You are not logged in.

Tuesday, July 22nd 2014, 7:26pm

Dear visitor, welcome to Avira Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

1

Tuesday, February 23rd 2010, 4:49am

c:\Program Files\avira\AntiVir Desktop\cclib.dll not found check your installation error!!

c:\Program Files\avira\AntiVir Desktop\cclib.dll not found check your installation error!!

it is shown in a pop up error message automatic update / and manual update
this is the third time i had to repair the installation in this week[last 4 days]
this is new installation of xp -pro SP3 fully updated 845 motherboard desktop.
512 mb p4 2.5Ghz cpu.

how it happens so often? good that i keep the installer file in mydocuments and needs to run it for frequent repairs.
any advice for me? :(

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

2

Tuesday, February 23rd 2010, 8:12am

Hi ramaswamyps,

Try to make a new clean reinstal of Avira - click me

Do you use any other antivirus solution along with Avira? If yes, unistal it.
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

3

Tuesday, February 23rd 2010, 10:57am

i do not use any other antivirus programs.
except for this minor error report during update start up it works fine.
guard is on and updated today after the initial repair of the installation..
next time it says so i will uninstall avira and install with new downloaded files. :)
thanks for the reply Farger
i see the regcleaner finds all avira keys in the registry.
for complete uninstall it is necessary to remove the keys in the registry.
i will do that.
somehow it looks for \localsettings folder in another partition where the installer was residing during the first time install.
then i moved the installer to \my douments
may be the registry still says the localsettings in the old partition.
will do a reinstall on next error notice.

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

4

Tuesday, February 23rd 2010, 2:19pm

Hi ramaswamyps,

You are welcome :) Please monitor the situation ;)
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

5

Wednesday, February 24th 2010, 4:11am

today's update went on fine.
no error message.
it reported avira is uptodate and active.
lets see if it reports error again. :)

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

6

Wednesday, February 24th 2010, 7:58am

Hi ramaswamyps,

Glad to hear :)
Scotty is currently on patrol


Date of registration:
Jan 5th 2009

Operating System:
XP

  • Send private message

7

Wednesday, February 24th 2010, 8:53am

I think this issue is solved now.
Thanks for choosing Avira
Alexandru Manea
Avira Operations GmbH & Co. KG

  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

8

Tuesday, March 9th 2010, 4:18am

the errors have started again yesterday onwards.
reinstalled yeterday only.
this morning again it is nagging at me :(

http://omploader.org/vM3MyNg/avira%20error.jpg
this screen shot shows the error. i dont see what caused this failure.
i did not do any new program install
where i can check what is causing this problem. the error is soe dll or exe missing or corrupted.

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

9

Tuesday, March 9th 2010, 7:41am

Hi ramaswamyps,

Please post here the HJT log. Instruction is here
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

10

Tuesday, March 9th 2010, 9:51am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:14:43 PM, on 3/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Uwigya.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\SlickRun\sr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Maxthon\Maxthon.exe
F:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BandwidthMeterPro] C:\Program Files\BandwidthMeterPro\BWMeterPro.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [SlickRun] "C:\Program Files\SlickRun\sr.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\RAMASW~1\LOCALS~1\Temp\Ufl.exe
O4 - HKCU\..\Run: [WEK9EMDHI9] C:\WINDOWS\Uwigya.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--
End of file - 4205 bytes

i use glaryutils for reg temp files.
that has not caused this problem.

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

11

Tuesday, March 9th 2010, 9:59am

Hi ramaswamyps,

Do you recognize these?

C:\WINDOWS\Uwigya.exe


O4 - HKCU\..\Run: [WEK9EMDHI9] C:\WINDOWS\Uwigya.exe


O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\RAMASW~1\LOCALS~1\Temp\Ufl.exe
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

12

Tuesday, March 9th 2010, 10:27am

i dont know what it is
that is why not deleted yet.
how can it get in \windows folder?
avira did not report any virus or unwanted application.

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

13

Tuesday, March 9th 2010, 10:31am

Hi,

Windows folder can be hidden.

Quoted

To enable the viewing of Hidden files follow these steps:
- Close all programs so that you are at your desktop.
- Double-click on the My Computer icon.
- Select the Tools menu and click Folder Options.
- After the new window appears select the View tab.
- Put a checkmark in the checkbox labeled Display the contents of system folders.
- Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
- Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
- Remove the checkmark from the checkbox labeled Hide protected operating system files.
- Press the Apply button and then the OK button and shutdown My Computer.
- Now your computer is configured to show all hidden files.


Navigate to that files which I pointed out and upload them to virustotaland post back the result.
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

14

Tuesday, March 9th 2010, 11:01am

File Uwigya.exe received on 2010.03.09 09:52:32 (UTC)
Current status: finished

Result: 9/42 (21.43%)
Compact Print results
Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.03.09 -
AhnLab-V3 5.0.0.2 2010.03.08 -
AntiVir 8.2.1.180 2010.03.09 -
Antiy-AVL 2.0.3.7 2010.03.09 -
Authentium 5.2.0.5 2010.03.09 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.08 FakeAV.ZQ
BitDefender 7.2 2010.03.09 -
CAT-QuickHeal 10.00 2010.03.09 Win32.Packed.Krap.as.4
ClamAV 0.96.0.0-git 2010.03.09 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.09 Trojan.DownLoad1.16994
eSafe 7.0.17.0 2010.03.08 -
eTrust-Vet 35.2.7348 2010.03.09 -
F-Prot 4.5.1.85 2010.03.09 -
F-Secure 9.0.15370.0 2010.03.09 -
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.09 Win32:Trojan-gen
Ikarus T3.1.1.80.0 2010.03.09 -
Jiangmin 13.0.900 2010.03.09 -
K7AntiVirus 7.10.992 2010.03.08 -
Kaspersky 7.0.0.125 2010.03.09 Trojan.Win32.FraudPack.aoeo
McAfee 5914 2010.03.08 -
McAfee+Artemis 5914 2010.03.08 -
McAfee-GW-Edition 6.8.5 2010.03.09 -
Microsoft 1.5502 2010.03.09 -
NOD32 4928 2010.03.09 Win32/TrojanDownloader.FakeAlert.AVA
Norman 6.04.08 2010.03.08 -
nProtect 2009.1.8.0 2010.03.09 -
Panda 10.0.2.2 2010.03.08 -
PCTools 7.0.3.5 2010.03.09 -
Prevx 3.0 2010.03.09 High Risk Cloaked Malware
Rising 22.38.01.04 2010.03.09 -
Sophos 4.51.0 2010.03.09 -
Sunbelt 5797 2010.03.09 -
Symantec 20091.2.0.41 2010.03.09 Suspicious.Insight
TheHacker 6.5.2.0.226 2010.03.09 Trojan/Downloader.FakeAlert.ava
TrendMicro 9.120.0.1004 2010.03.09 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.9.2218 2010.03.09 -
VirusBuster 5.0.27.0 2010.03.08 -
Additional information
File size: 158208 bytes
MD5 : ce7c083a14bd40398ebee36df3bb9e28
SHA1 : c548cf0b7ba90751cc58c26c96adb986a1ecd0e7
SHA256: 1a83e7b10cdb7001464240816e7d3d08b248c4f7c78f100d6f05997677a4c67e
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x244D
timedatestamp.....: 0x498A14AC (Wed Feb 4 23:20:28 2009)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
BSS 0x1000 0x2D1A 0x2E00 5.46 345cdef389a8a052caa3f8c33a6ed515
.data 0x4000 0x3C511 0x22600 6.44 6732ab4a0f8af05dc45cb3031aee1d60
.tls 0x41000 0xA03 0xC00 2.53 00cdf81c9e789921e2709fe044166a42
DATA 0x42000 0x591 0x600 0.02 076b78ceba2fc46b179724c5d0a49311

( 6 imports )

> advapi32.dll: RegEnumKeyExA, RegDeleteKeyA, RegOpenKeyA
> gdi32.dll: GetDIBits
> kernel32.dll: GetCurrentThreadId, GetFileAttributesA, MoveFileExA, LocalAlloc, GetCurrentProcessId, GetDateFormatA, GetCommandLineA, ExitProcess, lstrcatA, FindClose, DeleteCriticalSection, VirtualAllocEx, EnterCriticalSection, LoadLibraryA, HeapFree, Sleep, GetUserDefaultLCID
> msvcrt.dll: mbstowcs, wcschr, calloc, time, _acmdln, malloc, clock, atol, wcscspn, wcstol, sqrt, memmove, tolower, rand
> shlwapi.dll: PathFileExistsA, SHEnumValueA, PathIsContentTypeA
> version.dll: VerInstallFileA, GetFileVersionInfoSizeA

( 0 exports )

TrID : File type identification
Win32 Executable Generic (38.5%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
ssdeep: 3072:iPMC3AbIQFbPPBtocYmZiR6fqHF9lNChACtuGGWL4MMOwX:hCsIiB+5gA6fqOAC2WLtM1
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=424414EA00A8C7656A4002FE633E13001484BF8D
PEiD : -
RDS : NSRL Reference Data Set
-
==========================================
what do i understand from the result?
reinstall xp?

This post has been edited 1 times, last edit by "ramaswamyps" (Mar 9th 2010, 11:05am)


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

15

Tuesday, March 9th 2010, 11:24am

File UFL.EXE-3373A9BF.pf received on 2010.03.09 10:16:43 (UTC)
Current status: finished

Result: 0/42 (0.00%)
Compact Print results
Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.03.07 -
AhnLab-V3 5.0.0.2 2010.03.07 -
AntiVir 8.2.1.180 2010.03.05 -
Antiy-AVL 2.0.3.7 2010.03.05 -
Authentium 5.2.0.5 2010.03.06 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.07 -
BitDefender 7.2 2010.03.07 -
CAT-QuickHeal 10.00 2010.03.06 -
ClamAV 0.96.0.0-git 2010.03.06 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.07 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7342 2010.03.05 -
F-Prot 4.5.1.85 2010.03.06 -
F-Secure 9.0.15370.0 2010.03.07 -
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.07 -
Ikarus T3.1.1.80.0 2010.03.07 -
Jiangmin 13.0.900 2010.03.07 -
K7AntiVirus 7.10.990 2010.03.04 -
Kaspersky 7.0.0.125 2010.03.07 -
McAfee 5912 2010.03.06 -
McAfee+Artemis 5912 2010.03.06 -
McAfee-GW-Edition 6.8.5 2010.03.07 -
Microsoft 1.5502 2010.03.07 -
NOD32 4922 2010.03.07 -
Norman 6.04.08 2010.03.07 -
nProtect 2009.1.8.0 2010.03.07 -
Panda 10.0.2.2 2010.03.07 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.09 -
Rising 22.37.06.04 2010.03.07 -
Sophos 4.51.0 2010.03.07 -
Sunbelt 5780 2010.03.07 -
Symantec 20091.2.0.41 2010.03.07 -
TheHacker 6.5.1.9.223 2010.03.07 -
TrendMicro 9.120.0.1004 2010.03.07 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.5.2214 2010.03.05 -
VirusBuster 5.0.27.0 2010.03.06 -
Additional information
File size: 21028 bytes
MD5 : e0d762552e0d090e332ebe19e08854b1
SHA1 : 8622db8eab33da2dbad7c0527db11b0c4d81a235
SHA256: 50d53ddd1af07c51434252011be37311e716f94e165a7c211fd08e100448c83c
TrID : File type identification
Microsoft Windows XP Prefetch file (98.9%)
LTAC compressed audio (v1.71) (1.0%)
ssdeep: 384:4qBWYSkzMGCMdKzfnbETW4HfKXs+cDe+s:4SWYSk4G1Kzf0/Hd+cDeT
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

PEiD : -
RDS : NSRL Reference Data Set
-

This post has been edited 1 times, last edit by "ramaswamyps" (Mar 9th 2010, 11:31am)


Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

16

Tuesday, March 9th 2010, 11:44am

Hi ramaswamyps,

1. Please send file Uwigya.exe to Avira lab using this link. In File type choose Suspicious File.

2. Follow these instructions and post back the MBAM log.
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

17

Tuesday, March 9th 2010, 6:35pm

Malwarebytes' Anti-Malware 1.44
Database version: 3841
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/9/2010 10:50:36 PM
mbam-log-2010-03-09 (22-50-24).txt

Scan type: Quick Scan
Objects scanned: 110469
Time elapsed: 4 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\toy5knq8oc (Trojan.FakeAlert) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\ramaswamy\Application Data\wp.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\ramaswamy\Local Settings\Temp\hi.bat (Malware.Trace) -> No action taken.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
=========================================================================================
the Uwigya.exe i have sent to avira lab and recieved aknowledgement email.

what action to be taken for the one infection it reported? the mbam is not freeware it asks m eot buy it. how to go about repair of these trojans

except C: all other partitions are only data storage and linux systems.
is it necessary to scan the data partitions?

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

18

Tuesday, March 9th 2010, 9:21pm

Hi ramaswamyps,

the Uwigya.exe i have sent to avira lab and recieved aknowledgement email.


Post here the File ID.

the mbam is not freeware it asks m eot buy it.


8o No way. I gave you the link to the free version of MBAM. There is full version, but it is not presented in those instructions in Tips & Tricks section of this forum.

Regarding those detections: run MBAM again and delete all infected files, registry values, keys etc.
Scotty is currently on patrol


  • "ramaswamyps" started this thread

Date of registration:
Feb 23rd 2010

  • Send private message

19

Wednesday, March 10th 2010, 4:13am

http://analysis.avira.com/samples/details.php?uniqueid=trRff7zn2rLjTc2GCXOsqAwYfKUGFm5K&incidentid=458413

the email recieved from avira lab has given the above link to check results.
the file id for Uwigya.exe must be incidentid=458413 i think.
now running a full scan with mbam to make sure the ones shown earlier are only ones infected still.

Farger

Moderator

Date of registration:
Jul 10th 2009

Version:
Avira Free Antivirus
Avira Ultimate Protection Suite
Avira Internet Security

Operating System:
Windows XP/ Windows 7

  • Send private message

20

Wednesday, March 10th 2010, 8:16am

Hi,

now running a full scan with mbam to make sure the ones shown earlier are only ones infected still.


Keep us posted.
Scotty is currently on patrol