Dear visitor, welcome to Avira Support Forum.
If this is your first visit here, please read the Help. It explains in detail how this page works.
To use all features of this page, you should consider registering.
Please use the registration form, to register here or read more information about the registration process.
If you are already registered, please login here.
Help for removal of TR/ZAccess.h please!
Kindly help with the removal of TR/ZAccess.h. It was detected and quarantined earlier today and I did not keep the report at that time.
Now the scanner does not find it anymore, and maybe I should wait until it pops up again?
In any case here is the report after a complete system scan:
Avira Free Antivirus
Report file date: Friday, September 21, 2012 21:55
Scanning for 4250358 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Microsoft Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : m
Computer name : O
Version information:
BUILD.DAT : 12.0.0.1125 41829 Bytes 5/2/2012 17:40:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 5/2/2012 04:48:51
AVSCAN.DLL : 12.3.0.15 54736 Bytes 5/2/2012 19:31:39
LUKE.DLL : 12.3.0.15 68304 Bytes 5/2/2012 05:31:47
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 5/2/2012 04:13:36
AVREG.DLL : 12.3.0.17 232200 Bytes 9/21/2012 17:08:54
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 00:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 05:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 05:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 15:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 16:43:53
VBASE005.VDF : 7.11.34.116 4034048 Bytes 6/29/2012 17:08:26
VBASE006.VDF : 7.11.41.250 4902400 Bytes 9/6/2012 17:08:35
VBASE007.VDF : 7.11.41.251 2048 Bytes 9/6/2012 17:08:35
VBASE008.VDF : 7.11.41.252 2048 Bytes 9/6/2012 17:08:35
VBASE009.VDF : 7.11.41.253 2048 Bytes 9/6/2012 17:08:36
VBASE010.VDF : 7.11.41.254 2048 Bytes 9/6/2012 17:08:36
VBASE011.VDF : 7.11.41.255 2048 Bytes 9/6/2012 17:08:36
VBASE012.VDF : 7.11.42.0 2048 Bytes 9/6/2012 17:08:36
VBASE013.VDF : 7.11.42.1 2048 Bytes 9/6/2012 17:08:37
VBASE014.VDF : 7.11.42.65 203264 Bytes 9/9/2012 17:08:37
VBASE015.VDF : 7.11.42.125 156672 Bytes 9/11/2012 17:08:38
VBASE016.VDF : 7.11.42.171 187904 Bytes 9/12/2012 17:08:38
VBASE017.VDF : 7.11.42.235 141312 Bytes 9/13/2012 17:08:39
VBASE018.VDF : 7.11.43.35 133632 Bytes 9/15/2012 17:08:39
VBASE019.VDF : 7.11.43.89 129024 Bytes 9/18/2012 17:08:39
VBASE020.VDF : 7.11.43.141 130560 Bytes 9/19/2012 17:08:40
VBASE021.VDF : 7.11.43.187 121856 Bytes 9/21/2012 17:08:40
VBASE022.VDF : 7.11.43.188 2048 Bytes 9/21/2012 17:08:40
VBASE023.VDF : 7.11.43.189 2048 Bytes 9/21/2012 17:08:41
VBASE024.VDF : 7.11.43.190 2048 Bytes 9/21/2012 17:08:41
VBASE025.VDF : 7.11.43.191 2048 Bytes 9/21/2012 17:08:41
VBASE026.VDF : 7.11.43.192 2048 Bytes 9/21/2012 17:08:41
VBASE027.VDF : 7.11.43.193 2048 Bytes 9/21/2012 17:08:41
VBASE028.VDF : 7.11.43.194 2048 Bytes 9/21/2012 17:08:42
VBASE029.VDF : 7.11.43.195 2048 Bytes 9/21/2012 17:08:42
VBASE030.VDF : 7.11.43.196 2048 Bytes 9/21/2012 17:08:42
VBASE031.VDF : 7.11.43.212 73728 Bytes 9/21/2012 17:08:42
Engine version : 8.2.10.164
AEVDF.DLL : 8.1.2.10 102772 Bytes 9/21/2012 17:08:52
AESCRIPT.DLL : 8.1.4.54 459131 Bytes 9/21/2012 17:08:52
AESCN.DLL : 8.1.8.2 131444 Bytes 2/16/2012 22:11:36
AESBX.DLL : 8.2.5.12 606578 Bytes 9/21/2012 17:08:53
AERDL.DLL : 8.1.9.15 639348 Bytes 1/21/2012 05:22:40
AEPACK.DLL : 8.3.0.36 811382 Bytes 9/21/2012 17:08:51
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 9/21/2012 17:08:50
AEHEUR.DLL : 8.1.4.100 5280120 Bytes 9/21/2012 17:08:50
AEHELP.DLL : 8.1.23.2 258422 Bytes 9/21/2012 17:08:46
AEGEN.DLL : 8.1.5.36 434549 Bytes 9/21/2012 17:08:45
AEEXP.DLL : 8.1.0.86 90484 Bytes 9/21/2012 17:08:53
AEEMU.DLL : 8.1.3.2 393587 Bytes 9/21/2012 17:08:44
AECORE.DLL : 8.1.27.4 201078 Bytes 9/21/2012 17:08:44
AEBB.DLL : 8.1.1.0 53618 Bytes 1/21/2012 05:22:35
AVWINLL.DLL : 12.3.0.15 27344 Bytes 5/2/2012 04:59:21
AVPREF.DLL : 12.3.0.15 51920 Bytes 5/2/2012 04:44:31
AVREP.DLL : 12.3.0.15 179208 Bytes 5/2/2012 04:13:35
AVARKT.DLL : 12.3.0.15 211408 Bytes 5/2/2012 04:21:32
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 5/2/2012 04:28:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 4/17/2012 03:11:02
AVSMTP.DLL : 12.3.0.15 63440 Bytes 5/2/2012 04:51:35
NETNT.DLL : 12.3.0.15 17104 Bytes 5/2/2012 05:33:29
RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 5/2/2012 06:03:52
RCTEXT.DLL : 12.3.0.15 96720 Bytes 5/2/2012 19:40:44
Part II of report:
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Start of the scan: Friday, September 21, 2012 21:55
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Avira\AntiVir Desktop\LastMalware
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Classes\.wid\bin
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\MostRecentApplication\Name
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Cookies
C:\Documents and Settings\NetworkService\Cookies
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files
[NOTE] The registry entry is invisible.
C:\Documents and Settings\NetworkService\Local Settings\History
C:\Documents and Settings\NetworkService\Local Settings\History
[NOTE] The registry entry is invisible.
Hidden thread
[NOTE] A system thread is not visible.
Hidden thread
[NOTE] A system thread is not visible.
Hidden thread
[NOTE] A system thread is not visible.
Hidden thread
[NOTE] A system thread is not visible.
The scan of running processes will be started
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '67' Module(s) have been scanned
Scan process 'avcenter.exe' - '106' Module(s) have been scanned
Scan process 'opera_plugin_wrapper.exe' - '44' Module(s) have been scanned
Scan process 'opera.exe' - '81' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '61' Module(s) have been scanned
Scan process 'Dot1XCfg.exe' - '78' Module(s) have been scanned
Scan process 'SvcGuiHlpr.exe' - '59' Module(s) have been scanned
Scan process 'iPodService.exe' - '29' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '50' Module(s) have been scanned
Scan process 'SUService.exe' - '44' Module(s) have been scanned
Scan process 'AcSvc.exe' - '104' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '38' Module(s) have been scanned
Scan process 'msisear.exe' - '91' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '15' Module(s) have been scanned
Scan process 'tvtsched.exe' - '35' Module(s) have been scanned
Scan process 'rrservice.exe' - '48' Module(s) have been scanned
Scan process 'rrpservice.exe' - '24' Module(s) have been scanned
Scan process 'TPHDEXLG.exe' - '15' Module(s) have been scanned
Scan process 'tvt_reg_monitor_svc.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'LogMeIn.exe' - '84' Module(s) have been scanned
Scan process 'RaMaint.exe' - '45' Module(s) have been scanned
Scan process 'DkIcon.exe' - '20' Module(s) have been scanned
Scan process 'LMIGuardianSvc.exe' - '31' Module(s) have been scanned
Scan process 'jqs.exe' - '35' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '16' Module(s) have been scanned
Scan process 'inetinfo.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'EvtEng.exe' - '72' Module(s) have been scanned
Scan process 'DkService.exe' - '44' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '34' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '47' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'AcPrfMgrSvc.exe' - '49' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '103' Module(s) have been scanned
Scan process 'TpScrex.exe' - '18' Module(s) have been scanned
Scan process 'Apntex.exe' - '21' Module(s) have been scanned
Scan process 'LenovoCameraCenter.exe' - '45' Module(s) have been scanned
Scan process 'TPONSCR.exe' - '17' Module(s) have been scanned
Scan process 'BTTray.exe' - '46' Module(s) have been scanned
Scan process 'ApMsgFwd.exe' - '16' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'avgnt.exe' - '60' Module(s) have been scanned
Scan process 'Updater.exe' - '32' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '22' Module(s) have been scanned
Scan process 'msseces.exe' - '42' Module(s) have been scanned
Scan process 'rundll32.exe' - '37' Module(s) have been scanned
Scan process 'LogMeInSystray.exe' - '48' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '68' Module(s) have been scanned
Scan process 'ACWLIcon.exe' - '30' Module(s) have been scanned
Scan process 'Amsg.exe' - '36' Module(s) have been scanned
Scan process 'LPMLCHK.exe' - '35' Module(s) have been scanned
Scan process 'LPMGR.exe' - '40' Module(s) have been scanned
Scan process 'scheduler_proxy.exe' - '31' Module(s) have been scanned
Scan process 'igfxpers.exe' - '25' Module(s) have been scanned
Scan process 'hkcmd.exe' - '25' Module(s) have been scanned
Scan process 'igfxtray.exe' - '26' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '32' Module(s) have been scanned
Scan process 'Apoint.exe' - '27' Module(s) have been scanned
Scan process 'EzEjMnAp.Exe' - '24' Module(s) have been scanned
Scan process 'TpShocks.exe' - '18' Module(s) have been scanned
Scan process 'TPOSDSVC.exe' - '32' Module(s) have been scanned
Scan process 'TPFNF7SP.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '60' Module(s) have been scanned
Scan process 'Explorer.EXE' - '134' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '39' Module(s) have been scanned
Scan process 'spoolsv.exe' - '72' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '67' Module(s) have been scanned
Scan process 'btwdins.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '165' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '45' Module(s) have been scanned
Scan process 'ibmpmsvc.exe' - '11' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'lsass.exe' - '87' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '98' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting to scan executable files (registry).
The registry was scanned ( '2010' files ).
Part III of report:
Starting the file scan:
Begin scan in 'C:\'
C:\Documents and Settings\m\My Documents\Downloads\avira_free_antivirus_en.exe
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z333ZAA1013US00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511AR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511BR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511CZ00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511DK00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511FI00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511FR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511GK00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511GR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511HB00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511HK00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511HU00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511IT00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511JP00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511KR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511NL00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511NO00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511PL00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511PO00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511RU00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511SC00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511SP00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511SV00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511TC00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511TR00.TVT
[WARNING] The file is password protected
C:\SWTOOLS\APPS\rnr\Z501ZAB1511US00.TVT
[WARNING] The file is password protected
End of the scan: Friday, September 21, 2012 22:34
Used time: 38:52 Minute(s)
The scan has been done completely.
9990 Scanned directories
469283 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
469283 Files not concerned
9603 Archives were scanned
27 Warnings
10 Notes
385674 Objects were scanned with rootkit scan
10 Hidden objects were found
Thank you very much in advance!
Hi,
- Please download RogueKiller and save to the desktop.
- Close all windows and browsers
- Right-click the program and select 'Run as Administrator'
- Press the scan button.
- A report opens on the desktop named - RKreport.txt
- Please post it in your next reply.
Regards,
Georgi
Saturday, May 25th 2013, 12:02pm
