yeah its awesome everythings fixed. mbams working too.
thanks a ton.
*edit* i just did an avira scan and it found that rootkit virus thing. I saw the word quarantine when they were found so i'm assumming its nothing but just in case heres th log report
Avira AntiVir Personal
Report file date: Monday, 9 March 2009 16:28
Scanning for 1289201 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ANDREW-UX8YV5KH
Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 11/18/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/17/2008 20:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/25/2008 19:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 00:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/25/2008 19:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 23:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 01:02:19
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 3/3/2009 02:52:14
ANTIVIR3.VDF : 7.1.2.137 172032 Bytes 3/8/2009 02:55:14
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 3/1/2009 01:02:44
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 3/6/2009 07:48:10
AESCN.DLL : 8.1.1.8 127346 Bytes 3/6/2009 07:48:08
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 01:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 3/5/2009 03:01:23
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 3/1/2009 01:02:36
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 3/6/2009 07:48:06
AEHELP.DLL : 8.1.2.2 119158 Bytes 3/1/2009 01:02:29
AEGEN.DLL : 8.1.1.25 336243 Bytes 3/6/2009 07:48:01
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/13/2008 22:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 3/1/2009 01:02:26
AEBB.DLL : 8.1.0.3 53618 Bytes 10/13/2008 22:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/8/2008 20:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/15/2008 21:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 7/31/2008 00:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 5/8/2008 23:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/11/2008 20:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 00:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 05:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 00:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 00:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 01:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 01:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: Monday, 9 March 2009 16:28
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'devldr32.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'nTrayFw.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACbgejpxdq.dll.vir
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.65 root kit
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACefavbrpn.dll.vir
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.66 root kit
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACpmuyvtbp.dll.vir
[DETECTION] Is the TR/PCK.Tdss.F.135 Trojan
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACwtnkrobo.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_UACppjwswur_.sys.zip
[0] Archive type: ZIP
--> UACppjwswur.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017031.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017032.dll
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.66 root kit
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017033.dll
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.65 root kit
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017034.dll
[DETECTION] Is the TR/PCK.Tdss.F.135 Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\drivers\dtscsi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd9053.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
End of the scan: Monday, 9 March 2009 16:55
Used time: 27:18 Minute(s)
The scan has been done completely.
4151 Scanning directories
193215 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
9 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
193202 Files not concerned
1159 Archives were scanned
4 Warnings
9 Notes
thanks a ton.
*edit* i just did an avira scan and it found that rootkit virus thing. I saw the word quarantine when they were found so i'm assumming its nothing but just in case heres th log report
Avira AntiVir Personal
Report file date: Monday, 9 March 2009 16:28
Scanning for 1289201 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ANDREW-UX8YV5KH
Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 11/18/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/17/2008 20:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/25/2008 19:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 00:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/25/2008 19:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 23:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 01:02:19
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 3/3/2009 02:52:14
ANTIVIR3.VDF : 7.1.2.137 172032 Bytes 3/8/2009 02:55:14
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 3/1/2009 01:02:44
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 3/6/2009 07:48:10
AESCN.DLL : 8.1.1.8 127346 Bytes 3/6/2009 07:48:08
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 01:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 3/5/2009 03:01:23
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 3/1/2009 01:02:36
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 3/6/2009 07:48:06
AEHELP.DLL : 8.1.2.2 119158 Bytes 3/1/2009 01:02:29
AEGEN.DLL : 8.1.1.25 336243 Bytes 3/6/2009 07:48:01
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/13/2008 22:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 3/1/2009 01:02:26
AEBB.DLL : 8.1.0.3 53618 Bytes 10/13/2008 22:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/8/2008 20:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/15/2008 21:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 7/31/2008 00:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 5/8/2008 23:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/11/2008 20:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 00:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 05:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 00:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 00:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 01:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 01:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: Monday, 9 March 2009 16:28
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'devldr32.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'nTrayFw.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACbgejpxdq.dll.vir
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.65 root kit
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACefavbrpn.dll.vir
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.66 root kit
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACpmuyvtbp.dll.vir
[DETECTION] Is the TR/PCK.Tdss.F.135 Trojan
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACwtnkrobo.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_UACppjwswur_.sys.zip
[0] Archive type: ZIP
--> UACppjwswur.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017031.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017032.dll
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.66 root kit
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017033.dll
[DETECTION] Contains recognition pattern of the RKIT/TDss.eyj.65 root kit
[NOTE] The file was deleted!
C:\System Volume Information\_restore{DFAC1D38-F60A-49EE-A8BD-012BC55B399C}\RP64\A0017034.dll
[DETECTION] Is the TR/PCK.Tdss.F.135 Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\drivers\dtscsi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd9053.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
End of the scan: Monday, 9 March 2009 16:55
Used time: 27:18 Minute(s)
The scan has been done completely.
4151 Scanning directories
193215 Files were scanned
9 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
9 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
193202 Files not concerned
1159 Archives were scanned
4 Warnings
9 Notes