here is my avira log
Avira AntiVir Personal
Report file date: Sunday, August 23, 2009 11:05
Scanning for 1651917 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 1) [6.0.6001]
Boot mode : Normally booted
Username : SYSTEM
Computer name : JOHN-PC
Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 21:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 18:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 18:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 20:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 17:21:42
ANTIVIR2.VDF : 7.1.5.146 3087360 Bytes 8/21/2009 00:36:58
ANTIVIR3.VDF : 7.1.5.149 9728 Bytes 8/21/2009 00:36:59
Engineversion : 8.2.1.3
AEVDF.DLL : 8.1.1.1 106868 Bytes 7/28/2009 21:31:50
AESCRIPT.DLL : 8.1.2.25 459130 Bytes 8/23/2009 00:37:12
AESCN.DLL : 8.1.2.4 127348 Bytes 7/23/2009 17:59:39
AERDL.DLL : 8.1.2.4 430452 Bytes 7/23/2009 17:59:39
AEPACK.DLL : 8.1.3.18 401783 Bytes 7/28/2009 21:31:50
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 17:59:39
AEHEUR.DLL : 8.1.0.155 1921400 Bytes 8/23/2009 00:37:10
AEHELP.DLL : 8.1.6.0 233846 Bytes 8/23/2009 00:37:03
AEGEN.DLL : 8.1.1.57 356725 Bytes 8/23/2009 00:37:01
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 22:32:40
AECORE.DLL : 8.1.7.6 184694 Bytes 7/23/2009 17:59:39
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 22:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 18:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 22:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 18:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 18:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 23:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 18:19:48
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, M:, O:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +JOKE,
Start of the scan: Sunday, August 23, 2009 11:05
Starting search for hidden objects.
'222294' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'speedfan.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process '3DMark03.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sdclt.exe' - '1' Module(s) have been scanned
Scan process 'mcupdate.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'mcuimgr.exe' - '1' Module(s) have been scanned
Scan process 'McNASvc.exe' - '1' Module(s) have been scanned
Scan process 'mcsysmon.exe' - '1' Module(s) have been scanned
Scan process 'RtkBtMnt.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'winThrottle.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'igfxext.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'vivaty.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'MC.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'ApMsgFwd.exe' - '1' Module(s) have been scanned
Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'BkupTray.exe' - '1' Module(s) have been scanned
Scan process 'LManager.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'mcagent.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'mcmscsvc.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'XAudio.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '1' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '1' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'BackupSvc.exe' - '1' Module(s) have been scanned
Scan process 'SMSvcHost.exe' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'msksrver.exe' - '1' Module(s) have been scanned
Scan process 'MpfSrv.exe' - '1' Module(s) have been scanned
Scan process 'MobilityService.exe' - '1' Module(s) have been scanned
Scan process 'Mcshield.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'McProxy.exe' - '1' Module(s) have been scanned
Scan process 'McSACore.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned
Scan process 'ETService.exe' - '1' Module(s) have been scanned
Scan process 'Agentsvc.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'BcmSqlStartupSvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
98 processes with 98 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!
Boot sector 'O:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '95' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\blackcat\TEST\DDTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\blackcat\TEST\SDLTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\cygnew\bin\camlp4.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\camlp4o.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\camlp4o.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\camlp4r.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\camlp4r.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\lyx.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\lyxclient.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocaml.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlbrowser.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlc.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlc.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlcp.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamldebug.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamldep.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamldep.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamldoc.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamldoc.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamllex.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamllex.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlopt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlopt.opt.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlprof.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlrun.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocamlyacc.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\ocpp.exe
[WARNING] The file could not be opened!
C:\cygnew\bin\tex2lyx.exe
[WARNING] The file could not be opened!
C:\cygnew\lib\ocaml\camlheader
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\cygnew\lib\ocaml\camlheader_ur
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\cygnew\lib\ocaml\expunge.exe
[WARNING] The file could not be opened!
C:\MinGW\bin\mklinkstub.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Program Files\Cain\Abel.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
C:\Program Files\Silicon Pixels\CPIX\CPIX16.EXE
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\tc\TCC\NONP.EXE
[DETECTION] Contains recognition pattern of the DOS/Candy DOS virus
C:\tc\TCC\PARSE.EXE
[DETECTION] Contains recognition pattern of the DOS/Candy DOS virus
C:\windows\system32\eula.txt
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\windows\system32\_joker123.bin
[DETECTION] Contains recognition pattern of the DOS/Candy DOS virus
Begin scan in 'D:\' <DATA>
D:\pagefile.sys
[WARNING] The file could not be opened!
D:\snf.exe
[DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan
D:\Bouncey ball\snf.exe
[DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan
D:\Bouncey ball\snf2.exe
[DETECTION] Is the TR/Dldr.Small.ewd.2 Trojan
D:\devkitadv\bin\mklinkstub.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\dosex\TEST\DDTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\dosex\TEST\SDLTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\doxex\TEST\DDTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\gbadev\devkitadv\bin\mklinkstub.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\hx\TEST\DDTEST.EXE
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\reactos\ReactOS-0.3.9\output-i386\base\applications\network\dwnl\dwnl.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
D:\reactos\ReactOS-0.3.9\output-i386\livecd\reactos\system32\dwnl.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
Begin scan in 'M:\' <PQSERVICE>
M:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'O:\'