I've got a bug: nginx rerouting Firefox

Hewlett-packard Hp g60 notebook pc
June 5, 2012 at 14:21:38
Specs: Windows 7, 2.194 GHz / 3003 MB
I'm running Windows 7 64-Bit. the nginx thing's been an occasional annoyance, but also at times, my wireless network seems to be down or malfunctioning. xfinity Constant Guard is going nuts, sending pop ups and emails; iTunes won't open; I've downloaded MalwareBytes and Spy-Bot and removed a bunch of stuff; now it says I'm clean, but the nginx thing happened again yesterday. I also have downloaded HiJackThis and SuperAntiSpyWare. after the first symptoms began, I had a pop up for quick-time, which I downloaded, then MalwareBytes identified it as a trojan. I removed it, and have kept the quarentines on all these antivirus softwares clean and rebooted everytime asked to and then some. I don't torrent or LimeWire or anything, but download the occasional file converter or other such useful software from cnet and download.com. Also note that my fiance's Mac also had a virus/trojan that MacSafe or MacScan or whatever it is (found it on cnet) removed it all. i get the constant guard pop ups on iphone, pc, and mac. also I had my facebook hacked a month or so ago and changed my password; the hacker had sent a message to all my friends with a link to who-knows-what. I thought I had finally beat this thing, but the resurgence of nginx scares me. also firefox sync for iphone not working, but that started about a year ago and a ton of my .jpgs won't open if i email them to my iphone; iphone email app downloads and displays a blue square with a question mark. some of the same files also cannot be uploaded to facebook. I had been able to sync these jpgs to my iphone via itunes till it crapped out on me. i have used cmd to scan a bunch of stuff like dll's and whatnot; and cleared the registry keys using regedit. also when i plugged in my iphone that's exactly when i got the nginx all over again. but itunes stopped working weeks before that. i have scanned my two hard drives and C:\ to find autorun or something like that. del /a:hrs C:\autorun.inf on cmd didn't find anything; or on any drive; really frustrated!

See More: Ive got a bug: nginx rerouting Firefox

Report •

#1
June 5, 2012 at 16:41:20
Use a bootable AntiVirus rescue CD to clean your computer from viruses.

Here is a list of some of the available bootable Rescue CDs:
Follow the instructions of the vendor to burn and use the CD.

Avira AntiVir Rescue System
http://www.avira.com/en/downloads

Kaspersky Rescue Disk 10
http://support.kaspersky.com/viruse...

AVG Rescue CD
http://www.avg.com/eu-en/avg-rescue...

BitDefender Rescue CD
http://www.bitdefender.com/support/...

F-Secure Rescue CD
http://www.f-secure.com/en/web/labs...

Panda SafeCD
http://safecd.pl.pandasecurity.com/

PC Tools Alternate Operating System Scanner
http://www.pctools.com/aoss/details/


Report •

#2
June 6, 2012 at 07:31:54
alright; i am looking to see if i have any blank cds, otherwise i'll need to buy some; i will post a followup reply then :)

Report •

#3
June 6, 2012 at 09:08:23
ok i have tried avg and kaspersky and before i spend all day trying each of these, i just wanted to get some feedback on my situation; at present, i have yet to be able to successfully run a scan with either avg or kaspersky; the following are links to photos i took of the screen that i got after selecting the graphic option in kaspersky

https://www.dropbox.com/s/co3nlsp6q...

https://www.dropbox.com/s/45ewr2eiv...

https://www.dropbox.com/s/tes0ia4w9...

https://www.dropbox.com/s/sh5lbyp67...


Report •

Related Solutions

#4
June 6, 2012 at 09:30:31
I suggest to try "Avira AntiVir Rescue System".
It worked for me several times on very different computers, to clean up viruses successfully.

Btw.:
When (hopefully) virus scanning has successfully finished, unplug the computer from the internet and boot it into normal windows mode.

Download and install a fresh downloaded antivirus software onto the computer in question and again run a full scan.

The use Malwarebytes and Ccleaner, to clean the registry from oddments.

After that, shut down your computer, connect it to the internet and start it in normal mode.

Hope that helps.


Report •

#5
June 6, 2012 at 11:19:42
how do i download a fresh version while not connected to the internet? also, should i first uninstall malwarebytes? where do i get ccleaner

Report •

#6
June 6, 2012 at 11:33:26
You are online right now, don't you?
So download and burn the ISO file.

Also download Malwarebytes with the computer, you're currently using for posting here, and store the download to an USB-Stick.

You can download Ccleaner here:
http://www.piriform.com/ccleaner


Report •

#7
June 6, 2012 at 12:29:18

Report •

#8
June 6, 2012 at 15:29:37
ok but i am using the sick computer; i have downloaded malwarebytes before; should i totally uninstall it first?

Report •

#9
June 6, 2012 at 15:43:37
First of all, you have to scan your computer with the bootable antivirus cd.

Report •

#10
June 6, 2012 at 15:59:59
oh ok i think i get you now; i'll give it a go tomorrow and get back with you

Report •

#11
June 7, 2012 at 10:06:15
downloaded avira_free_antivirus_en.exe onto flash, got a black screen (bios i think) said no designated directory or UI

Report •

#12
June 7, 2012 at 10:20:30
Again, you have to download the ISO file and burn the image onto cd.
The EXE-file contains the ISO file in a self extracting exe file. That doesn't help in your case, especially when you try to run it from USB-Stick.

The EXE-file is not an executable antivirus software !!!

To burn the ISO to CD, you can use cdburner or something like that.

When you boot your system from the Avira CD, a linux OS gets started and will start Avira based on linux, so that no virus is running in backgound.


Report •

#13
June 7, 2012 at 11:03:15
i didn't see a link for the iso, just the exe

Report •

#14
June 7, 2012 at 11:09:47
Here you'll find the ISO file:
http://www.avira.com/en/download/pr...

Report •

#15
June 7, 2012 at 13:58:11
i made the cd and restarted and pressed esc to get to start menu but it booted in normal mode anyway

Report •

#16
June 7, 2012 at 15:17:31
When you are in windows and insert the cd in your cd/dvd drive, start explorer and look at the cd, what did you get listed there?

Report •

#17
June 7, 2012 at 15:28:41
you mean before or after i restarted the computer?

Report •

#18
June 7, 2012 at 15:33:05
When in windows.
Then insert the cd in your drive.
Open Explorer, change to your CD/DVD drive and see the listed files.

Report •

#19
June 7, 2012 at 16:00:38
rescue_system-common-en.iso
and
desktop.ini

Report •

#20
June 7, 2012 at 16:40:27
You must not burn the iso image file to the cd.
You have to chose the option to burn an iso file to cd.
This burns the content of the iso file (and there are alot of files stored in the iso file) onto the cd.

Report •

#21
June 8, 2012 at 07:01:47
i don't know how to do that; i was given two options:
use this cd with a cd player, dvd player, and other computers
or
use this cd like a usb drive with other computers

i have tried both; if there is an option to control whether it is burned
as an iso fil or iso image file i have no idea where


Report •

#22
June 8, 2012 at 07:39:31
What burning software are you using?

Report •

#23
June 8, 2012 at 07:49:16
windows explorer

Report •

#24
June 8, 2012 at 08:05:31
You should use IsoBurn or CDBurner for that.
Simply use google to find it.

Report •

#25
June 8, 2012 at 11:31:43
should i use "erase before burning ISO image?"

what about "burn in ""session at once"" mode?"

also just making sure, burning as cd, not dvd right?


Report •

#26
June 8, 2012 at 11:38:56
If it's a rewritable, there is no other option. You must first erase the CD.
On a normal CD, you can't erase anything.

Yes, use session at once mode.

Yes make sure, you burn to CD not DVD.


Report •

#27
June 8, 2012 at 13:23:01
got the following error:

Exception in cmdBurn_Click -> cd:
The system cannot find the file specified.


Report •

#28
June 8, 2012 at 14:12:48
Have you chosen the iso-file rescue_system-common-en.iso, that you wanted to burn?

Report •

#29
June 8, 2012 at 14:21:42
yes; it is located on a removeable drive

Report •

#30
June 8, 2012 at 14:41:22
Oh, I'm sorry, I meant IMGburn and not ISOburn, which works real great for that.

Report •

#31
June 8, 2012 at 14:57:43
http://www.imgburn.com/
right?
well i downloaded it and it said my trial expired as soon as i opened it
and gave me the option to register or click ok which did nothing; also it
installed a bunch of crap like dolphin screensavers and knock off games
that i didn't want

Report •

#32
June 8, 2012 at 15:06:02
http://imgburn.com/index.php?act=do...

I used the first link in the list.

I didn't get that.
It's freeware and therefore, there is no trial period cause it's free.

DON'T INSTALL THE TOOLBARS !!!


Report •

#33
June 8, 2012 at 15:44:02
which link? mirror 1?

Report •

#34
June 8, 2012 at 15:47:17
yepp, the first one, provided by digital digest.

Report •

#35
June 8, 2012 at 16:54:35
which of the following do i use:

-write image file to disc
-create image file from disc
-verify disc
-write files/folders to disc
-create image file from files/folders
-discovery


Report •

#36
June 8, 2012 at 17:15:30
Write image file to disc

Report •

#37
June 9, 2012 at 08:21:39
said something about scanning vdf and then i got an error that read:

The scanner could not be found or the rescue device is unknown


Report •

#38
June 11, 2012 at 13:14:33
still waiting on your input about the error message I recieved

Report •

#39
June 11, 2012 at 14:55:29
Did you run Avira from CD as suggested or did you run it from an USB-Stick?

Report •

#40
June 11, 2012 at 16:32:10
I ran it from a cd as instructed (made via imageburn)

Report •

#41
June 11, 2012 at 17:54:48
I don't really get it.
You tried Kaspersky and got kernel panic error, which causes the system to halt (stop responding completely).

You use Avira Rescue System and got error message too.

Is there a problem with your CD/DVD drive or the system memory (RAM)?


Report •

#42
June 11, 2012 at 19:06:35
um cd/dvd player has always worked to my knowledge, never had any issues with it
and idk about system memory (RAM)
idk HOW to know if there is something wrong with my RAM

Report •

#43
June 12, 2012 at 12:39:15
I uninstalled itunes and reinstalled it; still won't work

Report •

#44
June 12, 2012 at 12:56:46
Has nothing to do with iTunes or some other program, you've installed on your computer, cause when using antivirus live cd, no Windows and no programs, installed to your Windows system, is running, including viruses, that may exist on your computer.

That's why those antivirus live cd's are that useful.


Report •

#45
June 12, 2012 at 13:04:32
I don't understand.

Report •

#46
June 12, 2012 at 15:58:45
What of that don't you understand?

Report •

#47
June 12, 2012 at 16:30:38
cause when using antivirus live cd, no Windows and no programs, installed to your Windows system, is running, including viruses, that may exist on your computer.
That's why those antivirus live cd's are that useful.


Report •

#48
June 12, 2012 at 18:01:14
When your computer got infected by a virus or trojan, most of them first kill the running antivirus progam.

When you try to run another antivirus program on your infected Windows system, the virus might block the antivirus software from working correctly or giving you fake messages like "no Viruses or Trojans found".

The Antivirus LiveCDs do start their own operating system, mostly Linux system and run the Antivirus program on Linux based OS.

The advantage is, that no Windows operating system is running and therefore, no Virus or Trojan build for Windows systems can run and block the Antivirus software from scanning your computer correctly.

Hope that makes things clear.


Report •

#49
June 13, 2012 at 06:28:20
ok i get you; but why would it say it could not find the directory? and what do i do now? should i just completely reinstall my operating system?

Report •

#50
June 13, 2012 at 06:46:59
Main question is, is there any data stored on your computer, that you need to copy first?
Cause when you install the operating system completely new, you'll lose all the data.

Report •

#51
June 13, 2012 at 06:53:27
i have all my files backed up on two external hard drives, and there's only a few that need to be backed up; but can i even do a reinstall if i don't have the cds anymore?

Report •

#52
June 13, 2012 at 06:59:09
Was the operating system preinstalled onto your computer?
Do you have the activation code, you need for activating windows?
Otherwise, you have only 30 days or so, to work with windows.

If it was preinstalled, there is mostly a key combination like ALT+F10, to get into the recovery program of the preinstalled windows.


Report •

#53
June 13, 2012 at 07:23:13
i got this compter a while back; it came with windows 7; i had to reinstall it before
and i think it was F11
i just couldn't remember if i needed a cd or not

Report •

#54
June 13, 2012 at 07:39:49
If you've backed up all the necessary files, give it a shot.
Try the F11. Sometimes the Key is displayed for a very short time at the bottom of the very first screen.

When doing a reinstall, don't do a repair installation, cause the infected files or maybe registry entries might be left over so that, at the first boot after reinstallation, the virus or trojan gets downloaded again.
So do a clean installation.

And make sure, you have the activation key for your Windows, if needed.
On laptops, it's mostely on a sticker at the bottom of the laptop.
On PCs, it's mostely on a sticker at the back, where monitor, keyboard, mouse connectors are placed.


Report •

#55
June 13, 2012 at 07:51:28
product key?

Report •

#56
June 13, 2012 at 08:10:06
Yes I meant that product key.

Report •

#57
June 13, 2012 at 08:22:15
ok i will try it after i have backed up my bookmarks and etc and get back with you; btw would my external hard drives be a threat once i reinstall?
also is there a way i can clean corrupt files? i have jpgs that open on my laptop in any program but if i email them from desktop to iphone they show up as a blue box with a question mark. before itunes crapped out i could sync them onto the iphone. some of these files cannot be uploaded to facebook via desktop.

Report •

#58
June 13, 2012 at 08:28:47
I strongly suggest to disconnect the external hard drive while reinstalled windows.
After windows installation has finished, install and update Antivirus to the latest version.

If this all is finished, connect your external hard drive to your laptop and do a full virus scan of the external hard drive.

After that, you can check to upload the jpg files in question. Maybe it works.


Report •

#59
June 13, 2012 at 08:37:25
ok also there is a patch file sp45575.exe that i want to install as soon as i reinstall windows 7; because the dpi is warped no matter what you set it to for this particular make and model of laptop using windows 7 only; would it be safe to use a flash drive and install that before installing malwarebytes or should i just wait until i have installed malwarebytes?

also which antivirus other than malwarebytes do you suggest?

i have superantispyware which seems to catch more adware than anything else


Report •

#60
June 13, 2012 at 09:05:31
I strongly suggest to wait with the installation of the sp45575.exe, until you've installed Antivirus software, cause you never know.
If it's also infected, you have spend a lot of time and at the end, you are back to this stage.

I use Malwarebytes only on infected computers, to clean up the viruses.
As far as I know, it has no on access scanner. That means, you always have to start Malwarebytes manually, to scan for viruses.

I personally use the free version of Avira, which is an on access scanning tool.
That means, every file I execute, will be scanned for potential risks (viruses, trojans aso.).

This slows down the computer a bit, so what?
It's for security reason.

You can use:
Avira Free Antivirus
AVG Anti-Virus FREE
Avast Free Antivirus

aso.

Btw.: I don't use additional things like SuperAntiSpyware and got no problems.
The point is, not the more the better, but the right Antivirus the better it is.


Report •

#61
June 13, 2012 at 18:42:14
ok i have reinstalled and installed avira and mostly reestablished all my settings; question: with avira free, how do i run a scan? i mean i already ran the initial start-up scan that follows installation as well as scanned both hard drives and found a virus on each; also i would like to insert the reports to get your input:


Avira Free Antivirus
Report file date: Wednesday, June 13, 2012 17:12

Scanning for 3833951 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : Emma Lee Dyer
Computer name : JANE2

Version information:
BUILD.DAT : 12.0.0.1125 Bytes 5/2/2012 17:40:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 5/2/2012 04:48:51
AVSCAN.DLL : 12.3.0.15 54736 Bytes 5/2/2012 19:31:39
LUKE.DLL : 12.3.0.15 68304 Bytes 5/2/2012 05:31:47
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 5/2/2012 04:13:36
AVREG.DLL : 12.3.0.17 232200 Bytes 6/13/2012 20:16:07
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 00:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 05:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 05:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 15:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 16:43:53
VBASE005.VDF : 7.11.29.136 2166272 Bytes 5/10/2012 20:15:54
VBASE006.VDF : 7.11.29.137 2048 Bytes 5/10/2012 20:15:54
VBASE007.VDF : 7.11.29.138 2048 Bytes 5/10/2012 20:15:54
VBASE008.VDF : 7.11.29.139 2048 Bytes 5/10/2012 20:15:55
VBASE009.VDF : 7.11.29.140 2048 Bytes 5/10/2012 20:15:55
VBASE010.VDF : 7.11.29.141 2048 Bytes 5/10/2012 20:15:55
VBASE011.VDF : 7.11.29.142 2048 Bytes 5/10/2012 20:15:55
VBASE012.VDF : 7.11.29.143 2048 Bytes 5/10/2012 20:15:55
VBASE013.VDF : 7.11.29.144 2048 Bytes 5/10/2012 20:15:55
VBASE014.VDF : 7.11.30.3 198144 Bytes 5/14/2012 20:15:56
VBASE015.VDF : 7.11.30.69 186368 Bytes 5/17/2012 20:15:56
VBASE016.VDF : 7.11.30.143 223744 Bytes 5/21/2012 20:15:56
VBASE017.VDF : 7.11.30.207 287744 Bytes 5/23/2012 20:15:57
VBASE018.VDF : 7.11.31.57 188416 Bytes 5/28/2012 20:15:57
VBASE019.VDF : 7.11.31.111 214528 Bytes 5/30/2012 20:15:58
VBASE020.VDF : 7.11.31.151 116736 Bytes 5/31/2012 20:15:58
VBASE021.VDF : 7.11.31.205 134144 Bytes 6/3/2012 20:15:58
VBASE022.VDF : 7.11.32.9 169472 Bytes 6/5/2012 20:15:58
VBASE023.VDF : 7.11.32.85 155648 Bytes 6/8/2012 20:15:59
VBASE024.VDF : 7.11.32.133 127488 Bytes 6/11/2012 20:15:59
VBASE025.VDF : 7.11.32.171 182784 Bytes 6/12/2012 20:15:59
VBASE026.VDF : 7.11.32.172 2048 Bytes 6/12/2012 20:15:59
VBASE027.VDF : 7.11.32.173 2048 Bytes 6/12/2012 20:15:59
VBASE028.VDF : 7.11.32.174 2048 Bytes 6/12/2012 20:15:59
VBASE029.VDF : 7.11.32.175 2048 Bytes 6/12/2012 20:16:00
VBASE030.VDF : 7.11.32.176 2048 Bytes 6/12/2012 20:16:00
VBASE031.VDF : 7.11.32.208 65024 Bytes 6/13/2012 20:16:00
Engine version : 8.2.10.80
AEVDF.DLL : 8.1.2.8 106867 Bytes 6/13/2012 20:16:06
AESCRIPT.DLL : 8.1.4.24 450939 Bytes 6/13/2012 20:16:05
AESCN.DLL : 8.1.8.2 131444 Bytes 2/16/2012 22:11:36
AESBX.DLL : 8.2.5.10 606580 Bytes 6/13/2012 20:16:07
AERDL.DLL : 8.1.9.15 639348 Bytes 1/21/2012 05:22:40
AEPACK.DLL : 8.2.16.16 807288 Bytes 6/13/2012 20:16:03
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 4/26/2012 22:41:32
AEHEUR.DLL : 8.1.4.36 4874615 Bytes 6/13/2012 20:16:02
AEHELP.DLL : 8.1.21.0 254326 Bytes 6/13/2012 20:16:01
AEGEN.DLL : 8.1.5.28 422260 Bytes 4/26/2012 22:41:31
AEEXP.DLL : 8.1.0.44 82293 Bytes 6/13/2012 20:16:07
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/21/2012 05:22:36
AECORE.DLL : 8.1.25.10 201080 Bytes 6/13/2012 20:16:01
AEBB.DLL : 8.1.1.0 53618 Bytes 1/21/2012 05:22:35
AVWINLL.DLL : 12.3.0.15 27344 Bytes 5/2/2012 04:59:21
AVPREF.DLL : 12.3.0.15 51920 Bytes 5/2/2012 04:44:31
AVREP.DLL : 12.3.0.15 179208 Bytes 5/2/2012 04:13:35
AVARKT.DLL : 12.3.0.15 211408 Bytes 5/2/2012 04:21:32
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 5/2/2012 04:28:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 4/17/2012 03:11:02
AVSMTP.DLL : 12.3.0.15 63440 Bytes 5/2/2012 04:51:35
NETNT.DLL : 12.3.0.15 17104 Bytes 5/2/2012 05:33:29
RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 5/2/2012 06:03:52
RCTEXT.DLL : 12.3.0.15 96720 Bytes 5/2/2012 19:40:44

Configuration settings for the scan:
Jobname.............................: ShlExt
Configuration file..................: C:\Users\EMMALE~1\AppData\Local\Temp\712c0551.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: H:,
Process scan........................: off
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Wednesday, June 13, 2012 17:12

Starting the file scan:

Begin scan in 'H:\' <BLUEBERRY>
H:\My Documents\SOFTWARE\SEGA\Tools\AT32 Hack\MoonWalker\AT32_MoonWalker.zip
[0] Archive type: ZIP
--> AT32_MoonWalker.exe
[DETECTION] Contains recognition pattern of the SPR/Patcher.BS program
H:\My Documents\SOFTWARE\SHFIFTY FIVE\Adobe CS4 Master Collection - Shadeyman.7z
[WARNING] Unsupported archive type

Beginning disinfection:
H:\My Documents\SOFTWARE\SEGA\Tools\AT32 Hack\MoonWalker\AT32_MoonWalker.zip
[DETECTION] Contains recognition pattern of the SPR/Patcher.BS program
[NOTE] The file was deleted!


End of the scan: Wednesday, June 13, 2012 18:46
Used time: 1:32:36 Hour(s)

The scan has been done completely.

2912 Scanned directories
421301 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
1 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
421300 Files not concerned
1388 Archives were scanned
1 Warnings
1 Notes


next one

Avira Free Antivirus
Report file date: Wednesday, June 13, 2012 16:21

Scanning for 3833951 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : Emma Lee Dyer
Computer name : JANE2

Version information:
BUILD.DAT : 12.0.0.1125 Bytes 5/2/2012 17:40:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 5/2/2012 04:48:51
AVSCAN.DLL : 12.3.0.15 54736 Bytes 5/2/2012 19:31:39
LUKE.DLL : 12.3.0.15 68304 Bytes 5/2/2012 05:31:47
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 5/2/2012 04:13:36
AVREG.DLL : 12.3.0.17 232200 Bytes 6/13/2012 20:16:07
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 00:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 05:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 05:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 15:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 16:43:53
VBASE005.VDF : 7.11.29.136 2166272 Bytes 5/10/2012 20:15:54
VBASE006.VDF : 7.11.29.137 2048 Bytes 5/10/2012 20:15:54
VBASE007.VDF : 7.11.29.138 2048 Bytes 5/10/2012 20:15:54
VBASE008.VDF : 7.11.29.139 2048 Bytes 5/10/2012 20:15:55
VBASE009.VDF : 7.11.29.140 2048 Bytes 5/10/2012 20:15:55
VBASE010.VDF : 7.11.29.141 2048 Bytes 5/10/2012 20:15:55
VBASE011.VDF : 7.11.29.142 2048 Bytes 5/10/2012 20:15:55
VBASE012.VDF : 7.11.29.143 2048 Bytes 5/10/2012 20:15:55
VBASE013.VDF : 7.11.29.144 2048 Bytes 5/10/2012 20:15:55
VBASE014.VDF : 7.11.30.3 198144 Bytes 5/14/2012 20:15:56
VBASE015.VDF : 7.11.30.69 186368 Bytes 5/17/2012 20:15:56
VBASE016.VDF : 7.11.30.143 223744 Bytes 5/21/2012 20:15:56
VBASE017.VDF : 7.11.30.207 287744 Bytes 5/23/2012 20:15:57
VBASE018.VDF : 7.11.31.57 188416 Bytes 5/28/2012 20:15:57
VBASE019.VDF : 7.11.31.111 214528 Bytes 5/30/2012 20:15:58
VBASE020.VDF : 7.11.31.151 116736 Bytes 5/31/2012 20:15:58
VBASE021.VDF : 7.11.31.205 134144 Bytes 6/3/2012 20:15:58
VBASE022.VDF : 7.11.32.9 169472 Bytes 6/5/2012 20:15:58
VBASE023.VDF : 7.11.32.85 155648 Bytes 6/8/2012 20:15:59
VBASE024.VDF : 7.11.32.133 127488 Bytes 6/11/2012 20:15:59
VBASE025.VDF : 7.11.32.171 182784 Bytes 6/12/2012 20:15:59
VBASE026.VDF : 7.11.32.172 2048 Bytes 6/12/2012 20:15:59
VBASE027.VDF : 7.11.32.173 2048 Bytes 6/12/2012 20:15:59
VBASE028.VDF : 7.11.32.174 2048 Bytes 6/12/2012 20:15:59
VBASE029.VDF : 7.11.32.175 2048 Bytes 6/12/2012 20:16:00
VBASE030.VDF : 7.11.32.176 2048 Bytes 6/12/2012 20:16:00
VBASE031.VDF : 7.11.32.208 65024 Bytes 6/13/2012 20:16:00
Engine version : 8.2.10.80
AEVDF.DLL : 8.1.2.8 106867 Bytes 6/13/2012 20:16:06
AESCRIPT.DLL : 8.1.4.24 450939 Bytes 6/13/2012 20:16:05
AESCN.DLL : 8.1.8.2 131444 Bytes 2/16/2012 22:11:36
AESBX.DLL : 8.2.5.10 606580 Bytes 6/13/2012 20:16:07
AERDL.DLL : 8.1.9.15 639348 Bytes 1/21/2012 05:22:40
AEPACK.DLL : 8.2.16.16 807288 Bytes 6/13/2012 20:16:03
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 4/26/2012 22:41:32
AEHEUR.DLL : 8.1.4.36 4874615 Bytes 6/13/2012 20:16:02
AEHELP.DLL : 8.1.21.0 254326 Bytes 6/13/2012 20:16:01
AEGEN.DLL : 8.1.5.28 422260 Bytes 4/26/2012 22:41:31
AEEXP.DLL : 8.1.0.44 82293 Bytes 6/13/2012 20:16:07
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/21/2012 05:22:36
AECORE.DLL : 8.1.25.10 201080 Bytes 6/13/2012 20:16:01
AEBB.DLL : 8.1.1.0 53618 Bytes 1/21/2012 05:22:35
AVWINLL.DLL : 12.3.0.15 27344 Bytes 5/2/2012 04:59:21
AVPREF.DLL : 12.3.0.15 51920 Bytes 5/2/2012 04:44:31
AVREP.DLL : 12.3.0.15 179208 Bytes 5/2/2012 04:13:35
AVARKT.DLL : 12.3.0.15 211408 Bytes 5/2/2012 04:21:32
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 5/2/2012 04:28:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 4/17/2012 03:11:02
AVSMTP.DLL : 12.3.0.15 63440 Bytes 5/2/2012 04:51:35
NETNT.DLL : 12.3.0.15 17104 Bytes 5/2/2012 05:33:29
RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 5/2/2012 06:03:52
RCTEXT.DLL : 12.3.0.15 96720 Bytes 5/2/2012 19:40:44

Configuration settings for the scan:
Jobname.............................: ShlExt
Configuration file..................: C:\Users\EMMALE~1\AppData\Local\Temp\2949be7b.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: F:,
Process scan........................: off
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: Wednesday, June 13, 2012 16:21

Starting the file scan:

Begin scan in 'F:\' <ATLANTIS>
F:\My Documents\SOFTWARE\SEGA\Tools\AT32 Hack\MoonWalker\AT32_MoonWalker.zip
[0] Archive type: ZIP
--> AT32_MoonWalker.exe
[DETECTION] Contains recognition pattern of the SPR/Patcher.BS program
F:\My Documents\SOFTWARE\SHFIFTY FIVE\Adobe CS4 Master Collection - Shadeyman.7z
[WARNING] Unsupported archive type

Beginning disinfection:
F:\My Documents\SOFTWARE\SEGA\Tools\AT32 Hack\MoonWalker\AT32_MoonWalker.zip
[DETECTION] Contains recognition pattern of the SPR/Patcher.BS program
[NOTE] The file was moved to the quarantine directory under the name '5521a392.qua'.


End of the scan: Wednesday, June 13, 2012 17:11
Used time: 46:00 Minute(s)

The scan has been done completely.

2912 Scanned directories
421327 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
421326 Files not concerned
1388 Archives were scanned
1 Warnings
1 Notes

so was it a trojan or worm or virus or which?


Report •

#62
June 13, 2012 at 20:03:53
First of all, you have to make some changes in the settings of Avira.
Therefore, doubleclick at the small red icon with the umbrella in it, to open Avira Free Antivirus.
In the middle of the screen, you should find a button called "Scan System". At it's right, there is a small icon, where you can open the configuration screen of Avira. Click on it.
When you get asked to switch on expert mode, say yes.
Click on System Scanner in the left pane.
At the right pane, the following options should be set:
Scan boot sectors of selected drives ON
Scan master boot sectors ON
Ignore oflline files OFF
Follow symbolic links OFF
Search for Rootkits before scan ON
Scan Registry ON

The rest is OK as is.

Now click on General in the left pane. "Threat categories" should be selected automatically.
Tick the "Select all" in the right pane.

The rest is again OK as it is. So click ok to close the settings menĂ¼.

Back at the first screen, in the left pane, you can find PC Protection and right above that, there you'll find "System Scanner".
When you click on that option, you can make selections on what drives or folder you want to scan.
One preset listed there is called "Complete System Scan".
Thats, what you're looking for.
Rightclick on it and select "Start scan".

That's it.

Now you have a lot of time, to make things, you wanted to do long time ago :-)
It takes time ... alot of time, depending on how many files you have on your computer.

Good luck.


Report •

Ask Question