AntiVir PersonalEdition Classic
Report file date: jeudi 12 juillet 2007 15:56
Scanning for 740715 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: WILLBE
Version information:
BUILD.DAT : 248 14437 Bytes 31/05/2007 16:59:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.37.1.151 4303360 Bytes 23/02/2007 13:09:01
ANTIVIR2.VDF : 6.38.0.214 729600 Bytes 12/04/2007 13:09:02
ANTIVIR3.VDF : 6.38.0.225 50688 Bytes 16/04/2007 13:09:02
AVEWIN32.DLL : 7.4.0.12 2404864 Bytes 13/04/2007 13:04:24
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.8 360488 Bytes 27/03/2007 07:48:28
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 2/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42
Configuration settings for the scan:
Jobname…: Manual Selection
Configuration file…: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging…: low
Primary action…: interactive
Secondary action…: ignore
Scan master boot sector…: off
Scan boot sector…: on
Boot sectors…: G:,
Scan memory…: on
Process scan…: on
Scan registry…: on
Search for rootkits…: off
Scan all files…: All files
Scan archives…: on
Recursion depth…: 20
Smart extensions…: on
Deviating archive types…: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic…: on
File heuristic…: high
Deviating risk categories…: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: jeudi 12 juillet 2007 15:56
The scan of running processes will be started
Scan process ‘avscan.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avcenter.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘WINWORD.EXE’ - ‘1’ Module(s) have been scanned
Scan process ‘explorer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘lsass.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘services.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘winlogon.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘csrss.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘smss.exe’ - ‘1’ Module(s) have been scanned
13 processes with 13 modules were scanned
Start scanning boot sectors:
Boot sector ‘C:’
[NOTE] No virus was found!
Boot sector ‘E:’
[NOTE] No virus was found!
Boot sector ‘F:’
[NOTE] No virus was found!
Boot sector ‘G:’
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( ‘30’ files ).
Starting the file scan:
Begin scan in ‘C:’
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus\elec alternateur.ace
[0] Archive type: ACE
–> elec alternateur\Num?riser0002.jpg
[WARNING] Error creating the file
–> elec alternateur\Num?riser0003.jpg
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Program Files\WinRAR\WinRAR.3.62.Final-Patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.PEPM.Gen
[INFO] The file was moved to ‘47043949.qua’!
C:\WINDOWS\system32\koos.exe
[DETECTION] Is the Trojan horse TR/Proxy.Wopla.AG.10
[INFO] The file was deleted!
C:\WINDOWS\system32\lhjeysam.exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to ‘470039ee.qua’!
C:\WINDOWS\system32\nhrxyial.dll
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was deleted!
C:\WINDOWS\system32\rpcc.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system32\xpdx.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\Bifrost\server.exe
[DETECTION] Is the Trojan horse TR/Genlot.Cep.SVR.2
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\core.sys
[DETECTION] Is the Trojan horse TR/Drop.Rootkit.A.2
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\ip6fw.sys
[DETECTION] Contains signature of the rootkit RKIT/Agent.DQ.31.A
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services//Runtime]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Runtime//Enum]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services//Runtime]
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in ‘E:’
E:\Programmes\Programmes important a jamais viré !\WinRAR.3.62.Final.zip
[0] Archive type: ZIP
–> WinRAR.3.62.Final-Patch.exe
[DETECTION] Is the Trojan horse TR/Crypt.PEPM.Gen
[INFO] The file was deleted!
E:\Programmes\Progz\Bs Player\BSPlayer_PRO_221.950_Latest_Incl_Keygen.rar
[0] Archive type: RAR
–> beg_4kb_ok_bsplayerUSC.exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was deleted!
Begin scan in ‘F:’ <Vidéos et Animes>
Begin scan in ‘G:’
End of the scan: jeudi 12 juillet 2007 16:34
Used time: 37:18 min
The scan has been done completely.
9549 Scanning directories
390287 Files were scanned
9 viruses and/or unwanted programs were found
2 classified as suspicious:
7 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
390276 Files not concerned
4675 Archives were scanned
7 Warnings
140 Notes
0 Hidden objects were found