You are not logged in.

Thursday, April 24th 2014, 10:38am

Dear visitor, welcome to Avira Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

  • "Will24" started this thread

Date of registration:
May 14th 2012

Version:
Avira Free Antivirus

Operating System:
Windows 7

  • Send private message

1

Monday, May 14th 2012, 6:39am

TR/Atraps.gen2 in desktop.ini

I have been trying to get rid of TR/Atraps.gen2 with avira to no avail. I've also tried removing it using Malwarebytes but it's still there whenever I do a scan. The detection used to pop up one after the other continuously until I used combofix that stopped it but although the detection stopped it still shows up whenever I run a scan, specifically in the assembly folder. It is showing in desktop.ini and some GAC hidden files in the assembly folder that I dont know how to get access to. I am not techie and I really badly need help to permanently delete it from my system. Please help. Thank you.

marfabilis

Moderator

Date of registration:
May 14th 2010

Version:
Avira Free Antivirus
Avira Antivirus Suite
Avira Internet Security Suite
Avira Internet Security

Operating System:
System of a Down

  • Send private message

2

Monday, May 14th 2012, 12:52pm

Hi Will24,

You should not run ComboFix unless you are specifically asked. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer. It is also understood that the use of ComboFix is done at your own risk.

Could you please perform a complete system scan with your Avira and post the results in your next reply?

Marco
| :: RU | EN | PT-BR | ZH-CN | ZH-TW ::

  • "Will24" started this thread

Date of registration:
May 14th 2012

Version:
Avira Free Antivirus

Operating System:
Windows 7

  • Send private message

3

Wednesday, May 16th 2012, 4:42pm

Hi Marco,

Thank you for the speedy response and I apologize for the late response. Somehow I think that the things I did got rid of the annoying virus, but just to be sure, I will post the report file shortly after I did a complete system scan.

Will24

  • "Will24" started this thread

Date of registration:
May 14th 2012

Version:
Avira Free Antivirus

Operating System:
Windows 7

  • Send private message

4

Wednesday, May 16th 2012, 6:31pm

Hi Marco,

Here's the report file. I see that there are no more detections but I still do not fully understand the report. What are these 19 warnings reported? Can this be fixed? My system seems to be working alright.
Thanks.


Avira Free Antivirus
Report file date: Wednesday, May 16, 2012 22:47

Scanning for 3705346 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : AURA-HP

Version information:
BUILD.DAT : 12.0.0.1125 41829 Bytes 5/2/2012 17:40:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 5/11/2012 04:52:13
AVSCAN.DLL : 12.3.0.15 54736 Bytes 5/11/2012 04:52:13
LUKE.DLL : 12.3.0.15 68304 Bytes 5/11/2012 04:52:13
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 5/11/2012 04:52:14
AVREG.DLL : 12.3.0.17 232200 Bytes 5/14/2012 07:10:42
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 16:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 15:57:15
VBASE002.VDF : 7.11.19.170 14374912 Bytes 12/20/2011 15:57:20
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2/1/2012 04:52:12
VBASE004.VDF : 7.11.26.44 4329472 Bytes 3/28/2012 04:52:12
VBASE005.VDF : 7.11.29.136 2166272 Bytes 5/10/2012 04:52:12
VBASE006.VDF : 7.11.29.137 2048 Bytes 5/10/2012 04:52:12
VBASE007.VDF : 7.11.29.138 2048 Bytes 5/10/2012 04:52:12
VBASE008.VDF : 7.11.29.139 2048 Bytes 5/10/2012 04:52:12
VBASE009.VDF : 7.11.29.140 2048 Bytes 5/10/2012 04:52:12
VBASE010.VDF : 7.11.29.141 2048 Bytes 5/10/2012 04:52:12
VBASE011.VDF : 7.11.29.142 2048 Bytes 5/10/2012 04:52:12
VBASE012.VDF : 7.11.29.143 2048 Bytes 5/10/2012 04:52:12
VBASE013.VDF : 7.11.29.144 2048 Bytes 5/10/2012 04:52:12
VBASE014.VDF : 7.11.30.3 198144 Bytes 5/14/2012 00:25:15
VBASE015.VDF : 7.11.30.4 2048 Bytes 5/14/2012 00:25:16
VBASE016.VDF : 7.11.30.5 2048 Bytes 5/14/2012 00:25:16
VBASE017.VDF : 7.11.30.6 2048 Bytes 5/14/2012 00:25:16
VBASE018.VDF : 7.11.30.7 2048 Bytes 5/14/2012 00:25:17
VBASE019.VDF : 7.11.30.8 2048 Bytes 5/14/2012 00:25:17
VBASE020.VDF : 7.11.30.9 2048 Bytes 5/14/2012 00:25:18
VBASE021.VDF : 7.11.30.10 2048 Bytes 5/14/2012 00:25:18
VBASE022.VDF : 7.11.30.11 2048 Bytes 5/14/2012 00:25:19
VBASE023.VDF : 7.11.30.12 2048 Bytes 5/14/2012 00:25:19
VBASE024.VDF : 7.11.30.13 2048 Bytes 5/14/2012 00:25:20
VBASE025.VDF : 7.11.30.14 2048 Bytes 5/14/2012 00:25:20
VBASE026.VDF : 7.11.30.15 2048 Bytes 5/14/2012 00:25:22
VBASE027.VDF : 7.11.30.16 2048 Bytes 5/14/2012 00:25:23
VBASE028.VDF : 7.11.30.17 2048 Bytes 5/14/2012 00:25:23
VBASE029.VDF : 7.11.30.18 2048 Bytes 5/14/2012 00:25:23
VBASE030.VDF : 7.11.30.19 2048 Bytes 5/14/2012 00:25:24
VBASE031.VDF : 7.11.30.54 135680 Bytes 5/16/2012 05:21:30
Engine version : 8.2.10.64
AEVDF.DLL : 8.1.2.2 106868 Bytes 1/31/2012 15:56:42
AESCRIPT.DLL : 8.1.4.19 455034 Bytes 5/14/2012 07:10:29
AESCN.DLL : 8.1.8.2 131444 Bytes 5/11/2012 04:52:13
AESBX.DLL : 8.2.5.5 606579 Bytes 5/11/2012 04:52:13
AERDL.DLL : 8.1.9.15 639348 Bytes 1/31/2012 15:56:42
AEPACK.DLL : 8.2.16.13 807287 Bytes 5/14/2012 07:10:14
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 5/11/2012 04:52:13
AEHEUR.DLL : 8.1.4.25 4788598 Bytes 5/14/2012 07:09:44
AEHELP.DLL : 8.1.21.0 254326 Bytes 5/14/2012 07:07:32
AEGEN.DLL : 8.1.5.28 422260 Bytes 5/11/2012 04:52:12
AEEXP.DLL : 8.1.0.36 82292 Bytes 5/14/2012 07:10:33
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/31/2012 15:56:38
AECORE.DLL : 8.1.25.6 201078 Bytes 5/11/2012 04:52:12
AEBB.DLL : 8.1.1.0 53618 Bytes 1/31/2012 15:56:38
AVWINLL.DLL : 12.3.0.15 27344 Bytes 5/11/2012 04:52:12
AVPREF.DLL : 12.3.0.15 51920 Bytes 5/11/2012 04:52:13
AVREP.DLL : 12.3.0.15 179208 Bytes 5/11/2012 04:52:14
AVARKT.DLL : 12.3.0.15 211408 Bytes 5/11/2012 04:52:13
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 5/11/2012 04:52:13
SQLITE3.DLL : 3.7.0.1 398288 Bytes 5/11/2012 04:52:14
AVSMTP.DLL : 12.3.0.15 63440 Bytes 5/11/2012 04:52:13
NETNT.DLL : 12.3.0.15 17104 Bytes 5/11/2012 04:52:13
RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 5/11/2012 04:52:12
RCTEXT.DLL : 12.3.0.15 96720 Bytes 5/11/2012 04:52:12

Configuration settings for the scan:
Jobname.............................: Local Hard Disks
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldiscs.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, F:, Q:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended

Start of the scan: Wednesday, May 16, 2012 22:47

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'Q:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'YCMMirage.exe' - '1' Module(s) have been scanned
Scan process 'hpqWmiEx.exe' - '1' Module(s) have been scanned
Scan process 'DTShellHlp.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'Updater.exe' - '1' Module(s) have been scanned
Scan process 'AutoStartupService.exe' - '1' Module(s) have been scanned
Scan process 'HPMSGSVC.exe' - '1' Module(s) have been scanned
Scan process 'zumodrive.exe' - '1' Module(s) have been scanned
Scan process 'LightScribeControlPanel.exe' - '1' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '1' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '1' Module(s) have been scanned
Scan process 'sftlist.exe' - '1' Module(s) have been scanned
Scan process 'YahooAUService.exe' - '1' Module(s) have been scanned
Scan process 'sftvsa.exe' - '1' Module(s) have been scanned
Scan process 'SeaPort.EXE' - '1' Module(s) have been scanned
Scan process 'RNowSvc.exe' - '1' Module(s) have been scanned
Scan process 'HPWMISVC.exe' - '1' Module(s) have been scanned
Scan process 'HPDrvMntSvc.exe' - '1' Module(s) have been scanned
Scan process 'bgsvcgen.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'armsvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'atibtmon.exe' - '1' Module(s) have been scanned

Starting to scan executable files (registry).
The registry was scanned ( '1671' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Program Files (x86)\WinRAR\rarnew.dat
[WARNING] Error no files to extract
C:\SwSetup\CyberDVD\Stage1\PDIR\Data1.cab
[WARNING] Error multiple volume
C:\SwSetup\CyberDVD\Stage1\PDIR\Data11.cab
[WARNING] Error multiple volume
C:\SwSetup\CyberDVD\Stage1\PDIR\Data2.cab
[WARNING] Error multiple volume
C:\SwSetup\CyberDVD\Stage1\PDIR\Data21.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB1.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB2.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB3.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB4.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB5.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB6.cab
[WARNING] Error multiple volume
C:\SwSetup\HPD1032\NoteB7.cab
[WARNING] Error multiple volume
C:\Users\aura\AppData\Local\Microsoft\Windows Live Mail\Yahoo (aura dce\Inbox\09D1242D-000007B4.eml
[WARNING] The file is password protected
C:\Users\aura\AppData\Local\Microsoft\Windows Live Mail\Yahoo (aura dce\Junk E-mail\030A301C-00000190.eml:OECustomProperty
[WARNING] Invalid end of file
C:\Users\aura\AppData\Local\Microsoft\Windows Live Mail\Yahoo (aura dce\Junk E-mail\0BDB56AE-00000191.eml:OECustomProperty
[WARNING] Invalid end of file
C:\Users\aura\Downloads\avira_free_antivirus_en.exe
[WARNING] The file is password protected
C:\Users\aura\Downloads\HP-CNB.3922_HP15C11_YUC110512-01_Normal (1).exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Users\aura\Downloads\HP-CNB.3922_HP15C11_YUC110512-01_Normal.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Users\Will24\Downloads\Adobe Photoshop CS5.1 v12.1 Extended Portable.rar
[WARNING] The archive is password protected
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'F:\' <HP_TOOLS>
Begin scan in 'Q:\'
Search path Q:\ could not be opened!
System error [5]: Access is denied.


End of the scan: Thursday, May 17, 2012 00:23
Used time: 1:35:54 Hour(s)

The scan has been done completely.

40016 Scanned directories
1504072 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1504072 Files not concerned
8730 Archives were scanned
19 Warnings
0 Notes

Will24

marfabilis

Moderator

Date of registration:
May 14th 2010

Version:
Avira Free Antivirus
Avira Antivirus Suite
Avira Internet Security Suite
Avira Internet Security

Operating System:
System of a Down

  • Send private message

5

Wednesday, May 16th 2012, 8:18pm

Hi Will24,

Nothing is currently detected.
Do you still need help?

Marco
| :: RU | EN | PT-BR | ZH-CN | ZH-TW ::

  • "Will24" started this thread

Date of registration:
May 14th 2012

Version:
Avira Free Antivirus

Operating System:
Windows 7

  • Send private message

6

Thursday, May 17th 2012, 5:18am

Hi Marco,

I think my system's running smoothly now. Thanks to Avira. If I had not thought about changing my previous AV to Avira the virus would still be there undetected. Thank you for the support.

Will24

marfabilis

Moderator

Date of registration:
May 14th 2010

Version:
Avira Free Antivirus
Avira Antivirus Suite
Avira Internet Security Suite
Avira Internet Security

Operating System:
System of a Down

  • Send private message

7

Thursday, May 17th 2012, 2:34pm

Hi Will24,

You're most welcome ^^

Marco
| :: RU | EN | PT-BR | ZH-CN | ZH-TW ::