Ran the Avira scan, and received this log:
Avira AntiVir Personal
Report file date: Wednesday, 8 December 2010 12:26
Scanning for 3115420 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : LIAM-PC
Version information:
BUILD.DAT : 10.0.0.592 31823 Bytes 9/08/2010 11:00:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 2/08/2010 05:09:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 1/04/2010 02:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 2/08/2010 05:10:00
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 13:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 23:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 09:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 07:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 06:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 5/03/2010 01:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 05:10:03
VBASE006.VDF : 7.10.7.218 2294784 Bytes 2/06/2010 05:10:04
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 05:10:06
VBASE008.VDF : 7.10.11.133 3454464 Bytes 13/09/2010 06:14:15
VBASE009.VDF : 7.10.13.80 2265600 Bytes 2/11/2010 06:14:29
VBASE010.VDF : 7.10.13.81 2048 Bytes 2/11/2010 06:14:30
VBASE011.VDF : 7.10.13.82 2048 Bytes 2/11/2010 06:14:30
VBASE012.VDF : 7.10.13.83 2048 Bytes 2/11/2010 06:14:30
VBASE013.VDF : 7.10.13.116 147968 Bytes 4/11/2010 06:14:32
VBASE014.VDF : 7.10.13.147 146944 Bytes 7/11/2010 06:14:33
VBASE015.VDF : 7.10.13.180 123904 Bytes 9/11/2010 06:14:36
VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 06:14:38
VBASE017.VDF : 7.10.13.243 147456 Bytes 15/11/2010 06:14:40
VBASE018.VDF : 7.10.14.15 142848 Bytes 17/11/2010 06:14:42
VBASE019.VDF : 7.10.14.41 134144 Bytes 19/11/2010 06:14:43
VBASE020.VDF : 7.10.14.63 128000 Bytes 22/11/2010 06:14:45
VBASE021.VDF : 7.10.14.87 143872 Bytes 24/11/2010 06:14:46
VBASE022.VDF : 7.10.14.116 140800 Bytes 26/11/2010 06:14:48
VBASE023.VDF : 7.10.14.147 150528 Bytes 30/11/2010 06:14:49
VBASE024.VDF : 7.10.14.148 2048 Bytes 30/11/2010 06:14:49
VBASE025.VDF : 7.10.14.149 2048 Bytes 30/11/2010 06:14:50
VBASE026.VDF : 7.10.14.150 2048 Bytes 30/11/2010 06:14:50
VBASE027.VDF : 7.10.14.151 2048 Bytes 30/11/2010 06:14:50
VBASE028.VDF : 7.10.14.152 2048 Bytes 30/11/2010 06:14:51
VBASE029.VDF : 7.10.14.153 2048 Bytes 30/11/2010 06:14:51
VBASE030.VDF : 7.10.14.154 2048 Bytes 30/11/2010 06:14:52
VBASE031.VDF : 7.10.14.171 115712 Bytes 2/12/2010 06:14:53
Engineversion : 8.2.4.118
AEVDF.DLL : 8.1.2.1 106868 Bytes 2/08/2010 05:09:54
AESCRIPT.DLL : 8.1.3.48 1286524 Bytes 3/12/2010 06:15:25
AESCN.DLL : 8.1.7.2 127349 Bytes 3/12/2010 06:15:22
AESBX.DLL : 8.1.3.2 254324 Bytes 3/12/2010 06:15:26
AERDL.DLL : 8.1.9.2 635252 Bytes 3/12/2010 06:15:22
AEPACK.DLL : 8.2.4.1 512375 Bytes 3/12/2010 06:15:19
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 3/12/2010 06:15:17
AEHEUR.DLL : 8.1.2.50 3101046 Bytes 3/12/2010 06:15:16
AEHELP.DLL : 8.1.16.0 246136 Bytes 3/12/2010 06:15:02
AEGEN.DLL : 8.1.5.0 397685 Bytes 3/12/2010 06:14:58
AEEMU.DLL : 8.1.3.0 393589 Bytes 3/12/2010 06:14:56
AECORE.DLL : 8.1.19.0 196984 Bytes 3/12/2010 06:14:55
AEBB.DLL : 8.1.1.0 53618 Bytes 2/08/2010 05:09:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 2/08/2010 05:09:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 2/08/2010 05:09:55
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 04:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 2/08/2010 05:09:55
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 2/08/2010 05:09:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 2/08/2010 05:09:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 2/08/2010 05:09:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 04:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 2/08/2010 05:09:56
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 04:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 03:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 2/08/2010 05:10:08
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: Wednesday, 8 December 2010 12:26
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '43' Module(s) have been scanned
Scan process 'iexplore.exe' - '154' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '80' Module(s) have been scanned
Scan process 'avcenter.exe' - '80' Module(s) have been scanned
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'FlashUtil10l_ActiveX.exe' - '39' Module(s) have been scanned
Scan process 'SCServer.exe' - '43' Module(s) have been scanned
Scan process 'hpswp_clipbook.exe' - '30' Module(s) have been scanned
Scan process 'iexplore.exe' - '159' Module(s) have been scanned
Scan process 'iexplore.exe' - '101' Module(s) have been scanned
Scan process 'hpqgpc01.exe' - '62' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '33' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '17' Module(s) have been scanned
Scan process 'hpqSTE08.exe' - '66' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '36' Module(s) have been scanned
Scan process 'BtStackServer.exe' - '78' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '57' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '64' Module(s) have been scanned
Scan process 'iTouch-Server-Win.exe' - '51' Module(s) have been scanned
Scan process 'GameRanger.exe' - '83' Module(s) have been scanned
Scan process 'SSMSFilter.exe' - '71' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '76' Module(s) have been scanned
Scan process 'BTTray.exe' - '66' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '58' Module(s) have been scanned
Scan process 'LANUtil.exe' - '64' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '168' Module(s) have been scanned
Scan process 'avgnt.exe' - '58' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '77' Module(s) have been scanned
Scan process 'SPMgr.exe' - '89' Module(s) have been scanned
Scan process 'DivXUpdate.exe' - '70' Module(s) have been scanned
Scan process 'XBoxStat.exe' - '36' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '22' Module(s) have been scanned
Scan process 'ISBMgr.exe' - '41' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '46' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'xaudio.exe' - '17' Module(s) have been scanned
Scan process 'VAIOUpdt.exe' - '41' Module(s) have been scanned
Scan process 'taskeng.exe' - '28' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '77' Module(s) have been scanned
Scan process 'Explorer.EXE' - '154' Module(s) have been scanned
Scan process 'Dwm.exe' - '39' Module(s) have been scanned
Scan process 'taskhost.exe' - '43' Module(s) have been scanned
Scan process 'SPMService.exe' - '90' Module(s) have been scanned
Scan process 'uCamMonitor.exe' - '26' Module(s) have been scanned
Scan process 'TeamViewer_Service.exe' - '77' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '33' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '22' Module(s) have been scanned
Scan process 'SeaPort.exe' - '51' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'avshadow.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '21' Module(s) have been scanned
Scan process 'NSUService.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '21' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'btwdins.exe' - '29' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '40' Module(s) have been scanned
Scan process 'BcmSqlStartupSvc.exe' - '21' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '33' Module(s) have been scanned
Scan process 'avguard.exe' - '68' Module(s) have been scanned
Scan process 'svchost.exe' - '66' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Scan process 'spoolsv.exe' - '87' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '91' Module(s) have been scanned
Scan process 'svchost.exe' - '87' Module(s) have been scanned
Scan process 'svchost.exe' - '163' Module(s) have been scanned
Scan process 'svchost.exe' - '106' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '57' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'lsass.exe' - '66' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '432' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Qoobox\Quarantine\C\Windows\explorer.exe.vir
[DETECTION] Is the TR/Spy.2614272.6 Trojan
C:\Qoobox\Quarantine\C\Windows\System32\wininit.exe.vir
[DETECTION] Is the TR/Spy.96256.37 Trojan
C:\Users\Liam\AppData\Local\VirtualStore\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
[DETECTION] Contains recognition pattern of the JS/Redirector.AQ.1 Java script virus
Beginning disinfection:
C:\Users\Liam\AppData\Local\VirtualStore\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
[DETECTION] Contains recognition pattern of the JS/Redirector.AQ.1 Java script virus
[NOTE] The file was moved to the quarantine directory under the name '49d5a37f.qua'.
C:\Qoobox\Quarantine\C\Windows\System32\wininit.exe.vir
[DETECTION] Is the TR/Spy.96256.37 Trojan
[NOTE] The file was moved to the quarantine directory under the name '51438cd8.qua'.
C:\Qoobox\Quarantine\C\Windows\explorer.exe.vir
[DETECTION] Is the TR/Spy.2614272.6 Trojan
[NOTE] The file was moved to the quarantine directory under the name '031ed607.qua'.
End of the scan: Wednesday, 8 December 2010 15:19
Used time: 2:17:35 Hour(s)
The scan has been done completely.
66152 Scanned directories
940082 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
940079 Files not concerned
62408 Archives were scanned
0 Warnings
3 Notes
699923 Objects were scanned with rootkit scan
0 Hidden objects were found
It seems the malware is still existant