Avira AntiVir Personal Report file date: 24 lutego 2012 18:10 Scanning for 3497648 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Dodatek Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : MONIK Version information: BUILD.DAT : 10.2.0.707 36070 Bytes 2012-01-25 13:11:00 AVSCAN.EXE : 10.3.0.7 484008 Bytes 2011-06-28 19:49:36 AVSCAN.DLL : 10.0.5.0 47464 Bytes 2011-06-28 19:49:36 LUKE.DLL : 10.3.0.5 45416 Bytes 2011-06-28 19:49:38 LUKERES.DLL : 10.0.0.1 12648 Bytes 2010-02-10 22:40:50 AVSCPLR.DLL : 10.3.0.7 119656 Bytes 2011-06-28 19:49:38 AVREG.DLL : 10.3.0.9 88833 Bytes 2011-07-12 22:14:42 VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 08:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 2010-12-14 18:31:06 VBASE002.VDF : 7.11.19.170 14374912 Bytes 2011-12-20 17:44:44 VBASE003.VDF : 7.11.21.238 4472832 Bytes 2012-02-01 17:27:34 VBASE004.VDF : 7.11.21.239 2048 Bytes 2012-02-01 17:28:18 VBASE005.VDF : 7.11.21.240 2048 Bytes 2012-02-01 17:28:18 VBASE006.VDF : 7.11.21.241 2048 Bytes 2012-02-01 17:28:18 VBASE007.VDF : 7.11.21.242 2048 Bytes 2012-02-01 17:28:18 VBASE008.VDF : 7.11.21.243 2048 Bytes 2012-02-01 17:28:18 VBASE009.VDF : 7.11.21.244 2048 Bytes 2012-02-01 17:28:18 VBASE010.VDF : 7.11.21.245 2048 Bytes 2012-02-01 17:28:18 VBASE011.VDF : 7.11.21.246 2048 Bytes 2012-02-01 17:28:18 VBASE012.VDF : 7.11.21.247 2048 Bytes 2012-02-01 17:28:18 VBASE013.VDF : 7.11.22.33 1486848 Bytes 2012-02-03 20:57:02 VBASE014.VDF : 7.11.22.56 687616 Bytes 2012-02-03 20:57:04 VBASE015.VDF : 7.11.22.92 178176 Bytes 2012-02-06 20:44:56 VBASE016.VDF : 7.11.22.154 144896 Bytes 2012-02-08 01:04:50 VBASE017.VDF : 7.11.22.220 183296 Bytes 2012-02-13 13:39:54 VBASE018.VDF : 7.11.23.34 202752 Bytes 2012-02-15 13:56:26 VBASE019.VDF : 7.11.23.98 126464 Bytes 2012-02-17 14:41:38 VBASE020.VDF : 7.11.23.150 148480 Bytes 2012-02-20 14:42:30 VBASE021.VDF : 7.11.23.224 172544 Bytes 2012-02-23 16:21:46 VBASE022.VDF : 7.11.23.225 2048 Bytes 2012-02-23 16:21:46 VBASE023.VDF : 7.11.23.226 2048 Bytes 2012-02-23 16:21:46 VBASE024.VDF : 7.11.23.227 2048 Bytes 2012-02-23 16:21:46 VBASE025.VDF : 7.11.23.228 2048 Bytes 2012-02-23 16:21:46 VBASE026.VDF : 7.11.23.229 2048 Bytes 2012-02-23 16:21:46 VBASE027.VDF : 7.11.23.230 2048 Bytes 2012-02-23 16:21:46 VBASE028.VDF : 7.11.23.231 2048 Bytes 2012-02-23 16:21:46 VBASE029.VDF : 7.11.23.232 2048 Bytes 2012-02-23 16:21:46 VBASE030.VDF : 7.11.23.233 2048 Bytes 2012-02-23 16:21:46 VBASE031.VDF : 7.11.23.248 67072 Bytes 2012-02-24 14:46:00 Engineversion : 8.2.10.8 AEVDF.DLL : 8.1.2.2 106868 Bytes 2011-10-25 21:54:46 AESCRIPT.DLL : 8.1.4.7 442746 Bytes 2012-02-24 14:49:54 AESCN.DLL : 8.1.8.2 131444 Bytes 2012-01-28 19:18:12 AESBX.DLL : 8.2.4.5 434549 Bytes 2011-12-04 11:47:48 AERDL.DLL : 8.1.9.15 639348 Bytes 2011-09-10 18:01:34 AEPACK.DLL : 8.2.16.3 799094 Bytes 2012-02-10 01:05:10 AEOFFICE.DLL : 8.1.2.25 201084 Bytes 2011-12-31 12:30:56 AEHEUR.DLL : 8.1.4.0 4436342 Bytes 2012-02-24 14:48:18 AEHELP.DLL : 8.1.19.0 254327 Bytes 2012-01-20 14:26:04 AEGEN.DLL : 8.1.5.21 409971 Bytes 2012-02-03 20:57:10 AEEXP.DLL : 8.1.0.23 70005 Bytes 2012-02-24 14:50:56 AEEMU.DLL : 8.1.3.0 393589 Bytes 2010-11-22 11:14:56 AECORE.DLL : 8.1.25.4 201079 Bytes 2012-02-13 12:54:34 AEBB.DLL : 8.1.1.0 53618 Bytes 2010-05-06 21:36:44 AVWINLL.DLL : 10.0.0.0 19304 Bytes 2010-01-14 11:03:40 AVPREF.DLL : 10.0.3.2 44904 Bytes 2011-06-28 19:49:36 AVREP.DLL : 10.0.0.10 174120 Bytes 2011-05-19 12:05:58 AVARKT.DLL : 10.0.26.1 255336 Bytes 2011-06-28 19:49:36 AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 2011-06-28 19:49:36 SQLITE3.DLL : 3.6.19.0 355688 Bytes 2010-01-28 11:58:00 AVSMTP.DLL : 10.0.0.17 63848 Bytes 2010-03-16 14:38:58 NETNT.DLL : 10.0.0.0 11624 Bytes 2010-02-19 13:41:02 RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 2011-06-28 19:49:36 RCTEXT.DLL : 10.0.64.0 97640 Bytes 2011-06-28 19:49:36 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp Logging.............................: Default Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: Advanced Start of the scan: 24 lutego 2012 18:10 Starting search for hidden objects. The scan of running processes will be started Scan process 'plugin-container.exe' - '73' Module(s) have been scanned Scan process 'firefox.exe' - '95' Module(s) have been scanned Scan process 'avscan.exe' - '71' Module(s) have been scanned Scan process 'msdtc.exe' - '42' Module(s) have been scanned Scan process 'dllhost.exe' - '62' Module(s) have been scanned Scan process 'dllhost.exe' - '47' Module(s) have been scanned Scan process 'vssvc.exe' - '50' Module(s) have been scanned Scan process 'avcenter.exe' - '106' Module(s) have been scanned Scan process 'svchost.exe' - '36' Module(s) have been scanned Scan process 'WDC.exe' - '29' Module(s) have been scanned Scan process 'KBFiltr.exe' - '17' Module(s) have been scanned Scan process 'alg.exe' - '35' Module(s) have been scanned Scan process 'ATKOSD.exe' - '16' Module(s) have been scanned Scan process 'wmiprvse.exe' - '42' Module(s) have been scanned Scan process 'wmiapsrv.exe' - '47' Module(s) have been scanned Scan process 'SSScheduler.exe' - '17' Module(s) have been scanned Scan process 'GoogleUpdate.exe' - '45' Module(s) have been scanned Scan process 'msmsgs.exe' - '44' Module(s) have been scanned Scan process 'RocketDock.exe' - '32' Module(s) have been scanned Scan process 'ctfmon.exe' - '27' Module(s) have been scanned Scan process 'ACEngSvr.exe' - '24' Module(s) have been scanned Scan process 'SearchSettings.exe' - '43' Module(s) have been scanned Scan process 'RUNDLL32.EXE' - '32' Module(s) have been scanned Scan process 'avgnt.exe' - '53' Module(s) have been scanned Scan process 'ACMON.exe' - '27' Module(s) have been scanned Scan process 'Hcontrol.exe' - '46' Module(s) have been scanned Scan process 'ATKOSD2.exe' - '23' Module(s) have been scanned Scan process 'BatteryLife.exe' - '20' Module(s) have been scanned Scan process 'ASScrPro.exe' - '17' Module(s) have been scanned Scan process 'RTHDCPL.EXE' - '41' Module(s) have been scanned Scan process 'Explorer.EXE' - '131' Module(s) have been scanned Scan process 'ULCDRSvr.exe' - '6' Module(s) have been scanned Scan process 'StkCSrv.exe' - '17' Module(s) have been scanned Scan process 'svchost.exe' - '44' Module(s) have been scanned Scan process 'spmgr.exe' - '48' Module(s) have been scanned Scan process 'PassThruSvr.exe' - '62' Module(s) have been scanned Scan process 'nvsvc32.exe' - '42' Module(s) have been scanned Scan process 'LSSrvc.exe' - '19' Module(s) have been scanned Scan process 'jqs.exe' - '78' Module(s) have been scanned Scan process 'avshadow.exe' - '26' Module(s) have been scanned Scan process 'DevSvc.exe' - '50' Module(s) have been scanned Scan process 'avguard.exe' - '55' Module(s) have been scanned Scan process 'ACService.exe' - '20' Module(s) have been scanned Scan process 'svchost.exe' - '36' Module(s) have been scanned Scan process 'sched.exe' - '48' Module(s) have been scanned Scan process 'spoolsv.exe' - '57' Module(s) have been scanned Scan process 'GFNEXSrv.exe' - '11' Module(s) have been scanned Scan process 'svchost.exe' - '42' Module(s) have been scanned Scan process 'svchost.exe' - '34' Module(s) have been scanned Scan process 'svchost.exe' - '167' Module(s) have been scanned Scan process 'svchost.exe' - '40' Module(s) have been scanned Scan process 'svchost.exe' - '53' Module(s) have been scanned Scan process 'lsass.exe' - '60' Module(s) have been scanned Scan process 'services.exe' - '27' Module(s) have been scanned Scan process 'winlogon.exe' - '68' Module(s) have been scanned Scan process 'csrss.exe' - '14' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Master boot sector HD1 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '1206' files ). Starting the file scan: Begin scan in 'C:\' C:\WINDOWS\Temp\{EAAA9374-7D38-8700-E068-5DABA1D0C6B3}-9E0.exe [0] Archive type: HIDDEN --> FIL\\\?\C:\WINDOWS\Temp\{EAAA9374-7D38-8700-E068-5DABA1D0C6B3}-9E0.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\Program Files\LP\51FE\2.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP471\A0091172.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP472\A0091214.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP476\A0091495.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP477\A0091651.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP477\A0091652.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP481\A0092638.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP481\A0092658.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0092767.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0092818.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Cycbot.167936.29 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0093254.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP474\A0091326.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP475\A0091403.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program Begin scan in 'D:\' Beginning disinfection: C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP475\A0091403.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '4def7d36.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP474\A0091326.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '55785292.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0093254.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '0727087a.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0092818.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Cycbot.167936.29 back-door program [NOTE] The file was moved to the quarantine directory under the name '611047b8.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP483\A0092767.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '24946a86.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP481\A0092658.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '5b8f58e7.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP481\A0092638.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '173774ad.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP477\A0091652.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '6b2f34fd.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP477\A0091651.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '46751bb0.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP476\A0091495.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '5f1d202a.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP472\A0091214.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '33410c1a.qua'. C:\System Volume Information\_restore{605CEB4D-B008-4E2D-A6B5-296BA5D0BB3F}\RP471\A0091172.EXE [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '42f8358f.qua'. C:\Program Files\LP\51FE\2.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '4c39054a.qua'. C:\WINDOWS\Temp\{EAAA9374-7D38-8700-E068-5DABA1D0C6B3}-9E0.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen5 back-door program [NOTE] The file was moved to the quarantine directory under the name '09347c1f.qua'. End of the scan: 24 lutego 2012 19:39 Used time: 1:28:49 Hour(s) The scan has been done completely. 11024 Scanned directories 420450 Files were scanned 14 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 14 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 420436 Files not concerned 8656 Archives were scanned 0 Warnings 14 Notes 459405 Objects were scanned with rootkit scan 0 Hidden objects were found