You are not logged in.

Thursday, July 24th 2014, 8:24am

Dear visitor, welcome to Avira Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

  • "mogadoro" started this thread

Date of registration:
Sep 22nd 2012

Version:
Avira Free Antivirus

Operating System:
windows xp

  • Send private message

1

Saturday, September 22nd 2012, 4:40am

Help for removal of TR/ZAccess.h please!

Kindly help with the removal of TR/ZAccess.h. It was detected and quarantined earlier today and I did not keep the report at that time.



Now the scanner does not find it anymore, and maybe I should wait until it pops up again?



In any case here is the report after a complete system scan:



Avira Free Antivirus

Report file date: Friday, September 21, 2012 21:55



Scanning for 4250358 virus strains and unwanted programs.



The program is running as an unrestricted full version.

Online services are available.



Licensee : Avira AntiVir Personal - Free Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Microsoft Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : m

Computer name : O



Version information:

BUILD.DAT : 12.0.0.1125 41829 Bytes 5/2/2012 17:40:00

AVSCAN.EXE : 12.3.0.15 466896 Bytes 5/2/2012 04:48:51

AVSCAN.DLL : 12.3.0.15 54736 Bytes 5/2/2012 19:31:39

LUKE.DLL : 12.3.0.15 68304 Bytes 5/2/2012 05:31:47

AVSCPLR.DLL : 12.3.0.14 97032 Bytes 5/2/2012 04:13:36

AVREG.DLL : 12.3.0.17 232200 Bytes 9/21/2012 17:08:54

VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 00:18:34

VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 05:23:21

VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 05:32:24

VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 15:58:50

VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 16:43:53

VBASE005.VDF : 7.11.34.116 4034048 Bytes 6/29/2012 17:08:26

VBASE006.VDF : 7.11.41.250 4902400 Bytes 9/6/2012 17:08:35

VBASE007.VDF : 7.11.41.251 2048 Bytes 9/6/2012 17:08:35

VBASE008.VDF : 7.11.41.252 2048 Bytes 9/6/2012 17:08:35

VBASE009.VDF : 7.11.41.253 2048 Bytes 9/6/2012 17:08:36

VBASE010.VDF : 7.11.41.254 2048 Bytes 9/6/2012 17:08:36

VBASE011.VDF : 7.11.41.255 2048 Bytes 9/6/2012 17:08:36

VBASE012.VDF : 7.11.42.0 2048 Bytes 9/6/2012 17:08:36

VBASE013.VDF : 7.11.42.1 2048 Bytes 9/6/2012 17:08:37

VBASE014.VDF : 7.11.42.65 203264 Bytes 9/9/2012 17:08:37

VBASE015.VDF : 7.11.42.125 156672 Bytes 9/11/2012 17:08:38

VBASE016.VDF : 7.11.42.171 187904 Bytes 9/12/2012 17:08:38

VBASE017.VDF : 7.11.42.235 141312 Bytes 9/13/2012 17:08:39

VBASE018.VDF : 7.11.43.35 133632 Bytes 9/15/2012 17:08:39

VBASE019.VDF : 7.11.43.89 129024 Bytes 9/18/2012 17:08:39

VBASE020.VDF : 7.11.43.141 130560 Bytes 9/19/2012 17:08:40

VBASE021.VDF : 7.11.43.187 121856 Bytes 9/21/2012 17:08:40

VBASE022.VDF : 7.11.43.188 2048 Bytes 9/21/2012 17:08:40

VBASE023.VDF : 7.11.43.189 2048 Bytes 9/21/2012 17:08:41

VBASE024.VDF : 7.11.43.190 2048 Bytes 9/21/2012 17:08:41

VBASE025.VDF : 7.11.43.191 2048 Bytes 9/21/2012 17:08:41

VBASE026.VDF : 7.11.43.192 2048 Bytes 9/21/2012 17:08:41

VBASE027.VDF : 7.11.43.193 2048 Bytes 9/21/2012 17:08:41

VBASE028.VDF : 7.11.43.194 2048 Bytes 9/21/2012 17:08:42

VBASE029.VDF : 7.11.43.195 2048 Bytes 9/21/2012 17:08:42

VBASE030.VDF : 7.11.43.196 2048 Bytes 9/21/2012 17:08:42

VBASE031.VDF : 7.11.43.212 73728 Bytes 9/21/2012 17:08:42

Engine version : 8.2.10.164

AEVDF.DLL : 8.1.2.10 102772 Bytes 9/21/2012 17:08:52

AESCRIPT.DLL : 8.1.4.54 459131 Bytes 9/21/2012 17:08:52

AESCN.DLL : 8.1.8.2 131444 Bytes 2/16/2012 22:11:36

AESBX.DLL : 8.2.5.12 606578 Bytes 9/21/2012 17:08:53

AERDL.DLL : 8.1.9.15 639348 Bytes 1/21/2012 05:22:40

AEPACK.DLL : 8.3.0.36 811382 Bytes 9/21/2012 17:08:51

AEOFFICE.DLL : 8.1.2.42 201083 Bytes 9/21/2012 17:08:50

AEHEUR.DLL : 8.1.4.100 5280120 Bytes 9/21/2012 17:08:50

AEHELP.DLL : 8.1.23.2 258422 Bytes 9/21/2012 17:08:46

AEGEN.DLL : 8.1.5.36 434549 Bytes 9/21/2012 17:08:45

AEEXP.DLL : 8.1.0.86 90484 Bytes 9/21/2012 17:08:53

AEEMU.DLL : 8.1.3.2 393587 Bytes 9/21/2012 17:08:44

AECORE.DLL : 8.1.27.4 201078 Bytes 9/21/2012 17:08:44

AEBB.DLL : 8.1.1.0 53618 Bytes 1/21/2012 05:22:35

AVWINLL.DLL : 12.3.0.15 27344 Bytes 5/2/2012 04:59:21

AVPREF.DLL : 12.3.0.15 51920 Bytes 5/2/2012 04:44:31

AVREP.DLL : 12.3.0.15 179208 Bytes 5/2/2012 04:13:35

AVARKT.DLL : 12.3.0.15 211408 Bytes 5/2/2012 04:21:32

AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 5/2/2012 04:28:49

SQLITE3.DLL : 3.7.0.1 398288 Bytes 4/17/2012 03:11:02

AVSMTP.DLL : 12.3.0.15 63440 Bytes 5/2/2012 04:51:35

NETNT.DLL : 12.3.0.15 17104 Bytes 5/2/2012 05:33:29

RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 5/2/2012 06:03:52

RCTEXT.DLL : 12.3.0.15 96720 Bytes 5/2/2012 19:40:44

  • "mogadoro" started this thread

Date of registration:
Sep 22nd 2012

Version:
Avira Free Antivirus

Operating System:
windows xp

  • Send private message

2

Saturday, September 22nd 2012, 4:41am

Part II of report:



Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: default

Primary action......................: Interactive

Secondary action....................: Ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Extended process scan...............: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: extended



Start of the scan: Friday, September 21, 2012 21:55



Starting master boot sector scan:

Master boot sector HD0

[INFO] No virus was found!



Start scanning boot sectors:

Boot sector 'C:\'

[INFO] No virus was found!



Starting search for hidden objects.

HKEY_LOCAL_MACHINE\Software\Avira\AntiVir Desktop\LastMalware

[NOTE] The registry entry is invisible.

HKEY_LOCAL_MACHINE\Software\Classes\.wid\bin

[NOTE] The registry entry is invisible.

HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\MostRecentApplication\Name

[NOTE] The registry entry is invisible.

C:\Documents and Settings\NetworkService\Cookies

C:\Documents and Settings\NetworkService\Cookies

[NOTE] The registry entry is invisible.

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files

[NOTE] The registry entry is invisible.

C:\Documents and Settings\NetworkService\Local Settings\History

C:\Documents and Settings\NetworkService\Local Settings\History

[NOTE] The registry entry is invisible.

Hidden thread

[NOTE] A system thread is not visible.

Hidden thread

[NOTE] A system thread is not visible.

Hidden thread

[NOTE] A system thread is not visible.

Hidden thread

[NOTE] A system thread is not visible.



The scan of running processes will be started

Scan process 'rsmsink.exe' - '29' Module(s) have been scanned

Scan process 'dllhost.exe' - '45' Module(s) have been scanned

Scan process 'vssvc.exe' - '48' Module(s) have been scanned

Scan process 'avscan.exe' - '67' Module(s) have been scanned

Scan process 'avcenter.exe' - '106' Module(s) have been scanned

Scan process 'opera_plugin_wrapper.exe' - '44' Module(s) have been scanned

Scan process 'opera.exe' - '81' Module(s) have been scanned

Scan process 'wuauclt.exe' - '34' Module(s) have been scanned

Scan process 'msdtc.exe' - '40' Module(s) have been scanned

Scan process 'dllhost.exe' - '61' Module(s) have been scanned

Scan process 'Dot1XCfg.exe' - '78' Module(s) have been scanned

Scan process 'SvcGuiHlpr.exe' - '59' Module(s) have been scanned

Scan process 'iPodService.exe' - '29' Module(s) have been scanned

Scan process 'wmiprvse.exe' - '50' Module(s) have been scanned

Scan process 'SUService.exe' - '44' Module(s) have been scanned

Scan process 'AcSvc.exe' - '104' Module(s) have been scanned

Scan process 'AVWEBGRD.EXE' - '38' Module(s) have been scanned

Scan process 'msisear.exe' - '91' Module(s) have been scanned

Scan process 'wdfmgr.exe' - '15' Module(s) have been scanned

Scan process 'tvtsched.exe' - '35' Module(s) have been scanned

Scan process 'rrservice.exe' - '48' Module(s) have been scanned

Scan process 'rrpservice.exe' - '24' Module(s) have been scanned

Scan process 'TPHDEXLG.exe' - '15' Module(s) have been scanned

Scan process 'tvt_reg_monitor_svc.exe' - '20' Module(s) have been scanned

Scan process 'svchost.exe' - '42' Module(s) have been scanned

Scan process 'avshadow.exe' - '25' Module(s) have been scanned

Scan process 'RegSrvc.exe' - '23' Module(s) have been scanned

Scan process 'svchost.exe' - '30' Module(s) have been scanned

Scan process 'svchost.exe' - '30' Module(s) have been scanned

Scan process 'LogMeIn.exe' - '84' Module(s) have been scanned

Scan process 'RaMaint.exe' - '45' Module(s) have been scanned

Scan process 'DkIcon.exe' - '20' Module(s) have been scanned

Scan process 'LMIGuardianSvc.exe' - '31' Module(s) have been scanned

Scan process 'jqs.exe' - '35' Module(s) have been scanned

Scan process 'iviRegMgr.exe' - '16' Module(s) have been scanned

Scan process 'inetinfo.exe' - '79' Module(s) have been scanned

Scan process 'svchost.exe' - '78' Module(s) have been scanned

Scan process 'EvtEng.exe' - '72' Module(s) have been scanned

Scan process 'DkService.exe' - '44' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '34' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '47' Module(s) have been scanned

Scan process 'avguard.exe' - '62' Module(s) have been scanned

Scan process 'AcPrfMgrSvc.exe' - '49' Module(s) have been scanned

Scan process 'IEXPLORE.EXE' - '103' Module(s) have been scanned

Scan process 'TpScrex.exe' - '18' Module(s) have been scanned

Scan process 'Apntex.exe' - '21' Module(s) have been scanned

Scan process 'LenovoCameraCenter.exe' - '45' Module(s) have been scanned

Scan process 'TPONSCR.exe' - '17' Module(s) have been scanned

Scan process 'BTTray.exe' - '46' Module(s) have been scanned

Scan process 'ApMsgFwd.exe' - '16' Module(s) have been scanned

Scan process 'ctfmon.exe' - '25' Module(s) have been scanned

Scan process 'avgnt.exe' - '60' Module(s) have been scanned

Scan process 'Updater.exe' - '32' Module(s) have been scanned

Scan process 'igfxsrvc.exe' - '22' Module(s) have been scanned

Scan process 'msseces.exe' - '42' Module(s) have been scanned

Scan process 'rundll32.exe' - '37' Module(s) have been scanned

Scan process 'LogMeInSystray.exe' - '48' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '68' Module(s) have been scanned

Scan process 'ACWLIcon.exe' - '30' Module(s) have been scanned

Scan process 'Amsg.exe' - '36' Module(s) have been scanned

Scan process 'LPMLCHK.exe' - '35' Module(s) have been scanned

Scan process 'LPMGR.exe' - '40' Module(s) have been scanned

Scan process 'scheduler_proxy.exe' - '31' Module(s) have been scanned

Scan process 'igfxpers.exe' - '25' Module(s) have been scanned

Scan process 'hkcmd.exe' - '25' Module(s) have been scanned

Scan process 'igfxtray.exe' - '26' Module(s) have been scanned

Scan process 'smax4pnp.exe' - '32' Module(s) have been scanned

Scan process 'Apoint.exe' - '27' Module(s) have been scanned

Scan process 'EzEjMnAp.Exe' - '24' Module(s) have been scanned

Scan process 'TpShocks.exe' - '18' Module(s) have been scanned

Scan process 'TPOSDSVC.exe' - '32' Module(s) have been scanned

Scan process 'TPFNF7SP.exe' - '34' Module(s) have been scanned

Scan process 'rundll32.exe' - '60' Module(s) have been scanned

Scan process 'Explorer.EXE' - '134' Module(s) have been scanned

Scan process 'svchost.exe' - '34' Module(s) have been scanned

Scan process 'sched.exe' - '39' Module(s) have been scanned

Scan process 'spoolsv.exe' - '72' Module(s) have been scanned

Scan process 'svchost.exe' - '32' Module(s) have been scanned

Scan process 'svchost.exe' - '42' Module(s) have been scanned

Scan process 'S24EvMon.exe' - '67' Module(s) have been scanned

Scan process 'btwdins.exe' - '21' Module(s) have been scanned

Scan process 'svchost.exe' - '165' Module(s) have been scanned

Scan process 'MsMpEng.exe' - '45' Module(s) have been scanned

Scan process 'ibmpmsvc.exe' - '11' Module(s) have been scanned

Scan process 'svchost.exe' - '40' Module(s) have been scanned

Scan process 'svchost.exe' - '53' Module(s) have been scanned

Scan process 'lsass.exe' - '87' Module(s) have been scanned

Scan process 'services.exe' - '27' Module(s) have been scanned

Scan process 'winlogon.exe' - '98' Module(s) have been scanned

Scan process 'csrss.exe' - '14' Module(s) have been scanned

Scan process 'smss.exe' - '2' Module(s) have been scanned



Starting to scan executable files (registry).

The registry was scanned ( '2010' files ).

  • "mogadoro" started this thread

Date of registration:
Sep 22nd 2012

Version:
Avira Free Antivirus

Operating System:
windows xp

  • Send private message

3

Saturday, September 22nd 2012, 4:42am

Part III of report:



Starting the file scan:



Begin scan in 'C:\'

C:\Documents and Settings\m\My Documents\Downloads\avira_free_antivirus_en.exe

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z333ZAA1013US00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511AR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511BR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511CZ00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511DK00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511FI00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511FR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511GK00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511GR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511HB00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511HK00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511HU00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511IT00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511JP00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511KR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511NL00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511NO00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511PL00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511PO00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511RU00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511SC00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511SP00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511SV00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511TC00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511TR00.TVT

[WARNING] The file is password protected

C:\SWTOOLS\APPS\rnr\Z501ZAB1511US00.TVT

[WARNING] The file is password protected





End of the scan: Friday, September 21, 2012 22:34

Used time: 38:52 Minute(s)



The scan has been done completely.



9990 Scanned directories

469283 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 Files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

469283 Files not concerned

9603 Archives were scanned

27 Warnings

10 Notes

385674 Objects were scanned with rootkit scan

10 Hidden objects were found







Thank you very much in advance!

FFreestyleRR

Community member

Date of registration:
Apr 16th 2008

Version:
Avira Free Antivirus

Operating System:
Windows 7 Ultimate SP1 x64

  • Send private message

4

Saturday, September 22nd 2012, 10:38am

Hi,


  • Please download RogueKiller and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please post it in your next reply.



Regards,
Georgi