hasonasaid
زيزوومي جديد
- إنضم
- 28 مارس 2009
- المشاركات
- 38
- مستوى التفاعل
- 0
- النقاط
- 50
غير متصل
Avira AntiVir Personal
Report file date: 19 ابريل, 2009 23:23
Scanning for 1426624 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : hasona
Computer name : HASONA-4F74CFA8
Version information:
BUILD.DAT : 9.0.0.386 17962 Bytes 3/11/2009 15:55:00
AVSCAN.EXE : 9.0.3.3 464641 Bytes 2/24/2009 10:13:28
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 08:58:26
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 09:35:50
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 04:29:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 11:32:40
ANTIVIR2.VDF : 7.1.4.0 2336768 Bytes 5/20/2009 04:15:54
ANTIVIR3.VDF : 7.1.4.21 200704 Bytes 5/26/2009 12:52:36
Engineversion : 8.2.0.168
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 06:33:10
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 5/15/2009 07:20:36
AESCN.DLL : 8.1.2.3 127347 Bytes 5/15/2009 07:20:36
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 23:43:26
AEPACK.DLL : 8.1.3.16 397686 Bytes 5/8/2009 07:51:08
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 11:56:12
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 5/15/2009 07:20:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 11:56:12
AEGEN.DLL : 8.1.1.44 348532 Bytes 5/15/2009 07:20:34
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/15/2008 02:49:36
AECORE.DLL : 8.1.6.9 176500 Bytes 4/14/2009 04:42:00
AEBB.DLL : 8.1.0.3 53618 Bytes 10/15/2008 02:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:48:00
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 08:32:16
AVREP.DLL : 8.0.0.3 155688 Bytes 5/26/2009 12:52:38
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 08:32:10
AVARKT.DLL : 9.0.0.1 292609 Bytes 2/9/2009 05:52:26
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 08:37:10
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 13:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 06:21:34
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 08:32:12
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 2/9/2009 09:45:46
RCTEXT.DLL : 9.0.35.0 87297 Bytes 3/11/2009 13:55:14
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\DOCUME~1\hasona\LOCALS~1\Temp\RarSFX0\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 19 ابريل, 2009 23:23
Initiating scan of system files:
Signed -> 'C:\WINDOWS\system32\svchost.exe'
Signed -> 'C:\WINDOWS\system32\winlogon.exe'
Signed -> 'C:\WINDOWS\explorer.exe'
Signed -> 'C:\WINDOWS\system32\smss.exe'
Signed -> 'C:\WINDOWS\system32\wininet.DLL'
Signed -> 'C:\WINDOWS\system32\wsock32.DLL'
Signed -> 'C:\WINDOWS\system32\ws2_32.DLL'
Signed -> 'C:\WINDOWS\system32\services.exe'
Signed -> 'C:\WINDOWS\system32\lsass.exe'
Signed -> 'C:\WINDOWS\system32\csrss.exe'
Signed -> 'C:\WINDOWS\system32\drivers\kbdclass.sys'
Signed -> 'C:\WINDOWS\system32\spoolsv.exe'
Signed -> 'C:\WINDOWS\system32\alg.exe'
Signed -> 'C:\WINDOWS\system32\wuauclt.exe'
Signed -> 'C:\WINDOWS\system32\advapi32.DLL'
Signed -> 'C:\WINDOWS\system32\user32.DLL'
Signed -> 'C:\WINDOWS\system32\gdi32.DLL'
Signed -> 'C:\WINDOWS\system32\kernel32.DLL'
Signed -> 'C:\WINDOWS\system32\ntdll.DLL'
Signed -> 'C:\WINDOWS\system32\ntoskrnl.exe'
Signed -> 'C:\WINDOWS\system32\ctfmon.exe'
The system files were scanned ('21' files)
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'zyzoom_avira9.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'IEMonitor.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'IDMan.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned
Starting master boot sector scan:
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '55' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيÙ.rar
[0] Archive type: RAR
--> ↑ᆱᆬ ゚←↑ᆬ¥■¬゚ᄁ.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
Begin scan in 'D:\'
D:\New Folder (2)\power_point2003.part2.rar
[0] Archive type: RAR
--> power point2003\lesson\403.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'E:\'
E:\idm1010\RapiDown.rar
[0] Archive type: RAR
--> Crack.exe
[DETECTION] Is the TR/Agent.1026560.B Trojan
--> RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
Begin scan in 'F:\'
Begin scan in 'G:\'
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
Beginning disinfection:
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيÙ.rar
[NOTE] The file was moved to '4ac39b7e.qua'!
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
[NOTE] The file was moved to '501ea11c.qua'!
E:\idm1010\RapiDown.rar
[NOTE] The file was moved to '4a5b9b38.qua'!
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
[NOTE] The file was moved to '4b293b21.qua'!
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4a389b1b.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4b5f640c.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
[NOTE] The file was moved to '4a5f9b38.qua'!
End of the scan: 19 ابريل, 2009 23:42
Used time: 18:55 Minute(s)
The scan has been done completely.
3971 Scanned directories
108657 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
108647 Files not concerned
939 Archives were scanned
4 Warnings
9 Notes
Report file date: 19 ابريل, 2009 23:23
Scanning for 1426624 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : hasona
Computer name : HASONA-4F74CFA8
Version information:
BUILD.DAT : 9.0.0.386 17962 Bytes 3/11/2009 15:55:00
AVSCAN.EXE : 9.0.3.3 464641 Bytes 2/24/2009 10:13:28
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 08:58:26
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 09:35:50
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 04:29:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 11:32:40
ANTIVIR2.VDF : 7.1.4.0 2336768 Bytes 5/20/2009 04:15:54
ANTIVIR3.VDF : 7.1.4.21 200704 Bytes 5/26/2009 12:52:36
Engineversion : 8.2.0.168
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 06:33:10
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 5/15/2009 07:20:36
AESCN.DLL : 8.1.2.3 127347 Bytes 5/15/2009 07:20:36
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 23:43:26
AEPACK.DLL : 8.1.3.16 397686 Bytes 5/8/2009 07:51:08
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 11:56:12
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 5/15/2009 07:20:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 11:56:12
AEGEN.DLL : 8.1.1.44 348532 Bytes 5/15/2009 07:20:34
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/15/2008 02:49:36
AECORE.DLL : 8.1.6.9 176500 Bytes 4/14/2009 04:42:00
AEBB.DLL : 8.1.0.3 53618 Bytes 10/15/2008 02:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:48:00
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 08:32:16
AVREP.DLL : 8.0.0.3 155688 Bytes 5/26/2009 12:52:38
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 08:32:10
AVARKT.DLL : 9.0.0.1 292609 Bytes 2/9/2009 05:52:26
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 08:37:10
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 13:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 06:21:34
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 08:32:12
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 2/9/2009 09:45:46
RCTEXT.DLL : 9.0.35.0 87297 Bytes 3/11/2009 13:55:14
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\DOCUME~1\hasona\LOCALS~1\Temp\RarSFX0\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: 19 ابريل, 2009 23:23
Initiating scan of system files:
Signed -> 'C:\WINDOWS\system32\svchost.exe'
Signed -> 'C:\WINDOWS\system32\winlogon.exe'
Signed -> 'C:\WINDOWS\explorer.exe'
Signed -> 'C:\WINDOWS\system32\smss.exe'
Signed -> 'C:\WINDOWS\system32\wininet.DLL'
Signed -> 'C:\WINDOWS\system32\wsock32.DLL'
Signed -> 'C:\WINDOWS\system32\ws2_32.DLL'
Signed -> 'C:\WINDOWS\system32\services.exe'
Signed -> 'C:\WINDOWS\system32\lsass.exe'
Signed -> 'C:\WINDOWS\system32\csrss.exe'
Signed -> 'C:\WINDOWS\system32\drivers\kbdclass.sys'
Signed -> 'C:\WINDOWS\system32\spoolsv.exe'
Signed -> 'C:\WINDOWS\system32\alg.exe'
Signed -> 'C:\WINDOWS\system32\wuauclt.exe'
Signed -> 'C:\WINDOWS\system32\advapi32.DLL'
Signed -> 'C:\WINDOWS\system32\user32.DLL'
Signed -> 'C:\WINDOWS\system32\gdi32.DLL'
Signed -> 'C:\WINDOWS\system32\kernel32.DLL'
Signed -> 'C:\WINDOWS\system32\ntdll.DLL'
Signed -> 'C:\WINDOWS\system32\ntoskrnl.exe'
Signed -> 'C:\WINDOWS\system32\ctfmon.exe'
The system files were scanned ('21' files)
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'zyzoom_avira9.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'IEMonitor.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'IDMan.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned
Starting master boot sector scan:
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '55' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيÙ.rar
[0] Archive type: RAR
--> ↑ᆱᆬ ゚←↑ᆬ¥■¬゚ᄁ.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
Begin scan in 'D:\'
D:\New Folder (2)\power_point2003.part2.rar
[0] Archive type: RAR
--> power point2003\lesson\403.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'E:\'
E:\idm1010\RapiDown.rar
[0] Archive type: RAR
--> Crack.exe
[DETECTION] Is the TR/Agent.1026560.B Trojan
--> RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
Begin scan in 'F:\'
Begin scan in 'G:\'
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
Beginning disinfection:
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيÙ.rar
[NOTE] The file was moved to '4ac39b7e.qua'!
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
[NOTE] The file was moved to '501ea11c.qua'!
E:\idm1010\RapiDown.rar
[NOTE] The file was moved to '4a5b9b38.qua'!
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
[NOTE] The file was moved to '4b293b21.qua'!
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4a389b1b.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4b5f640c.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
[NOTE] The file was moved to '4a5f9b38.qua'!
End of the scan: 19 ابريل, 2009 23:42
Used time: 18:55 Minute(s)
The scan has been done completely.
3971 Scanned directories
108657 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
108647 Files not concerned
939 Archives were scanned
4 Warnings
9 Notes
