Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This Computer Infected ?


  • Please log in to reply
No replies to this topic

#1 four2zero

four2zero

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:01 AM

Posted 05 February 2011 - 05:26 PM

Hi, everyone. I am troubleshooting my brother and sister in law computer. Apparently there computer has been infected and hacked by serious viruses and spyware adware trojan, due to "NO" protection, No Anti-virus and No Firewall. Now what I have thus far.

Installed Avira Ant-virus updated
Installed Comodo firewall

I have ran Avira antivirus numerous amount of times, and it keeps showing the 3 hidden objects. The computer was infested with trojan and spyware viruses. I have done practically everything that I myself can think of, What i would like to figure out what are the 3 hidden objects, and if they can be removed. thank you ~!.


Avira AntiVir Personal
Report file date: Saturday, February 05, 2011 14:28

Scanning for 2456743 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HP-PAVILION

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 22:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 20:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 22:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 07:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 17:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 22:23:50
VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 22:23:50
VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 22:23:50
VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 22:23:50
VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 22:23:50
VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 22:23:50
VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 22:23:50
VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 22:23:50
VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 22:23:50
VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 22:23:50
VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 22:23:50
VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 22:23:50
VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 23:54:35
VBASE014.VDF : 7.11.0.91 226816 Bytes 12/20/2010 01:12:47
VBASE015.VDF : 7.11.0.122 136192 Bytes 12/21/2010 03:09:26
VBASE016.VDF : 7.11.0.156 122880 Bytes 12/24/2010 17:41:13
VBASE017.VDF : 7.11.0.185 146944 Bytes 12/27/2010 22:39:57
VBASE018.VDF : 7.11.0.228 132608 Bytes 12/30/2010 00:23:58
VBASE019.VDF : 7.11.1.5 148480 Bytes 1/3/2011 01:45:39
VBASE020.VDF : 7.11.1.37 156672 Bytes 1/7/2011 17:30:06
VBASE021.VDF : 7.11.1.65 140800 Bytes 1/10/2011 21:12:43
VBASE022.VDF : 7.11.1.87 225280 Bytes 1/11/2011 22:47:36
VBASE023.VDF : 7.11.1.124 125440 Bytes 1/14/2011 20:03:44
VBASE024.VDF : 7.11.1.155 132096 Bytes 1/17/2011 20:03:45
VBASE025.VDF : 7.11.1.189 451072 Bytes 1/20/2011 20:03:45
VBASE026.VDF : 7.11.1.230 138752 Bytes 1/24/2011 20:03:46
VBASE027.VDF : 7.11.2.12 164352 Bytes 1/27/2011 20:03:46
VBASE028.VDF : 7.11.2.43 178176 Bytes 2/1/2011 20:03:46
VBASE029.VDF : 7.11.2.78 206336 Bytes 2/4/2011 20:03:47
VBASE030.VDF : 7.11.2.79 2048 Bytes 2/4/2011 20:03:47
VBASE031.VDF : 7.11.2.80 2048 Bytes 2/4/2011 20:03:47
Engineversion : 8.2.4.162
AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 22:23:26
AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 2/4/2011 20:03:51
AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 22:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 22:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 22:23:25
AEPACK.DLL : 8.2.4.9 512374 Bytes 2/4/2011 20:03:50
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 2/4/2011 20:03:50
AEHEUR.DLL : 8.1.2.73 3207541 Bytes 2/4/2011 20:03:50
AEHELP.DLL : 8.1.16.1 246134 Bytes 2/4/2011 20:03:48
AEGEN.DLL : 8.1.5.2 397683 Bytes 2/4/2011 20:03:48
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 22:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 2/4/2011 20:03:48
AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 22:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 22:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 22:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 22:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 22:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 22:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 22:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 22:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 22:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 22:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 22:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 21:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 22:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Saturday, February 05, 2011 14:28

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
c:\windows\explorer.exe
c:\windows\explorer.exe
[NOTE] The process is not visible.
c:\windows\explorer.exe

The scan of running processes will be started
Scan process 'rsmsink.exe' - '33' Module(s) have been scanned
Scan process 'avscan.exe' - '72' Module(s) have been scanned
Scan process 'logonui.exe' - '41' Module(s) have been scanned
Scan process 'rdpclip.exe' - '38' Module(s) have been scanned
Scan process 'winlogon.exe' - '59' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'dllhost.exe' - '49' Module(s) have been scanned
Scan process 'vssvc.exe' - '52' Module(s) have been scanned
Scan process 'msdtc.exe' - '44' Module(s) have been scanned
Scan process 'dllhost.exe' - '65' Module(s) have been scanned
Scan process 'avcenter.exe' - '65' Module(s) have been scanned
Scan process 'explorer.exe' - '126' Module(s) have been scanned
Scan process 'hpqgpc01.exe' - '46' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '29' Module(s) have been scanned
Scan process 'hpqSTE08.exe' - '57' Module(s) have been scanned
Scan process 'alg.exe' - '37' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'sistray.exe' - '27' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '71' Module(s) have been scanned
Scan process 'avgnt.exe' - '48' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '71' Module(s) have been scanned
Scan process 'HPWuSchd2.exe' - '21' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '33' Module(s) have been scanned
Scan process 'jusched.exe' - '25' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'IoctlSvc.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'NBHRegInCDSrv.exe' - '19' Module(s) have been scanned
Scan process 'NBService.exe' - '42' Module(s) have been scanned
Scan process 'jqs.exe' - '37' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '38' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '53' Module(s) have been scanned
Scan process 'avguard.exe' - '59' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '16' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'sched.exe' - '48' Module(s) have been scanned
Scan process 'spoolsv.exe' - '66' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'cmdagent.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'lsass.exe' - '62' Module(s) have been scanned
Scan process 'services.exe' - '31' Module(s) have been scanned
Scan process 'winlogon.exe' - '90' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1745' files ).


Starting the file scan:

Begin scan in 'C:\' <Windows>


End of the scan: Saturday, February 05, 2011 15:09
Used time: 40:58 Minute(s)

The scan has been done completely.

9990 Scanned directories
246682 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
246682 Files not concerned
2390 Archives were scanned
0 Warnings
0 Notes
451080 Objects were scanned with rootkit scan
3 Hidden objects were found


Edited by four2zero, 05 February 2011 - 07:35 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users