اخي الكريم زيزوم
الله يرحم من عقبك ويجزاك خير عنا جميعا وامل من الله ان يجعل ذلك في موازين حسناتك
وهذا التقرير
Avira AntiVir Personal
Report file date: 11 شعبان, 1430 14:27
Scanning for 1567743 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : User
Computer name : USER-74A3A1B0C4
Version information:
BUILD.DAT : 9.0.0.386 17962 Bytes 15/03/1430 15:55:00
AVSCAN.EXE : 9.0.3.3 464641 Bytes 29/02/1430 09:13:26
AVSCAN.DLL : 9.0.3.0 40705 Bytes 03/03/1430 07:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 25/02/1430 08:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 03/03/1430 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/1429 03:29:38
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 02/07/1430 00:20:48
ANTIVIR2.VDF : 7.1.4.253 1779200 Bytes 27/07/1430 13:07:13
ANTIVIR3.VDF : 7.1.5.28 214528 Bytes 02/08/1430 06:20:12
Engineversion : 8.2.0.228
AEVDF.DLL : 8.1.1.1 106868 Bytes 06/05/1430 05:33:10
AESCRIPT.DLL : 8.1.2.18 442746 Bytes 25/07/1430 08:27:00
AESCN.DLL : 8.1.2.4 127348 Bytes 30/07/1430 07:43:44
AERDL.DLL : 8.1.2.4 430452 Bytes 22/07/1430 08:08:26
AEPACK.DLL : 8.1.3.18 401783 Bytes 03/06/1430 08:10:34
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 24/06/1430 05:32:45
AEHEUR.DLL : 8.1.0.143 1864055 Bytes 24/07/1430 07:01:06
AEHELP.DLL : 8.1.5.3 233846 Bytes 30/07/1430 07:43:43
AEGEN.DLL : 8.1.1.50 352629 Bytes 30/07/1430 07:43:43
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/1429 01:49:35
AECORE.DLL : 8.1.7.6 184694 Bytes 30/07/1430 07:43:42
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/1429 01:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 14/12/1429 05:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 07/12/1429 07:32:15
AVREP.DLL : 8.0.0.3 155688 Bytes 02/08/1430 06:20:14
AVREG.DLL : 9.0.0.0 36609 Bytes 07/12/1429 07:32:09
AVARKT.DLL : 9.0.0.1 292609 Bytes 14/02/1430 04:52:24
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 04/02/1430 07:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 02/02/1430 12:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 07/02/1430 05:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 07/12/1429 07:32:10
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 14/02/1430 08:45:45
RCTEXT.DLL : 9.0.35.0 87297 Bytes 15/03/1430 12:55:12
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\DOCUME~1\User\LOCALS~1\Temp\RarSFX2\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 11 شعبان, 1430 14:27
Initiating scan of system files:
Signed -> 'C:\WINDOWS\system32\svchost.exe'
Signed -> 'C:\WINDOWS\system32\winlogon.exe'
Signed -> 'C:\WINDOWS\explorer.exe'
Signed -> 'C:\WINDOWS\system32\smss.exe'
Signed -> 'C:\WINDOWS\system32\wininet.DLL'
Signed -> 'C:\WINDOWS\system32\wsock32.DLL'
Signed -> 'C:\WINDOWS\system32\ws2_32.DLL'
Signed -> 'C:\WINDOWS\system32\services.exe'
Signed -> 'C:\WINDOWS\system32\lsass.exe'
Signed -> 'C:\WINDOWS\system32\csrss.exe'
Signed -> 'C:\WINDOWS\system32\drivers\kbdclass.sys'
Signed -> 'C:\WINDOWS\system32\spoolsv.exe'
Signed -> 'C:\WINDOWS\system32\alg.exe'
Signed -> 'C:\WINDOWS\system32\wuauclt.exe'
Signed -> 'C:\WINDOWS\system32\advapi32.DLL'
Signed -> 'C:\WINDOWS\system32\user32.DLL'
Signed -> 'C:\WINDOWS\system32\gdi32.DLL'
Signed -> 'C:\WINDOWS\system32\kernel32.DLL'
Signed -> 'C:\WINDOWS\system32\ntdll.DLL'
Signed -> 'C:\WINDOWS\system32\ntoskrnl.exe'
Signed -> 'C:\WINDOWS\system32\ctfmon.exe'
The system files were scanned ('21' files)
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'zyzoom_avira9.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'klwtblfs.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'CManager.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'TOSCDSPD.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'BRService.exe' - '1' Module(s) have been scanned
Scan process 'ASP.exe' - '1' Module(s) have been scanned
Scan process 'winwd.exe' - '1' Module(s) have been scanned
Scan process 'sdaemon.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'TFncKy.exe' - '1' Module(s) have been scanned
Scan process 'agrsmmsg.exe' - '1' Module(s) have been scanned
Scan process 'TvsTray.exe' - '1' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'WgaTray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winsersec.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
48 processes with 48 modules were scanned
Starting master boot sector scan:
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '67' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\sinatour\Local Settings\Temp\Binaries2.zip
[0] Archive type: ZIP
--> wscui.cpl
[DETECTION] Is the TR/FakeAV.bak.2 Trojan
C:\Documents and Settings\sinatour\سطح المكتب\مجلد جديد (3)\OnSpeed_6[1].0.9.0.500_full version with activation code till june 09.rar
[0] Archive type: RAR
--> OnSpeed_6.0.9.0.500\ONSPEED_Installer.exe
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
--> OnSpeed_6.0.9.0.500\patch\OnSpeed Patch.exe
[DETECTION] Is the TR/Agent.208868.A Trojan
C:\Documents and Settings\sinatour\سطح المكتب\ملحق برامج\bronz_realplayer v11.exe
[0] Archive type: RAR SFX (self extracting)
--> Activator.exe
[1] Archive type: RAR SFX (self extracting)
--> Activator.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
--> crack.exe
[DETECTION] Contains recognition pattern of the WORM/Agent.234445 worm
C:\Program Files\Real\RealPlayer\Activator.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
C:\Program Files\Real\RealPlayer\KingoOo_Crack.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc10.exe
[0] Archive type: RAR SFX (self extracting)
--> KingoOo_Crack.exe
[1] Archive type: RAR SFX (self extracting)
--> KingoOo_Crack.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc83.rar
[0] Archive type: RAR
--> Techsmith_Snagit9.0.0.exe
[1] Archive type: RAR SFX (self extracting)
--> App\techsmith.snagit.v9.0.0.351-ismail.exe
[DETECTION] Is the TR/Hupigon.2454528.A Trojan
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc95.rar
[0] Archive type: RAR
--> OnSpeed_6.0.9.0.500\ONSPEED_Installer.exe
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
--> OnSpeed_6.0.9.0.500\patch\OnSpeed Patch.exe
[DETECTION] Is the TR/Agent.208868.A Trojan
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\ONSPEED_Installer.exe
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\ONSPEED_Installer.exe.EXE
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\patch\OnSpeed Patch.exe
[DETECTION] Is the TR/Agent.208868.A Trojan
Begin scan in 'D:\'
D:\افلام وفلاشات وصور وشفافيات خاصة للعلوم\فلاشات علوم فيزياء كيمياء احياء جيولوجيا\dentritic.rar
[DETECTION] Is the TR/Drop.Agent.81920 Trojan
D:\برنامج SnagIt 9.1.2\تثبيت صامت SnagIt 9.1.2\{معلومات التسجيل} .SnagIt.v9.1.2\الكيجن\keygen.exe
[DETECTION] Is the TR/Agent.147456.BQ Trojan
Beginning disinfection:
C:\Documents and Settings\sinatour\Local Settings\Temp\Binaries2.zip
[NOTE] The file was moved to '4ae3876c.qua'!
C:\Documents and Settings\sinatour\سطح المكتب\مجلد جديد (3)\OnSpeed_6[1].0.9.0.500_full version with activation code till june 09.rar
[NOTE] The file was moved to '4ac88771.qua'!
C:\Documents and Settings\sinatour\سطح المكتب\ملحق برامج\bronz_realplayer v11.exe
[NOTE] The file was moved to '4ae48775.qua'!
C:\Program Files\Real\RealPlayer\Activator.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
[NOTE] The file was moved to '4ae98769.qua'!
C:\Program Files\Real\RealPlayer\KingoOo_Crack.exe
[DETECTION] Contains recognition pattern of the DR/Monder.436224 dropper
[NOTE] The file was moved to '4ae3876f.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc10.exe
[NOTE] The file was moved to '4aa6876a.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc83.rar
[NOTE] The file was moved to '4aad876e.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc95.rar
[NOTE] The file was moved to '4aae8773.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\ONSPEED_Installer.exe
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
[NOTE] The file was moved to '4ac8875f.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\ONSPEED_Installer.exe.EXE
[DETECTION] Contains recognition pattern of the DR/MegaSearch.V dropper
[NOTE] The file was moved to '4b211ec8.qua'!
C:\RECYCLER\S-1-5-21-1801674531-162531612-725345543-1003\Dc96.500\patch\OnSpeed Patch.exe
[DETECTION] Is the TR/Agent.208868.A Trojan
[NOTE] The file was moved to '4ac88782.qua'!
D:\افلام وفلاشات وصور وشفافيات خاصة للعلوم\فلاشات علوم فيزياء كيمياء احياء جيولوجيا\dentritic.rar
[DETECTION] Is the TR/Drop.Agent.81920 Trojan
[NOTE] The file was moved to '4ae38779.qua'!
D:\برنامج SnagIt 9.1.2\تثبيت صامت SnagIt 9.1.2\{معلومات التسجيل} .SnagIt.v9.1.2\الكيجن\keygen.exe
[DETECTION] Is the TR/Agent.147456.BQ Trojan
[NOTE] The file was moved to '4aee8779.qua'!
End of the scan: 11 شعبان, 1430 15:31
Used time: 59:59 Minute(s)
The scan has been done completely.
8091 Scanned directories
396965 Files were scanned
16 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
13 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
396948 Files not concerned
2473 Archives were scanned
1 Warnings
14 Notes