Avira AntiVir Personal
Report file date: domenica 8 marzo 2009 20:55

Scanning for 1288155 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: COMPUTER-B19430

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 20:37:44
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 20:37:52
ANTIVIR3.VDF : 7.1.2.135 157696 Bytes 07/03/2009 20:37:55
Engineversion : 8.2.0.105
AEVDF.DLL : 8.1.1.0 106868 Bytes 07/03/2009 20:38:19
AESCRIPT.DLL : 8.1.1.57 356729 Bytes 07/03/2009 20:38:18
AESCN.DLL : 8.1.1.8 127346 Bytes 07/03/2009 20:38:16
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 07/03/2009 20:38:14
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 07/03/2009 20:38:11
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 07/03/2009 20:38:08
AEHELP.DLL : 8.1.2.2 119158 Bytes 07/03/2009 20:37:58
AEGEN.DLL : 8.1.1.25 336243 Bytes 07/03/2009 20:37:57
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 07/03/2009 20:37:56
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\programmi\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, I:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: domenica 8 marzo 2009 20:55

Starting search for hidden objects.
'34897' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'emule.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Periferica non pronta.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '52' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\cmdow.exe
[DETECTION] Contains recognition pattern of the APPL/HideWindows.31232.1 application
[NOTE] The file was moved to '4a1826b9.qua'!
Begin scan in 'I:\' <archivio>


End of the scan: domenica 8 marzo 2009 21:13
Used time: 17:41 Minute(s)

The scan has been done completely.

3577 Scanning directories
124009 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
124007 Files not concerned
1400 Archives were scanned
5 Warnings
1 Notes
34897 Objects were scanned with rootkit scan
0 Hidden objects were found



APPL/HideWindows.31232.1 application
[NOTE] The file was moved to '4a1826b9.qua'!
Begin scan in 'I:\' <archivio>


il nome che antviri mi dice è C:\WINDOWS\system32\cmdow.exe (ho modificato le impostazioni dell'antivirus con la guida che c'è nel forum nella sezione guida ai programmi)
ecco quest'ultimo che ho copiato è il virus..che mi trova antivir...mi potete aiutare?

Ciao il file in questione, ovvero cmdow.exe non viene classificato come Virus bensi come RiskTool o APPL/HideWindows in quanto lavora in modalità "nascosta" ed in funzione di ciò viene rilevato come malware.
In definitiva non ti devi preoccupare :)

Edit: configura Avira esattamente come indicato in Guida

sisi la guida l'ho seguita...non ho cambiato giusto un opzione che mi appesantiva il pc....cmq grazie adesso posso toglierlo dalla quarantena

sisi la guida l'ho seguita...non ho cambiato giusto un opzione che mi appesantiva il pc....cmq grazie adesso posso toglierlo dalla quarantena

Non è configurato come da Guida ad esempio http://img81.imageshack.us/my.php?image=scanactionforconcerningrd4.jpg
comunque vedi tu ;)

questa opzione non l'ho voluta io spontaneamente....perchè voglio vedere i file che trova...sennò me li elimina..

questa opzione non l'ho voluta io spontaneamente....perchè voglio vedere i file che trova...sennò me li elimina..

Copy file to quarantine before action :)

salve,ho fatta una scansione con Malwarebytes' Anti-Malware,e mi ha trovato alcuni file infetti...ma purtroppo non ne capisco,mi sapete dire kos'è e come posso eliminare l'eventuale virus...grazieee



http://wikisend.com/download/204640/mbam-log-2009-03-10 (15-50-09).txt

salve,ho fatta una scansione con Malwarebytes' Anti-Malware,e mi ha trovato alcuni file infetti...ma purtroppo non ne capisco,mi sapete dire kos'è e come posso eliminare l'eventuale virus...grazieee



http://wikisend.com/download/204640/mbam-log-2009-03-10 (15-50-09).txt

Hai postato anche qui http://www.hwupgrade.it/forum/showpost.php?p=26635079&postcount=6 ed hai già avuto risposta, non mi sembra corretto continuare ad inquinare le discussioni degli altri utenti

inquinare:D

wow....:)

spero che nn la prendi cm offesa....ma mi hai fatto sorridere...:p

cmq, hai ragione...è proprio cm inquinare:fagiano:

si ora kiudo,qua questa discussione.....scusatemi tanto e kiedo scusa.....cmq grazie ragazzi,siete sempre i migliori...MMIITTIICCIII

Scusa se mi intrometto Chill-out, ho appena configurato Antivir come hai consigliato a Joker55.
Volevo sapere cosa implica questa scelta in termini di eventuale appesantimento e/o rallentamento del sistema e se mi confermi, come credo di aver capito, che a quel punto Antivir segue una serie di azioni per cui io non dovrò preoccuparmi di "gestire" la rimozione di eventuali virus.
Grazie

Scusa se mi intrometto Chill-out, ho appena configurato Antivir come hai consigliato a Joker55.
Volevo sapere cosa implica questa scelta in termini di eventuale appesantimento e/o rallentamento del sistema e se mi confermi, come credo di aver capito, che a quel punto Antivir segue una serie di azioni per cui io non dovrò preoccuparmi di "gestire" la rimozione di eventuali virus.
Grazie

Thread dedicato :)
http://www.hwupgrade.it/forum/showthread.php?t=1514684

Ho impostato il tutto secondo i vostri consigli...
Grazie