InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : computer acting funny and lots of ads-do i have spyware?? |
|
Answer» i will remove one after this is fixed i will remove one after this is fixed Yes they do conflict. At the very LEAST they are interupting each others processes to scan what the other is doing. Do what ADG suggests there, get rid of McAfee.here is my avira log Code: [Select] Avira AntiVir Personal Report file DATE: Sunday, August 23, 2009 11:05 Scanning for 1651917 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows Vista Windows version : (Service Pack 1) [6.0.6001] Boot mode : Normally booted Username : SYSTEM Computer name : JOHN-PC Version information: BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00 AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 21:36:14 AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 18:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 18:58:52 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 20:30:36 ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 17:21:42 ANTIVIR2.VDF : 7.1.5.146 3087360 Bytes 8/21/2009 00:36:58 ANTIVIR3.VDF : 7.1.5.149 9728 Bytes 8/21/2009 00:36:59 Engineversion : 8.2.1.3 AEVDF.DLL : 8.1.1.1 106868 Bytes 7/28/2009 21:31:50 AESCRIPT.DLL : 8.1.2.25 459130 Bytes 8/23/2009 00:37:12 AESCN.DLL : 8.1.2.4 127348 Bytes 7/23/2009 17:59:39 AERDL.DLL : 8.1.2.4 430452 Bytes 7/23/2009 17:59:39 AEPACK.DLL : 8.1.3.18 401783 Bytes 7/28/2009 21:31:50 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 17:59:39 AEHEUR.DLL : 8.1.0.155 1921400 Bytes 8/23/2009 00:37:10 AEHELP.DLL : 8.1.6.0 233846 Bytes 8/23/2009 00:37:03 AEGEN.DLL : 8.1.1.57 356725 Bytes 8/23/2009 00:37:01 AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 22:32:40 AECORE.DLL : 8.1.7.6 184694 Bytes 7/23/2009 17:59:39 AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 22:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:59 AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 18:32:15 AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 22:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 18:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 18:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 23:39:58 RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 18:19:48 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot SECTORS........................: C:, D:, M:, O:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +JOKE, Start of the scan: Sunday, August 23, 2009 11:05 Starting search for hidden objects. '222294' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'speedfan.exe' - '1' Module(s) have been scanned Scan process 'dllhost.exe' - '1' Module(s) have been scanned Scan process '3DMark03.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sdclt.exe' - '1' Module(s) have been scanned Scan process 'mcupdate.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'mcuimgr.exe' - '1' Module(s) have been scanned Scan process 'McNASvc.exe' - '1' Module(s) have been scanned Scan process 'mcsysmon.exe' - '1' Module(s) have been scanned Scan process 'RtkBtMnt.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'winThrottle.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned Scan process 'ehmsas.exe' - '1' Module(s) have been scanned Scan process 'igfxext.exe' - '1' Module(s) have been scanned Scan process 'BTTray.exe' - '1' Module(s) have been scanned Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned Scan process 'ApntEx.exe' - '1' Module(s) have been scanned Scan process 'vivaty.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ehtray.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'MC.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'winampa.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'ApMsgFwd.exe' - '1' Module(s) have been scanned Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned Scan process 'Apoint.exe' - '1' Module(s) have been scanned Scan process 'BkupTray.exe' - '1' Module(s) have been scanned Scan process 'LManager.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'MSASCui.exe' - '1' Module(s) have been scanned Scan process 'mcagent.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned Scan process 'mcmscsvc.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'XAudio.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sqlwriter.exe' - '1' Module(s) have been scanned Scan process 'sqlbrowser.exe' - '1' Module(s) have been scanned Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SchedulerSvc.exe' - '1' Module(s) have been scanned Scan process 'BackupSvc.exe' - '1' Module(s) have been scanned Scan process 'SMSvcHost.exe' - '1' Module(s) have been scanned Scan process 'sqlservr.exe' - '1' Module(s) have been scanned Scan process 'msksrver.exe' - '1' Module(s) have been scanned Scan process 'MpfSrv.exe' - '1' Module(s) have been scanned Scan process 'MobilityService.exe' - '1' Module(s) have been scanned Scan process 'Mcshield.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'McProxy.exe' - '1' Module(s) have been scanned Scan process 'McSACore.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned Scan process 'ETService.exe' - '1' Module(s) have been scanned Scan process 'Agentsvc.exe' - '1' Module(s) have been scanned Scan process 'btwdins.exe' - '1' Module(s) have been scanned Scan process 'BcmSqlStartupSvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 98 processes with 98 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'M:\' [INFO] No virus was found! Boot sector 'O:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '95' files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\blackcat\TEST\DDTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan C:\blackcat\TEST\SDLTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan C:\cygnew\bin\camlp4.exe [WARNING] The file could not be opened! C:\cygnew\bin\camlp4o.exe [WARNING] The file could not be opened! C:\cygnew\bin\camlp4o.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\camlp4r.exe [WARNING] The file could not be opened! C:\cygnew\bin\camlp4r.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\lyx.exe [WARNING] The file could not be opened! C:\cygnew\bin\lyxclient.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocaml.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlbrowser.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlc.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlc.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlcp.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamldebug.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamldep.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamldep.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamldoc.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamldoc.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamllex.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamllex.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlopt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlopt.opt.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlprof.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlrun.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocamlyacc.exe [WARNING] The file could not be opened! C:\cygnew\bin\ocpp.exe [WARNING] The file could not be opened! C:\cygnew\bin\tex2lyx.exe [WARNING] The file could not be opened! C:\cygnew\lib\ocaml\camlheader [DETECTION] Is the TR/Dropper.Gen Trojan C:\cygnew\lib\ocaml\camlheader_ur [DETECTION] Is the TR/Dropper.Gen Trojan C:\cygnew\lib\ocaml\expunge.exe [WARNING] The file could not be opened! C:\MinGW\bin\mklinkstub.exe [DETECTION] Is the TR/Dropper.Gen Trojan C:\Program Files\Cain\Abel.exe [DETECTION] Is the TR/Crypt.ULPM.Gen Trojan C:\Program Files\Silicon Pixels\CPIX\CPIX16.EXE [DETECTION] Is the TR/Dropper.Gen Trojan C:\tc\TCC\NONP.EXE [DETECTION] Contains recognition pattern of the DOS/Candy DOS virus C:\tc\TCC\PARSE.EXE [DETECTION] Contains recognition pattern of the DOS/Candy DOS virus C:\windows\system32\eula.txt [DETECTION] Is the TR/Dropper.Gen Trojan C:\windows\system32\_joker123.bin [DETECTION] Contains recognition pattern of the DOS/Candy DOS virus Begin scan in 'D:\' <DATA> D:\pagefile.sys [WARNING] The file could not be opened! D:\snf.exe [DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan D:\Bouncey ball\snf.exe [DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan D:\Bouncey ball\snf2.exe [DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan D:\devkitadv\bin\mklinkstub.exe [DETECTION] Is the TR/Dropper.Gen Trojan D:\dosex\TEST\DDTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan D:\dosex\TEST\SDLTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan D:\doxex\TEST\DDTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan D:\gbadev\devkitadv\bin\mklinkstub.exe [DETECTION] Is the TR/Dropper.Gen Trojan D:\hx\TEST\DDTEST.EXE [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan D:\reactos\ReactOS-0.3.9\output-i386\base\applications\network\dwnl\dwnl.exe [DETECTION] Is the TR/Dropper.Gen Trojan D:\reactos\ReactOS-0.3.9\output-i386\livecd\reactos\system32\dwnl.exe [DETECTION] Is the TR/Dropper.Gen Trojan Begin scan in 'M:\' <PQSERVICE> M:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'O:\' Quote from: SuperDave on August 21, 2009, 07:24:18 PM Smeezekitty, you should run SuperAntispyware and Malwarebytes-Antimalware programs found here and post the logs. Also run HJT again and post the log. |
|