nell'ultima scansione però avira ha trovato dei file sospetti..
AntiVir PersonalEdition Classic
Report file date: venerdì 22 febbraio 2008 12:51
Scanning for 1119794 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ANDREAFAVARO
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 11:47:24
ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 11:47:24
ANTIVIR3.VDF : 7.0.2.178 327168 Bytes 22/02/2008 11:47:24
AVEWIN32.DLL : 7.6.0.67 3293696 Bytes 22/02/2008 11:47:24
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 22/02/2008 11:47:24
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: venerdì 22 febbraio 2008 12:51
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'agrsmmsg.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'NDSTray.exe' - '1' Module(s) have been scanned
Scan process 'PadExe.exe' - '1' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
Scan process 'launcher.exe' - '1' Module(s) have been scanned
Scan process 'SmoothView.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned
Scan process 'TFncKy.exe' - '1' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'THotkey.exe' - '1' Module(s) have been scanned
Scan process 'TPSMain.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'acs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
39 processes with 39 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '45' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\avenger\backup.zip
[0] Archive type: ZIP
avenger/b64_1[1].jpg
[DETECTION] Is the Trojan horse TR/PSW.LdPinch.ewq
avenger/b64_1[2].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[1].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[1].jpg-ren-421
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[1].jpg-ren-447
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[1].jpg-ren-526
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[2].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[2].jpg-ren-449
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_2[2].jpg-ren-529
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/b64_31[1].jpg
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-401
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-409
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-429
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-451
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-517
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[1].jpg-ren-538
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[2].jpg
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[2].jpg-ren-403
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/b64_31[2].jpg-ren-429
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/104091953.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/118830218.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/133609000.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/133688343.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/148411921.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/148414312.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/15044812.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/down/15085890.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/15089812.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/163197765.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/177949453.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/177965515.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/192751218.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/192780000.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/29966625.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/29969875.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/378812.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/down/381578.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/44636890.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
avenger/down/44669906.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/59353109.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/59360218.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/74058875.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/74348484.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/down/89197453.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JV
avenger/MASAlert.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JV
avenger/mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
avenger/Muestras/HLDRRR.EXE.Muestra EliBagle v11.00
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JV
avenger/Muestras/SROSA.SYS.Muestra EliBagle v11.00
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
avenger/srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
avenger/TOSCDSPD.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JV
avenger/wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '4821b7c9.qua'!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\770OCD24\b64_1[1].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\770OCD24\b64_1[2].jpg
[DETECTION] Is the Trojan horse TR/PSW.LdPinch.ewq
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\770OCD24\b64_1[3].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\770OCD24\b64_1[4].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\JC1M4PXT\b64_1[1].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\JC1M4PXT\b64_1[2].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\JC1M4PXT\b64_1[3].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\JC1M4PXT\b64_1[4].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\JC1M4PXT\b64_2[3].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\KATX6UJ5\b64_2[3].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\U1FXPB35\b64_1[2].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\U1FXPB35\b64_2[1].jpg
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\Documents and Settings\JERRY POOL\Impostazioni locali\Temporary Internet Files\Content.IE5\U1FXPB35\b64_31[2].jpg
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: venerdì 22 febbraio 2008 15:37
Used time: 2:46:03 min
The scan has been done completely.
5912 Scanning directories
397016 Files were scanned
65 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
13 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
396951 Files not concerned
16113 Archives were scanned
4 Warnings
0 Notes