Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus Help


  • Please log in to reply

#1
bravesamwise84

bravesamwise84

    Member

  • Member
  • PipPip
  • 24 posts
AV has continuously been finding trojans for a month now, it seems to me that it is failing to completely root it out and delete it all. I'll post the logfile below. I'm running XP professional, and use Mozilla Firefox, with AV Antivir for virus protection and Malwarebytes for Spyware protection. Any help at all is appreciated! It's not urgent or first priority since things are behaving normally, but I'd just like to get this cleared off! Thanks!



Avira AntiVir Personal
Report file date: Sunday, May 10, 2009 03:44

Scanning for 1385351 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: LAM309RL

Version information:
BUILD.DAT : 8.2.0.348 16934 Bytes 3/23/2009 13:44:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/26/2008 23:59:31
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 16:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 21:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 16:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 06:23:47
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 04:22:08
ANTIVIR2.VDF : 7.1.3.137 1810944 Bytes 4/30/2009 20:56:22
ANTIVIR3.VDF : 7.1.3.178 195584 Bytes 5/8/2009 04:49:39
Engineversion : 8.2.0.166
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 20:56:28
AESCRIPT.DLL : 8.1.1.81 385401 Bytes 5/9/2009 04:50:04
AESCN.DLL : 8.1.1.10 127348 Bytes 4/4/2009 22:30:23
AERDL.DLL : 8.1.1.3 438645 Bytes 11/16/2008 06:24:08
AEPACK.DLL : 8.1.3.16 397686 Bytes 5/9/2009 04:50:01
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/27/2009 06:31:45
AEHEUR.DLL : 8.1.0.128 1757559 Bytes 5/9/2009 04:49:55
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/27/2009 06:31:24
AEGEN.DLL : 8.1.1.42 348531 Bytes 5/9/2009 04:49:42
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/14/2008 19:05:56
AECORE.DLL : 8.1.6.9 176500 Bytes 4/15/2009 03:11:11
AEBB.DLL : 8.1.0.3 53618 Bytes 10/14/2008 19:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 17:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 18:28:01
AVREP.DLL : 8.0.0.3 155688 Bytes 4/21/2009 16:59:17
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 20:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 17:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 21:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/23/2008 02:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 21:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 21:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 22:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 22:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Sunday, May 10, 2009 03:44

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Rachel Loveland\Local Settings\Temp\606.tmp
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\Program Files\Intuit\QuickBooks 2005\Components\DownloadQB15\NewFeatures\.update\.target\.intuit\42632
[0] Archive type: CAB (Microsoft)
--> accmax.down.gif
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\SYSTEM32\gavuzeyi.exe
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\higejuyu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\javavuso.exe
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\jujutoji.dll.tmp
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\mesegahe.dll.tmp
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\niyohaja.dll.tmp
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\SYSTEM32\DRIVERS\sptd7101.sys
[WARNING] The file could not be opened!


End of the scan: Sunday, May 10, 2009 04:38
Used time: 54:19 Minute(s)

The scan has been done completely.

10135 Scanning directories
341165 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
7 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
341154 Files not concerned
15340 Archives were scanned
5 Warnings
7 Notes
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP