1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Malwarebytes & Avira Logs

Discussion in 'Malware and Virus Removal Archive' started by Yana, 2011/11/28.

Thread Status:
Not open for further replies.
  1. 2011/11/28
    Yana

    Yana Inactive Thread Starter

    Joined:
    2007/10/30
    Messages:
    7
    Likes Received:
    0
    [Inactive] Malwarebytes & Avira Logs

    I ran Malwarebytes on Nov 21st and had no problem there. Now I found a trojan, and I can't help but think that MS Security Essentials provides less protection than Avira. I don't know what it means that the trojan was found in the Recycle Bin. While I doubt that removing the trojan will fix the Windows Update issue, I decided to go back to Avira. Even with its fault of putting a spyware toolbar installer package in the computer, I still think it gives the best protection. Here are the logs:

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8212

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    11/28/2011 2:10:00 PM
    mbam-log-2011-11-28 (14-10-00).txt

    Scan type: Quick scan
    Objects scanned: 214540
    Time elapsed: 2 minute(s), 28 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\$Recycle.Bin\s-1-5-21-2423421783-3903042819-2472465209-1001\$R68PC6F.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    __________



    Avira Free Antivirus
    Report file date: Monday, November 28, 2011 14:40

    Scanning for 3488634 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : Avira AntiVir Personal - Free Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows 7 x64
    Windows version : (Service Pack 1) [6.1.7601]
    Boot mode : Normally booted
    Username :
    Computer name :

    Version information:
    BUILD.DAT : 12.0.0.849 41825 Bytes 9/23/2011 20:19:00
    AVSCAN.EXE : 12.1.0.17 490448 Bytes 9/24/2011 02:04:46
    AVSCAN.DLL : 12.1.0.17 54224 Bytes 9/23/2011 21:34:56
    LUKE.DLL : 12.1.0.17 68304 Bytes 9/23/2011 20:55:16
    AVSCPLR.DLL : 12.1.0.19 99536 Bytes 9/23/2011 20:02:36
    AVREG.DLL : 12.1.0.20 227024 Bytes 9/23/2011 19:54:30
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 04:18:34
    VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 19:07:39
    VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 01:08:51
    VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 20:00:55
    VBASE004.VDF : 7.11.8.178 2354176 Bytes 5/31/2011 20:18:22
    VBASE005.VDF : 7.11.10.251 1788416 Bytes 7/7/2011 22:12:53
    VBASE006.VDF : 7.11.13.60 6411776 Bytes 8/16/2011 17:26:09
    VBASE007.VDF : 7.11.15.106 2389504 Bytes 10/5/2011 22:39:08
    VBASE008.VDF : 7.11.18.32 2132992 Bytes 11/24/2011 22:39:17
    VBASE009.VDF : 7.11.18.33 2048 Bytes 11/24/2011 22:39:17
    VBASE010.VDF : 7.11.18.34 2048 Bytes 11/24/2011 22:39:17
    VBASE011.VDF : 7.11.18.35 2048 Bytes 11/24/2011 22:39:18
    VBASE012.VDF : 7.11.18.36 2048 Bytes 11/24/2011 22:39:18
    VBASE013.VDF : 7.11.18.89 204800 Bytes 11/28/2011 22:39:19
    VBASE014.VDF : 7.11.18.90 2048 Bytes 11/28/2011 22:39:19
    VBASE015.VDF : 7.11.18.91 2048 Bytes 11/28/2011 22:39:19
    VBASE016.VDF : 7.11.18.92 2048 Bytes 11/28/2011 22:39:20
    VBASE017.VDF : 7.11.18.93 2048 Bytes 11/28/2011 22:39:20
    VBASE018.VDF : 7.11.18.94 2048 Bytes 11/28/2011 22:39:20
    VBASE019.VDF : 7.11.18.95 2048 Bytes 11/28/2011 22:39:20
    VBASE020.VDF : 7.11.18.96 2048 Bytes 11/28/2011 22:39:20
    VBASE021.VDF : 7.11.18.97 2048 Bytes 11/28/2011 22:39:21
    VBASE022.VDF : 7.11.18.98 2048 Bytes 11/28/2011 22:39:21
    VBASE023.VDF : 7.11.18.99 2048 Bytes 11/28/2011 22:39:21
    VBASE024.VDF : 7.11.18.100 2048 Bytes 11/28/2011 22:39:21
    VBASE025.VDF : 7.11.18.101 2048 Bytes 11/28/2011 22:39:21
    VBASE026.VDF : 7.11.18.102 2048 Bytes 11/28/2011 22:39:21
    VBASE027.VDF : 7.11.18.103 2048 Bytes 11/28/2011 22:39:22
    VBASE028.VDF : 7.11.18.104 2048 Bytes 11/28/2011 22:39:22
    VBASE029.VDF : 7.11.18.105 2048 Bytes 11/28/2011 22:39:22
    VBASE030.VDF : 7.11.18.106 2048 Bytes 11/28/2011 22:39:22
    VBASE031.VDF : 7.11.18.110 18432 Bytes 11/28/2011 22:39:23
    Engineversion : 8.2.6.120
    AEVDF.DLL : 8.1.2.2 106868 Bytes 11/28/2011 22:39:39
    AESCRIPT.DLL : 8.1.3.87 475516 Bytes 11/28/2011 22:39:39
    AESCN.DLL : 8.1.7.2 127349 Bytes 9/2/2011 07:46:02
    AESBX.DLL : 8.2.1.34 323957 Bytes 9/2/2011 07:46:02
    AERDL.DLL : 8.1.9.15 639348 Bytes 9/9/2011 07:16:06
    AEPACK.DLL : 8.2.13.4 684406 Bytes 11/28/2011 22:39:38
    AEOFFICE.DLL : 8.1.2.20 201083 Bytes 11/28/2011 22:39:35
    AEHEUR.DLL : 8.1.2.193 3850617 Bytes 11/28/2011 22:39:35
    AEHELP.DLL : 8.1.18.0 254327 Bytes 11/28/2011 22:39:29
    AEGEN.DLL : 8.1.5.14 405877 Bytes 11/28/2011 22:39:28
    AEEMU.DLL : 8.1.3.0 393589 Bytes 9/2/2011 07:46:01
    AECORE.DLL : 8.1.24.0 196983 Bytes 11/28/2011 22:39:26
    AEBB.DLL : 8.1.1.0 53618 Bytes 9/2/2011 07:46:01
    AVWINLL.DLL : 12.1.0.17 27344 Bytes 9/23/2011 20:13:18
    AVPREF.DLL : 12.1.0.17 51920 Bytes 9/23/2011 19:53:57
    AVREP.DLL : 12.1.0.17 179408 Bytes 9/23/2011 19:55:01
    AVARKT.DLL : 12.1.0.17 223184 Bytes 9/23/2011 19:25:26
    AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 9/23/2011 19:34:37
    SQLITE3.DLL : 3.7.0.0 398288 Bytes 9/16/2011 10:05:58
    AVSMTP.DLL : 12.1.0.17 62928 Bytes 9/23/2011 20:03:47
    NETNT.DLL : 12.1.0.17 17104 Bytes 9/23/2011 20:58:06
    RCIMAGE.DLL : 12.1.0.17 4450000 Bytes 9/23/2011 21:37:25
    RCTEXT.DLL : 12.1.0.16 96208 Bytes 9/23/2011 21:37:24

    Configuration settings for the scan:
    Jobname.............................: Short system scan after installation
    Configuration file..................: c:\program files (x86)\avira\antivir desktop\setupprf.dat
    Logging.............................: default
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Process scan........................: on
    Scan registry.......................: on
    Search for rootkits.................: off
    Integrity checking of system files..: off
    Scan all files......................: Intelligent file selection
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: extended
    Deviating risk categories...........: -ADSPY,-ADWARE,-PHISH,

    Start of the scan: Monday, November 28, 2011 14:40

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    Master boot sector HD2
    [INFO] No virus was found!
    Master boot sector HD3
    [INFO] No virus was found!
    Master boot sector HD4
    [INFO] No virus was found!

    Start scanning boot sectors:

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avnotify.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avconfig.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'setup.exe' - '1' Module(s) have been scanned
    Scan process 'presetup.exe' - '1' Module(s) have been scanned
    Scan process 'avira_free_antivirus_en.exe' - '1' Module(s) have been scanned
    Scan process 'CLMLSvc.exe' - '1' Module(s) have been scanned
    Scan process 'DVDAgent.exe' - '1' Module(s) have been scanned
    Scan process 'BluetoothHeadsetProxy.exe' - '1' Module(s) have been scanned
    Scan process 'AdMunch.exe' - '1' Module(s) have been scanned
    Scan process 'LWS.exe' - '1' Module(s) have been scanned
    Scan process 'Lunabar.exe' - '1' Module(s) have been scanned
    Scan process 'digsby-app.exe' - '1' Module(s) have been scanned
    Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
    Scan process 'PictureMover.exe' - '1' Module(s) have been scanned
    Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
    Scan process 'Skype.exe' - '1' Module(s) have been scanned
    Scan process 'ww.exe' - '1' Module(s) have been scanned
    Scan process 'POPPeeper.exe' - '1' Module(s) have been scanned
    Scan process 'csde.exe' - '1' Module(s) have been scanned
    Scan process 'WinPatrol.exe' - '1' Module(s) have been scanned
    Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
    Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'UMVPFSrv.exe' - '1' Module(s) have been scanned

    Starting to scan executable files (registry).
    The registry was scanned ( '5220' files ).



    End of the scan: Monday, November 28, 2011 14:41
    Used time: 00:49 Minute(s)

    The scan has been done completely.

    0 Scanned directories
    5903 Files were scanned
    0 Viruses and/or unwanted programs were found
    0 Files were classified as suspicious
    0 Files were deleted
    0 Viruses and unwanted programs were repaired
    0 Files were moved to quarantine
    0 Files were renamed
    0 Files cannot be scanned
    5903 Files not concerned
    48 Archives were scanned
    0 Warnings
    0 Notes
     
    Yana,
    #1
  2. 2011/11/28
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, complete all steps listed HERE

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
    broni,
    #2


  3. to hide this advert.

Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...