00158.VDF    : 8.11.218.28     4096 Bytes   3/17/2015 03:55:05
XBV00159.VDF    : 8.11.218.30    25600 Bytes   3/17/2015 03:55:05
XBV00160.VDF    : 8.11.218.32     2048 Bytes   3/17/2015 03:55:05
XBV00161.VDF    : 8.11.218.34    18432 Bytes   3/17/2015 03:55:05
XBV00162.VDF    : 8.11.218.38    26112 Bytes   3/18/2015 03:55:05
XBV00163.VDF    : 8.11.218.46     4096 Bytes   3/18/2015 03:55:05
XBV00164.VDF    : 8.11.218.52     3584 Bytes   3/18/2015 03:55:05
XBV00165.VDF    : 8.11.218.66     5120 Bytes   3/18/2015 03:55:05
XBV00166.VDF    : 8.11.218.78    24576 Bytes   3/18/2015 03:55:05
XBV00167.VDF    : 8.11.218.88    15360 Bytes   3/18/2015 03:55:05
XBV00168.VDF    : 8.11.218.98    17408 Bytes   3/18/2015 03:55:05
XBV00169.VDF    : 8.11.218.100    10240 Bytes   3/18/2015 03:55:06
XBV00170.VDF    : 8.11.218.102     7680 Bytes   3/18/2015 03:55:06
XBV00171.VDF    : 8.11.218.106    39936 Bytes   3/19/2015 03:55:06
XBV00172.VDF    : 8.11.218.116    37888 Bytes   3/19/2015 03:55:06
XBV00173.VDF    : 8.11.218.126    14336 Bytes   3/19/2015 03:55:06
XBV00174.VDF    : 8.11.218.136    58880 Bytes   3/19/2015 03:55:06
XBV00175.VDF    : 8.11.218.148    79872 Bytes   3/19/2015 03:55:06
XBV00176.VDF    : 8.11.218.150    16896 Bytes   3/19/2015 03:55:06
XBV00177.VDF    : 8.11.218.152     2048 Bytes   3/19/2015 03:55:07
XBV00178.VDF    : 8.11.218.156    44032 Bytes   3/20/2015 03:55:07
XBV00179.VDF    : 8.11.218.158     2048 Bytes   3/20/2015 03:55:07
XBV00180.VDF    : 8.11.218.168    13312 Bytes   3/20/2015 03:55:07
XBV00181.VDF    : 8.11.218.176     7680 Bytes   3/20/2015 03:55:07
XBV00182.VDF    : 8.11.218.184     2048 Bytes   3/20/2015 03:55:07
XBV00183.VDF    : 8.11.218.192    11264 Bytes   3/20/2015 03:55:07
XBV00184.VDF    : 8.11.218.194    15360 Bytes   3/20/2015 03:55:07
XBV00185.VDF    : 8.11.218.198     2048 Bytes   3/20/2015 03:55:07
XBV00186.VDF    : 8.11.218.206     2048 Bytes   3/20/2015 03:55:07
XBV00187.VDF    : 8.11.218.214     2048 Bytes   3/20/2015 03:55:07
XBV00188.VDF    : 8.11.218.222    18432 Bytes   3/20/2015 03:55:07
XBV00189.VDF    : 8.11.218.224    18944 Bytes   3/20/2015 03:55:08
XBV00190.VDF    : 8.11.218.226     2048 Bytes   3/20/2015 03:55:08
XBV00191.VDF    : 8.11.218.228    28160 Bytes   3/20/2015 03:55:08
XBV00192.VDF    : 8.11.218.230     2048 Bytes   3/20/2015 03:55:08
XBV00193.VDF    : 8.11.218.232    14336 Bytes   3/20/2015 03:55:08
XBV00194.VDF    : 8.11.218.238    42496 Bytes   3/21/2015 03:55:08
XBV00195.VDF    : 8.11.218.240     2048 Bytes   3/21/2015 03:55:08
XBV00196.VDF    : 8.11.218.248    24576 Bytes   3/21/2015 03:55:09
XBV00197.VDF    : 8.11.218.250     2048 Bytes   3/21/2015 03:55:09
XBV00198.VDF    : 8.11.218.252     2048 Bytes   3/21/2015 03:55:09
XBV00199.VDF    : 8.11.219.10    33792 Bytes   3/21/2015 03:55:09
LOCAL001.VDF    : 8.11.219.10 125280256 Bytes   3/21/2015 03:56:45
Engine version  : 8.3.30.4  
AEVDF.DLL       : 8.3.1.6       133992 Bytes   3/17/2015 03:01:51
AESCRIPT.DLL    : 8.2.2.58      560248 Bytes   3/22/2015 03:55:03
AESCN.DLL       : 8.3.2.2       139456 Bytes   3/17/2015 03:01:51
AESBX.DLL       : 8.2.20.34    1615784 Bytes   3/17/2015 03:01:51
AERDL.DLL       : 8.2.1.20      731040 Bytes   3/17/2015 03:01:51
AEPACK.DLL      : 8.4.0.62      793456 Bytes   3/17/2015 03:01:51
AEOFFICE.DLL    : 8.3.1.14      354216 Bytes   3/17/2015 03:01:51
AEMOBILE.DLL    : 8.1.7.0       281456 Bytes   3/17/2015 03:01:51
AEHEUR.DLL      : 8.1.4.1606   8256368 Bytes   3/22/2015 03:55:03
AEHELP.DLL      : 8.3.2.0       281456 Bytes   3/22/2015 03:54:55
AEGEN.DLL       : 8.1.7.40      456608 Bytes   3/17/2015 03:01:51
AEEXP.DLL       : 8.4.2.70      255904 Bytes   3/17/2015 03:01:51
AEEMU.DLL       : 8.1.3.4       399264 Bytes   3/17/2015 03:01:51
AEDROID.DLL     : 8.4.3.116    1050536 Bytes   3/17/2015 03:01:51
AECORE.DLL      : 8.3.4.0       243624 Bytes   3/17/2015 03:01:51
AEBB.DLL        : 8.1.2.0        60448 Bytes   3/17/2015 03:01:51
AVWINLL.DLL     : 15.0.8.652     25904 Bytes   3/17/2015 03:01:56
AVPREF.DLL      : 15.0.8.652     53248 Bytes   3/17/2015 03:01:55
AVREP.DLL       : 15.0.8.652    221432 Bytes   3/17/2015 03:01:55
AVARKT.DLL      : 15.0.8.652    228088 Bytes   3/17/2015 03:01:52
AVEVTLOG.DLL    : 15.0.8.652    183600 Bytes   3/17/2015 03:01:53
SQLITE3.DLL     : 15.0.8.652    456440 Bytes   3/17/2015 03:02:03
AVSMTP.DLL      : 15.0.8.652     79360 Bytes   3/17/2015 03:01:56
NETNT.DLL       : 15.0.8.652     17352 Bytes   3/17/2015 03:02:01
RCIMAGE.DLL     : 15.0.8.652   4865328 Bytes   3/17/2015 03:02:02
RCTEXT.DLL      : 15.0.8.652     76744 Bytes   3/17/2015 03:02:02
 
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
 
Start of the scan: Sunday, 22 March 2015  14:05
 
Start scanning boot sectors:
Boot sector 'HDD0(C:)'
    [INFO]      No virus was found!
 
Starting search for hidden objects.
 
The scan of running processes will be started:
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '62' Module(s) have been scanned
Scan process 'dllhost.exe' - '46' Module(s) have been scanned
Scan process 'vssvc.exe' - '50' Module(s) have been scanned
Scan process 'avscan.exe' - '95' Module(s) have been scanned
Scan process 'avcenter.exe' - '90' Module(s) have been scanned
Scan process 'sched.exe' - '48' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '115' Module(s) have been scanned
Scan process 'avgnt.exe' - '83' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '47' Module(s) have been scanned
Scan process 'WPFFontCache_v0400.exe' - '15' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '141' Module(s) have been scanned
Scan process 'Avira.OE.ServiceHost.exe' - '137' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '40' Module(s) have been scanned
Scan process 'chrome.exe' - '120' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '84' Module(s) have been scanned
Scan process 'jucheck.exe' - '58' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'acrotray.exe' - '20' Module(s) have been scanned
Scan process 'CheckNDISPort_df.exe' - '33' Module(s) have been scanned
Scan process 'jusched.exe' - '39' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '36' Module(s) have been scanned
Scan process 'igfxpers.exe' - '23' Module(s) have been scanned
Scan process 'hkcmd.exe' - '22' Module(s) have been scanned
Scan process 'igfxtray.exe' - '27' Module(s) have been scanned
Scan process 'AirGCFG.exe' - '41' Module(s) have been scanned
Scan process 'WZCSLDR2.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '132' Module(s) have been scanned
Scan process 'wscntfy.exe' - '18' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '15' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '6' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '20' Module(s) have been scanned
Scan process 'oodag.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '20' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '21' Module(s) have been scanned
Scan process 'NBService.exe' - '38' Module(s) have been scanned
Scan process 'MDM.EXE' - '21' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'DevSvc.exe' - '44' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '28' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '62' Module(s) have been scanned
Scan process 'SASCORE.EXE' - '21' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '164' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '70' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
 
Starting to scan executable files (registry):
The registry was scanned ( '4219' files ).
 
 
Starting the file scan:
 
Begin scan in 'C:\' <Main>
C:\cmdcons\bootsect.dat
  [DETECTION] Contains code of the BOO/Cidox.A boot sector virus
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WidgiToolbar8.zip
  [DETECTION] Contains suspicious code GEN/PwdZIP
    [0] Archive type: OVL
    --> C:\Documents and Settings\All Users\Documents\myob185\ODBCDirect9\Data1.cab
        [1] Archive type: CAB (Microsoft)
      --> odbcmystpl.dll
          [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
          [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\All Users\Documents\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
C:\Documents and Settings\Work 2\My Documents\Damon\Games\rld-nfl6\Crack\rld-m07kg.exe
  [DETECTION] Is the TR/Obfuscate.C.1000 Trojan
    --> C:\Documents and Settings\Work 2\Application Data\Sun\Java\JRERunOnce.exe
        [1] Archive type: Runtime Packed
      --> C:\Documents and Settings\Work 2\My Documents\Damon\Myob Folder Backups\myob185\ODBCDirect9\Data1.cab
          [2] Archive type: CAB (Microsoft)
        --> odbcmystpl.dll
            [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
            [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Work 2\My Documents\Damon\Myob Folder Backups\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
C:\Documents and Settings\Work 2\My Documents\Damon\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\crack\DSRegVEM.dll
  [DETECTION] Contains recognition pattern of the DR/PcClient.egnu dropper
C:\Documents and Settings\Work 2\My Documents\Home Movies\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\crack\DSRegVEM.dll
  [DETECTION] Contains recognition pattern of the DR/PcClient.egnu dropper
C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1fac5625-5f3d5002.zip
  [DETECTION] Is the TR/Femad.Java.3 Trojan
      --> C:\Documents and Settings\Work 2\My Documents\Damon\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\videoeditmagic.exe
          [2] Archive type: Inno Setup
        --> C:\Documents and Settings\Work 2\My Documents\Desktop Temp\CL-Eye-Driver-5.3.0.0341.exe
            [3] Archive type: NSIS
          --> ProgramFilesDir/WinUSBCoInstaller2.dll
              [4] Archive type: RSRC
            --> C:\Documents and Settings\Work 2\My Documents\Downloads\chromeinstall-7u45 (1).exe
                [5] Archive type: Runtime Packed
              --> C:\Documents and Settings\Work 2\My Documents\Downloads\chromeinstall-7u45.exe
                  [6] Archive type: Runtime Packed
                --> C:\Documents and Settings\Work 2\My Documents\Downloads\Programs\jxpiinstall.exe
                    [7] Archive type: Runtime Packed
                  --> C:\Documents and Settings\Work 2\My Documents\Home Movies\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\videoeditmagic.exe
                      [8] Archive type: Inno Setup
                    --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\fingerclicks.zip
                        [9] Archive type: ZIP
                      --> arabic.exe
                          [10] Archive type: RSRC
                        --> AV000ea38a.AV$
                            [11] Archive type: RSRC
                          --> IPhone.exe
                              [12] Archive type: RSRC
                            --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\UMSetup.exe
                                [13] Archive type: RSRC
                              --> AV000ea3c0.AV$
                                  [14] Archive type: RSRC
                                --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\UniversalRemote_trial.exe
                                    [15] Archive type: RSRC
                                  --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\VitoRemote.zip
                                      [16] Archive type: ZIP
                                    --> VITORemote.exe
                                        [17] Archive type: RSRC
                                      --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\fingerclicks\arabic.exe
                                          [18] Archive type: RSRC
                                        --> AV000ea44d.AV$
                                            [19] Archive type: RSRC
                                          --> C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\My Documents\Downloads\PPC\fingerclicks\IPhone.exe
                                              [20] Archive type: RSRC
                                            --> AV000ea45f.AV$
                                                [21] Archive type: RSRC
                                              --> C:\Documents and Settings\Work 2\My Documents\Programs\Ulead VideoStudio 11 Plus.exe
                                                  [22] Archive type: CAB SFX (self extracting)
                                                --> C:\Documents and Settings\Work 2\My Documents\Programs\GTi.Survival.Pack\IsoBuster Pro 2.3.0.1 - Final.rar
                                                    [23] Archive type: RAR
                                                  --> IsoBuster Pro 2.3.0.1 - Final\keygen.exe
                                                      [DETECTION] Is the TR/Agent.uij.1 Trojan
                                                      [WARNING]   Infected files in archives cannot be repaired
C:\Documents and Settings\Work 2\My Documents\Programs\GTi.Survival.Pack\IsoBuster Pro 2.3.0.1 - Final.rar
  [DETECTION] Is the TR/Agent.uij.1 Trojan
                                                --> C:\Documents and Settings\Work 2\My Documents\PS3\p3tcompiler_v101\p3tcompiler.exe
                                                    [23] Archive type: RSRC
                                                  --> C:\Documents and Settings\Work 2\My Documents\PS3\Themes\PS3_Custom_Theme_v101-E.zip
                                                      [24] Archive type: ZIP
                                                    --> C:\Documents and Settings\Work 2\My Documents\PS3\Themes\p3tcompiler_v101\p3tcompiler.exe
                                                        [25] Archive type: RSRC
                                                      --> C:\Documents and Settings\Work 2\My Documents\PS3\Themes\p3textractor\p3tcompiler.exe
                                                          [26] Archive type: RSRC
                                                        --> C:\Documents and Settings\Work 2\My Documents\Software\PS3_Custom_Theme_v101-E.zip
                                                            [27] Archive type: ZIP
                                                          --> C:\Documents and Settings\Work 2\My Documents\Software\Ulead VideoStudio 11 Plus.exe
                                                              [28] Archive type: CAB SFX (self extracting)
                                                            --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\fingerclicks.zip
                                                                [29] Archive type: ZIP
                                                              --> arabic.exe
                                                                  [30] Archive type: RSRC
                                                                --> AV00153ad9.AV$
                                                                    [31] Archive type: RSRC
                                                                  --> IPhone.exe
                                                                      [32] Archive type: RSRC
                                                                    --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\UMSetup.exe
                                                                        [33] Archive type: RSRC
                                                                      --> AV00153b0f.AV$
                                                                          [34] Archive type: RSRC
                                                                        --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\UniversalRemote_trial.exe
                                                                            [35] Archive type: RSRC
                                                                          --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\VitoRemote.zip
                                                                              [36] Archive type: ZIP
                                                                            --> VITORemote.exe
                                                                                [37] Archive type: RSRC
                                                                              --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\fingerclicks\arabic.exe
                                                                                  [38] Archive type: RSRC
                                                                                --> AV00153b9c.AV$
                                                                                    [39] Archive type: RSRC
                                                                                  --> C:\Documents and Settings\Work 2\My Documents\Software\PPC\fingerclicks\IPhone.exe
                                                                                      [40] Archive type: RSRC
                                                                                    --> AV00153bae.AV$
                                                                                        [41] Archive type: RSRC
                                                                                      --> C:\myob185\ODBCDirect9\Data1.cab
                                                                                          [42] Archive type: CAB (Microsoft)
                                                                                        --> odbcmystpl.dll
                                                                                            [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
                                                                                            [WARNING]   Infected files in archives cannot be repaired
C:\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
C:\MYOBODBCAU9\bin\iwinnt\ODBCMYSTPL.dll
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
 
Beginning disinfection:
C:\MYOBODBCAU9\bin\iwinnt\ODBCMYSTPL.dll
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '56972141.qua'!
C:\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '4ed20e83.qua'!
C:\Documents and Settings\Work 2\My Documents\Programs\GTi.Survival.Pack\IsoBuster Pro 2.3.0.1 - Final.rar
  [DETECTION] Is the TR/Agent.uij.1 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '1c72547d.qua'!
C:\Documents and Settings\Work 2\My Documents\Old Hard Drive\Damon\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-1fac5625-5f3d5002.zip
  [DETECTION] Is the TR/Femad.Java.3 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '7a491bbf.qua'!
C:\Documents and Settings\Work 2\My Documents\Home Movies\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\crack\DSRegVEM.dll
  [DETECTION] Contains recognition pattern of the DR/PcClient.egnu dropper
  [NOTE]      The file was moved to the quarantine directory under the name '3fdc36e2.qua'!
C:\Documents and Settings\Work 2\My Documents\Damon\Video Suite - Everything You Could Need\Video tools\Video Edit Magic 4.14\crack\DSRegVEM.dll
  [DETECTION] Contains recognition pattern of the DR/PcClient.egnu dropper
  [NOTE]      The file was moved to the quarantine directory under the name '40c70483.qua'!
C:\Documents and Settings\Work 2\My Documents\Damon\Myob Folder Backups\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '0c9d28bb.qua'!
C:\Documents and Settings\Work 2\My Documents\Damon\Games\rld-nfl6\Crack\rld-m07kg.exe
  [DETECTION] Is the TR/Obfuscate.C.1000 Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '707568f0.qua'!
C:\Documents and Settings\All Users\Documents\myob185\ODBCDirect9\Data1.cab
  [DETECTION] Is the TR/PSW.Kykymber.zdv Trojan
  [NOTE]      The file was moved to the quarantine directory under the name '5ddf47bb.qua'!
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WidgiToolbar8.zip
  [DETECTION] Contains suspicious code GEN/PwdZIP
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      The file was moved to the quarantine directory under the name '44477c29.qua'!
C:\cmdcons\bootsect.dat
  [DETECTION] Contains code of the BOO/Cidox.A boot sector virus
  [NOTE]      The file was moved to the quarantine directory under the name '28145020.qua'!
 
 
End of the scan: Sunday, 22 March 2015  19:03
Used time:  4:21:29 Hour(s)
 
The scan has been done completely.
 
  31473 Scanned directories
 2229441 Files were scanned
     14 Viruses and/or unwanted programs were found
      1 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
     11 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 2229426 Files not concerned
  47312 Archives were scanned
      4 Warnings
     11 Notes
 1306696 Objects were scanned with rootkit scan
      0 Hidden objects were found

  • 0

Advertisements


#152
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Hello again Damon,

Just a bit of housekeeping now and after that, all going well, we can clear away the tools we have been using.

Now

Your Flashplayer is out of date. Older versions are vunerable to attack.

Go here to download the latest Adobe Flash Player

You may see a checked box allowing installation of foistware. It might have something like "Yes, to install free McAfee Security Scan Plus to check the status on my PC security" or "Yes install Chrome as default browser and Google Toolbar for Internet Explorer". Make sure you uncheck any option like that before downloading.

Note: From time to time software suppliers change the foistware options so it may not show the one quoted in the instructions above. Just take care to untick any boxes offering an option to download or install any other program.

Step 2

Your Java is out of date. Older versions are vulnerable to attack.

Please follow these steps:
 

  • Download and install Java for Windows

    Note: When installing make sure you untick any boxes that install any other program such as Ask Tool Bar, Ask Search Engine, McAfee site advisor, Chrome or some such. They are foistware and you don't need them.

    Reboot your computer.
    You also need to unininstall older versions of Java.
       
  • Click Start > Control Panel > Uninstall a program
       
  • Remove all Java updates except the latest one you have just installed.

Step 3

Run TFC to remove temporary files.

Step 4



Care: Do not download and use if your hard drive is SSD (Solid State Disk).


Assuming you do not have an SSD drive, download Auslogics Disk Defrag( Note - click the button that says "No, thank you Just give me the Disk Defrag Free) and save somewhere you can find it.

Double click and follow the prompts to install it. Note: only install the defrag utility. Some versions come with Askbar toolbars... do not install those or any other foistware that might be promoted.

Once installed, run the defrag utility.

At the end the utility may tell you that it has found Junk Files and recommend that you run a scan to remove. Disregard that suggestion, it is a promotion of a tool you don't need. All we are interested in here is the defrag. process.

Note: Do not download Windows Registry Cleaner which is promoted at the same site.

Lastly

Come back and tell me how your machine is now.

 


  • 0

#153
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

Morning :)

All the above steps have gone fine. The defrag only went from 13.65 to 13.64%. Everything else seems fine.

Cheers


  • 0

#154
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Hello Damon,

 

Hurray!!! :cool:

 

Bit of a tough one, your machine had a nasty Alureon/TDSS infection. Pesky thing was persistent and difficult to get rid of. Brilliant that you hung in there until we got it. :thumbsup:

 

Now

 

We have a couple of last steps to perform and then you're all set.

To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

  • Remove disinfection tools
  • Purge System Restore

    Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.

       
  • Click Start > Control Panel > Add or Remove Programs
       
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

For some common sense advice about protecting your computer read URL=http://www.microsoft...ect-pc.aspx]Howto boost your malware defense and protect your PC[/URL]

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

 


  • 0

#155
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

Hi emeraldnzl.

 

Awesome stuff thank you so much for your help, time and effort on this it's very very much appreciated!

I will definitely be flicking you a donation, not likely what the help is worth unfortunately but what I can afford, I'm wholeheartedly grateful.

It's funny I actually live in Emerald (Aus) :)

Do you think I should stick with Avira free? I was thinking about paying for AVG Internet Security 2015? It concerns me a bit that I was using AVG free when I was infected. Should I be running anything else with my anti virus? I may upgrade to Windows 8.

Thanks again, cheers

 


  • 0

#156
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
# DelFix v10.9 - Logfile created 24/03/2015 at 06:27:43
# Updated 27/02/2015 by Xplode
# Username : Work 2 - COMPUTER
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\Qoobox
Deleted : C:\FRST
Deleted : C:\ComboFix.txt
Deleted : C:\Documents and Settings\Work 2\Desktop\Addition.txt
Deleted : C:\Documents and Settings\Work 2\Desktop\ComboFix.exe
Deleted : C:\Documents and Settings\Work 2\Desktop\FRST.exe
Deleted : C:\Documents and Settings\Work 2\Desktop\FRST.txt
Deleted : C:\Documents and Settings\Work 2\Desktop\tdsskiller.exe
Deleted : C:\Documents and Settings\Work 2\Desktop\TFC.exe
Deleted : C:\WINDOWS\grep.exe
Deleted : C:\WINDOWS\PEV.exe
Deleted : C:\WINDOWS\NIRCMD.exe
Deleted : C:\WINDOWS\MBR.exe
Deleted : C:\WINDOWS\SED.exe
Deleted : C:\WINDOWS\SWREG.exe
Deleted : C:\WINDOWS\SWSC.exe
Deleted : C:\WINDOWS\SWXCACLS.exe
Deleted : C:\WINDOWS\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
 
~ Cleaning system restore ...
 
 
New restore point created !
 
########## - EOF - ##########

  • 0

#157
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Looks like DelFix did it's job. :thumbsup:

A heads up now:

Your machine had a nasty back door rootkit infection.

 

Change passwords on all sites you use and make sure you check any banking and credit card accounts you accessed with the infected machine.
 

I will definitely be flicking you a donation, not likely what the help is worth unfortunately but what I can afford, I'm wholeheartedly grateful.


Not necessary but thank your for your thought. :)
 

Do you think I should stick with Avira free?


Up to you. Some people find the pop ups offering upgrades annoying. I think it's a small price to pay for an excellent AV. If you want to go for a paid version then I would recommend Avira over AVG. I don't think the ASK search engine option is in the paid for version so while I would avoid it if it is there I don't think it is a worry. Another option is Avast free or paid for which I would also rate above AVG.

As far as paid for ones generally are concerned this link will take you to an independent site showing comparatives for Anti-virus products. Look at comparatives with caution because one month a program may do well and in another not so well.

http://www.av-comparatives.org/

All of the ones shown there are good products. Sometimes it comes down to your personal taste. In other words you like a particular product because to you it is user friendly or looks good.

Ones I personally like at the moment are  Avira, Avast, ESET and Kaspersky but that is only a personal preference and my preferences do change as products undergo improvement.
 

It's funny I actually live in Emerald (Aus) :)


That is some coincidence. Fate it seems... :cool:
 

Awesome stuff thank you so much for your help, time and effort on this it's very very much appreciated!


You are very welcome. :happy:

I will keep this topic open for a day or two in case any issues arise.

 


  • 0

#158
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

Thanks, should I uninstall Superantispyware? CCleaner? Should I run that or Malwarebytes or some such with my antivirus?

 

Cheers


  • 0

#159
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

I would keep either or SUPERAntiSpyware or Malwarebytes. Not the real time paid for version but the free one that you can manually updated and run say once a week. You have SAS already on your machine so that might be the simplest, up to you.

 

As far as CCleaner is concerned, while it is a good cleaner it comes with a Registry Cleaner. We do not recommend registry cleaners. They are not necessary and are notorious for causing problems on peoples computers. Often the problem doesn't appear until well down the track. A small change to the registry can go unnoticed until one day you call on that function and find it won't work anymore or alternatively an associated utility doesn't work properly.

 

The cleaner I use is TFC which is safer and was specifically developed by one of our experts for XP, Vista and Win7 machines. I use it once a week on my computers.

 

DelFix has removed TFC in the clean up process.

 

Here are the instructions for it again. You can download it and keep it for future use. :)

 

Download TFC.exe from  here (Vista and above users right click and run as Administrator).

If you are asked "Do you want to allow the following program..." click yes.

The "Temp file cleaner by Oldtimer" console will pop up. Click continue and allow it to do it's job.

You may be asked to reboot when it is finished. Please do so.

If you are not asked to reboot you may be confronted with two windows. One will be the Temp File Cleaner console with a report of what has been cleaned. The other will just be a window showing your libraries etc. They can both be closed.

You are finished.
 


  • 0

#160
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

ok, good stuff thanks again :)


  • 0

Advertisements


#161
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

:thumbsup:


  • 0

#162
Damon(V)

Damon(V)

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

Donation sent :)


  • 0

#163
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Very kind of you.

 

It's nice to be appreciated. :)


  • 0

#164
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP