nothing found
vira AntiVir Personal
Report file date: Tuesday, February 22, 2011 20:01
Scanning for 2425460 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : JUNECALL-PC
Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 20:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 20:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 20:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 04:09:23
VBASE003.VDF : 7.11.3.1 2048 Bytes 2/9/2011 04:09:23
VBASE004.VDF : 7.11.3.2 2048 Bytes 2/9/2011 04:09:23
VBASE005.VDF : 7.11.3.3 2048 Bytes 2/9/2011 04:09:23
VBASE006.VDF : 7.11.3.4 2048 Bytes 2/9/2011 04:09:24
VBASE007.VDF : 7.11.3.5 2048 Bytes 2/9/2011 04:09:24
VBASE008.VDF : 7.11.3.6 2048 Bytes 2/9/2011 04:09:24
VBASE009.VDF : 7.11.3.7 2048 Bytes 2/9/2011 04:09:24
VBASE010.VDF : 7.11.3.8 2048 Bytes 2/9/2011 04:09:24
VBASE011.VDF : 7.11.3.9 2048 Bytes 2/9/2011 04:09:25
VBASE012.VDF : 7.11.3.10 2048 Bytes 2/9/2011 04:09:25
VBASE013.VDF : 7.11.3.59 157184 Bytes 2/14/2011 04:09:39
VBASE014.VDF : 7.11.3.97 120320 Bytes 2/16/2011 04:08:58
VBASE015.VDF : 7.11.3.148 128000 Bytes 2/19/2011 03:19:22
VBASE016.VDF : 7.11.3.183 140288 Bytes 2/22/2011 01:59:04
VBASE017.VDF : 7.11.3.184 2048 Bytes 2/22/2011 01:59:05
VBASE018.VDF : 7.11.3.185 2048 Bytes 2/22/2011 01:59:05
VBASE019.VDF : 7.11.3.186 2048 Bytes 2/22/2011 01:59:05
VBASE020.VDF : 7.11.3.187 2048 Bytes 2/22/2011 01:59:05
VBASE021.VDF : 7.11.3.188 2048 Bytes 2/22/2011 01:59:05
VBASE022.VDF : 7.11.3.189 2048 Bytes 2/22/2011 01:59:06
VBASE023.VDF : 7.11.3.190 2048 Bytes 2/22/2011 01:59:06
VBASE024.VDF : 7.11.3.191 2048 Bytes 2/22/2011 01:59:06
VBASE025.VDF : 7.11.3.192 2048 Bytes 2/22/2011 01:59:06
VBASE026.VDF : 7.11.3.193 2048 Bytes 2/22/2011 01:59:06
VBASE027.VDF : 7.11.3.194 2048 Bytes 2/22/2011 01:59:07
VBASE028.VDF : 7.11.3.195 2048 Bytes 2/22/2011 01:59:07
VBASE029.VDF : 7.11.3.196 2048 Bytes 2/22/2011 01:59:07
VBASE030.VDF : 7.11.3.197 2048 Bytes 2/22/2011 01:59:07
VBASE031.VDF : 7.11.3.198 2048 Bytes 2/22/2011 01:59:07
Engineversion : 8.2.4.170
AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 20:23:26
AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 2/16/2011 04:09:55
AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 20:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 20:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 20:23:25
AEPACK.DLL : 8.2.4.9 512374 Bytes 2/16/2011 04:09:54
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 2/16/2011 04:09:53
AEHEUR.DLL : 8.1.2.78 3277175 Bytes 2/18/2011 04:40:56
AEHELP.DLL : 8.1.16.1 246134 Bytes 2/16/2011 04:09:47
AEGEN.DLL : 8.1.5.2 397683 Bytes 2/16/2011 04:09:47
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 20:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 2/16/2011 04:09:46
AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 20:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 20:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 20:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 20:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 20:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 20:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 20:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 20:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 20:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 20:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 20:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 20:23:52
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: Tuesday, February 22, 2011 20:01
Starting search for hidden objects.
c:\windows\system32\regsvr32.exe
c:\windows\system32\regsvr32.exe
[NOTE] The process is not visible.
The scan of running processes will be started
Scan process 'taskeng.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'avscan.exe' - '77' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '74' Module(s) have been scanned
Scan process 'iexplore.exe' - '130' Module(s) have been scanned
Scan process 'AAM Updates Notifier.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'mozybackup.exe' - '29' Module(s) have been scanned
Scan process 'mozybackup.exe' - '53' Module(s) have been scanned
Scan process 'hphc_service.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '21' Module(s) have been scanned
Scan process 'ehmsas.exe' - '23' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '18' Module(s) have been scanned
Scan process 'mozystat.exe' - '36' Module(s) have been scanned
Scan process 'ehtray.exe' - '26' Module(s) have been scanned
Scan process 'sidebar.exe' - '55' Module(s) have been scanned
Scan process 'avgnt.exe' - '53' Module(s) have been scanned
Scan process 'AdobeARM.exe' - '47' Module(s) have been scanned
Scan process 'taskeng.exe' - '80' Module(s) have been scanned
Scan process 'WiFiMsg.exe' - '36' Module(s) have been scanned
Scan process 'Explorer.EXE' - '163' Module(s) have been scanned
Scan process 'Dwm.exe' - '37' Module(s) have been scanned
Scan process 'QPSched.exe' - '40' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '47' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '32' Module(s) have been scanned
Scan process 'xaudio.exe' - '14' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'RichVideo.exe' - '22' Module(s) have been scanned
Scan process 'QPCapSvc.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '48' Module(s) have been scanned
Scan process 'FileZilla Server.exe' - '18' Module(s) have been scanned
Scan process 'rundll32.exe' - '46' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned
Scan process 'taskeng.exe' - '48' Module(s) have been scanned
Scan process 'atashost.exe' - '26' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '47' Module(s) have been scanned
Scan process 'avguard.exe' - '65' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'spoolsv.exe' - '95' Module(s) have been scanned
Scan process 'svchost.exe' - '97' Module(s) have been scanned
Scan process 'svchost.exe' - '87' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '156' Module(s) have been scanned
Scan process 'svchost.exe' - '115' Module(s) have been scanned
Scan process 'svchost.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '62' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '1918' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\ProgramData\DC7F29D69C33F0E97134B8C0E4B078E6\b\bint1
[DETECTION] Is the TR/Katusha.2.27 Trojan
C:\Qoobox\Quarantine\C\ProgramData\SysWoW32\_u1045610869v3.vir
[0] Archive type: ZIP
[DETECTION] Is the TR/Katusha.2.23 Trojan
--> setup.exe
[DETECTION] Is the TR/Katusha.2.23 Trojan
C:\Users\june call\AppData\Local\Microsoft\Windows Mail\Local Folders\Junk E-mail\45091238-0000475A.eml
[0] Archive type: MIME
[DETECTION] Contains recognition pattern of the PHISH/cbn.A phishing file/email
--> DR.OLUSEGUN AGANGA.txt
[DETECTION] Contains recognition pattern of the PHISH/cbn.A phishing file/email
[WARNING] This file is a mailbox. To avoid damaging your emails this file will not be repaired or deleted.
Begin scan in 'D:\' <HP_RECOVERY>
Beginning disinfection:
C:\Users\june call\AppData\Local\Microsoft\Windows Mail\Local Folders\Junk E-mail\45091238-0000475A.eml
[DETECTION] Contains recognition pattern of the PHISH/cbn.A phishing file/email
[WARNING] The file was ignored!
C:\Qoobox\Quarantine\C\ProgramData\SysWoW32\_u1045610869v3.vir
[DETECTION] Is the TR/Katusha.2.23 Trojan
[NOTE] The file was moved to the quarantine directory under the name '48e231f2.qua'.
C:\ProgramData\DC7F29D69C33F0E97134B8C0E4B078E6\b\bint1
[DETECTION] Is the TR/Katusha.2.27 Trojan
[NOTE] The file was moved to the quarantine directory under the name '50321e41.qua'.
End of the scan: Tuesday, February 22, 2011 23:02
Used time: 2:32:14 Hour(s)
The scan has been done completely.
30705 Scanned directories
890950 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
890947 Files not concerned
47430 Archives were scanned
1 Warnings
2 Notes
862201 Objects were scanned with rootkit scan
1 Hidden objects were found
Thanks
James
Jwilkes@comcast.net