Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Warning From Avira Antivir Free


  • Please log in to reply
4 replies to this topic

#1 silon and garfunkel

silon and garfunkel

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 11 August 2008 - 01:12 AM

Hi,

Im not sure if this is a problem or not. After running Avira antivir free it found no infections but it did come back with a few warnings. I was wondering if they were serious or not?

This is the log it gave me.



Avira AntiVir Personal
Report file date: Saturday, August 09, 2008 16:50

Scanning for 1538515 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: THE
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 4/9/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 3/18/2008 01:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 2/7/2008 00:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 2/28/2008 00:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 2/21/2008 00:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 02:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 6/24/2008 06:28:35
ANTIVIR2.VDF : 7.0.5.207 2316800 Bytes 8/4/2008 06:49:16
ANTIVIR3.VDF : 7.0.5.223 108032 Bytes 8/6/2008 06:54:12
Engineversion : 8.1.1.19
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 01:58:21
AESCRIPT.DLL : 8.1.0.63 311673 Bytes 8/7/2008 06:58:04
AESCN.DLL : 8.1.0.23 119156 Bytes 7/27/2008 06:42:19
AERDL.DLL : 8.1.0.20 418165 Bytes 7/27/2008 06:42:06
AEPACK.DLL : 8.1.2.1 364917 Bytes 7/27/2008 06:41:22
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 7/27/2008 06:40:38
AEHEUR.DLL : 8.1.0.47 1368437 Bytes 8/7/2008 06:57:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 7/27/2008 06:38:06
AEGEN.DLL : 8.1.0.35 315764 Bytes 8/7/2008 06:55:21
AEEMU.DLL : 8.1.0.7 430452 Bytes 8/1/2008 09:29:13
AECORE.DLL : 8.1.1.8 172406 Bytes 8/1/2008 09:28:43
AEBB.DLL : 8.1.0.1 53617 Bytes 7/27/2008 06:36:30
AVWINLL.DLL : 1.0.0.7 14593 Bytes 1/23/2008 09:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 2/18/2008 02:37:50
AVREP.DLL : 8.0.0.2 98344 Bytes 8/1/2008 09:28:23
AVREG.DLL : 8.0.0.0 30977 Bytes 1/23/2008 09:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 00:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2/28/2008 00:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 09:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 1/23/2008 09:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 04:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 3/10/2008 06:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 3/6/2008 04:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Saturday, August 09, 2008 16:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'PrintScreen.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '0' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'dlbtbmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'dlbtbmgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'MsPMSPSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'McSACore.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '26' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OADriver.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\OAmon.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\oanet.sys
[WARNING] The file could not be opened!


End of the scan: Saturday, August 09, 2008 17:04
Used time: 14:02 min

The scan has been done completely.

1874 Scanning directories
88032 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
88032 Files not concerned
643 Archives were scanned
4 Warnings
0 Notes


The pagefile.sys one has always been there but the three driver files that don't open have just appeared.

I have also scanned with spybot 1.6, superantispyware and malwarebytes and they did not find anything wrong.

BC AdBot (Login to Remove)

 


#2 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:02:22 AM

Posted 11 August 2008 - 02:41 AM

Hello silon and garfunkel :thumbsup:

Are you using Online Armor Personal Firewall by any chance?

The 3 processes are related to Online Armor.

C:\WINDOWS\system32\drivers\OADriver.sys
C:\WINDOWS\system32\drivers\OAmon.sys
C:\WINDOWS\system32\drivers\oanet.sys

The reason the AV is warning you on those 4 files, is because they are locked and in use. They won't allow read access.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#3 silon and garfunkel

silon and garfunkel
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 11 August 2008 - 04:59 AM

Hi,

Yes, I have recently started using online armor. I think you must be right about it being the cause.

So do you think that means that I have nothing to worry about.

#4 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:02:22 AM

Posted 11 August 2008 - 12:30 PM

Well if you have no symptoms of infection, I would be inclined to say that you're alright. I see nothing that outright jumps out at me from that log.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#5 silon and garfunkel

silon and garfunkel
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:06:22 PM

Posted 12 August 2008 - 02:20 AM

OK, thanks for that.

I guess I will just leave it for now, as long as nothing else funny starts happening.

Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users