PDA

View Full Version : Avira mi dice ke nn è un virus,sarà vero??

miz86miz
06-03-2009, 12:56
E'un virus o no quel..........zaSetup_80_065_000_en[1].exe


Avira AntiVir Personal
Report file date: venerdì 6 marzo 2009 11:45

Scanning for 1285847 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ALFIERI-21B436C

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 22:46:58
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 15:47:25
ANTIVIR3.VDF : 7.1.2.130 124416 Bytes 06/03/2009 10:01:43
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 23/02/2009 22:47:10
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 05/03/2009 21:59:15
AESCN.DLL : 8.1.1.8 127346 Bytes 05/03/2009 21:59:07
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 22:10:23
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 22:44:11
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 05/03/2009 21:59:04
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 22:43:46
AEGEN.DLL : 8.1.1.25 336243 Bytes 05/03/2009 21:58:42
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 23/02/2009 22:47:01
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: C:\Programmi\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, W:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: venerdì 6 marzo 2009 11:45

Starting search for hidden objects.
'61198' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'OSE.EXE' - '1' Module(s) have been scanned
Scan process 'CToolbar.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned
Scan process 'PSIService.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'dpupdchk.exe' - '1' Module(s) have been scanned
Scan process 'ipoint.exe' - '1' Module(s) have been scanned
Scan process 'itype.exe' - '1' Module(s) have been scanned
Scan process 'SpywareTerminatorShield.Exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'CTSysVol.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD6
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'W:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '53' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Alfieri\Impostazioni locali\Temporary Internet Files\Content.IE5\K7TFAEZ1\zaSetup_80_065_000_en[1].exe
[0] Archive type: ZIP SFX (self extracting)
--> WINDOWS6.0-KB929547-V2-X64.MSU
[1] Archive type: CAB (Microsoft)
--> Windows6.0-KB929547-v2-x64.cab
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Backup >
Begin scan in 'E:\' <Dati>
Begin scan in 'W:\' <Western Digital>


End of the scan: venerdì 6 marzo 2009 12:27
Used time: 41:06 Minute(s)

The scan has been done completely.

9534 Scanning directories
361237 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
361235 Files not concerned
2960 Archives were scanned
7 Warnings
0 Notes
61198 Objects were scanned with rootkit scan
0 Hidden objects were found
xcdegasp
06-03-2009, 14:36
a me sembra che dica:
[WARNING] No further files can be extracted from this archive. The archive will be closed

comunque in generale se vuoi sapere se sia un falsoi positivo dovresti farlo analizzare su www.virustotal.com e www.viruscan.org, magari poi copia e incolla qui l'url mostrata nel browser a fine scansione :)
miz86miz
06-03-2009, 14:54
Grazie amico mio!!!

Cosa devo mandargli nell updload!!

il report o quel file??
xcdegasp
06-03-2009, 15:40
Grazie amico mio!!!

Cosa devo mandargli nell updload!!

il report o quel file??

ovviamente il file incriminato :D
miz86miz
06-03-2009, 16:42
mi fa arrivare fino alla cartella Temporary Internet Files poi nn mi fa andare oltre
xcdegasp
06-03-2009, 16:53
mi fa arrivare fino alla cartella Temporary Internet Files poi nn mi fa andare oltre

bhè riscarica la patch o quel che era e uppalo lì :D
miz86miz
06-03-2009, 16:55
nn so cosa era....e nn anke se metto visualizza cartelle nascoste,a quel file nn riesco ad arrivarci
tonycalbas
06-03-2009, 17:02
nn so cosa era....e nn anke se metto visualizza cartelle nascoste,a quel file nn riesco ad arrivarci

Beh.. dal nome sembrerebbe l'installer di Zone Alarm, popolare Firewall..
prova ad andare sul loro sito e tirare giù l'installer.. poi lo confronti (come nome/dimensione) con il tuo file..

Byeee
miz86miz
06-03-2009, 17:26
ma se io vorrei cancellare tt i file che ci sono sia nella cartella tempe ke in quella temporaney internet.........
posso farlo??
xcdegasp
07-03-2009, 18:07
ma se io vorrei cancellare tt i file che ci sono sia nella cartella tempe ke in quella temporaney internet.........
posso farlo??

usa atf-cleaner per fare quella pulizia così la fai anche nelle altre temp sparse nel pc :p
miz86miz
07-03-2009, 18:51
Grazie!! Gentilissimo compre sempre!!
xcdegasp
07-03-2009, 18:54
di nulla ;) :)