<!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 1107304683 0 0 415 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-520092929 1073786111 9 0 415 0;} @font-face {font-family:"MS Sans Serif"; panose-1:0 0 0 0 0 0 0 0 0 0; mso-font-alt:"Times New Roman"; mso-font-charset:204; mso-generic-font-family:auto; mso-font-format:other; mso-font-pitch:auto; mso-font-signature:513 0 0 0 4 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0cm; margin-right:0cm; margin-bottom:10.0pt; margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-fareast-font-family:Calibri; mso-bidi-font-family:"Times New Roman"; mso-fareast-language:EN-US;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; font-size:10.0pt; mso-ansi-font-size:10.0pt; mso-bidi-font-size:10.0pt; mso-ascii-font-family:Calibri; mso-fareast-font-family:Calibri; mso-hansi-font-family:Calibri;} @page WordSection1 {size:612.0pt 792.0pt; margin:72.0pt 72.0pt 72.0pt 72.0pt; mso-header-margin:36.0pt; mso-footer-margin:36.0pt; mso-paper-source:0;} div.WordSection1 {page:WordSection1;} --> Attention !!! Database was last updated 08/07/2010 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.34
Scanning started at 26/07/2010 11:11:31
Database loaded: signatures - 275419, NN profile(s) - 2, malware removal microprograms - 56, signature database released 08.07.2010 09:40
Heuristic microprograms loaded: 383
PVS microprograms loaded: 9
Digital signatures of system files loaded: 213048
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: enabled
Windows version is: 6.1.7600, ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Function user32.dll
efDlgProcA (1657) intercepted, method - ProcAddressHijack.GetProcAddress ->76C65F5A->776B8944
Function user32.dll
efDlgProcW (165
intercepted, method - ProcAddressHijack.GetProcAddress ->76C65F75->776A3F54
Function user32.dll
efWindowProcA (1664) intercepted, method - ProcAddressHijack.GetProcAddress ->76C65F90->77682893
Function user32.dll
efWindowProcW (1665) intercepted, method - ProcAddressHijack.GetProcAddress ->76C65FAB->7767247D
Analysis: advapi32.dll, export table found in section .text
Function advapi32.dll:AddMandatoryAce (1029) intercepted, method - ProcAddressHijack.GetProcAddress ->769C24B5->752BC334
Function advapi32.dll:I_QueryTagInformation (1361) intercepted, method - ProcAddressHijack.GetProcAddress ->769C2655->765B72D8