Jump to content

Please help with Browser hijack problems


notnac

Recommended Posts

In IE, when I click on some Google Search items, I'm redirected to another site. Did a full scan with AVAST ant-virus. It found a few items which were quarantined. I'm not being redirected as much as before but the problem is still there.

Also, after purchasing the premium version of Malwarebytes, nothing happens when I try to run it. Also downloaded and tried to run GMER but could not finish - tried twice.

DDS ran ok; DDS.txt is posted and Attach.zip is attached. HijackThis! log is posted. Thank you!

Contents of DDS.txt:

DDS (Ver_10-10-10.03) - NTFSx86

Run by David at 10:49:38.31 on Tue 10/19/2010

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2205 [GMT -5:00]

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BE9724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B1C6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C69CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5BB5AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86752C64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E2CEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89122DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD16AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCA86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AF2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89053B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C980DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89E312E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EA6A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A076C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {853BF8F4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8916F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634251C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8901E554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899D9DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671F3AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634662C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867F37B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D81054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CC1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89115B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89161AEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865C03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869DFBD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8915A3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A58A054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCC9AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D744-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EE054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B6A17C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899968B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F5E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C3152C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B02B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D4054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CADDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637C99C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A19FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8900F724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000008-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637A674-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89119814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86738944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8694829C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BDDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC756C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFCC64-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8672ABB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CF954-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866795BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866959C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869A65CC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89BCC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89121B3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86167DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B78AEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDA24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8902FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B844C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BCB9CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C309AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914A57C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667A8BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C740C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A856C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86658A9C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869966D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C226CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E49F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC0BDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891E791C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890F23E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898D8B44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A43A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FEBC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A19544-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86014DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8693EDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1EC54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85897534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86677C44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4558C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEEDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BA5BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8904E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669F3B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8546B224-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A82DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89184DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899B0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBCABC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C30404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A4E304-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668172C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633C054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F4B34-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862708FC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A4A88C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B90524-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86722DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8683C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856653C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CBF4AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B52DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AE0DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85489054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E6AF4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637058C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867E448C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D1B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E225C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BC6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B9474-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ACD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C62DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668C424-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8660E354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86913DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86998594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667B9BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BA0484-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86715A5C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86696BC4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1E8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86376BCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89F3131C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5D17CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866BB8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914027C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA9B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A835B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86ED2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664F47C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867B1404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B4874-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89123664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A49D86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867034A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B787B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F80DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8682141C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89971264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE6664-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FAC24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86348494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B93B54-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0F39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BAB9DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD6414-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C4EA94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B14BB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E1054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8670BA44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FB8DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914B5CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890446A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A3DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF6054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86816164-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D670C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C38DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD0404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890743F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C6F73C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890523E4-FFA4-00EF-0D24-347CA8A3377C}

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D70054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867C3874-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86665734-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B91584-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C01874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C00644-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C17BB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86939A14-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89140B94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668639C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4794C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AD6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B4C2E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867564A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86751554-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86674B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86962CB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899FE48C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89176DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CC5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89938054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890CABCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF5644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FFBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4C4A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666ADDC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCD78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8907C504-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86EDF904-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86290354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EE3B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737604-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B7A604-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BB65FC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869539BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866C1354-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666039C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD99B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627316C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8913FB7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DA054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCF8FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EA854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670270C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8905B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8684039C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBEDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8D4D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B888B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86673B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5823C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86953404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891BB814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670E5EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891ADDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4774AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C47644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86636B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C39B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D55D74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86364BBC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D1682C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86682A1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE766C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899C1B1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A789FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664749C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865F593C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86964054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86702524-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668F494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8665C9BC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B6CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A69AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {854D976C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8911A79C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A43E4C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A3748C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B61DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674C59C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86383424-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898BD37C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8673353C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B690C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890D7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86955DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {865BB65C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86675BC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89C44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890A3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A66852C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86317DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86E90A94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB78AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B0E78C-FFA4-00EF-0D24-347CA8A3377C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\TSI32\tsircusr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\WDC\SetIcon.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Microtek\ScanWizard Pro\LANServer.exe

C:\Program Files\Motherboard Monitor 5\MBM5.EXE

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\PL15Co2K.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\AllerCalc\AllerCalc.exe

C:\Program Files\CMS Products\BounceBack Professional\BBLauncher.exe

C:\Apache2\bin\ApacheMonitor.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\Program Files\palmOne\HOTSYNC.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\TechSmith\Snagit 9\Snagit32.exe

C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe

C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe

C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\David\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com

uSearch Page = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearch Page = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearchAssistant = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\tsi32\tsircusr.exe,

BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - blank

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll

EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

uRun: [Zinio DLM] c:\progra~1\zinio\ZDLM.exe /hide

uRun: [Google Update] "c:\documents and settings\david\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Creative Detector] c:\program files\creative\mediasource\detector\CTDetect.exe /R

uRun: [AllerCalc] "c:\program files\allercalc\AllerCalc.exe" /i

uRun: [AdobeBridge]

mRun: [WD Button Manager] WDBtnMgr.exe

mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"

mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [setIcon] \Program Files\WDC\SetIcon.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /QS

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [QuickFinder Scheduler] "c:\program files\corel\wordperfect office x4\programs\QFSCHD140.EXE"

mRun: [PPMemCheck] c:\progra~1\pestpa~1\PPMemCheck.exe

mRun: [Microtek_Scanner_Server] c:\program files\microtek\scanwizard pro\LANServer.exe

mRun: [MBM 5] "c:\program files\motherboard monitor 5\MBM5.EXE"

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iomega Drive Icons] c:\program files\iomega\driveicons\ImgIcon.exe

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [HI-SPEED USB DEVICE Coinstaller] PL15Co2K.exe

mRun: [Deskup] c:\program files\iomega\driveicons\deskup.exe /IMGSTART

mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r

mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe

mRun: [ADUserMon] c:\program files\iomega\autodisk\ADUserMon.exe

mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~2\server\bin\VERSIO~2.EXE

mRun: [AdobeVersionCue] c:\program files\adobe\adobe version cue\controlpanel\VersionCueTray.exe

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [NapsterShell] c:\program files\napster\napster.exe /systray

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

StartupFolder: c:\docume~1\david\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\HOTSYNC.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bounce~1.lnk - c:\program files\cms products\bounceback professional\BBLauncher.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\monito~1.lnk - c:\apache2\bin\ApacheMonitor.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe

IE: c:\progra~1\common~1\btlink\btlink.dll//iemenu

IE: &NeoTrace It! - c:\progra~1\neotra~1\NTXcontext.htm

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Open with WordPerfect - c:\program files\corel\wordperfect office x4\programs\WPLauncher.hta

IE: Zend Studio - Debug current page - c:\program files\zend\zendstudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

IE: Zend Studio - Debug next page - c:\program files\zend\zendstudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\david\start menu\programs\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: safer-networking.org\www

Trusted Zone: studica.com\www

Trusted Zone: turbotax.com

Trusted Zone: windowsupdate.com

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: HushEncryptionEngine - hxxps://mailserver1.hushmail.com/shared/HushEncryptionEngine.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: WebWorks Help 3.0 - hxxp://www.netgear.com/docs/fvs318/wwhelp3.cab

DPF: Yahoo! Chat - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - hxxps://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/installer.v4/vet_install_popup.pl?1&4&04.00.09.13&unknown&unknown&http://www.boschappliances.com/laundry/viewpoint/model.html

DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} - hxxp://brs.swissarmybrands.com/CFIDE/classes/CFJava.cab

DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} - hxxp://www.samsungdp.com/Install119.CAB

DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install/00/alttiff.cab

DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} - hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB

DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} - hxxp://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.6.0.cab

DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab

DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxps://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab

DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - c:\program files\yahoo!\common\Yinsthelper200711281.dll

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} - hxxp://206.67.236.76/updatefiles/liveweb_se.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106504223453

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170277721328

DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} - hxxp://www.onlineringman.com/auctions/install/isetupml.cab

DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - hxxp://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

DPF: {74FFE28D-2378-11D5-990C-006094235084} - hxxp://www-307.ibm.com/pc/support/IbmEgath.cab

DPF: {88D969C0-F192-11D4-A65F-0040963251E5} - file://c:\documents and settings\david\local settings\temp\ei40_\msxml4.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37860.9453356481

DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab

DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} - hxxp://www.linksysfix.com/netcheck/24/install/gtdownls.cab

DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab

DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://www.windowsecurity.com/trojanscan/axscan.cab

DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-141-windows-i586.cab

DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_4_2-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 93.188.162.126,93.188.161.216

TCP: {073F4527-C52C-4E88-8ABE-49F3E65624F0} = 68.87.68.166,68.87.74.166

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: AtiExtEvent - Ati2evxx.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\david\applic~1\mozilla\firefox\profiles\n5bffzct.default\

FF - prefs.js: browser.startup.homepage - hxxp://en-US.google.mozilla.com/firefox?client=firefox-a&rls=com.google:en-US:official

FF - component: c:\documents and settings\david\application data\mozilla\firefox\profiles\n5bffzct.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\david\application data\mozilla\firefox\profiles\n5bffzct.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\winnt_x86-msvc\components\pagespeed.dll

FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll

FF - plugin: c:\documents and settings\david\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll

FF - plugin: c:\program files\opera\program\plugins\np_gp.dll

FF - plugin: c:\program files\opera\program\plugins\npdrmv2.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-18 165584]

R1 tsircmir;LapLink Mirror Driver Miniport;c:\windows\system32\drivers\tsircmir.sys [2003-8-28 2816]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-18 17744]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-18 40384]

R2 portD;CMS PortIO Service;c:\windows\system32\drivers\portd2k.sys [2007-11-18 13504]

R2 PPNT;PPNT;c:\windows\system32\drivers\ppnt.sys [2003-12-1 13824]

R2 TSIREGMO;tsiregmo;c:\windows\system32\drivers\tsiregmo.sys [2003-8-28 5824]

R2 TSISER;TSISER;c:\windows\system32\drivers\tsiser.sys [2003-8-28 42560]

R2 TSISTRMX;Traveling Software Stream Driver;c:\windows\system32\drivers\TSISTRMX.SYS [2003-8-28 5120]

R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-18 40384]

R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-18 40384]

R3 TSIKBF5;Traveling Software Keyboard Filter Driver;c:\windows\system32\drivers\TSIKBF5.sys [2003-8-28 9728]

R3 TSIMSF5;Traveling Software Mouse Filter Driver;c:\windows\system32\drivers\TSIMSF5.sys [2003-8-28 5632]

S1 CorexCardScan;CardScan USB Scanner;c:\windows\system32\drivers\slcorex.sys [2003-5-21 8448]

S1 TSIRCINK;Traveling Software Install Driver;c:\windows\system32\drivers\TSIRCINK.SYS [2003-8-28 9216]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-20 135664]

S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-9-9 30104]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-9-9 30104]

S3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2005-9-17 816792]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-10-18 27064]

S3 tbcspud;Santa Cruz Driver;c:\windows\system32\drivers\tbcspud.sys [2003-9-1 149632]

S3 tbcwdm;Santa Cruz WDM Driver;c:\windows\system32\drivers\tbcwdm.sys [2003-6-23 554304]

S3 Umwdnetstc;Umwdnetstc;c:\windows\system32\drivers\Cdudf_xp.sys [2004-6-24 289408]

S3 UtilNT;UtilNT;c:\windows\system32\drivers\utilnt.sys [2009-2-19 5533]

S3 vtdg46xx;vtdg46xx;c:\progra~1\turtle~1\santac~1\contro~1\vtdg46xx.sys [2003-6-13 19232]

S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]

S4 BlackfishSQL;BlackfishSQL;c:\program files\codegear\rad studio\6.0\bin\BSQLServer.exe [2008-11-12 65536]

S4 Cmt4ngsoq;Cmt4ngsoq; [x]

S4 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-12-18 189736]

S4 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S4 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [2000-6-8 50176]

S4 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe [2007-1-15 73728]

S4 PLQ0306270;Prolific HotFix Q0306270;c:\windows\system32\hotfixq0306270.exe --> c:\windows\system32\HotFixQ0306270.exe [?]

S4 SAVScan;SAVScan;c:\program files\norton antivirus\SAVSCAN.EXE [2004-7-23 198368]

============== File Associations ===============

regfile=regedit.exe "%1" %*

=============== Created Last 30 ================

2010-10-18 14:42:18 38848 ----a-w- c:\windows\avastSS.scr

2010-10-18 14:42:11 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software

2010-10-18 14:06:42 -------- d-----w- c:\docume~1\david\locals~1\applic~1\VS Revo Group

2010-10-18 14:05:47 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-10-18 14:05:45 -------- d-----w- c:\program files\VS Revo Group

2010-10-18 02:11:32 -------- d--h--w- C:\$AVG

2010-10-18 00:32:40 -------- d-----w- c:\docume~1\david\applic~1\AVG10

2010-10-17 23:46:11 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files

2010-10-17 23:44:44 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10

2010-10-17 23:44:06 -------- d-----w- c:\program files\AVG

2010-10-17 23:39:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData

2010-10-16 22:32:49 -------- d-----w- c:\docume~1\alluse~1\applic~1\AntiVir PersonalEdition Classic

2010-10-15 00:51:52 388096 ----a-r- c:\docume~1\david\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2010-10-15 00:26:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-15 00:26:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-15 00:26:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-14 22:39:15 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2010-10-14 21:32:35 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll

2010-10-14 21:32:35 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2010-10-14 21:32:34 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

==================== Find3M ====================

2010-10-15 01:29:42 81984 ----a-w- c:\windows\system32\bdod.bin

2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-09 13:38:01 832512 ----a-w- c:\windows\system32\wininet.dll

2010-09-09 13:38:01 1830912 ------w- c:\windows\system32\inetcpl.cpl

2010-09-09 13:38:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-09-09 13:38:00 17408 ------w- c:\windows\system32\corpol.dll

2010-09-09 09:45:18 50968 ----a-w- c:\windows\system32\avgfwdx.dll

2010-09-09 06:27:29 281 ----a-w- c:\docume~1\alluse~1\applic~1\bdinstall.bin

2010-09-08 15:57:57 389120 ----a-w- c:\windows\system32\html.iec

2010-09-07 14:44:24 1838 --sha-w- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys

2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll

2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys

2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll

2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll

2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll

2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe

2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

2004-12-02 05:11:06 5632 ----a-r- c:\program files\jdeveloper.exe

============= FINISH: 10:53:58.78 ===============

HiJackThis! Log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:46:08 PM, on 10/19/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17091)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\WINDOWS\TSI32\tsircusr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WDBtnMgr.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\WDC\SetIcon.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\Program Files\Microtek\ScanWizard Pro\LANServer.exe

C:\Program Files\Motherboard Monitor 5\MBM5.EXE

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\PL15Co2K.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\AllerCalc\AllerCalc.exe

C:\Program Files\CMS Products\BounceBack Professional\BBLauncher.exe

C:\Apache2\bin\ApacheMonitor.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\Program Files\palmOne\HOTSYNC.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\TSI32\tsircusr.exe,

N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.

*

* If you make changes to this file while the browser is running,

* the changes will be overwritten when the browser exits.

*

* To make a manual change to preferences, you can visit the URL about:config

* For more information, see http://www.mozilla.org/unix/customizing.html#prefs

*/

user_pref("browser.activation.checkedNNFlag", true);

user_pref("browser.bookmarks.added_static_root", true);

user_pref("browser.cache.check_doc_frequency", 0);

user_pref("browser.cache.disk.parent_directory", "C:\\DOCUMENTS AND SETTINGS\\DAVID\\APPLICATION DATA\\Mozilla\\Profiles\\default\\z5wuezmd.slt");

user_pref("browser.download.dir", "H:\\itec2020 javascript\\project\\extraFiles");

user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSearch.src");

user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html");

user_pref("browser.startup.homepage_over

N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.

*

* If you make changes to this file while the browser is running,

* the changes will be overwritten when the browser exits.

*

* To make a manual change to preferences, you can visit the URL about:config

* For more information, see http://www.mozilla.org/unix/customizing.html#prefs

*/

user_pref("browser.activation.checkedNNFlag", true);

user_pref("browser.bookmarks.added_static_root", true);

user_pref("browser.cache.check_doc_frequency", 0);

user_pref("browser.cache.disk.parent_directory", "C:\\DOCUMENTS AND SETTINGS\\DAVID\\APPLICATION DATA\\Mozilla\\Profiles\\default\\z5wuezmd.slt");

user_pref("browser.download.dir", "H:\\itec2020 javascript\\project\\extraFiles");

user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSearch.src");

user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html");

user_pref("browser.startup.homepage_over

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [setIcon] \Program Files\WDC\SetIcon.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /QS

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"

O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM\..\Run: [Microtek_Scanner_Server] C:\Program Files\Microtek\ScanWizard Pro\LANServer.exe

O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"

O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [HI-SPEED USB DEVICE Coinstaller] PL15Co2K.exe

O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKCU\..\Run: [Zinio DLM] C:\PROGRA~1\Zinio\ZDLM.exe /hide

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [AllerCalc] "C:\Program Files\AllerCalc\AllerCalc.exe" /i

O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BounceBack Launcher.lnk = ?

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta

O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)

O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\David\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.safer-networking.org

O15 - Trusted Zone: http://www.studica.com

O15 - Trusted Zone: http://*.windowsupdate.com

O16 - DPF: HushEncryptionEngine - https://mailserver1.hushmail.com/shared/Hus...ptionEngine.cab

O16 - DPF: WebWorks Help 3.0 - http://www.netgear.com/docs/fvs318/wwhelp3.cab

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstall...oint/model.html

O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://brs.swissarmybrands.com/CFIDE/classes/CFJava.cab

O16 - DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} (Install119 Control) - http://www.samsungdp.com/Install119.CAB

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} (RRAAINAX_02.RRAAINAX) - http://www.in.honda.com/rraaapps/rraasec/c...AX/RraainAX.CAB

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/a...ntent/AcpIR.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab

O16 - DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} (Liveweb_SE Class) - http://206.67.236.76/updatefiles/liveweb_se.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106504223453

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170277721328

O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://www.onlineringman.com/auctions/install/isetupml.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab

O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\David\Local Settings\Temp\EI40_\msxml4.cab

O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/24/install/gtdownls.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -

O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{073F4527-C52C-4E88-8ABE-49F3E65624F0}: NameServer = 68.87.68.166,68.87.74.166

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.126,93.188.161.216

O17 - HKLM\System\CS1\Services\Tcpip\..\{073F4527-C52C-4E88-8ABE-49F3E65624F0}: NameServer = 68.87.68.166,68.87.74.166

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.126,93.188.161.216

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O24 - Desktop Component 1: (no name) - http://www.ibm.com/pc/orderstatus/login.cf...&oid=1C28CX

--

End of file - 18621 bytes

Attach.zip

Link to post
Share on other sites

post-32477-1261866970.gif

Click Start > control panel. If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. Then right click on your default connection, usually local area connection for cable and dsl, and left click on properties. Double-click on the Internet Protocol (TCP/IP) item and select the radio dial that says Obtain DNS servers automatically

Also look if you can find next 93.188.162.126 and 93.188.161.216 in it and delete them. DON'T delete anything else!

Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a checkmark/tick in the box on the left side on these:

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.126,93.188.161.216

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.126,93.188.161.216

Close ALL windows and browsers except HijackThis and click "Fix checked"

Reboot and "copy/paste" a new HijackThis log file into this thread.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

"Obtain an IP address automatically" was already checked.

>>Also look if you can find next 93.188.162.126 and 93.188.161.216 in it and delete them.

In the section "Use the following DNS server addresses:" were 68.87.68.166 and 68.87.74.166, which are correct for my ISP

The two items were "fixed" in HJT. See new log below.

CURRENT BEHAVIOR: There is still some re-direction when clicking on a Google search item, but not as often. For instance, forums.malwarebytes.org, malwarebytes.org and spywareinfoforum.com are now ok, I'm not re-directed. But others are re-directed to www.msn.com.

Also, after removing and re-installing, still cannot run Malwarebutyes, no response.

Updated HJT Log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 4:44:36 PM, on 10/19/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17091)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\WINDOWS\TSI32\tsircusr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WDBtnMgr.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\WDC\SetIcon.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\Program Files\Microtek\ScanWizard Pro\LANServer.exe

C:\Program Files\Motherboard Monitor 5\MBM5.EXE

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\WINDOWS\PL15Co2K.exe

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\Program Files\AllerCalc\AllerCalc.exe

C:\Program Files\CMS Products\BounceBack Professional\BBLauncher.exe

C:\Apache2\bin\ApacheMonitor.exe

C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

C:\Program Files\palmOne\HOTSYNC.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\TSI32\tsircusr.exe,

N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.

*

* If you make changes to this file while the browser is running,

* the changes will be overwritten when the browser exits.

*

* To make a manual change to preferences, you can visit the URL about:config

* For more information, see http://www.mozilla.org/unix/customizing.html#prefs

*/

user_pref("browser.activation.checkedNNFlag", true);

user_pref("browser.bookmarks.added_static_root", true);

user_pref("browser.cache.check_doc_frequency", 0);

user_pref("browser.cache.disk.parent_directory", "C:\\DOCUMENTS AND SETTINGS\\DAVID\\APPLICATION DATA\\Mozilla\\Profiles\\default\\z5wuezmd.slt");

user_pref("browser.download.dir", "H:\\itec2020 javascript\\project\\extraFiles");

user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSearch.src");

user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html");

user_pref("browser.startup.homepage_over

N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.

*

* If you make changes to this file while the browser is running,

* the changes will be overwritten when the browser exits.

*

* To make a manual change to preferences, you can visit the URL about:config

* For more information, see http://www.mozilla.org/unix/customizing.html#prefs

*/

user_pref("browser.activation.checkedNNFlag", true);

user_pref("browser.bookmarks.added_static_root", true);

user_pref("browser.cache.check_doc_frequency", 0);

user_pref("browser.cache.disk.parent_directory", "C:\\DOCUMENTS AND SETTINGS\\DAVID\\APPLICATION DATA\\Mozilla\\Profiles\\default\\z5wuezmd.slt");

user_pref("browser.download.dir", "H:\\itec2020 javascript\\project\\extraFiles");

user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSearch.src");

user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html");

user_pref("browser.startup.homepage_over

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [setIcon] \Program Files\WDC\SetIcon.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /QS

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"

O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM\..\Run: [Microtek_Scanner_Server] C:\Program Files\Microtek\ScanWizard Pro\LANServer.exe

O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"

O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [HI-SPEED USB DEVICE Coinstaller] PL15Co2K.exe

O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKCU\..\Run: [Zinio DLM] C:\PROGRA~1\Zinio\ZDLM.exe /hide

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R

O4 - HKCU\..\Run: [AllerCalc] "C:\Program Files\AllerCalc\AllerCalc.exe" /i

O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BounceBack Launcher.lnk = ?

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache2\bin\ApacheMonitor.exe

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta

O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)

O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\David\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.safer-networking.org

O15 - Trusted Zone: http://www.studica.com

O15 - Trusted Zone: http://*.windowsupdate.com

O16 - DPF: HushEncryptionEngine - https://mailserver1.hushmail.com/shared/Hus...ptionEngine.cab

O16 - DPF: WebWorks Help 3.0 - http://www.netgear.com/docs/fvs318/wwhelp3.cab

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstall...oint/model.html

O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://brs.swissarmybrands.com/CFIDE/classes/CFJava.cab

O16 - DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} (Install119 Control) - http://www.samsungdp.com/Install119.CAB

O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab

O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} (RRAAINAX_02.RRAAINAX) - http://www.in.honda.com/rraaapps/rraasec/c...AX/RraainAX.CAB

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/a...ntent/AcpIR.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab

O16 - DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} (Liveweb_SE Class) - http://206.67.236.76/updatefiles/liveweb_se.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106504223453

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170277721328

O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://www.onlineringman.com/auctions/install/isetupml.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab

O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\David\Local Settings\Temp\EI40_\msxml4.cab

O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/24/install/gtdownls.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -

O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{073F4527-C52C-4E88-8ABE-49F3E65624F0}: NameServer = 68.87.68.166,68.87.74.166

O17 - HKLM\System\CS1\Services\Tcpip\..\{073F4527-C52C-4E88-8ABE-49F3E65624F0}: NameServer = 68.87.68.166,68.87.74.166

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O24 - Desktop Component 1: (no name) - http://www.ibm.com/pc/orderstatus/login.cf...&oid=1C28CX

--

End of file - 18468 bytes

Link to post
Share on other sites

Contents of TDSSKiller log:

2010/10/19 17:05:18.0484 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59

2010/10/19 17:05:18.0484 ================================================================================

2010/10/19 17:05:18.0484 SystemInfo:

2010/10/19 17:05:18.0484

2010/10/19 17:05:18.0484 OS Version: 5.1.2600 ServicePack: 3.0

2010/10/19 17:05:18.0484 Product type: Workstation

2010/10/19 17:05:18.0484 ComputerName: KNOLLWOOD

2010/10/19 17:05:18.0484 UserName: David

2010/10/19 17:05:18.0484 Windows directory: C:\WINDOWS

2010/10/19 17:05:18.0484 System windows directory: C:\WINDOWS

2010/10/19 17:05:18.0484 Processor architecture: Intel x86

2010/10/19 17:05:18.0484 Number of processors: 2

2010/10/19 17:05:18.0484 Page size: 0x1000

2010/10/19 17:05:18.0484 Boot type: Normal boot

2010/10/19 17:05:18.0484 ================================================================================

2010/10/19 17:05:18.0890 Initialize success

2010/10/19 17:05:23.0843 ================================================================================

2010/10/19 17:05:23.0843 Scan started

2010/10/19 17:05:23.0843 Mode: Manual;

2010/10/19 17:05:23.0843 ================================================================================

2010/10/19 17:05:25.0062 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys

2010/10/19 17:05:25.0203 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2010/10/19 17:05:25.0250 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2010/10/19 17:05:25.0296 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\WINDOWS\system32\drivers\adfs.sys

2010/10/19 17:05:25.0390 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2010/10/19 17:05:25.0500 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2010/10/19 17:05:25.0562 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2010/10/19 17:05:25.0734 aksfridge (9e989429631a0588c60c430fd7db7576) C:\WINDOWS\system32\drivers\aksfridge.sys

2010/10/19 17:05:25.0843 akshasp (4ed4ce78a42070cb041c208ca53ed70a) C:\WINDOWS\system32\DRIVERS\akshasp.sys

2010/10/19 17:05:25.0890 aksusb (2fa8cbcbd795014267be5f60bb8474c0) C:\WINDOWS\system32\DRIVERS\aksusb.sys

2010/10/19 17:05:26.0343 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2010/10/19 17:05:26.0515 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys

2010/10/19 17:05:26.0578 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys

2010/10/19 17:05:26.0609 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys

2010/10/19 17:05:26.0703 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys

2010/10/19 17:05:26.0765 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys

2010/10/19 17:05:26.0828 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys

2010/10/19 17:05:26.0875 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2010/10/19 17:05:26.0921 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2010/10/19 17:05:27.0187 ati2mtag (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2010/10/19 17:05:27.0312 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2010/10/19 17:05:27.0406 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2010/10/19 17:05:27.0500 Avgfwdx (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

2010/10/19 17:05:27.0515 Avgfwfd (fa6336f05695e39995884d0c959c9608) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

2010/10/19 17:05:27.0578 AVGIDSEH (84853f800cd69252c3c764fe50d0346f) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

2010/10/19 17:05:27.0671 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys

2010/10/19 17:05:27.0765 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2010/10/19 17:05:27.0859 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2010/10/19 17:05:27.0921 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2010/10/19 17:05:28.0015 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2010/10/19 17:05:28.0062 Cdr4_xp (223dea13c9d064babc882b4727f6f905) C:\WINDOWS\system32\drivers\Cdr4_xp.sys

2010/10/19 17:05:28.0125 Cdralw2k (9e26599599d178e71afb5599e146031a) C:\WINDOWS\system32\drivers\Cdralw2k.sys

2010/10/19 17:05:28.0156 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2010/10/19 17:05:28.0203 cdudf_xp (40c1cb3e65709aec17ca3ce66a4873e0) C:\WINDOWS\system32\drivers\cdudf_xp.sys

2010/10/19 17:05:28.0421 CorexCardScan (b0cec894508471af372ba8950b9f4316) C:\WINDOWS\system32\drivers\slcorex.sys

2010/10/19 17:05:28.0531 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys

2010/10/19 17:05:28.0656 DgiVecp (1ec27a51a2f9df052bc2b4c8376c8fea) C:\WINDOWS\system32\Drivers\DgiVecp.sys

2010/10/19 17:05:28.0750 Disk (cc7c8399756cf6b6a67e187e2c0daf3d) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/10/19 17:05:28.0750 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\disk.sys. Real md5: cc7c8399756cf6b6a67e187e2c0daf3d, Fake md5: 044452051f3e02e7963599fc8f4f3e25

2010/10/19 17:05:28.0765 Disk - detected Rootkit.Win32.TDSS.tdl3 (0)

2010/10/19 17:05:28.0843 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2010/10/19 17:05:28.0890 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2010/10/19 17:05:28.0937 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2010/10/19 17:05:29.0031 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2010/10/19 17:05:29.0109 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys

2010/10/19 17:05:29.0156 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

2010/10/19 17:05:29.0250 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys

2010/10/19 17:05:29.0343 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2010/10/19 17:05:29.0421 DVDVRRdr_xp (485050f9bdca4c914fa1917dcbb7fe3c) C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys

2010/10/19 17:05:29.0453 dvd_2K (00b1291369857416c873b70db96e8126) C:\WINDOWS\system32\drivers\dvd_2K.sys

2010/10/19 17:05:29.0515 E1000 (89f28d9e011fd90dec6c0ece52c171bc) C:\WINDOWS\system32\DRIVERS\e1000325.sys

2010/10/19 17:05:29.0625 EGATHDRV (7f220875288944c9c7856e2bc8613b1f) C:\WINDOWS\Downloaded Program Files\EGATHDRV.SYS

2010/10/19 17:05:29.0734 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2010/10/19 17:05:29.0781 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2010/10/19 17:05:29.0812 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2010/10/19 17:05:29.0843 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2010/10/19 17:05:29.0937 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2010/10/19 17:05:30.0015 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2010/10/19 17:05:30.0046 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2010/10/19 17:05:30.0109 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys

2010/10/19 17:05:30.0156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2010/10/19 17:05:30.0218 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2010/10/19 17:05:30.0312 Hardlock (c03718f2b954972a40ad75e22d159f9f) C:\WINDOWS\system32\drivers\hardlock.sys

2010/10/19 17:05:30.0421 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys

2010/10/19 17:05:30.0500 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2010/10/19 17:05:30.0609 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2010/10/19 17:05:30.0796 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2010/10/19 17:05:30.0890 iaStor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iaStor.sys

2010/10/19 17:05:31.0031 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2010/10/19 17:05:31.0187 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2010/10/19 17:05:31.0281 iomdisk (9d7069d72c0c72952f05e1688a5ae89d) C:\WINDOWS\system32\DRIVERS\iomdisk.sys

2010/10/19 17:05:31.0343 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2010/10/19 17:05:31.0390 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2010/10/19 17:05:31.0437 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2010/10/19 17:05:31.0515 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2010/10/19 17:05:31.0562 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2010/10/19 17:05:31.0609 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2010/10/19 17:05:31.0656 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2010/10/19 17:05:31.0703 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2010/10/19 17:05:31.0765 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2010/10/19 17:05:31.0812 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2010/10/19 17:05:31.0859 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2010/10/19 17:05:32.0015 mbmiodrvr (8a84a869da0bb0ecea66969d84a782e5) C:\WINDOWS\System32\mbmiodrvr.sys

2010/10/19 17:05:32.0375 mmc_2K (55f0ab2736235479a8ff1f1d5a0b27ae) C:\WINDOWS\system32\drivers\mmc_2K.sys

2010/10/19 17:05:32.0437 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2010/10/19 17:05:32.0515 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2010/10/19 17:05:32.0546 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2010/10/19 17:05:32.0593 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2010/10/19 17:05:32.0671 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2010/10/19 17:05:32.0734 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2010/10/19 17:05:32.0828 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2010/10/19 17:05:32.0906 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2010/10/19 17:05:32.0953 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010/10/19 17:05:33.0031 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010/10/19 17:05:33.0078 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2010/10/19 17:05:33.0140 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2010/10/19 17:05:33.0218 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2010/10/19 17:05:33.0312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2010/10/19 17:05:33.0359 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2010/10/19 17:05:33.0421 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2010/10/19 17:05:33.0453 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2010/10/19 17:05:33.0484 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2010/10/19 17:05:33.0531 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2010/10/19 17:05:33.0593 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2010/10/19 17:05:33.0671 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2010/10/19 17:05:33.0734 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2010/10/19 17:05:33.0812 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2010/10/19 17:05:33.0921 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2010/10/19 17:05:33.0968 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2010/10/19 17:05:34.0031 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2010/10/19 17:05:34.0078 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2010/10/19 17:05:34.0187 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys

2010/10/19 17:05:34.0296 P17 (df886ffed69aead0cf608b89b18c3f6f) C:\WINDOWS\system32\drivers\P17.sys

2010/10/19 17:05:34.0375 PalmUSBD (803cf09c795290825607505d37819135) C:\WINDOWS\system32\drivers\PalmUSBD.sys

2010/10/19 17:05:34.0421 PAR1284 (eadee2bfc14f5ebc1b89e637f30c590b) C:\WINDOWS\System32\Drivers\PAR1284.SYS

2010/10/19 17:05:34.0515 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2010/10/19 17:05:34.0546 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2010/10/19 17:05:34.0609 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2010/10/19 17:05:34.0703 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2010/10/19 17:05:34.0796 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2010/10/19 17:05:34.0843 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2010/10/19 17:05:35.0156 pmxdrv (b4079d61b5c6b4919bde17c38202e236) C:\WINDOWS\system32\drivers\pmxdrv.sys

2010/10/19 17:05:35.0250 Point32 (e5582e43e167cf367757d81e9727da2a) C:\WINDOWS\system32\DRIVERS\point32.sys

2010/10/19 17:05:35.0296 portD (efa27961b5c2436f4a670c4717993e61) C:\WINDOWS\system32\DRIVERS\portd2k.sys

2010/10/19 17:05:35.0359 PPNT (5ea2d0eb0524c79b39b81cfc13157a63) C:\WINDOWS\System32\Drivers\PPNT.SYS

2010/10/19 17:05:35.0437 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2010/10/19 17:05:35.0453 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

2010/10/19 17:05:35.0593 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2010/10/19 17:05:35.0671 pwd_2k (b2e95bb13acad56138671a1aae7f9ed9) C:\WINDOWS\system32\drivers\pwd_2k.sys

2010/10/19 17:05:35.0750 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2010/10/19 17:05:35.0921 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2010/10/19 17:05:35.0968 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2010/10/19 17:05:36.0015 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2010/10/19 17:05:36.0046 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2010/10/19 17:05:36.0078 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2010/10/19 17:05:36.0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2010/10/19 17:05:36.0203 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2010/10/19 17:05:36.0281 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2010/10/19 17:05:36.0343 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2010/10/19 17:05:36.0453 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys

2010/10/19 17:05:36.0593 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2010/10/19 17:05:36.0671 Sentinel (a2cc81c30bef6ac9f27055490eef6de3) C:\WINDOWS\System32\Drivers\SENTINEL.SYS

2010/10/19 17:05:36.0734 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2010/10/19 17:05:36.0765 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2010/10/19 17:05:36.0843 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2010/10/19 17:05:36.0937 SIODRV (6fbba21e5ad173ecad3144ddff3a89bf) C:\WINDOWS\System32\drivers\SIODRV.SYS

2010/10/19 17:05:37.0015 SMBios (d72a21424ca66c7a745bd995eca6a710) C:\WINDOWS\system32\DRIVERS\SMBios.sys

2010/10/19 17:05:37.0078 smbusp (ba312455863f88757ccc5091d3b5c9db) C:\WINDOWS\system32\DRIVERS\intelsmb.sys

2010/10/19 17:05:37.0187 snapman (68cbdfdee8498c75d7cef82552fdf984) C:\WINDOWS\system32\DRIVERS\snapman.sys

2010/10/19 17:05:37.0265 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2010/10/19 17:05:37.0328 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2010/10/19 17:05:37.0406 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2010/10/19 17:05:37.0468 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2010/10/19 17:05:37.0531 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2010/10/19 17:05:37.0640 symsnap (f65d8c562d8fdee24d64528f74af04de) C:\WINDOWS\system32\DRIVERS\symsnap.sys

2010/10/19 17:05:37.0734 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2010/10/19 17:05:37.0796 tbcspud (25749e1af2040668455946be24a9e4e6) C:\WINDOWS\system32\drivers\tbcspud.sys

2010/10/19 17:05:37.0875 tbcwdm (f7a36ad36c2d7504415ec3fa004f5467) C:\WINDOWS\system32\drivers\tbcwdm.sys

2010/10/19 17:05:37.0968 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2010/10/19 17:05:38.0031 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2010/10/19 17:05:38.0125 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2010/10/19 17:05:38.0187 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2010/10/19 17:05:38.0375 TSIKBF5 (7037b2731f5d4397e3c90bfd1444c816) C:\WINDOWS\system32\drivers\TSIKBF5.sys

2010/10/19 17:05:38.0421 TSIMSF5 (bda91d03080a92ff2cc0508477a9afb7) C:\WINDOWS\system32\drivers\TSIMSF5.sys

2010/10/19 17:05:38.0453 TSIRCINK (1b56a495a353aa4d38db8445d9589fa7) C:\WINDOWS\system32\drivers\TSIRCINK.sys

2010/10/19 17:05:38.0500 tsircmir (baf058e97de3854d6c46fc5ec17e82f0) C:\WINDOWS\system32\Drivers\tsircmir.sys

2010/10/19 17:05:38.0562 TSIREGMO (35edc4492f5b96439b777f7672f3bc55) C:\WINDOWS\system32\drivers\tsiregmo.sys

2010/10/19 17:05:38.0593 TSISER (ee1007531e8b466e28cdd770db0358c9) C:\WINDOWS\system32\drivers\TSISER.sys

2010/10/19 17:05:38.0640 TSISTRMX (fa84dfebb5f4b132cd49725c4471199d) C:\WINDOWS\system32\drivers\TSISTRMX.sys

2010/10/19 17:05:38.0687 UDFReadr (ac93dd5792310b57b03816d7f8d957fc) C:\WINDOWS\system32\drivers\UDFReadr.sys

2010/10/19 17:05:38.0765 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2010/10/19 17:05:38.0859 Umwdnetstc (40c1cb3e65709aec17ca3ce66a4873e0) C:\WINDOWS\system32\drivers\Cdudf_xp.sys

2010/10/19 17:05:38.0953 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2010/10/19 17:05:39.0031 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2010/10/19 17:05:39.0109 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2010/10/19 17:05:39.0171 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2010/10/19 17:05:39.0234 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

2010/10/19 17:05:39.0296 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2010/10/19 17:05:39.0343 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2010/10/19 17:05:39.0437 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2010/10/19 17:05:39.0500 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2010/10/19 17:05:39.0562 UtilNT (9111ddfded7d6c10e9c6b6369e49cf1e) C:\WINDOWS\system32\drivers\UtilNT.sys

2010/10/19 17:05:39.0609 v2imount (16662738e1ab857fb91ed2d4065440b0) C:\WINDOWS\system32\DRIVERS\v2imount.sys

2010/10/19 17:05:39.0687 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2010/10/19 17:05:39.0750 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2010/10/19 17:05:39.0796 VPROEVENTMONITOR (e14b7ae35be1e97830d42ec191d0dea2) C:\WINDOWS\system32\drivers\VProEventMonitor.sys

2010/10/19 17:05:39.0921 vtdg46xx (44354118889b8bb13fe87f207a8c18c2) C:\PROGRA~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys

2010/10/19 17:05:40.0046 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2010/10/19 17:05:40.0125 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2010/10/19 17:05:40.0187 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys

2010/10/19 17:05:40.0656 ================================================================================

2010/10/19 17:05:40.0656 Scan finished

2010/10/19 17:05:40.0656 ================================================================================

2010/10/19 17:05:40.0687 Detected object count: 1

2010/10/19 17:06:06.0484 Disk (cc7c8399756cf6b6a67e187e2c0daf3d) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/10/19 17:06:06.0484 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\disk.sys. Real md5: cc7c8399756cf6b6a67e187e2c0daf3d, Fake md5: 044452051f3e02e7963599fc8f4f3e25

2010/10/19 17:06:07.0734 Backup copy found, using it..

2010/10/19 17:06:07.0750 C:\WINDOWS\system32\DRIVERS\disk.sys - will be cured after reboot

2010/10/19 17:06:07.0750 Rootkit.Win32.TDSS.tdl3(Disk) - User select action: Cure

2010/10/19 17:06:22.0656 Deinitialize success

Contents of GooredFix.txt:

GooredFix by jpshortstuff (03.07.10.1)

Log created at 17:02 on 19/10/2010 (David)

Firefox version 3.6.6 (en-US)

========== GooredScan ==========

Link to post
Share on other sites

If you haven't rebooted since the TDSSKiller scan, please do so.

Next:

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have SP3, use the SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

I can now run Malwarebytes. Did a Quick Scan and here are results. After that I have posted the results from the ComboFix.

Malwarebytes quick scan:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4887

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

10/19/2010 9:25:37 PM

mbam-log-2010-10-19 (21-25-37).txt

Scan type: Quick scan

Objects scanned: 177368

Time elapsed: 48 minute(s), 7 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XBV6RD5SZF (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

ComboFix log.txt:

ComboFix 10-10-18.06 - David 10/19/2010 18:11:41.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2491 [GMT -5:00]

Running from: c:\documents and settings\David\Desktop\ComboFix.exe

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8546B224-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85489054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AF2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {865BB65C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86658A9C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8670BA44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000008-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {853BF8F4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {854D976C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856653C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85897534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DA054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A4E304-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A789FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A82DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB78AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ACD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AE0DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B0E78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B14BB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1E8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1EC54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4558C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4794C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4C4A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B61DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B6A17C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B787B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B78AEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B7A604-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B888B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89BCC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89C44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8D4D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B90524-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B93B54-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BA0484-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBCABC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBEDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC0BDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC756C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BCB9CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD0404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD16AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD6414-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD99B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BDDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE6664-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE766C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDA24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEEDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF5644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF6054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C00644-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0F39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C17BB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C30404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C39B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5823C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C62DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C980DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFCC64-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86014DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86167DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862708FC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627316C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86290354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86317DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633C054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634251C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634662C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86348494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86364BBC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637058C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86376BCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637A674-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637C99C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86383424-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B690C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865C03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EA6A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EE3B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865F593C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8660E354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86636B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664749C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664F47C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8665C9BC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666039C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86665734-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666ADDC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86673B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86674B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86675BC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86677C44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866795BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667A8BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667B9BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668172C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86682A1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668639C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668C424-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D744-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668F494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866959C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86696BC4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669F3B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A3DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A43A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A69AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A856C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA9B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AD6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B9474-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866BB8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866C1354-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CADDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CC5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CF954-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D670C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E1054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E225C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E49F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E6AF4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EA854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EE054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F4B34-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FAC24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FEBC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86702524-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670270C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867034A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670E5EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86715A5C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671F3AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86722DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8672ABB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8673353C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737604-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86738944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674C59C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86751554-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86752C64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867564A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A076C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A19FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867B1404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867C3874-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867E448C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867F37B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86816164-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8682141C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8683C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8684039C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86913DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86939A14-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8693EDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8694829C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86953404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869539BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86955DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86962CB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86964054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869966D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86998594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869A65CC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B02B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B1C6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B4874-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B844C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BA5BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BC6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C69CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C740C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D1B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D4054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869DFBD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A19544-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A4A88C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86E90A94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86ED2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86EDF904-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F5E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F80DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FB8DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FFBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8900F724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8901E554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8902FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890446A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8904E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890523E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89053B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8905B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890743F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8907C504-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890A3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890CABCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890D7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E2CEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890F23E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89115B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89119814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8911A79C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89121B3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89122DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89123664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8913FB7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914027C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89140B94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914A57C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914B5CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8915A3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89161AEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8916F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89176DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89184DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891ADDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891BB814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891E791C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898BD37C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898D8B44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89938054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89971264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899968B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899B0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899C1B1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899D9DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899FE48C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A3748C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A835B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B4C2E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B52DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B6CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B91584-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BAB9DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BB65FC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCA86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCC9AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BE9724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C01874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C226CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C309AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C3152C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C38DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C47644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C4EA94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C6F73C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CBF4AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CC1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCD78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCF8FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D1682C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D55D74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D70054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D81054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89E312E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89F3131C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A43E4C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4774AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A49D86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A58A054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5BB5AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5D17CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A66852C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\David\Favorites\frame.html

C:\index.htm

c:\program files\INSTALL.LOG

c:\windows\AutoRun.ini

c:\windows\cdmxtras

c:\windows\cdmxtras\uninst.exe

c:\windows\Fonts\acrsec.fon

c:\windows\jestertb.dll

c:\windows\My.ini

c:\windows\patch.exe

c:\windows\settings.reg

c:\windows\system\VI30AUT.DLL

c:\windows\system32\Cache

c:\windows\system32\Data

c:\windows\system32\O.BAT

c:\windows\system32\Temp

c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.

((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 )))))))))))))))))))))))))))))))

.

2010-10-19 21:14 . 2010-10-19 22:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-18 14:42 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-10-18 14:42 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-10-18 14:42 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-10-18 14:42 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-10-18 14:42 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-10-18 14:42 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-10-18 14:42 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-10-18 14:42 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr

2010-10-18 14:42 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\program files\Alwil Software

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

2010-10-18 14:06 . 2010-10-18 14:06 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\VS Revo Group

2010-10-18 14:05 . 2009-12-30 17:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-10-18 14:05 . 2010-10-18 14:05 -------- d-----w- c:\program files\VS Revo Group

2010-10-18 02:11 . 2010-10-18 02:11 -------- d-----w- C:\$AVG

2010-10-18 00:32 . 2010-10-18 00:32 -------- d-----w- c:\documents and settings\David\Application Data\AVG10

2010-10-17 23:46 . 2010-10-17 23:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files

2010-10-17 23:44 . 2010-10-18 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10

2010-10-17 23:44 . 2010-10-17 23:44 -------- d-----w- c:\program files\AVG

2010-10-17 23:39 . 2010-10-17 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2010-10-16 22:32 . 2010-10-16 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic

2010-10-15 00:51 . 2010-10-15 00:51 388096 ----a-r- c:\documents and settings\David\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-14 22:39 . 2010-09-22 23:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2010-10-14 21:32 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll

2010-10-14 21:32 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2010-10-14 21:32 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2010-10-14 18:52 . 2010-10-14 18:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Zinio DLM"="c:\progra~1\Zinio\ZDLM.exe" [2004-03-29 852038]

"Google Update"="c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-25 133104]

"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

"AllerCalc"="c:\program files\AllerCalc\AllerCalc.exe" [2000-08-22 560408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WD Button Manager"="WDBtnMgr.exe" [2005-08-16 331776]

"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]

"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-04 61440]

"SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-04-28 42496]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]

"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2006-04-05 2177256]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"QuickFinder Scheduler"="c:\program files\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE" [2009-06-22 83232]

"PPMemCheck"="c:\progra~1\PESTPA~1\PPMemCheck.exe" [2003-04-19 148480]

"Microtek_Scanner_Server"="c:\program files\Microtek\ScanWizard Pro\LANServer.exe" [2005-08-03 212992]

"MBM 5"="c:\program files\Motherboard Monitor 5\MBM5.EXE" [2003-08-21 593408]

"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]

"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]

"HI-SPEED USB DEVICE Coinstaller"="PL15Co2K.exe" [2003-07-10 86016]

"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]

"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]

"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]

"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]

"AdobeVersionCue"="c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2004-03-25 1732608]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-10-04 611712]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]

"NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-09 323216]

"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

c:\documents and settings\David\Start Menu\Programs\Startup\

HotSync Manager.lnk - c:\program files\palmOne\HOTSYNC.EXE [2004-4-13 299008]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

BounceBack Launcher.lnk - c:\program files\CMS Products\BounceBack Professional\BBLauncher.exe [2007-11-18 93888]

Monitor Apache Servers.lnk - c:\apache2\bin\ApacheMonitor.exe [2006-7-27 41042]

NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-9-27 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\mysql\\MySQL Server 5.0\\bin\\mysqld-nt.exe"=

"c:\\Program Files\\Microtek\\ScanWizard Pro\\LANServer.exe"=

"c:\\Program Files\\Altova\\XMLSpy2006\\XMLSpy.exe"=

"c:\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\OEMPhones\\Openwave\\50\\Sdk50OEMPhone.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\sim\\SimCtrl.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\http\\OSDK62http.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\OSDK51.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\eventd.exe"=

"c:\\Program Files\\Openwave\\V7 Simulator\\bin\\phone.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\wap\\OSDK62wap.exe"=

"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Program Files\\ActiveState Komodo IDE 4\\lib\\mozilla\\komodo.exe"=

"c:\\Program Files\\Zend\\ZendStudio-5.5.1\\jre\\bin\\javaw.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Packet Tracer 5.2\\bin\\PacketTracer5.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\Settings.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"1947:TCP"= 1947:TCP:HASP SRM

"1947:UDP"= 1947:UDP:HASP SRM

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 25680]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/18/2010 9:42 AM 165584]

R1 tsircmir;LapLink Mirror Driver Miniport;c:\windows\system32\drivers\tsircmir.sys [8/28/2003 12:03 AM 2816]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/18/2010 9:42 AM 17744]

R2 portD;CMS PortIO Service;c:\windows\system32\drivers\portd2k.sys [11/18/2007 4:15 AM 13504]

R2 PPNT;PPNT;c:\windows\system32\drivers\ppnt.sys [12/1/2003 1:44 AM 13824]

R2 TSIREGMO;tsiregmo;c:\windows\system32\drivers\tsiregmo.sys [8/28/2003 12:03 AM 5824]

R2 TSISER;TSISER;c:\windows\system32\drivers\tsiser.sys [8/28/2003 12:03 AM 42560]

R2 TSISTRMX;Traveling Software Stream Driver;c:\windows\system32\drivers\TSISTRMX.SYS [8/28/2003 12:03 AM 5120]

R3 TSIKBF5;Traveling Software Keyboard Filter Driver;c:\windows\system32\drivers\TSIKBF5.sys [8/28/2003 12:03 AM 9728]

R3 TSIMSF5;Traveling Software Mouse Filter Driver;c:\windows\system32\drivers\TSIMSF5.sys [8/28/2003 12:03 AM 5632]

S1 CorexCardScan;CardScan USB Scanner;c:\windows\system32\drivers\slcorex.sys [5/21/2003 11:32 PM 8448]

S1 TSIRCINK;Traveling Software Install Driver;c:\windows\system32\drivers\TSIRCINK.SYS [8/28/2003 12:03 AM 9216]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/20/2009 2:17 PM 135664]

S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [9/9/2010 4:45 AM 30104]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [9/9/2010 4:45 AM 30104]

S3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [9/17/2005 5:14 PM 816792]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/18/2010 9:05 AM 27064]

S3 tbcspud;Santa Cruz Driver;c:\windows\system32\drivers\tbcspud.sys [9/1/2003 4:12 AM 149632]

S3 tbcwdm;Santa Cruz WDM Driver;c:\windows\system32\drivers\tbcwdm.sys [6/23/2003 12:15 PM 554304]

S3 Umwdnetstc;Umwdnetstc;c:\windows\system32\drivers\Cdudf_xp.sys [6/24/2004 3:48 PM 289408]

S3 UtilNT;UtilNT;c:\windows\system32\drivers\utilnt.sys [2/19/2009 9:17 PM 5533]

S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [6/13/2003 4:45 PM 19232]

S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 288112]

S4 BlackfishSQL;BlackfishSQL;c:\program files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe [11/12/2008 3:02 PM 65536]

S4 Cmt4ngsoq;Cmt4ngsoq; [x]

S4 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 11:25 AM 189736]

S4 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S4 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [6/8/2000 8:15 AM 50176]

S4 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [1/15/2007 5:11 PM 73728]

S4 PLQ0306270;Prolific HotFix Q0306270;c:\windows\System32\HotFixQ0306270.exe --> c:\windows\System32\HotFixQ0306270.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

bdx REG_MULTI_SZ scan

.

Contents of the 'Scheduled Tasks' folder

2010-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003Core.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003UA.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-04-22 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 20:07]

2010-10-19 c:\windows\Tasks\User_Feed_Synchronization-{17D6E5F1-8459-455D-98B7-BD0D5405108B}.job

- c:\windows\system32\msfeedssync.exe [2007-08-14 00:36]

2009-07-20 c:\windows\Tasks\WGASetup.job

- c:\windows\system32\KB905474\wgasetup.exe [2009-04-14 03:18]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.msn.com

uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearchAssistant = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

IE: c:\progra~1\COMMON~1\BTLINK\btlink.dll//iemenu

IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Open with WordPerfect - c:\program files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta

IE: Zend Studio - Debug current page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

IE: Zend Studio - Debug next page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\David\Start Menu\Programs\IMVU\Run IMVU.lnk

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: safer-networking.org\www

Trusted Zone: studica.com\www

Trusted Zone: turbotax.com

Trusted Zone: windowsupdate.com

TCP: {073F4527-C52C-4E88-8ABE-49F3E65624F0} = 68.87.68.166,68.87.74.166

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: HushEncryptionEngine - hxxps://mailserver1.hushmail.com/shared/HushEncryptionEngine.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: WebWorks Help 3.0 - hxxp://www.netgear.com/docs/fvs318/wwhelp3.cab

DPF: Yahoo! Chat - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} - hxxp://www.samsungdp.com/Install119.CAB

DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB

DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} - hxxp://206.67.236.76/updatefiles/liveweb_se.cab

FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\

FF - prefs.js: browser.startup.homepage - hxxp://en-US.google.mozilla.com/firefox?client=firefox-a&rls=com.google:en-US:official

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\WINNT_x86-msvc\components\pagespeed.dll

FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll

FF - plugin: c:\documents and settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npstrlnk.dll

FF - plugin: c:\program files\Opera\program\plugins\npdrmv2.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

HKCU-Run-AdobeBridge - (no file)

SafeBoot-klmdb.sys

AddRemove-PowerDesigner6 DA - c:\program files\Powersoft\PowerDesigner 6\DeIsL1.isu

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Iomega Activity Disk2]

"ImagePath"="\"\""

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MySQL]

"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2F2ED127-9180-E0E9-DD82A3EA97D23C2D}\{BC7AD397-E62C-4E1A-5A858785C5B4F8B7}\{1CB4FE78-537A-1AF0-DBD366375A0DFAF2}*]

"YHEF5D1JZRE41IAVEAFC3LNZEH1"=hex:01,00,01,00,00,00,00,00,f8,86,76,42,74,5e,a9,

79,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{41499515-FE1F-2B25-9CCAFA7C1BD1CD4F}\{E760D6E7-B184-EBBF-DA510F4FC9719600}\{4E25D3C0-199C-C2DC-33A6CFCC543E6F29}*]

"YHEF5D1JZRE41IAVEAFC3LNZEH1"=hex:01,00,01,00,00,00,00,00,f8,86,76,42,74,5e,a9,

79,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{59FD906B-7064-D511-A92C76967AEA497D}\{7BE5E469-8614-18F7-FB4A2951C2296B41}\{4CE5DCAA-16CA-BCB0-DF1B4E45E77E17F5}*]

"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,0e,5e,87,

83,b7,12,ee,69,42,dc,bb,87,a8,1f,b5,0f,df,86,bc,de,50,1e,ba,0d,6a,42,f3,a0,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F2F43379-985D-E7AE-2F5BD6B18999A07F}\{64C9A7C2-676E-3AEC-13AF6B278F65FD89}\{7B815B3C-162E-096A-EBEBEFD33B1AE416}*]

"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,0e,5e,87,

83,b7,12,ee,69,42,dc,bb,87,a8,1f,b5,0f,df,86,bc,de,50,1e,ba,0d,6a,42,f3,a0,\

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(636)

c:\windows\system32\Ati2evxx.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

Completion time: 2010-10-19 18:24:16

ComboFix-quarantined-files.txt 2010-10-19 23:24

Pre-Run: 18,139,267,072 bytes free

Post-Run: 18,743,201,792 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /Fastdetect /NoExecute=OptIn

- - End Of File - - 1D33650248C39C7C845D2CF7F5738952

Link to post
Share on other sites

I see signs of Avira, AVG and Avast5 in you scans.

It looks like you're using Avira so you should uninstall the other 2.

Copy/paste the text in the Codebox below into notepad:

Here's how to do that:

Click Start > Run type Notepad click OK.

This will open an empty notepad file:

Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.

KillAll::

Regnull::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2F2ED127-9180-E0E9-DD82A3EA97D23C2D}\{BC7AD397-E62C-4E1A-5A858785C5B4F8B7}\{1CB4FE78-537A-1AF0-DBD366375A0DFAF2}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{41499515-FE1F-2B25-9CCAFA7C1BD1CD4F}\{E760D6E7-B184-EBBF-DA510F4FC9719600}\{4E25D3C0-199C-C2DC-33A6CFCC543E6F29}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{59FD906B-7064-D511-A92C76967AEA497D}\{7BE5E469-8614-18F7-FB4A2951C2296B41}\{4CE5DCAA-16CA-BCB0-DF1B4E45E77E17F5}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F2F43379-985D-E7AE-2F5BD6B18999A07F}\{64C9A7C2-676E-3AEC-13AF6B278F65FD89}\{7B815B3C-162E-096A-EBEBEFD33B1AE416}*]

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

CFScriptB-4.gif

Drag CFScript.txt into ComboFix.exe

Then post the results log using Copy / Paste

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

>>Did you uninstall the other 2?

>>Did you run my last fix?

>>How's it running?

I had already uninstalled Avira and AVG when I installed Avast. I just checked the usual places and their are no program file folders or uninstall entries in Add/Install Programs in Control Panel. Do the entries referring to thoses programs in the ComboFix log indicate there is more uninstalling to do?

It's running great now. No re-direction and Malwarebytes runs great.

Here is the log from latest ComboFix run:

ComboFix 10-10-19.04 - David 10/20/2010 13:49:53.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2414 [GMT -5:00]

Running from: c:\documents and settings\David\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\David\Desktop\CFScript.txt

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8546B224-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85489054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AF2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {865BB65C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86658A9C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8670BA44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000008-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {853BF8F4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {854D976C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856653C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85897534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DA054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A4E304-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A789FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A82DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB78AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ACD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AE0DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B0E78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B14BB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1E8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1EC54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4558C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4794C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4C4A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B61DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B6A17C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B787B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B78AEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B7A604-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B888B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89BCC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89C44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8D4D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B90524-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B93B54-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BA0484-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBCABC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBEDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC0BDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC756C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BCB9CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD0404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD16AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD6414-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD99B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BDDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE6664-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE766C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDA24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEEDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF5644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF6054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C00644-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0F39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C17BB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C30404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C39B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5823C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C62DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C980DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFCC64-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86014DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86167DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862708FC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627316C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86290354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86317DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633C054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634251C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634662C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86348494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86364BBC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637058C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86376BCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637A674-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637C99C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86383424-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B690C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865C03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EA6A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EE3B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865F593C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8660E354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86636B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664749C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664F47C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8665C9BC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666039C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86665734-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666ADDC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86673B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86674B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86675BC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86677C44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866795BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667A8BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667B9BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668172C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86682A1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668639C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668C424-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D744-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668F494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866959C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86696BC4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669F3B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A3DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A43A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A69AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A856C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA9B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AD6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B9474-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866BB8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866C1354-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CADDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CC5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CF954-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D670C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E1054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E225C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E49F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E6AF4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EA854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EE054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F4B34-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FAC24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FEBC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86702524-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670270C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867034A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670E5EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86715A5C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671F3AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86722DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8672ABB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8673353C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737604-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86738944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674C59C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86751554-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86752C64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867564A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A076C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A19FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867B1404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867C3874-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867E448C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867F37B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86816164-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8682141C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8683C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8684039C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86913DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86939A14-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8693EDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8694829C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86953404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869539BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86955DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86962CB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86964054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869966D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86998594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869A65CC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B02B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B1C6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B4874-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B844C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BA5BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BC6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C69CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C740C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D1B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D4054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869DFBD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A19544-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A4A88C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86E90A94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86ED2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86EDF904-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F5E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F80DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FB8DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FFBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8900F724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8901E554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8902FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890446A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8904E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890523E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89053B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8905B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890743F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8907C504-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890A3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890CABCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890D7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E2CEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890F23E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89115B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89119814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8911A79C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89121B3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89122DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89123664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8913FB7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914027C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89140B94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914A57C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914B5CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8915A3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89161AEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8916F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89176DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89184DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891ADDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891BB814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891E791C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898BD37C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898D8B44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89938054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89971264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899968B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899B0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899C1B1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899D9DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899FE48C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A3748C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A835B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B4C2E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B52DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B6CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B91584-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BAB9DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BB65FC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCA86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCC9AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BE9724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C01874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C226CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C309AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C3152C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C38DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C47644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C4EA94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C6F73C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CBF4AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CC1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCD78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCF8FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D1682C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D55D74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D70054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D81054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89E312E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89F3131C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A43E4C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4774AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A49D86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A58A054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5BB5AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5D17CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A66852C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

.

((((((((((((((((((((((((( Files Created from 2010-09-20 to 2010-10-20 )))))))))))))))))))))))))))))))

.

2010-10-20 05:33 . 2010-10-20 05:33 -------- d-----w- c:\program files\COMODO

2010-10-20 04:02 . 2010-10-20 05:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo

2010-10-20 01:21 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-20 01:21 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-19 21:14 . 2010-10-20 01:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-18 14:42 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-10-18 14:42 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-10-18 14:42 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-10-18 14:42 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-10-18 14:42 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-10-18 14:42 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-10-18 14:42 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-10-18 14:42 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr

2010-10-18 14:42 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\program files\Alwil Software

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

2010-10-18 14:06 . 2010-10-18 14:06 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\VS Revo Group

2010-10-18 14:05 . 2009-12-30 17:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-10-18 14:05 . 2010-10-18 14:05 -------- d-----w- c:\program files\VS Revo Group

2010-10-18 02:11 . 2010-10-18 02:11 -------- d-----w- C:\$AVG

2010-10-18 00:32 . 2010-10-18 00:32 -------- d-----w- c:\documents and settings\David\Application Data\AVG10

2010-10-17 23:46 . 2010-10-17 23:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files

2010-10-17 23:44 . 2010-10-18 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10

2010-10-17 23:39 . 2010-10-17 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2010-10-16 22:32 . 2010-10-16 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic

2010-10-15 00:51 . 2010-10-15 00:51 388096 ----a-r- c:\documents and settings\David\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-14 22:39 . 2010-09-22 23:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2010-10-14 21:32 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll

2010-10-14 21:32 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2010-10-14 21:32 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2010-10-14 18:52 . 2010-10-14 18:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Zinio DLM"="c:\progra~1\Zinio\ZDLM.exe" [2004-03-29 852038]

"Google Update"="c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-25 133104]

"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

"AllerCalc"="c:\program files\AllerCalc\AllerCalc.exe" [2000-08-22 560408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WD Button Manager"="WDBtnMgr.exe" [2005-08-16 331776]

"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]

"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-04 61440]

"SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-04-28 42496]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]

"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2006-04-05 2177256]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"QuickFinder Scheduler"="c:\program files\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE" [2009-06-22 83232]

"PPMemCheck"="c:\progra~1\PESTPA~1\PPMemCheck.exe" [2003-04-19 148480]

"Microtek_Scanner_Server"="c:\program files\Microtek\ScanWizard Pro\LANServer.exe" [2005-08-03 212992]

"MBM 5"="c:\program files\Motherboard Monitor 5\MBM5.EXE" [2003-08-21 593408]

"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]

"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]

"HI-SPEED USB DEVICE Coinstaller"="PL15Co2K.exe" [2003-07-10 86016]

"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]

"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]

"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]

"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]

"AdobeVersionCue"="c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2004-03-25 1732608]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-10-04 611712]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]

"NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-09 323216]

"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-11 2500552]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

c:\documents and settings\David\Start Menu\Programs\Startup\

HotSync Manager.lnk - c:\program files\palmOne\HOTSYNC.EXE [2004-4-13 299008]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

BounceBack Launcher.lnk - c:\program files\CMS Products\BounceBack Professional\BBLauncher.exe [2007-11-18 93888]

Monitor Apache Servers.lnk - c:\apache2\bin\ApacheMonitor.exe [2006-7-27 41042]

NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-9-27 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\mysql\\MySQL Server 5.0\\bin\\mysqld-nt.exe"=

"c:\\Program Files\\Microtek\\ScanWizard Pro\\LANServer.exe"=

"c:\\Program Files\\Altova\\XMLSpy2006\\XMLSpy.exe"=

"c:\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\OEMPhones\\Openwave\\50\\Sdk50OEMPhone.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\sim\\SimCtrl.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\http\\OSDK62http.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\OSDK51.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\eventd.exe"=

"c:\\Program Files\\Openwave\\V7 Simulator\\bin\\phone.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\wap\\OSDK62wap.exe"=

"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Program Files\\ActiveState Komodo IDE 4\\lib\\mozilla\\komodo.exe"=

"c:\\Program Files\\Zend\\ZendStudio-5.5.1\\jre\\bin\\javaw.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Packet Tracer 5.2\\bin\\PacketTracer5.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\Settings.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"1947:TCP"= 1947:TCP:HASP SRM

"1947:UDP"= 1947:UDP:HASP SRM

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 25680]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/18/2010 9:42 AM 165584]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/10/2010 11:40 PM 239240]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/10/2010 11:40 PM 25240]

R1 tsircmir;LapLink Mirror Driver Miniport;c:\windows\system32\drivers\tsircmir.sys [8/28/2003 12:03 AM 2816]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/18/2010 9:42 AM 17744]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [10/19/2010 8:21 PM 304464]

R2 portD;CMS PortIO Service;c:\windows\system32\drivers\portd2k.sys [11/18/2007 4:15 AM 13504]

R2 PPNT;PPNT;c:\windows\system32\drivers\ppnt.sys [12/1/2003 1:44 AM 13824]

R2 TSIREGMO;tsiregmo;c:\windows\system32\drivers\tsiregmo.sys [8/28/2003 12:03 AM 5824]

R2 TSISER;TSISER;c:\windows\system32\drivers\tsiser.sys [8/28/2003 12:03 AM 42560]

R2 TSISTRMX;Traveling Software Stream Driver;c:\windows\system32\drivers\TSISTRMX.SYS [8/28/2003 12:03 AM 5120]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [10/19/2010 8:21 PM 20952]

R3 TSIKBF5;Traveling Software Keyboard Filter Driver;c:\windows\system32\drivers\TSIKBF5.sys [8/28/2003 12:03 AM 9728]

R3 TSIMSF5;Traveling Software Mouse Filter Driver;c:\windows\system32\drivers\TSIMSF5.sys [8/28/2003 12:03 AM 5632]

S1 CorexCardScan;CardScan USB Scanner;c:\windows\system32\drivers\slcorex.sys [5/21/2003 11:32 PM 8448]

S1 TSIRCINK;Traveling Software Install Driver;c:\windows\system32\drivers\TSIRCINK.SYS [8/28/2003 12:03 AM 9216]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/20/2009 2:17 PM 135664]

S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [9/9/2010 4:45 AM 30104]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [9/9/2010 4:45 AM 30104]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [10/19/2010 8:21 PM 38224]

S3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [9/17/2005 5:14 PM 816792]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/18/2010 9:05 AM 27064]

S3 tbcspud;Santa Cruz Driver;c:\windows\system32\drivers\tbcspud.sys [9/1/2003 4:12 AM 149632]

S3 tbcwdm;Santa Cruz WDM Driver;c:\windows\system32\drivers\tbcwdm.sys [6/23/2003 12:15 PM 554304]

S3 Umwdnetstc;Umwdnetstc;c:\windows\system32\drivers\Cdudf_xp.sys [6/24/2004 3:48 PM 289408]

S3 UtilNT;UtilNT;c:\windows\system32\drivers\utilnt.sys [2/19/2009 9:17 PM 5533]

S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [6/13/2003 4:45 PM 19232]

S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 288112]

S4 BlackfishSQL;BlackfishSQL;c:\program files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe [11/12/2008 3:02 PM 65536]

S4 Cmt4ngsoq;Cmt4ngsoq; [x]

S4 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 11:25 AM 189736]

S4 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S4 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [6/8/2000 8:15 AM 50176]

S4 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [1/15/2007 5:11 PM 73728]

S4 PLQ0306270;Prolific HotFix Q0306270;c:\windows\System32\HotFixQ0306270.exe --> c:\windows\System32\HotFixQ0306270.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

bdx REG_MULTI_SZ scan

.

Contents of the 'Scheduled Tasks' folder

2010-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-10-20 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-03 09:38]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003Core.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003UA.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-10-20 c:\windows\Tasks\User_Feed_Synchronization-{17D6E5F1-8459-455D-98B7-BD0D5405108B}.job

- c:\windows\system32\msfeedssync.exe [2007-08-14 00:36]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.msn.com

uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearchAssistant = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

IE: c:\progra~1\COMMON~1\BTLINK\btlink.dll//iemenu

IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Open with WordPerfect - c:\program files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta

IE: Zend Studio - Debug current page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

IE: Zend Studio - Debug next page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\David\Start Menu\Programs\IMVU\Run IMVU.lnk

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: safer-networking.org\www

Trusted Zone: studica.com\www

Trusted Zone: turbotax.com

Trusted Zone: windowsupdate.com

TCP: {073F4527-C52C-4E88-8ABE-49F3E65624F0} = 68.87.68.166,68.87.74.166

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: HushEncryptionEngine - hxxps://mailserver1.hushmail.com/shared/HushEncryptionEngine.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: WebWorks Help 3.0 - hxxp://www.netgear.com/docs/fvs318/wwhelp3.cab

DPF: Yahoo! Chat - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} - hxxp://www.samsungdp.com/Install119.CAB

DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB

DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} - hxxp://206.67.236.76/updatefiles/liveweb_se.cab

FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\

FF - prefs.js: browser.startup.homepage - hxxp://en-US.google.mozilla.com/firefox?client=firefox-a&rls=com.google:en-US:official

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\WINNT_x86-msvc\components\pagespeed.dll

FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Iomega Activity Disk2]

"ImagePath"="\"\""

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MySQL]

"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)

c:\windows\system32\Ati2evxx.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3776)

c:\windows\system32\WININET.dll

c:\program files\Iomega\DriveIcons\IMGHOOK.DLL

c:\windows\system32\ieframe.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\COMODO\COMODO Internet Security\cmdagent.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe

c:\windows\system32\WDBtnMgr.exe

c:\program files\WDC\SetIcon.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\PL15Co2K.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\documents and settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2010-10-20 14:25:23 - machine was rebooted

ComboFix-quarantined-files.txt 2010-10-20 19:25

ComboFix2.txt 2010-10-20 18:23

ComboFix3.txt 2010-10-19 23:24

Pre-Run: 18,034,962,432 bytes free

Post-Run: 18,002,239,488 bytes free

- - End Of File - - 7808592C1D75BB755F497C349C82F5C2

Link to post
Share on other sites

Copy/paste the text in the Codebox below into notepad:

Here's how to do that:

Click Start > Run type Notepad click OK.

This will open an empty notepad file:

Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.

File::
c:\windows\system32\drivers\avgfwdx.sys

Folder::
C:\$AVG
c:\documents and settings\David\Application Data\AVG10
c:\documents and settings\All Users\Application Data\AVG10

Driver::
Avgfwdx
Avgfwfd

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

CFScriptB-4.gif

Drag CFScript.txt into ComboFix.exe

Then post the results log using Copy / Paste

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Everything continues to be good, no redirection and can run Malwarebytes ok.

Updated ComboFix Log:

ComboFix 10-10-20.01 - David 10/20/2010 18:02:35.5.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2305 [GMT -5:00]

Running from: c:\documents and settings\David\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\David\Desktop\CFScript.txt

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8546B224-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85489054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AF2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {865BB65C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86658A9C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8670BA44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000008-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {853BF8F4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {854D976C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856653C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85897534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DA054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A4E304-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A789FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A82DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AB78AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ACD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AE0DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B0E78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B14BB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1E8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B1EC54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4558C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4794C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B4C4A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B61DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B6A17C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B787B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B78AEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B7A604-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B888B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89BCC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89C44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8D4D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8FB64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B90524-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B93B54-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BA0484-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBCABC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BBEDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC0BDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BC756C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BCB9CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD0404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD16AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD6414-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD99B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BDDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE6664-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE766C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDA24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEEDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF5644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF6054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C00644-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C0F39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C17BB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C30404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C39B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5823C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C62DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C980DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFCC64-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86014DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86167DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862708FC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627316C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86290354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86317DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633C054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634251C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634662C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86348494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86364BBC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637058C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86376BCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637A674-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637C99C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86383424-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B690C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865C03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EA6A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865EE3B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865F593C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8660E354-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86636B54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664749C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8664F47C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8665C9BC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666039C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86665734-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8666ADDC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86673B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86674B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86675BC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86677C44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866795BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667A8BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667B9BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668172C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86682A1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668639C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668C424-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D744-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668F494-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866959C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86696BC4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669F3B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A3DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A43A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A69AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866A856C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AA9B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866AD6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B460C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866B9474-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866BB8FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866C1354-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CADDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CC5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866CF954-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D03A4-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866D670C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E1054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E225C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E49F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E6AF4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EA854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866EE054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866F4B34-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FAC24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FEBC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86702524-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670270C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867034A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8670E5EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86715A5C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8671F3AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86722DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8672ABB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8673353C-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737534-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86737604-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86738944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8674C59C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86751554-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86752C64-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867564A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8676FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A076C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867A19FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867B1404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867C3874-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867E448C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {867F37B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86816164-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8682141C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8683C3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8684039C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86913DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86939A14-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8693EDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8694829C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86953404-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869539BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86955DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86962CB4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86964054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869966D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86998594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869A65CC-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B02B4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B1C6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B4874-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869B844C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BA5BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869BC6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C69CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869C740C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D1B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869D4054-FFA4-00CC-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {869DFBD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A19544-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86A4A88C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86E90A94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86ED2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86EDF904-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F5E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88F80DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FB8DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {88FFBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8900F724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8901E554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8902FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890446A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8904E054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890523E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89053B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8905B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890743F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8907C504-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890A3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890CABCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890D7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E2CEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {890F23E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89115B74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89119814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8911A79C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89121B3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89122DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89123664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8913FB7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914027C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89140B94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914A57C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8914B5CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8915A3A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89161AEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8916F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89176DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89184DB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891ADDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891BB814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {891E791C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898BD37C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {898D8B44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89938054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89971264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899968B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899B0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899C1B1C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899D9DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {899FE48C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A3748C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89A835B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B4C2E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B52DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B6CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89B91584-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BAB9DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BB65FC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCA86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BCC9AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89BE9724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C01874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C226CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C309AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C3152C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C38DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C47644-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C4EA94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C6F73C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89C9FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CBF4AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CC1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCD78C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89CCF8FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D1682C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D55D74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D70054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89D81054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89E312E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {89F3131C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A43E4C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4774AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A49D86C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A4E8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A58A054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5BB5AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A5D17CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8A66852C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FILE ::

"c:\windows\system32\drivers\avgfwdx.sys"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\$AVG

c:\$avg\$VAULT\V_00000001.fil

c:\$avg\$VAULT\V_00000002.fil

c:\$avg\$VAULT\V_00000003.fil

c:\$avg\$VAULT\V_00000004.fil

c:\$avg\$VAULT\V_00000005.fil

c:\$avg\$VAULT\V_00000006.fil

c:\$avg\$VAULT\V_00000007.fil

c:\$avg\$VAULT\V_00000008.fil

c:\$avg\$VAULT\V_00000009.fil

c:\$avg\$VAULT\V_00000010.fil

c:\$avg\$VAULT\vvfolder.idx

c:\documents and settings\All Users\Application Data\AVG10

c:\documents and settings\All Users\Application Data\AVG10\Cfg\changecfgreg.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\csl.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\erd.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\idp.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\krnl.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\mail.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\mailsrv.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\mailsrvvsapi.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\malrep.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\sched.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\setup.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\spsrv.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\update.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\updatecomps.cfg

c:\documents and settings\All Users\Application Data\AVG10\Cfg\user.cfg

c:\documents and settings\All Users\Application Data\AVG10\cfgall\falsealarm.cfg

c:\documents and settings\All Users\Application Data\AVG10\cfgall\krnlall.cfg

c:\documents and settings\All Users\Application Data\AVG10\cfgall\updateall.cfg

c:\documents and settings\All Users\Application Data\AVG10\cfgall\userall.cfg

c:\documents and settings\All Users\Application Data\AVG10\Chjw\458fe9d58fe8ca4\avgcchff.dat

c:\documents and settings\All Users\Application Data\AVG10\Chjw\458fe9d58fe8ca4\avgcchfi.dat

c:\documents and settings\All Users\Application Data\AVG10\Chjw\458fe9d58fe8ca4\avgcchmf.dat

c:\documents and settings\All Users\Application Data\AVG10\Chjw\458fe9d58fe8ca4\avgcchmi.dat

c:\documents and settings\All Users\Application Data\AVG10\IDS\config\analyzerConfig.xml

c:\documents and settings\All Users\Application Data\AVG10\log\avgcfg.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgcfg.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.1

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.2

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.3

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.4

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.5

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.6

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.7

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.8

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.1

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.10

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.2

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.3

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.4

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.5

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.6

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.7

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.8

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.9

c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgcsl.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgcsl.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgemc.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgemc.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgexc.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgexc.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgldr.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgldr.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log

c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgpostinst.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgpostinst.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgscan.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgscan.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.1

c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgsrm.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgsrm.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgsrmac.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgsrmac.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgtdi.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgtdi.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgual.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgual.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgui.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgui.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgupd.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgupd.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgwdsvc.log

c:\documents and settings\All Users\Application Data\AVG10\log\avgwdsvc.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\avgxobniinstaller.log

c:\documents and settings\All Users\Application Data\AVG10\log\commonpriv.log

c:\documents and settings\All Users\Application Data\AVG10\log\commonpriv.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\fixcfg.log

c:\documents and settings\All Users\Application Data\AVG10\log\fixcfg.log.lock

c:\documents and settings\All Users\Application Data\AVG10\log\history.xml

c:\documents and settings\All Users\Application Data\AVG10\log\vault.log

c:\documents and settings\All Users\Application Data\AVG10\log\vault.log.lock

c:\documents and settings\All Users\Application Data\AVG10\lsdb\prev\prvcache.dat

c:\documents and settings\All Users\Application Data\AVG10\lsdb\prev\prvglbl.dat

c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000001.log

c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000005.log

c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000006.log

c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000007.log

c:\documents and settings\All Users\Application Data\AVG10\scanlogs\srm.idx

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\AntiRkx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Antivirx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Avgx86.msi

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\AVIsx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\basex.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\COREx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\COREx86.msi

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Emailsx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\GUIx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\idatx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\IDPx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\lng_usx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\OnlnScx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\ResShldx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\SrchSrfx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\SSHttpBx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\TDIDrvx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Toolbarx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\TuneUpx.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Update2x.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Updatex.cab

c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\xplx.cab

c:\documents and settings\David\Application Data\AVG10

c:\documents and settings\David\Application Data\AVG10\cfgall\usergui.cfg

c:\windows\system32\drivers\avgfwdx.sys

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_Avgfwdx

-------\Service_Avgfwfd

((((((((((((((((((((((((( Files Created from 2010-09-20 to 2010-10-20 )))))))))))))))))))))))))))))))

.

2010-10-20 20:59 . 2010-08-05 13:46 37336 ----a-w- c:\windows\system32\CleanMFT32.exe

2010-10-20 20:59 . 2008-04-02 20:54 1101824 ----a-w- c:\windows\system32\UniBox210.ocx

2010-10-20 20:59 . 2008-04-02 20:53 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx

2010-10-20 20:59 . 2008-04-02 20:53 880640 ----a-w- c:\windows\system32\UniBox10.ocx

2010-10-20 20:55 . 2010-10-20 22:47 -------- d-----w- c:\documents and settings\David\Application Data\Registry Mechanic

2010-10-20 20:46 . 2010-10-20 20:59 -------- d-----w- c:\program files\Common Files\PC Tools

2010-10-20 05:33 . 2010-10-20 05:33 -------- d-----w- c:\program files\COMODO

2010-10-20 04:02 . 2010-10-20 05:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo

2010-10-20 01:21 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-20 01:21 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-19 21:14 . 2010-10-20 01:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-18 14:42 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-10-18 14:42 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-10-18 14:42 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-10-18 14:42 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-10-18 14:42 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-10-18 14:42 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-10-18 14:42 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-10-18 14:42 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr

2010-10-18 14:42 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\program files\Alwil Software

2010-10-18 14:42 . 2010-10-18 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

2010-10-18 14:06 . 2010-10-18 14:06 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\VS Revo Group

2010-10-18 14:05 . 2009-12-30 17:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-10-18 14:05 . 2010-10-18 14:05 -------- d-----w- c:\program files\VS Revo Group

2010-10-17 23:46 . 2010-10-17 23:46 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files

2010-10-17 23:39 . 2010-10-17 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2010-10-16 22:32 . 2010-10-16 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic

2010-10-15 00:51 . 2010-10-15 00:51 388096 ----a-r- c:\documents and settings\David\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-10-14 22:39 . 2010-09-22 23:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll

2010-10-14 21:32 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll

2010-10-14 21:32 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2010-10-14 21:32 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2010-10-14 18:52 . 2010-10-14 18:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Zinio DLM"="c:\progra~1\Zinio\ZDLM.exe" [2004-03-29 852038]

"Google Update"="c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-25 133104]

"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

"AllerCalc"="c:\program files\AllerCalc\AllerCalc.exe" [2000-08-22 560408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WD Button Manager"="WDBtnMgr.exe" [2005-08-16 331776]

"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]

"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-04 61440]

"SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-04-28 42496]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"QuickFinder Scheduler"="c:\program files\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE" [2009-06-22 83232]

"PPMemCheck"="c:\progra~1\PESTPA~1\PPMemCheck.exe" [2003-04-19 148480]

"Microtek_Scanner_Server"="c:\program files\Microtek\ScanWizard Pro\LANServer.exe" [2005-08-03 212992]

"MBM 5"="c:\program files\Motherboard Monitor 5\MBM5.EXE" [2003-08-21 593408]

"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]

"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]

"HI-SPEED USB DEVICE Coinstaller"="PL15Co2K.exe" [2003-07-10 86016]

"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]

"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]

"CarboniteSetupLite"="c:\program files\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]

"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]

"AdobeVersionCue"="c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2004-03-25 1732608]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-10-04 611712]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]

"NapsterShell"="c:\program files\Napster\napster.exe" [2008-05-09 323216]

"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-11 2500552]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

c:\documents and settings\David\Start Menu\Programs\Startup\

HotSync Manager.lnk - c:\program files\palmOne\HOTSYNC.EXE [2004-4-13 299008]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-13 110592]

BounceBack Launcher.lnk - c:\program files\CMS Products\BounceBack Professional\BBLauncher.exe [2007-11-18 93888]

Monitor Apache Servers.lnk - c:\apache2\bin\ApacheMonitor.exe [2006-7-27 41042]

NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-9-27 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\mysql\\MySQL Server 5.0\\bin\\mysqld-nt.exe"=

"c:\\Program Files\\Microtek\\ScanWizard Pro\\LANServer.exe"=

"c:\\Program Files\\Altova\\XMLSpy2006\\XMLSpy.exe"=

"c:\\Apache2\\bin\\Apache.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\OEMPhones\\Openwave\\50\\Sdk50OEMPhone.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\SimulatorControl\\sim\\SimCtrl.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\http\\OSDK62http.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\OSDK51.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\eventd.exe"=

"c:\\Program Files\\Openwave\\V7 Simulator\\bin\\phone.exe"=

"c:\\Program Files\\Openwave\\SDK 6.2.2\\program\\wap\\OSDK62wap.exe"=

"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Program Files\\ActiveState Komodo IDE 4\\lib\\mozilla\\komodo.exe"=

"c:\\Program Files\\Zend\\ZendStudio-5.5.1\\jre\\bin\\javaw.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Packet Tracer 5.2\\bin\\PacketTracer5.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Openwave\\SDK 5.1\\program\\Settings.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"1947:TCP"= 1947:TCP:HASP SRM

"1947:UDP"= 1947:UDP:HASP SRM

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [9/13/2010 4:27 PM 25680]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/18/2010 9:42 AM 165584]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/10/2010 11:40 PM 239240]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/10/2010 11:40 PM 25240]

R1 tsircmir;LapLink Mirror Driver Miniport;c:\windows\system32\drivers\tsircmir.sys [8/28/2003 12:03 AM 2816]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/18/2010 9:42 AM 17744]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [10/19/2010 8:21 PM 304464]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [10/20/2010 3:59 PM 583640]

R2 portD;CMS PortIO Service;c:\windows\system32\drivers\portd2k.sys [11/18/2007 4:15 AM 13504]

R2 PPNT;PPNT;c:\windows\system32\drivers\ppnt.sys [12/1/2003 1:44 AM 13824]

R2 TSIREGMO;tsiregmo;c:\windows\system32\drivers\tsiregmo.sys [8/28/2003 12:03 AM 5824]

R2 TSISER;TSISER;c:\windows\system32\drivers\tsiser.sys [8/28/2003 12:03 AM 42560]

R2 TSISTRMX;Traveling Software Stream Driver;c:\windows\system32\drivers\TSISTRMX.SYS [8/28/2003 12:03 AM 5120]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [10/19/2010 8:21 PM 20952]

R3 TSIKBF5;Traveling Software Keyboard Filter Driver;c:\windows\system32\drivers\TSIKBF5.sys [8/28/2003 12:03 AM 9728]

R3 TSIMSF5;Traveling Software Mouse Filter Driver;c:\windows\system32\drivers\TSIMSF5.sys [8/28/2003 12:03 AM 5632]

S1 CorexCardScan;CardScan USB Scanner;c:\windows\system32\drivers\slcorex.sys [5/21/2003 11:32 PM 8448]

S1 TSIRCINK;Traveling Software Install Driver;c:\windows\system32\drivers\TSIRCINK.SYS [8/28/2003 12:03 AM 9216]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/20/2009 2:17 PM 135664]

S3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [9/17/2005 5:14 PM 816792]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/18/2010 9:05 AM 27064]

S3 tbcspud;Santa Cruz Driver;c:\windows\system32\drivers\tbcspud.sys [9/1/2003 4:12 AM 149632]

S3 tbcwdm;Santa Cruz WDM Driver;c:\windows\system32\drivers\tbcwdm.sys [6/23/2003 12:15 PM 554304]

S3 Umwdnetstc;Umwdnetstc;c:\windows\system32\drivers\Cdudf_xp.sys [6/24/2004 3:48 PM 289408]

S3 UtilNT;UtilNT;c:\windows\system32\drivers\utilnt.sys [2/19/2009 9:17 PM 5533]

S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [6/13/2003 4:45 PM 19232]

S4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 288112]

S4 BlackfishSQL;BlackfishSQL;c:\program files\CodeGear\RAD Studio\6.0\bin\BSQLServer.exe [11/12/2008 3:02 PM 65536]

S4 Cmt4ngsoq;Cmt4ngsoq; [x]

S4 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [12/18/2009 11:25 AM 189736]

S4 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S4 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [6/8/2000 8:15 AM 50176]

S4 NetFxUpdate_v1.1.4322;Microsoft .NET Framework v1.1.4322 Update;c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [1/15/2007 5:11 PM 73728]

S4 PLQ0306270;Prolific HotFix Q0306270;c:\windows\System32\HotFixQ0306270.exe --> c:\windows\System32\HotFixQ0306270.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

bdx REG_MULTI_SZ scan

.

Contents of the 'Scheduled Tasks' folder

2010-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-10-20 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-03 09:38]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 19:16]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003Core.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-1844823847-682003330-1003UA.job

- c:\documents and settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-25 20:44]

2010-10-20 c:\windows\Tasks\RMSchedule.job

- c:\program files\Registry Mechanic\RegMech.exe [2010-10-20 13:46]

2010-10-20 c:\windows\Tasks\RMSmartUpdate.job

- c:\program files\Registry Mechanic\Update.exe [2010-10-20 13:46]

2010-10-20 c:\windows\Tasks\User_Feed_Synchronization-{17D6E5F1-8459-455D-98B7-BD0D5405108B}.job

- c:\windows\system32\msfeedssync.exe [2007-08-14 00:36]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.msn.com

uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uDefault_Search_URL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearch Bar = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

uSearchAssistant = 687474703a2f2f7777772e676f6f676c652e636f6d2f

mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f

IE: c:\progra~1\COMMON~1\BTLINK\btlink.dll//iemenu

IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Open with WordPerfect - c:\program files\Corel\WordPerfect Office X4\Programs\WPLauncher.hta

IE: Zend Studio - Debug current page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugCurrent.html

IE: Zend Studio - Debug next page - c:\program files\Zend\ZendStudio-5.5.1\bin\ZendIEToolbar.dll/DebugNext.html

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}

Trusted Zone: microsoft.com\*.windowsupdate

Trusted Zone: safer-networking.org\www

Trusted Zone: studica.com\www

Trusted Zone: turbotax.com

Trusted Zone: windowsupdate.com

TCP: {073F4527-C52C-4E88-8ABE-49F3E65624F0} = 68.87.68.166,68.87.74.166

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: HushEncryptionEngine - hxxps://mailserver1.hushmail.com/shared/HushEncryptionEngine.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: WebWorks Help 3.0 - hxxp://www.netgear.com/docs/fvs318/wwhelp3.cab

DPF: Yahoo! Chat - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} - hxxp://www.samsungdp.com/Install119.CAB

DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB

DPF: {4CCD14FC-FE13-4CA7-B35E-2942BFE830D9} - hxxp://206.67.236.76/updatefiles/liveweb_se.cab

FF - ProfilePath - c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\

FF - prefs.js: browser.startup.homepage - hxxp://en-US.google.mozilla.com/firefox?client=firefox-a&rls=com.google:en-US:official

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\documents and settings\David\Application Data\Mozilla\Firefox\Profiles\n5bffzct.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\WINNT_x86-msvc\components\pagespeed.dll

FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff36\gears.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Iomega Activity Disk2]

"ImagePath"="\"\""

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\MySQL]

"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)

c:\windows\system32\Ati2evxx.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3368)

c:\windows\system32\WININET.dll

c:\program files\Iomega\DriveIcons\IMGHOOK.DLL

c:\windows\system32\ieframe.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\COMODO\COMODO Internet Security\cmdagent.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe

c:\windows\system32\WDBtnMgr.exe

c:\program files\WDC\SetIcon.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\PL15Co2K.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\documents and settings\David\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2010-10-20 18:26:34 - machine was rebooted

ComboFix-quarantined-files.txt 2010-10-20 23:26

ComboFix2.txt 2010-10-20 22:08

ComboFix3.txt 2010-10-20 19:25

ComboFix4.txt 2010-10-20 18:23

ComboFix5.txt 2010-10-20 22:59

Pre-Run: 18,003,341,312 bytes free

Post-Run: 17,723,080,704 bytes free

- - End Of File - - B9D414CA6191E57CA630753C4BEB0F62

Link to post
Share on other sites

Good job

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

For Vista / Windows 7

  • Click START Search
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good :)

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
    5. Change the Download signed ActiveX controls to Prompt
    6. Change the Download unsigned ActiveX controls to Disable
    7. Change the Initialize and script ActiveX controls not marked as safe to Disable
    8. Change the Installation of desktop items to Prompt
    9. Change the Launching programs and files in an IFRAME to Prompt
    10. Change the Navigate sub-frames across different domains to Prompt
    11. When all these settings have been made, click on the OK button.
    12. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    13. Next press the Apply button and then the OK to exit the Internet Properties page.

    [*]Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week

    (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

    [*]Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.

    Without a firewall your computer is succeptible to being hacked and taken over.

    I am very serious about this and see it happen almost every day with my clients.

    Simply using a Firewall in its default configuration can lower your risk greatly.

    [*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.

    This will ensure your computer has always the latest security updates available installed on your computer.

    If there are new updates to install, install them immediately, reboot your computer, and revisit the site

    until there are no more critical updates.

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

Link to post
Share on other sites

I checked my security settings and fortunately they were in good order. I will also read the article and try to do a better job of security. I've already implemented Comodo firewall, Avast Antivirus and Malwarebytes.

All seems to running fine now. Thank you very much for your assistance!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.