RAPPORT ANTIVIR :
Avira AntiVir Personal
Report file date: dimanche 8 juin 2008 13:44
Scanning for 1313263 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Boot mode: Save mode
Username: Mon micro
Computer name: YOUR-6A8NPIK1EI
Version information:
BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 17:06:39
ANTIVIR3.VDF : 7.0.4.156 144896 Bytes 06/06/2008 17:01:00
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 06/06/2008 17:01:28
AESCN.DLL : 8.1.0.21 119156 Bytes 06/06/2008 17:01:25
AERDL.DLL : 8.1.0.20 418165 Bytes 12/05/2008 17:54:13
AEPACK.DLL : 8.1.1.5 364918 Bytes 15/05/2008 19:57:58
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 12/05/2008 17:54:09
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 06/06/2008 17:01:23
AEHELP.DLL : 8.1.0.15 115063 Bytes 29/05/2008 16:40:50
AEGEN.DLL : 8.1.0.28 307572 Bytes 06/06/2008 17:01:08
AEEMU.DLL : 8.1.0.6 430451 Bytes 12/05/2008 17:54:00
AECORE.DLL : 8.1.0.31 168310 Bytes 06/06/2008 17:01:02
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 8 juin 2008 13:44
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '39' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\C\WINDOWS\system32\ateycyfd.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48b0ce07.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\fhvydvas.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c1cdff.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\fsqmwmhf.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48bcce0e.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\geBuUnop.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '488dce03.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\hyxgesbj.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48c3ce19.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\kchwuwgu.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48b3ce05.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnnLbCr.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48b9ce12.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\phpjgiko.dll.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48bbce0f.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\qtijbqxv.exe.vir
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '48b4ce1e.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqOHyax.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48bcce1e.qua'!
C:\WINDOWS\$NtUninstallKB824141$\user32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\crypt32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\hh.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\itircl.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\itss.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\locator.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\osk.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\shdocvw.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\shell32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\srv.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\urlmon.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\user32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\win32k.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB830680$\keymgr.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB831905$\ntkrnlmp.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB831905$\ntkrnlpa.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB831905$\ntkrpamp.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB831905$\ntoskrnl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\g88.exe
[DETECTION] Contains detection pattern of the dropper DR/Gooochi
[NOTE] The file was moved to '4883d065.qua'!
End of the scan: dimanche 8 juin 2008 14:30
Used time: 46:02 min
The scan has been done completely.
4513 Scanning directories
156995 Files were scanned
11 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
11 files were moved to quarantine
0 files were renamed
44 Files cannot be scanned
156984 Files not concerned
7078 Archives were scanned
44 Warnings
11 Notes