Avira AntiVir Personal
Report file date: Thursday, May 21, 2009  18:24

Scanning for 1413622 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows XP
Windows version : (Service Pack 2)  [5.1.2600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : ABHISHEK

Version information:
BUILD.DAT       : 9.0.0.394     17962 Bytes   4/17/2009 11:20:00
AVSCAN.EXE      : 9.0.3.5      466689 Bytes   4/17/2009 04:27:32
AVSCAN.DLL      : 9.0.3.0       40705 Bytes   2/27/2009 06:28:26
LUKE.DLL        : 9.0.3.2      209665 Bytes   2/20/2009 07:05:50
LUKERES.DLL     : 9.0.2.0       12033 Bytes   2/27/2009 06:28:54
ANTIVIR0.VDF    : 7.1.0.0    15603712 Bytes  10/27/2008 08:00:38
ANTIVIR1.VDF    : 7.1.2.12    3336192 Bytes   2/11/2009 16:03:28
ANTIVIR2.VDF    : 7.1.4.0     2336768 Bytes   5/20/2009 12:22:50
ANTIVIR3.VDF    : 7.1.4.3       17920 Bytes   5/21/2009 12:22:52
Engineversion   : 8.2.0.168
AEVDF.DLL       : 8.1.1.1      106868 Bytes   5/21/2009 12:23:40
AESCRIPT.DLL    : 8.1.2.0      389497 Bytes   5/21/2009 12:23:38
AESCN.DLL       : 8.1.2.3      127347 Bytes   5/21/2009 12:23:32
AERDL.DLL       : 8.1.1.3      438645 Bytes  10/29/2008 13:54:42
AEPACK.DLL      : 8.1.3.16     397686 Bytes   5/21/2009 12:23:28
AEOFFICE.DLL    : 8.1.0.36     196987 Bytes   2/26/2009 15:31:58
AEHEUR.DLL      : 8.1.0.129   1761655 Bytes   5/21/2009 12:23:22
AEHELP.DLL      : 8.1.2.2      119158 Bytes   2/26/2009 15:31:58
AEGEN.DLL       : 8.1.1.44     348532 Bytes   5/21/2009 12:23:00
AEEMU.DLL       : 8.1.0.9      393588 Bytes   10/9/2008 10:02:40
AECORE.DLL      : 8.1.6.9      176500 Bytes   5/21/2009 12:22:54
AEBB.DLL        : 8.1.0.3       53618 Bytes   10/9/2008 10:02:40
AVWINLL.DLL     : 9.0.0.3       18177 Bytes  12/12/2008 04:18:00
AVPREF.DLL      : 9.0.0.1       43777 Bytes   12/5/2008 06:02:16
AVREP.DLL       : 8.0.0.3      155905 Bytes   1/20/2009 10:04:30
AVREG.DLL       : 9.0.0.0       36609 Bytes   12/5/2008 06:02:10
AVARKT.DLL      : 9.0.0.3      292609 Bytes   3/24/2009 10:35:42
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes   1/30/2009 06:07:10
SQLITE3.DLL     : 3.6.1.0      326401 Bytes   1/28/2009 10:33:50
SMTPLIB.DLL     : 9.2.0.25      28417 Bytes    2/2/2009 03:51:34
NETNT.DLL       : 9.0.0.0       11521 Bytes   12/5/2008 06:02:12
RCIMAGE.DLL     : 9.0.0.21    2438401 Bytes    2/9/2009 07:15:46
RCTEXT.DLL      : 9.0.37.0      86785 Bytes   4/17/2009 05:49:50

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: d:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +PCK,+SPR,

Start of the scan: Thursday, May 21, 2009  18:24

Starting search for hidden objects.
'33591' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'taskmgr.exe' - '1' Module(s) have been scanned
Scan process 'AcroTray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hpotdd01.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'hpztsb08.exe' - '1' Module(s) have been scanned
Scan process 'PV92Tray.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'pctspk.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'PC2AM2P_PROC.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'Crypserv.exe' - '1' Module(s) have been scanned
Scan process 'bgsvcgen.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '66' files ).


Starting the file scan:

Begin scan in 'C:\' <KRUTIKA>
C:\inst.hta
    [DETECTION] Contains recognition pattern of the HTML/Dldr.Agent.b HTML script virus
C:\pagefile.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
Begin scan in 'D:\' <ABHI>
D:\hiberfil.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
D:\WINDOWS\system32\ezStub.exe
    [DETECTION] Is the TR/Drop.Apropo.AB Trojan
D:\WINDOWS\system32\RDGMax.dll
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.XN.38 back-door program
D:\Program Files\Common Files\Microsoft Shared\Repostry\REPBROWS.EXE
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
D:\Program Files\Microsoft Visual Studio\COMMON\IDE\IDE98\VCSPAWN.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\Program Files\Microsoft Visual Studio\COMMON\MSDev98\Bin\VCSPAWN.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\Program Files\Microsoft Visual Studio\Vfp98\Distrib.src\System\QFEUPD.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
D:\System Volume Information\_restore{A6A54C77-67D7-4CCC-B5F1-96D7DFA96E79}\RP160\A0137865.dll
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
D:\System Volume Information\_restore{A6A54C77-67D7-4CCC-B5F1-96D7DFA96E79}\RP160\A0137867.EXE
    [DETECTION] Is the TR/Crypt.FKM.Gen Trojan

Beginning disinfection:
C:\inst.hta
    [DETECTION] Contains recognition pattern of the HTML/Dldr.Agent.b HTML script virus
    [NOTE]      The file was moved to '4a888040.qua'!
D:\WINDOWS\system32\ezStub.exe
    [DETECTION] Is the TR/Drop.Apropo.AB Trojan
    [NOTE]      The file was moved to '4a68804f.qua'!
D:\WINDOWS\system32\RDGMax.dll
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.XN.38 back-door program
    [NOTE]      The file was moved to '4a5c801a.qua'!
D:\Program Files\Common Files\Microsoft Shared\Repostry\REPBROWS.EXE
    [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
    [NOTE]      The file was moved to '4a658021.qua'!
D:\Program Files\Microsoft Visual Studio\COMMON\IDE\IDE98\VCSPAWN.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '4a688025.qua'!
D:\Program Files\Microsoft Visual Studio\COMMON\MSDev98\Bin\VCSPAWN.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '4a688026.qua'!
D:\Program Files\Microsoft Visual Studio\Vfp98\Distrib.src\System\QFEUPD.EXE
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '4a5a802a.qua'!
D:\System Volume Information\_restore{A6A54C77-67D7-4CCC-B5F1-96D7DFA96E79}\RP160\A0137865.dll
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was moved to '4a468014.qua'!
D:\System Volume Information\_restore{A6A54C77-67D7-4CCC-B5F1-96D7DFA96E79}\RP160\A0137867.EXE
    [DETECTION] Is the TR/Crypt.FKM.Gen Trojan
    [NOTE]      The file was moved to '4bc77d2d.qua'!


End of the scan: Thursday, May 21, 2009  21:53
Used time:  3:25:57 Hour(s)

The scan has been done completely.

   7093 Scanned directories
 464682 Files were scanned
      9 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      9 Files were moved to quarantine
      0 Files were renamed
      2 Files cannot be scanned
 464671 Files not concerned
   1910 Archives were scanned
      2 Warnings
     11 Notes
  33591 Objects were scanned with rootkit scan
      0 Hidden objects were found