I think there is an install avast file in the folder.
Those mails dont have this.
help
- Thread starter venus_n
- Start date
- Status
you can always get the latest free version from the Avast website. Keep whats in c:/program files then and dont run that utility. Up to you.
We will get another download to use as a check for any malware on your machine:
Please download: RootRepeal
http://ad13.geekstogo.com/RootRepeal.exe
Click the icon on your desktop to start.
Click on the Report tab at the bottom of the window
Next, Click on the Scan button
In the Select Scan Window check everything:
Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services
Click the OK button
In the next dialog window select all the drives that are listed
Click OK to start the scan
May take some time to complete.
When done click the Save Report button.
Save the report to your desktop
To Exit RootRepeal: click File>Exit
Post the report in your reply
click the popup and see if it continues scanning. If it dosnt click the stop button and File>Exit and we will do something else
Along with the pop-up had opened a notepad file which was like a report, so i had saved it before clicking ok on the pop-up.
Now i clicked ok on the popup after your reply. There was no more scan, but there was a kinda report in the rootrepeal white box i clicked on save report and named it "save report".
So below are the the two reports.
First the one which i saved from notepad file.
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/09/20 02:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1523000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xFA43D000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF11DE000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c78
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543b34
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xfa643fbc
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15440e8
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1544012
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154370a
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xfa643fda
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c0e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154364a
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15436ae
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543d2e
#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15441b6
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xfa643fe4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543cee
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543e6e
==EOF==
Now the one from the white space on clicking save report.
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/09/20 02:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1523000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xFA43D000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF11DE000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c78
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543b34
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xfa643fbc
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15440e8
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1544012
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154370a
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xfa643fda
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c0e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154364a
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15436ae
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543d2e
#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15441b6
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xfa643fe4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543cee
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543e6e
==EOF==
One thing was diffrent about the instructions you gave and what was there on the rootrepeal. You said to tick all options. But you didnt tell the option hidden SSDT. But since you had said to tick all options, i ticked that before the scan. Is that ok?
Now i clicked ok on the popup after your reply. There was no more scan, but there was a kinda report in the rootrepeal white box i clicked on save report and named it "save report".
So below are the the two reports.
First the one which i saved from notepad file.
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/09/20 02:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1523000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xFA43D000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF11DE000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c78
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543b34
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xfa643fbc
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15440e8
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1544012
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154370a
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xfa643fda
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c0e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154364a
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15436ae
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543d2e
#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15441b6
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xfa643fe4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543cee
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543e6e
==EOF==
Now the one from the white space on clicking save report.
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/09/20 02:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF1523000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xFA43D000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF11DE000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c78
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543b34
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xfa643fbc
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15440e8
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1544012
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154370a
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xfa643fda
#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543c0e
#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf154364a
#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15436ae
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543d2e
#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf15441b6
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xfa643fe4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543cee
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xf1543e6e
==EOF==
But my friends avast had so many features, i dont think are there in free versions.
One thing was diffrent about the instructions you gave and what was there on the rootrepeal. You said to tick all options. But you didnt tell the option hidden SSDT. But since you had said to tick all options, i ticked that before the scan. Is that ok?
thats ok, my directions are old.
We cant seem to get away from these AV you have:
All this: aswSP.SYS in the root repeal log is a driver used by Avast antivirus.
Maybe it didnt uninstall correctly. at this point I would run that avast uninstall utility in safe mode to remove the driver.
I found by checking the date of creation of both avast4 and avast5 that my friend's avast was avast5 and the computer man's avast was avast4.
And i checked up at the avast website that avast4 is the previous version of avast5. Can you beleive? The computer man said your avast is outdated and put an older version.
Now i uninstalled both the avasts using the utility. The two avast folders inside alwil are gone, but the alwil folder has not gone. I still have a empty alwil folder in
c:\program files as well as in
C:\Documents and Settings\All Users\Application Data
And i checked up at the avast website that avast4 is the previous version of avast5. Can you beleive? The computer man said your avast is outdated and put an older version.
Now i uninstalled both the avasts using the utility. The two avast folders inside alwil are gone, but the alwil folder has not gone. I still have a empty alwil folder in
c:\program files as well as in
C:\Documents and Settings\All Users\Application Data
ok good. You can delete those two alwil folders if you want to.
Maybe you should get a new computer man.
You can delete the root repeal icon from your desktop also.
so back to the original problem. One way your e-mail can be stolen is by having malware on your machine. Your computer appears to be malware free. Have you heard anything more from Yahoo about it?
Maybe you should get a new computer man.
You can delete the root repeal icon from your desktop also.
so back to the original problem. One way your e-mail can be stolen is by having malware on your machine. Your computer appears to be malware free. Have you heard anything more from Yahoo about it?
I do want to report this to yahoo but i can only do this through the contact us forms. I have reported and asked like 4-5 times, but everytime the replies are these which don't seem to be from yahoo. After few days of their reply, another one comes asking to give feedback on how good the help is. I got one of the emails (reply to my question) on 16th which was also one of these seemingly non-yahoo support mails. And another on 19th asking feedback.
Will it also delete any other places rootrepeal drivers etc must have gone on my computer. I mean should i uninstall it or just delete it. Do i keep the root repeal reports on my desktop?
There is another empty folder called "_avast4_" in C:\Documents and Settings\Administrator\Local Settings\Temp . Can i delete that too.
RootRepeal dosnt install anything permanent so deleting the icon from the desktop is enough. You can delete the avast in the temp directory if you want to.
I dont know what to tell you about the yahoo e-mail support. Are the e-mails like a auto response letter thats sent out to address a problem? Maybe a real live person isnt reading your e-mail.
have you visited these links:
yahoo
yahoo1
I dont know what to tell you about the yahoo e-mail support. Are the e-mails like a auto response letter thats sent out to address a problem? Maybe a real live person isnt reading your e-mail.
have you visited these links:
yahoo
yahoo1
Ya they could be like autoresponce.
I have also phoned yahoo around 2 weeks back for this but again they gave me an email address to mail (not contact form). When i mailed at that email address, there was a autorespoce email like "this email address is no longer functioning please contact us through http://help.yahoo.com." But that was the only yahoo support email which had a purple Y sign and a key symbol in front of the return field like you described.
Yes i have visited these pages.
For the first page, my URL doesnt contain all that after /. i mean it it is till yahoomail/.
For the second page, my URL doesnt contain all that after /. i mean it it is till mail/.
I have visited yahoo helpcentral too.
I am also getting a lot of spam text messages on my cell phone. Yesterday night on the computer, i visited a website to search something there. I have no registration there. As soon as i was out of the website, i got a spam text message from that website/company of that website, on my cell phone. I had not even entered my number anywhere on the website while i was on it. How did they know my number.
We will get a download as another check for malware on your machine. Its called combofix. There is a guide to read first. Read through the guide then apply the directions on your own machine. Post the combofix log. After you run combofix you can also do a online scan.
Guide to using Combofix
ESET online scanner:
http://www.eset.com/onlinescan/
uses Internet Explorer only
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan unwanted applications"
click scan
when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt
please copy/paste that log in next reply.
Guide to using Combofix
ESET online scanner:
http://www.eset.com/onlinescan/
uses Internet Explorer only
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan unwanted applications"
click scan
when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt
please copy/paste that log in next reply.
Before i start, please clarify....
Do i be connected to internet while i run combofix.
The guide says "If you decided to continue, then ComboFix will create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration."
Do you you think combofix can create a system restore point in my computer because system restore seems to not be working otherwise on my comp. Maybe because i dont have the recovery console. In one place it did say "ComboFix will attempt to detect if you have the Windows Recovery Console installed.". And they show that combofix tries to install the recovery console in those cases, and wants the internet connection on at that time.
You said to do an online scan after combofix. What does that mean? You mean ESET ?
It says in one place that running combofix after your computer is clean or when adviced by your helper.Do you think i should scan with avira again before running combofix, because its been a while since last scanning.
In disabling firewall, when it talks about disabling the windows firewall, it uses the word windows defender, which is not what i think i have. Is it because mine is XP. Even in the the start>programs , its not listed, like they said.
Do i be connected to internet while i run combofix.
The guide says "If you decided to continue, then ComboFix will create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration."
Do you you think combofix can create a system restore point in my computer because system restore seems to not be working otherwise on my comp. Maybe because i dont have the recovery console. In one place it did say "ComboFix will attempt to detect if you have the Windows Recovery Console installed.". And they show that combofix tries to install the recovery console in those cases, and wants the internet connection on at that time.
You said to do an online scan after combofix. What does that mean? You mean ESET ?
It says in one place that running combofix after your computer is clean or when adviced by your helper.Do you think i should scan with avira again before running combofix, because its been a while since last scanning.
In disabling firewall, when it talks about disabling the windows firewall, it uses the word windows defender, which is not what i think i have. Is it because mine is XP. Even in the the start>programs , its not listed, like they said.
Skip combofix for now and do the ESET online scan and we will see if it digs up anything.
In ESET scan there are so many options like "Remove found threats".
Infact there are 5 more more besides "Remove found threats". i mean this "Remove found threats" is there but other 5 too.
You mentioned to check both "Remove found threats" and "Scan unwanted applications" . What do i do with the others.
Also just before start, it says, another antivirus software was detected. this may affect the performance and quality of the scan. i clicked to show list of detected antivirus on my computer and it showed avira personal.
Infact there are 5 more more besides "Remove found threats". i mean this "Remove found threats" is there but other 5 too.
You mentioned to check both "Remove found threats" and "Scan unwanted applications" . What do i do with the others.
Also just before start, it says, another antivirus software was detected. this may affect the performance and quality of the scan. i clicked to show list of detected antivirus on my computer and it showed avira personal.
check "Remove found threats" and you can check "Scan archives" You can leave the defaults checked under Advanced settings.
click scan, may take some time to finish.
When it completes click on "List found threats"
click "Export to text file.." and save it to your desktop. Post the saved log.
Click "back" and "finish"
click scan, may take some time to finish.
When it completes click on "List found threats"
click "Export to text file.." and save it to your desktop. Post the saved log.
Click "back" and "finish"
This happened, but i continued.
Here's the log.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=24042e53e91d524689a3ea59d486601e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-25 04:27:54
# local_time=2010-09-25 09:57:54 (+0530, India Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 463432 463432 0 0
# compatibility_mode=1797 16775125 100 93 0 43707305 195458 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=17024
# found=0
# cleaned=0
# scan_time=668
After the scan was over, it asked me if i want to uninstall ESET application from my computer, before i click finish, i checked the box for uninstall, then clicked on finish. There was no option for back. After the pop-up of scanner closed, i saw the URL of the site. it says
"http://www.eset.com/online-scanner#"
But it had opended the ESET site by clicking the link for ESET from your post.
Although uninstalled. it has left behind an ESET folder, with all files inside it removed except and 2 files inside it,
OnlineScanner.ocx
OnlineScannerUninstaller
While the scan was on, it located a file desktop.ini in "My Documents", but didnt detect as threat. But its not visible in my documents, even on making hidden files visible.
May i scan with Avira, its been a while, or do i wait.
The ESET scan cant look any better. You can delete the folder or leave it, up to you. You can scan with Avira. Not seeing any malware on your machine based on any of the tools we ran.I dont see any need to run combofix.
The avira update and scan reports.
Update report.
Avira AntiVir Personal - Free Antivirus Updater
Complete product update
Creation time: Sun Sep 26 11:12:25 2010
Operating system:
Windows XP (Service Pack 2) [5.1.2600] 32 bit
Product information:
Product version: 10.0.0.567
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.29
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0
Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\
Proxy settings:
System settings used
11:12:30 [UPD] [INFO] Checking whether newer files are available.
11:12:31 [UPD] [INFO] Select update server 'http://62.146.66.181/update'.
11:12:31 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
11:12:33 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl.idx' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.idx'.
11:12:34 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.info.gz'.
11:12:35 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/vdf.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
11:12:36 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/rdf-common-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\rdf-common-int.info.gz'.
11:12:36 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/ave2-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
11:12:37 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl-info.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl-info.info.gz'.
11:12:37 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/hips-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\hips-win32-int.info.gz'.
11:12:38 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/scanner-win32-int.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\scanner-win32-int.info.gz'.
11:12:38 [UPD] [INFO] Compare local files with status of update server
11:12:38 [UPD] [INFO] Product-info file: Executing mandatory product update initiated by Avira.
11:12:38 [UPD] [INFO] Checking module SELFUPDATE:
11:12:38 [UPD] [INFO] Checking module VDF:
11:12:38 [UPD] [INFO] File 'n_vdf/vbase016.vdf' (local, server): 7.10.11.232 < 7.10.12.4
11:12:38 [UPD] [INFO] File 'n_vdf/vbase017.vdf' (local, server): 7.10.11.233 < 7.10.12.5
11:12:38 [UPD] [INFO] File 'n_vdf/vbase018.vdf' (local, server): 7.10.11.234 < 7.10.12.6
11:12:38 [UPD] [INFO] File 'n_vdf/vbase019.vdf' (local, server): 7.10.11.235 < 7.10.12.7
11:12:38 [UPD] [INFO] File 'n_vdf/vbase020.vdf' (local, server): 7.10.11.236 < 7.10.12.8
11:12:38 [UPD] [INFO] File 'n_vdf/vbase021.vdf' (local, server): 7.10.11.237 < 7.10.12.9
11:12:38 [UPD] [INFO] File 'n_vdf/vbase022.vdf' (local, server): 7.10.11.238 < 7.10.12.10
11:12:38 [UPD] [INFO] File 'n_vdf/vbase023.vdf' (local, server): 7.10.11.239 < 7.10.12.11
11:12:38 [UPD] [INFO] File 'n_vdf/vbase024.vdf' (local, server): 7.10.11.240 < 7.10.12.12
11:12:38 [UPD] [INFO] File 'n_vdf/vbase025.vdf' (local, server): 7.10.11.241 < 7.10.12.13
11:12:38 [UPD] [INFO] File 'n_vdf/vbase026.vdf' (local, server): 7.10.11.242 < 7.10.12.14
11:12:38 [UPD] [INFO] File 'n_vdf/vbase027.vdf' (local, server): 7.10.11.243 < 7.10.12.15
11:12:38 [UPD] [INFO] File 'n_vdf/vbase028.vdf' (local, server): 7.10.11.244 < 7.10.12.16
11:12:38 [UPD] [INFO] File 'n_vdf/vbase029.vdf' (local, server): 7.10.11.245 < 7.10.12.17
11:12:38 [UPD] [INFO] File 'n_vdf/vbase030.vdf' (local, server): 7.10.11.246 < 7.10.12.18
11:12:38 [UPD] [INFO] File 'n_vdf/vbase031.vdf' (local, server): 7.10.12.1 < 7.10.12.30
11:12:38 [UPD] [INFO] File 'n_vdf/aevdf.dat' (local, server): 7.10.12.1 < 7.10.12.30
11:12:38 [UPD] [INFO] Checking module RDF:
11:12:38 [UPD] [INFO] Checking module AVE2:
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aecore.dll' (local, server): 8.1.16.2 < 8.1.17.0
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aehelp.dll' (local, server): 8.1.13.3 < 8.1.13.4
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aeheur.dll' (local, server): 8.1.2.26 < 8.1.2.27
11:12:39 [UPD] [INFO] File 'ave2/win32/int/aeset.dat' (local, server): 8.2.4.60 < 8.2.4.66
11:12:39 [UPD] [INFO] Checking module MAIN:
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/filelist.ini'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/insthlp.exe'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/presetup.exe'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/quicksysscan.avp' is already installed and is not being updated.
11:12:44 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/vcredist_x86.exe'. The file will therefore not be taken
into account.
11:12:44 [UPD] [INFO] Checking module COMMAPPDATA_AV:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/addr_file.html' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module COMMAPP:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/produpd.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/scanjob.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/startupd.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/updjob.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module COMMAPDATA_AV_PROFILES:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/folder.avp' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module TEXT:
11:12:44 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/en-us/eula.txt'. The file will therefore not be taken
into account.
11:12:44 [UPD] [INFO] Checking module DRV:
11:12:44 [UPD] [INFO] Checking module PRODINFO:
11:12:44 [UPD] [INFO] Checking module HIPS:
11:12:44 [UPD] [INFO] Checking module SCANNER:
11:12:44 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\' requires 3502582 bytes of free disk
space.
11:12:44 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\' requires 7208934 bytes of free
disk space.
11:12:44 [UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requires 3604467 bytes of free disk space.
11:12:44 [UPD] [INFO] Disk space OK.
11:12:44 [UPD] [INFO] Drive: C:\, free capacity: 632774656 bytes.
11:12:44 [UPD] [INFO] New files are being downloaded...
11:12:45 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase016.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase016.vdf.gz'.
11:12:51 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase017.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase017.vdf.gz'.
11:12:52 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase018.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase018.vdf.gz'.
11:12:52 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase019.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase019.vdf.gz'.
11:12:53 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase020.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase020.vdf.gz'.
11:12:53 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase021.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase021.vdf.gz'.
11:12:54 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase022.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase022.vdf.gz'.
11:12:54 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase023.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase023.vdf.gz'.
11:12:55 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase024.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase024.vdf.gz'.
11:12:55 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase025.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase025.vdf.gz'.
11:12:56 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase026.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase026.vdf.gz'.
11:12:56 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase027.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase027.vdf.gz'.
11:12:57 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase028.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase028.vdf.gz'.
11:12:57 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase029.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase029.vdf.gz'.
11:12:58 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase030.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase030.vdf.gz'.
11:12:58 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase031.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase031.vdf.gz'.
11:13:01 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/aevdf.dat.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\aevdf.dat.gz'.
11:13:02 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aecore.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aecore.dll.gz'.
11:13:09 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aehelp.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aehelp.dll.gz'.
11:13:15 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aeheur.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeheur.dll.gz'.
11:14:21 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aeset.dat.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeset.dat.gz'.
11:14:21 [UPD] [INFO] The program is running as an unrestricted full version.
11:15:33 [UPD] [INFO] The engine was successfully validated.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase016.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase016.vdf'.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase017.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase017.vdf'.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase018.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase018.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase019.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase019.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase020.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase020.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase021.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase021.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase022.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase022.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase023.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase023.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase024.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase024.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase025.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase025.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase026.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase026.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase027.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase027.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase028.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase028.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase029.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase029.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase030.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase030.vdf'.
11:15:38 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase031.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase031.vdf'.
11:15:38 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\aevdf.dat' was copied to
'C:\Program Files\Avira\AntiVir Desktop\aevdf.dat'.
11:15:40 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aecore.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aecore.dll'.
11:15:42 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aehelp.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aehelp.dll'.
11:15:47 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeheur.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aeheur.dll'.
11:15:47 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeset.dat' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aeset.dat'.
11:17:37 [UPD] [INFO] Re-initialization of Avira AntiVir Guard was successful.
Summary:
********
21 Files downloaded
21 Files installed
Downloaded file(s): vbase016.vdf 7.10.12.4; vbase017.vdf 7.10.12.5; vbase018.vdf 7.10.12.6; vbase019.vdf 7.10.12.7; vbase020.vdf 7.10.12.8;
vbase021.vdf 7.10.12.9; vbase022.vdf 7.10.12.10;
vbase023.vdf 7.10.12.11; vbase024.vdf 7.10.12.12; vbase025.vdf 7.10.12.13; vbase026.vdf 7.10.12.14; vbase027.vdf
7.10.12.15; vbase028.vdf 7.10.12.16; vbase029.vdf 7.10.12.17;
vbase030.vdf 7.10.12.18; vbase031.vdf 7.10.12.30; aevdf.dat 7.10.12.30; aecore.dll 8.1.17.0; aehelp.dll 8.1.13.4;
aeheur.dll 8.1.2.27; aeset.dat 8.2.4.66;
Sun Sep 26 11:18:09 2010
The update was carried out successfully!
Scan report.
Avira AntiVir Personal
Report file date: Sunday, September 26, 2010 11:53
Scanning for 2874959 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ANTIVIRU-47914D
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 9/9/2010 07:55:48
AVSCAN.DLL : 10.0.3.0 46440 Bytes 9/9/2010 07:55:48
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 13:03:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 18:10:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 03:35:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 13:57:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 12:07:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 11:07:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 05:59:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 07:55:47
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 07:55:47
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 07:55:48
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 04:53:43
VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 04:53:44
VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 04:53:44
VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 04:53:45
VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 04:53:45
VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 11:43:14
VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 16:12:29
VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 04:03:43
VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 05:42:51
VBASE017.VDF : 7.10.12.5 2048 Bytes 9/23/2010 05:42:52
VBASE018.VDF : 7.10.12.6 2048 Bytes 9/23/2010 05:42:52
VBASE019.VDF : 7.10.12.7 2048 Bytes 9/23/2010 05:42:53
VBASE020.VDF : 7.10.12.8 2048 Bytes 9/23/2010 05:42:53
VBASE021.VDF : 7.10.12.9 2048 Bytes 9/23/2010 05:42:54
VBASE022.VDF : 7.10.12.10 2048 Bytes 9/23/2010 05:42:54
VBASE023.VDF : 7.10.12.11 2048 Bytes 9/23/2010 05:42:55
VBASE024.VDF : 7.10.12.12 2048 Bytes 9/23/2010 05:42:55
VBASE025.VDF : 7.10.12.13 2048 Bytes 9/23/2010 05:42:56
VBASE026.VDF : 7.10.12.14 2048 Bytes 9/23/2010 05:42:56
VBASE027.VDF : 7.10.12.15 2048 Bytes 9/23/2010 05:42:57
VBASE028.VDF : 7.10.12.16 2048 Bytes 9/23/2010 05:42:57
VBASE029.VDF : 7.10.12.17 2048 Bytes 9/23/2010 05:42:58
VBASE030.VDF : 7.10.12.18 2048 Bytes 9/23/2010 05:42:58
VBASE031.VDF : 7.10.12.30 73728 Bytes 9/24/2010 05:43:01
Engineversion : 8.2.4.66
AEVDF.DLL : 8.1.2.1 106868 Bytes 9/9/2010 07:55:48
AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 9/18/2010 16:14:04
AESCN.DLL : 8.1.6.1 127347 Bytes 9/9/2010 07:55:48
AESBX.DLL : 8.1.3.1 254324 Bytes 9/9/2010 07:55:48
AERDL.DLL : 8.1.9.2 635252 Bytes 9/22/2010 04:04:12
AEPACK.DLL : 8.2.3.7 471413 Bytes 9/18/2010 16:13:40
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 9/9/2010 07:55:48
AEHEUR.DLL : 8.1.2.27 2933110 Bytes 9/26/2010 05:44:21
AEHELP.DLL : 8.1.13.4 242038 Bytes 9/26/2010 05:43:15
AEGEN.DLL : 8.1.3.22 401780 Bytes 9/18/2010 16:12:45
AEEMU.DLL : 8.1.2.0 393588 Bytes 9/9/2010 07:55:48
AECORE.DLL : 8.1.17.0 196982 Bytes 9/26/2010 05:43:09
AEBB.DLL : 8.1.1.0 53618 Bytes 9/9/2010 07:55:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 06:33:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 06:33:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 11:17:40
AVREG.DLL : 10.0.3.0 53096 Bytes 9/9/2010 07:55:49
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 9/9/2010 07:55:49
AVARKT.DLL : 10.0.0.14 227176 Bytes 9/9/2010 07:55:48
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 04:23:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 07:27:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 10:08:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 09:11:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 07:40:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 9/9/2010 07:55:47
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+PCK,+PFS,+SPR,
Start of the scan: Sunday, September 26, 2010 11:53
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '70' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'wuauclt.exe' - '33' Module(s) have been scanned
Scan process 'alg.exe' - '30' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '18' Module(s) have been scanned
Scan process 'ctfmon.exe' - '24' Module(s) have been scanned
Scan process 'msmsgs.exe' - '42' Module(s) have been scanned
Scan process 'avgnt.exe' - '50' Module(s) have been scanned
Scan process 'hkcmd.exe' - '29' Module(s) have been scanned
Scan process 'Explorer.EXE' - '98' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '52' Module(s) have been scanned
Scan process 'sched.exe' - '51' Module(s) have been scanned
Scan process 'spoolsv.exe' - '53' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '158' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '64' Module(s) have been scanned
Scan process 'csrss.exe' - '11' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '321' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\'
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [1005]: The volume does not contain a recognized file system.
End of the scan: Sunday, September 26, 2010 12:34
Used time: 40:56 Minute(s)
The scan has been done completely.
5025 Scanned directories
295873 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
295873 Files not concerned
1860 Archives were scanned
0 Warnings
0 Notes
175699 Objects were scanned with rootkit scan
0 Hidden objects were found
Also, there is an 0 files contaning folder Avira in C:\Documents and settings\Antivirus\Application Data . Inside it is just one empty folder called JOBS.
The folder Avira in C:\Documents and Settings\All Users\Application Data has many files and folders.
Update report.
Avira AntiVir Personal - Free Antivirus Updater
Complete product update
Creation time: Sun Sep 26 11:12:25 2010
Operating system:
Windows XP (Service Pack 2) [5.1.2600] 32 bit
Product information:
Product version: 10.0.0.567
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.29
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0
Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\
Proxy settings:
System settings used
11:12:30 [UPD] [INFO] Checking whether newer files are available.
11:12:31 [UPD] [INFO] Select update server 'http://62.146.66.181/update'.
11:12:31 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
11:12:33 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl.idx' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.idx'.
11:12:34 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl.info.gz'.
11:12:35 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/vdf.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
11:12:36 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/rdf-common-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\rdf-common-int.info.gz'.
11:12:36 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/ave2-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
11:12:37 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/wks_avira10-win32-en-pecl-info.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira10-win32-en-pecl-info.info.gz'.
11:12:37 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/hips-win32-int.info.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\hips-win32-int.info.gz'.
11:12:38 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/scanner-win32-int.info.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\scanner-win32-int.info.gz'.
11:12:38 [UPD] [INFO] Compare local files with status of update server
11:12:38 [UPD] [INFO] Product-info file: Executing mandatory product update initiated by Avira.
11:12:38 [UPD] [INFO] Checking module SELFUPDATE:
11:12:38 [UPD] [INFO] Checking module VDF:
11:12:38 [UPD] [INFO] File 'n_vdf/vbase016.vdf' (local, server): 7.10.11.232 < 7.10.12.4
11:12:38 [UPD] [INFO] File 'n_vdf/vbase017.vdf' (local, server): 7.10.11.233 < 7.10.12.5
11:12:38 [UPD] [INFO] File 'n_vdf/vbase018.vdf' (local, server): 7.10.11.234 < 7.10.12.6
11:12:38 [UPD] [INFO] File 'n_vdf/vbase019.vdf' (local, server): 7.10.11.235 < 7.10.12.7
11:12:38 [UPD] [INFO] File 'n_vdf/vbase020.vdf' (local, server): 7.10.11.236 < 7.10.12.8
11:12:38 [UPD] [INFO] File 'n_vdf/vbase021.vdf' (local, server): 7.10.11.237 < 7.10.12.9
11:12:38 [UPD] [INFO] File 'n_vdf/vbase022.vdf' (local, server): 7.10.11.238 < 7.10.12.10
11:12:38 [UPD] [INFO] File 'n_vdf/vbase023.vdf' (local, server): 7.10.11.239 < 7.10.12.11
11:12:38 [UPD] [INFO] File 'n_vdf/vbase024.vdf' (local, server): 7.10.11.240 < 7.10.12.12
11:12:38 [UPD] [INFO] File 'n_vdf/vbase025.vdf' (local, server): 7.10.11.241 < 7.10.12.13
11:12:38 [UPD] [INFO] File 'n_vdf/vbase026.vdf' (local, server): 7.10.11.242 < 7.10.12.14
11:12:38 [UPD] [INFO] File 'n_vdf/vbase027.vdf' (local, server): 7.10.11.243 < 7.10.12.15
11:12:38 [UPD] [INFO] File 'n_vdf/vbase028.vdf' (local, server): 7.10.11.244 < 7.10.12.16
11:12:38 [UPD] [INFO] File 'n_vdf/vbase029.vdf' (local, server): 7.10.11.245 < 7.10.12.17
11:12:38 [UPD] [INFO] File 'n_vdf/vbase030.vdf' (local, server): 7.10.11.246 < 7.10.12.18
11:12:38 [UPD] [INFO] File 'n_vdf/vbase031.vdf' (local, server): 7.10.12.1 < 7.10.12.30
11:12:38 [UPD] [INFO] File 'n_vdf/aevdf.dat' (local, server): 7.10.12.1 < 7.10.12.30
11:12:38 [UPD] [INFO] Checking module RDF:
11:12:38 [UPD] [INFO] Checking module AVE2:
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aecore.dll' (local, server): 8.1.16.2 < 8.1.17.0
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aehelp.dll' (local, server): 8.1.13.3 < 8.1.13.4
11:12:38 [UPD] [INFO] File 'ave2/win32/int/aeheur.dll' (local, server): 8.1.2.26 < 8.1.2.27
11:12:39 [UPD] [INFO] File 'ave2/win32/int/aeset.dat' (local, server): 8.2.4.60 < 8.2.4.66
11:12:39 [UPD] [INFO] Checking module MAIN:
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/filelist.ini'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/insthlp.exe'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/presetup.exe'. The file will therefore not be taken into
account.
11:12:43 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/quicksysscan.avp' is already installed and is not being updated.
11:12:44 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/vcredist_x86.exe'. The file will therefore not be taken
into account.
11:12:44 [UPD] [INFO] Checking module COMMAPPDATA_AV:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/addr_file.html' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module COMMAPP:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/produpd.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/scanjob.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/startupd.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/updjob.avj' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module COMMAPDATA_AV_PROFILES:
11:12:44 [UPD] [INFO] File'wks_avira10/win32/en/pecl/en-us/folder.avp' is already installed and is not being updated.
11:12:44 [UPD] [INFO] Checking module TEXT:
11:12:44 [UPD] [INFO] The IGNORE flag is set for the file 'wks_avira10/win32/en/pecl/en-us/eula.txt'. The file will therefore not be taken
into account.
11:12:44 [UPD] [INFO] Checking module DRV:
11:12:44 [UPD] [INFO] Checking module PRODINFO:
11:12:44 [UPD] [INFO] Checking module HIPS:
11:12:44 [UPD] [INFO] Checking module SCANNER:
11:12:44 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\' requires 3502582 bytes of free disk
space.
11:12:44 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\' requires 7208934 bytes of free
disk space.
11:12:44 [UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requires 3604467 bytes of free disk space.
11:12:44 [UPD] [INFO] Disk space OK.
11:12:44 [UPD] [INFO] Drive: C:\, free capacity: 632774656 bytes.
11:12:44 [UPD] [INFO] New files are being downloaded...
11:12:45 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase016.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase016.vdf.gz'.
11:12:51 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase017.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase017.vdf.gz'.
11:12:52 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase018.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase018.vdf.gz'.
11:12:52 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase019.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase019.vdf.gz'.
11:12:53 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase020.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase020.vdf.gz'.
11:12:53 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase021.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase021.vdf.gz'.
11:12:54 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase022.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase022.vdf.gz'.
11:12:54 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase023.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase023.vdf.gz'.
11:12:55 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase024.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase024.vdf.gz'.
11:12:55 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase025.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase025.vdf.gz'.
11:12:56 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase026.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase026.vdf.gz'.
11:12:56 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase027.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase027.vdf.gz'.
11:12:57 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase028.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase028.vdf.gz'.
11:12:57 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase029.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase029.vdf.gz'.
11:12:58 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase030.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase030.vdf.gz'.
11:12:58 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/vbase031.vdf.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\vbase031.vdf.gz'.
11:13:01 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/n_vdf/aevdf.dat.gz' to 'C:\Documents and Settings\All Users\Application
Data\Avira\AntiVir Desktop\TEMP\UPDATE\n_vdf\aevdf.dat.gz'.
11:13:02 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aecore.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aecore.dll.gz'.
11:13:09 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aehelp.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aehelp.dll.gz'.
11:13:15 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aeheur.dll.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeheur.dll.gz'.
11:14:21 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/ave2/win32/int/aeset.dat.gz' to 'C:\Documents and Settings\All
Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeset.dat.gz'.
11:14:21 [UPD] [INFO] The program is running as an unrestricted full version.
11:15:33 [UPD] [INFO] The engine was successfully validated.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase016.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase016.vdf'.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase017.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase017.vdf'.
11:15:36 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase018.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase018.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase019.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase019.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase020.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase020.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase021.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase021.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase022.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase022.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase023.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase023.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase024.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase024.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase025.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase025.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase026.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase026.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase027.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase027.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase028.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase028.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase029.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase029.vdf'.
11:15:37 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase030.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase030.vdf'.
11:15:38 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\vbase031.vdf' was copied to
'C:\Program Files\Avira\AntiVir Desktop\vbase031.vdf'.
11:15:38 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\n_vdf\aevdf.dat' was copied to
'C:\Program Files\Avira\AntiVir Desktop\aevdf.dat'.
11:15:40 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aecore.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aecore.dll'.
11:15:42 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aehelp.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aehelp.dll'.
11:15:47 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeheur.dll' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aeheur.dll'.
11:15:47 [UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\ave2\win32\int\aeset.dat' was
copied to 'C:\Program Files\Avira\AntiVir Desktop\aeset.dat'.
11:17:37 [UPD] [INFO] Re-initialization of Avira AntiVir Guard was successful.
Summary:
********
21 Files downloaded
21 Files installed
Downloaded file(s): vbase016.vdf 7.10.12.4; vbase017.vdf 7.10.12.5; vbase018.vdf 7.10.12.6; vbase019.vdf 7.10.12.7; vbase020.vdf 7.10.12.8;
vbase021.vdf 7.10.12.9; vbase022.vdf 7.10.12.10;
vbase023.vdf 7.10.12.11; vbase024.vdf 7.10.12.12; vbase025.vdf 7.10.12.13; vbase026.vdf 7.10.12.14; vbase027.vdf
7.10.12.15; vbase028.vdf 7.10.12.16; vbase029.vdf 7.10.12.17;
vbase030.vdf 7.10.12.18; vbase031.vdf 7.10.12.30; aevdf.dat 7.10.12.30; aecore.dll 8.1.17.0; aehelp.dll 8.1.13.4;
aeheur.dll 8.1.2.27; aeset.dat 8.2.4.66;
Sun Sep 26 11:18:09 2010
The update was carried out successfully!
Scan report.
Avira AntiVir Personal
Report file date: Sunday, September 26, 2010 11:53
Scanning for 2874959 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ANTIVIRU-47914D
Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 9/9/2010 07:55:48
AVSCAN.DLL : 10.0.3.0 46440 Bytes 9/9/2010 07:55:48
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 13:03:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 18:10:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 03:35:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 13:57:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 12:07:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 11:07:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 05:59:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 07:55:47
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 07:55:47
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 07:55:48
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 04:53:43
VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 04:53:44
VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 04:53:44
VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 04:53:45
VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 04:53:45
VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 11:43:14
VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 16:12:29
VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 04:03:43
VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 05:42:51
VBASE017.VDF : 7.10.12.5 2048 Bytes 9/23/2010 05:42:52
VBASE018.VDF : 7.10.12.6 2048 Bytes 9/23/2010 05:42:52
VBASE019.VDF : 7.10.12.7 2048 Bytes 9/23/2010 05:42:53
VBASE020.VDF : 7.10.12.8 2048 Bytes 9/23/2010 05:42:53
VBASE021.VDF : 7.10.12.9 2048 Bytes 9/23/2010 05:42:54
VBASE022.VDF : 7.10.12.10 2048 Bytes 9/23/2010 05:42:54
VBASE023.VDF : 7.10.12.11 2048 Bytes 9/23/2010 05:42:55
VBASE024.VDF : 7.10.12.12 2048 Bytes 9/23/2010 05:42:55
VBASE025.VDF : 7.10.12.13 2048 Bytes 9/23/2010 05:42:56
VBASE026.VDF : 7.10.12.14 2048 Bytes 9/23/2010 05:42:56
VBASE027.VDF : 7.10.12.15 2048 Bytes 9/23/2010 05:42:57
VBASE028.VDF : 7.10.12.16 2048 Bytes 9/23/2010 05:42:57
VBASE029.VDF : 7.10.12.17 2048 Bytes 9/23/2010 05:42:58
VBASE030.VDF : 7.10.12.18 2048 Bytes 9/23/2010 05:42:58
VBASE031.VDF : 7.10.12.30 73728 Bytes 9/24/2010 05:43:01
Engineversion : 8.2.4.66
AEVDF.DLL : 8.1.2.1 106868 Bytes 9/9/2010 07:55:48
AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 9/18/2010 16:14:04
AESCN.DLL : 8.1.6.1 127347 Bytes 9/9/2010 07:55:48
AESBX.DLL : 8.1.3.1 254324 Bytes 9/9/2010 07:55:48
AERDL.DLL : 8.1.9.2 635252 Bytes 9/22/2010 04:04:12
AEPACK.DLL : 8.2.3.7 471413 Bytes 9/18/2010 16:13:40
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 9/9/2010 07:55:48
AEHEUR.DLL : 8.1.2.27 2933110 Bytes 9/26/2010 05:44:21
AEHELP.DLL : 8.1.13.4 242038 Bytes 9/26/2010 05:43:15
AEGEN.DLL : 8.1.3.22 401780 Bytes 9/18/2010 16:12:45
AEEMU.DLL : 8.1.2.0 393588 Bytes 9/9/2010 07:55:48
AECORE.DLL : 8.1.17.0 196982 Bytes 9/26/2010 05:43:09
AEBB.DLL : 8.1.1.0 53618 Bytes 9/9/2010 07:55:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 06:33:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 06:33:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 11:17:40
AVREG.DLL : 10.0.3.0 53096 Bytes 9/9/2010 07:55:49
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 9/9/2010 07:55:49
AVARKT.DLL : 10.0.0.14 227176 Bytes 9/9/2010 07:55:48
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 04:23:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 07:27:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 10:08:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 09:11:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 07:40:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 9/9/2010 07:55:47
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+PCK,+PFS,+SPR,
Start of the scan: Sunday, September 26, 2010 11:53
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '70' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'wuauclt.exe' - '33' Module(s) have been scanned
Scan process 'alg.exe' - '30' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '18' Module(s) have been scanned
Scan process 'ctfmon.exe' - '24' Module(s) have been scanned
Scan process 'msmsgs.exe' - '42' Module(s) have been scanned
Scan process 'avgnt.exe' - '50' Module(s) have been scanned
Scan process 'hkcmd.exe' - '29' Module(s) have been scanned
Scan process 'Explorer.EXE' - '98' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '52' Module(s) have been scanned
Scan process 'sched.exe' - '51' Module(s) have been scanned
Scan process 'spoolsv.exe' - '53' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '158' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '64' Module(s) have been scanned
Scan process 'csrss.exe' - '11' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '321' files ).
Starting the file scan:
Begin scan in 'C:\'
Begin scan in 'D:\'
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [1005]: The volume does not contain a recognized file system.
End of the scan: Sunday, September 26, 2010 12:34
Used time: 40:56 Minute(s)
The scan has been done completely.
5025 Scanned directories
295873 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
295873 Files not concerned
1860 Archives were scanned
0 Warnings
0 Notes
175699 Objects were scanned with rootkit scan
0 Hidden objects were found
So do you think there is no malware on my computer.
After i had clicked finish on the ESET scanner, it had said its recomended to uninstall ESET from your computer, inspite of my clicking to uninstall in the previous step. They have left behind the OnlineScannerUninstaller in it with most of the files deleted. So do you think i should run the uninstaller before deleting the folder.
Also, there is an 0 files contaning folder Avira in C:\Documents and settings\Antivirus\Application Data . Inside it is just one empty folder called JOBS.
The folder Avira in C:\Documents and Settings\All Users\Application Data has many files and folders.
Correct, no malware
Theres always traces of leftovers that are left behind after running most uninstallers.
Since you clicked the option to uninstall ESET these are probably just the leftovers. You could run the uninstaller.exe thats in the folder, then delete the folder.
I dont know what those are, obviously created and used by Avira. I wouldn't delete anything, you might foul up your Avira installation.
You can delete the rootrepeal icon from your desktop and DDS, there is no uninstaller. Note that the free version of Malwarebytes must be updated manually and a scan started manually. Its good practice to keep it updated even if you dont scan alot with it.
Last edited:
- Status