Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Malware playing the audio of commercials without prompting from me

  1. 2011-05-12, 08:20 #1
    a281207
    a281207 is offline
    Junior Member a281207's Avatar
    Join Date
    Apr 2008
    Location
    California
    Posts
    17

    Default Malware playing the audio of commercials without prompting from me

    I recently became infected as you will see from the removal notes below, but despite a few different antivirus options, I seem to have remaining symptoms:
    1) Internet searches get redirected to random and unhelpful pages.
    2) Every so often I hear the audio of a commercial. Once I even saw
    video appear over the desktop. There was no browser or any way of turning it off as far as I could tell. Often these commercials are accompanied by an error occurring in the script on this page (a page which my IE is not viewing). I am asked if I want to continue running the scripts.
    3) When this first happend, many of my files were marked hidden and read only. I fixed this, but the start menu still does not list many of the programs it used to. Additionally, folders it does list often do not contain the programs that ought to be in them for example Microsoft Office is empty.

    Viruses and malware I have already removed with antivirus programs are listed below along with the DDS log. Please analyze and help me!

    Avira:
    FakeSysdef
    Kazy.16199.5
    Kazy.mekml.1
    JAVA/Exdoer.X Java virus
    JAVA/Exdoer.AA Java virus
    JAVA/Exdoer.Z Java virus
    Exdoer.Y Java virus
    EXP/CVE-2010-0094.F.71 exploit
    Crypt.XPACK.Gen3

    Spyware SD:
    Fraud.WindowsRecovery: [SBI $9C8FE954] Settings (Registry value, fixed)
    HKEY_USERS\S-1-5-21-1443973442-1493145732-2161430590-1005\Software\75fa38b7-8b94-4995-ad32-52e938867954

    Fraud.WindowsRecovery: [SBI $597FC39E] Settings (Registry value, fixed)
    HKEY_USERS\S-1-5-21-1443973442-1493145732-2161430590-1005\Software\BD

    Malwarebytes:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    :\system volume information\_restore{129201fa-b0ac-49b3-96b2-deb8b91e727b}\RP1003\A0142238.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    DDS LOG:
    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Michelle at 22:08:23.55 on Wed 05/11/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.280 [GMT -7:00]
    .
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865D73CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8667ECDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649055C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86487B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B15DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865AADDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643D9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A96CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86627D74-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86476BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F9BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863EB7DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B79BBC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86534BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865796A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653395C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AA7CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8625E054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863D76F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A460C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863F695C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8661540C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865047CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865584B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AD91C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864885AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84FCABB4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865166FC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86315BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86406BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866466A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86605B14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86663DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85906944-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86414B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85820054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8625057C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8644C9EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D6054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864257C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8639D99C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8646C7C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649B754-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8645E954-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653DBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864FF9DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C06E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8523DDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863FA85C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AD3334-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640CA14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8642E8C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865198AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86635DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648BDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F65BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864295E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86420DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86409BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86557054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {863DA2FC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {865B6DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8666A7EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862B4DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648C4DC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8659E784-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648ADDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85954794-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864BD69C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859575BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436A14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86478624-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864CBB5C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AEAA8C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863B7484-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AC054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862C8534-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864873E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86494054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {858FA9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865489CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863DBDDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86510A14-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {852AD7C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85927054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866358FC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859A84AC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8641C8CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866215FC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863EADDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86658DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C57C4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650B9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640095C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86394954-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86356DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8623E554-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8654C6E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B7A7DC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650099C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AAFCE4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D8054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86535314-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864AFB64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863654E4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865543CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86459A6C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8665C054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8596E944-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B1B4C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C04F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643A82C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865127E4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B1F57C-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653B8B4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8655889C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865798CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862DEBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {863E0AD4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85983BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8667C7B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B0BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864EF3BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C84D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F5BE4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {853737C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86671434-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8662A704-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863A1790-FFA4-00EE-0D24-347CA8A3377C}
    AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86602814-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648A7A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86468544-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862CCBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863FC56C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865C2054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865AC7F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000202-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861D5DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C2BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8641E8D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864FEDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864E5BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864EFB64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84F7F624-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864859CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650766C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864535BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859E63B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865BB5C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863C134C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8521B5BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {853A992C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864CCDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653D7CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864949CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864147C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865F4744-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A07C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864538CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864DC8DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86599C5C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8651CBD4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B95C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86450DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {84D8F704-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648B9EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86347ADC-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86430374-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8666785C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640A734-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86306BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86489DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B4E2AC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B68B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864BBDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D86EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86510DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86406DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8651C4BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864537E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B97B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643AB5C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {859FFBBC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865D54D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864125DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {851A4DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8526D9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859444AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863CA6CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86569054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86598BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8631835C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863C0744-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8591354C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {851F7DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8633BDDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8500E73C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640543C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8629BA4C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D2604-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8642374C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B773A4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864777C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F1DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86310754-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863E0DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B25BC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649465C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864985E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862C35B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86409DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F338C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863E9DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865DD3F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {864C499C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650B7EC-FFA4-00EF-0D24-347CA8A3377C}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
  2. 2011-05-15, 20:54 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.



    I need to see the complete DDS log please, not the extras

    Download aswMBR.exe ( 511KB ) to your desktop.

    Double click the aswMBR.exe to run it

    Click the "Scan" button to start scan


    On completion of the scan click save log, save it to your desktop and post in your next reply
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2011-05-16, 03:44 #3
    a281207
    a281207 is offline
    Junior Member a281207's Avatar
    Join Date
    Apr 2008
    Location
    California
    Posts
    17

    Default Full DDS log and aswMBR log

    Sorry I did not handle DDS correctly the first time. I have posted the full log here along with the attach.zip. I also attached the aswMBR log.

    Thanks!
    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Michelle at 18:36:35.58 on Sun 05/15/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.377 [GMT -7:00]
    .
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865D73CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8667ECDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649055C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86487B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B15DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865AADDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643D9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A96CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86627D74-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86476BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F9BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863EB7DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B79BBC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86534BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865796A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653395C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AA7CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8625E054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863D76F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A460C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863F695C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8661540C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865047CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865584B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AD91C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864885AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84FCABB4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865166FC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86315BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86406BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866466A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86605B14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86663DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85906944-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86414B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85820054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8625057C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8644C9EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D6054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864257C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8639D99C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8646C7C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649B754-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8645E954-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653DBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864FF9DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C06E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8523DDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863FA85C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AD3334-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640CA14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8642E8C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865198AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86635DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648BDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F65BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864295E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86420DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86409BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86557054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {863DA2FC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {865B6DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8666A7EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862B4DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648C4DC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8659E784-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648ADDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85954794-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864BD69C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859575BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436A14-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86478624-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864CBB5C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AEAA8C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863B7484-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863AC054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862C8534-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864873E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86494054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {858FA9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865489CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863DBDDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86510A14-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {852AD7C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85927054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866358FC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859A84AC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8641C8CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {866215FC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863EADDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86658DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C57C4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650B9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640095C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86394954-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000000-0000-0000-0000-000000000000}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86356DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8623E554-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8654C6E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B7A7DC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650099C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85AAFCE4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D8054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86535314-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864AFB64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863654E4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865543CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86459A6C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8665C054-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8596E944-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B1B4C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C04F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643A82C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865127E4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B1F57C-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653B8B4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8655889C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865798CC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862DEBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {863E0AD4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85983BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8667C7B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B0BDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864EF3BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C84D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86436BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F5BE4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {853737C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86671434-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8662A704-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863A1790-FFA4-00EE-0D24-347CA8A3377C}
    AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86602814-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648A7A4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86468544-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862CCBD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863FC56C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865C2054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865AC7F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000202-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861D5DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864C2BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8641E8D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864FEDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864E5BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864EFB64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {84F7F624-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864859CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650766C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864535BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859E63B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865BB5C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863C134C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8521B5BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {853A992C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864CCDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8653D7CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864949CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864147C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865F4744-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864A07C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864538CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864DC8DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86599C5C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8651CBD4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B95C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86450DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {84D8F704-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8648B9EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86347ADC-FFA4-0100-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86430374-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8666785C-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640A734-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86306BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86489DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B4E2AC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B68B64-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864BBDDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D86EC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86510DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86406DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8651C4BC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864537E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B97B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8643AB5C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {859FFBBC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865D54D4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864125DC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {851A4DDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8526D9CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {859444AC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863CA6CC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86569054-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86598BD4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8631835C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863C0744-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8591354C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {851F7DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8633BDDC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8500E73C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8640543C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8629BA4C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864D2604-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8642374C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85B773A4-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864777C4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F1DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86310754-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863E0DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864B25BC-FFA4-00EE-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8649465C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864985E4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {862C35B4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86409DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {864F338C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {863E9DDC-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865DD3F4-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {864C499C-FFA4-00EF-0D24-347CA8A3377C}
    AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8650B7EC-FFA4-00EF-0D24-347CA8A3377C}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    svchost.exe
    C:\WINDOWS\system32\cryptainersrv.exe
    C:\WINDOWS\system32\SAgent4.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE
    C:\Program Files\NewSoft\Presto! PageManager 8 for EP\PMSpeed.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Microsoft\BingBar\BingBar.exe
    C:\Program Files\Microsoft\BingBar\BingApp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\PicoZip\PicoZipTray.exe
    C:\Documents and Settings\Michelle\Desktop\dds.scr
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page =
    uSearch Bar =
    uStart Page = hxxp://www.bing.com/
    uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
    uInternet Settings,ProxyServer = http=127.0.0.1:58020
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant =
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: NRA: {cc0d77af-731a-4c50-a69d-2bc36ed01a97} - c:\program files\nra\Toolbar.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [PicoZip] c:\progra~1\picozip\PicoZipTray.exe
    uRun: [WorkForce 610(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S5A.tmp" /EF "HKCU"
    uRun: [PMSpeed] c:\program files\newsoft\presto! pagemanager 8 for ep\PMSpeed.EXE
    mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\michelle\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\michelle\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {20722C4E-9050-45C8-8D1A-816C4A06AD90} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_6/PhotoCenter_ActiveX_Control.cab
    DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - hxxp://inst.c-wss.com/n031p/EN/install/gtdownlr.cab
    DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://www.seehere.com/ips-opdata/layout/fujius02/objects/jordan-canvasx.cab
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1154765605937
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {F91AB7B8-EE67-42AF-A5AA-8E232C396A04} - hxxps://reports.clearscreening.com/cabs/htmlprint.cab
    Notify: AtiExtEvent - Ati2evxx.dll
    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-5-9 11608]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-5-9 136360]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-5-9 269480]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-9 61960]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 ssoftnt4;ssoftnt4;c:\windows\system32\drivers\ssoftnt4.sys [2007-2-13 94080]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AngelUsb;Angel USB MPEG Device;c:\windows\system32\drivers\AngelUsb.sys [2006-10-20 375424]
    S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-3-15 183560]
    S3 PD023BLK;Creative PC-CAM 600 (Still Image);c:\windows\system32\drivers\Pd023blk.sys [2009-4-26 28548]
    S3 PD023VID;Creative PC-CAM 600 (Video);c:\windows\system32\drivers\Pd023vid.sys [2009-4-26 437210]
    S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-7-29 822424]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-12-13 198256]
    S4 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472]
    S4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-12-13 165488]
    .
    =============== Created Last 30 ================
    .
    2011-05-13 05:15:51 77824 ----a-w- c:\windows\system32\EBAPI.dll
    2011-05-13 05:15:51 65536 ----a-w- c:\windows\system32\EEBUtil.dll
    2011-05-13 05:15:51 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll
    2011-05-13 05:15:51 135168 ----a-w- c:\windows\system32\EEBAPI.dll
    2011-05-13 05:15:51 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll
    2011-05-12 04:31:13 388096 ----a-r- c:\docume~1\michelle\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-05-12 04:31:11 -------- d-----w- c:\program files\Trend Micro
    2011-05-12 02:12:35 -------- d-----w- c:\program files\Exterminate It!
    2011-05-09 03:40:49 102400 ----a-w- c:\windows\RegBootClean.exe
    2011-05-08 08:59:19 1917592 ----a-w- C:\HousecallLauncher.exe
    2011-05-08 08:43:51 1006778 ----a-w- C:\rkill.exe
    2011-05-06 04:02:39 -------- d-----w- c:\docume~1\michelle\applic~1\NewSoft
    2011-04-30 05:48:14 131072 ----a-w- c:\windows\system32\SAgent4.exe
    2011-04-30 04:21:33 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
    2011-04-30 04:21:33 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
    2011-04-30 04:21:33 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
    2011-04-30 04:21:33 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
    2011-04-30 04:21:33 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
    2011-04-30 04:21:32 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
    2011-04-30 04:21:32 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
    2011-04-30 04:20:09 15872 ----a-w- c:\windows\system32\escdev.dll
    2011-04-30 04:20:09 128392 ----a-w- c:\windows\system32\esdevapp.exe
    2011-04-30 04:20:08 342016 ----a-w- c:\windows\system32\eswiaud.dll
    2011-04-22 02:33:04 -------- d-----w- c:\program files\iPod
    2011-04-22 02:32:38 -------- d-----w- c:\program files\iTunes
    2011-04-22 02:23:46 -------- d-----w- c:\program files\Bonjour
    .
    ==================== Find3M ====================
    .
    2011-04-06 23:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
    2011-04-06 23:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
    2011-04-06 23:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
    2011-04-06 23:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
    2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
    2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
    2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
    2006-05-03 09:06:54 163328 --sh--w- c:\windows\system32\flvDX.dll
    2007-02-21 10:47:16 31232 --sh--w- c:\windows\system32\msfDX.dll
    2008-03-16 12:30:52 216064 --sh--w- c:\windows\system32\nbDX.dll
    .
    ============= FINISH: 18:38:14.57 ===============
  4. 2011-05-16, 10:35 #4
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Re-Run aswMBR

    Click Scan

    On completion of the scan

    Click Fix





    Save the log as before and post in your next reply
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2011-05-17, 05:44 #5
    a281207
    a281207 is offline
    Junior Member a281207's Avatar
    Join Date
    Apr 2008
    Location
    California
    Posts
    17

    Default Fix MBR log

    I ran aswMBR again and cliked on the fix button, but even after a restart, the log still shows red (I assume infected) lines. I am also still getting internet page script errors.

    I attached the log after I clicked fixMbr as well as the log just doing a scan after restarting the computer (aswMBR log2).

    Thanks!
  6. 2011-05-17, 10:02 #6
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Neither one of them worked. Just want to point out that if you bypass any of my instructions and run things on your own like FIXMBR and your system becomes inoperable that myself and this forum will not be responsible.


    The rootkit is still present

    Please download TDSSKiller.zip
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • Press Start Scan
      • Only if Malicious objects are found then ensure Cure is selected
      • Then click Continue > Reboot now
    • Copy and paste the log in your next reply
      • A copy of the log will be saved automatically to the root of the drive (typically C:\)
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  7. 2011-05-18, 02:57 #7
    a281207
    a281207 is offline
    Junior Member a281207's Avatar
    Join Date
    Apr 2008
    Location
    California
    Posts
    17

    Default tdsskiller error message (wont run)

    I extracted the tdsskiller, but when I try to run it nothing happens. I restarted in safe mode and got the following error when trying to run it: C:\TDSSKiller.exe A device attached to the system is not functioning.

    I suspect that some aspect of the virus/rootkit is preventing the progarm from running.

    Louis
  8. 2011-05-18, 03:08 #8
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Try running this first Louis

    Please download exeHelper to your desktop.

    Double-click on exeHelper.com to run the fix.
    A black window should pop up, press any key to close once the fix is completed.
    Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  9. 2011-05-18, 04:40 #9
    a281207
    a281207 is offline
    Junior Member a281207's Avatar
    Join Date
    Apr 2008
    Location
    California
    Posts
    17

    Default EXEhelper run and log posted

    Hi

    I ran Exehelper and posted the log here. I tried running TDSSkiller right afterward but it still wont run. Do I need to restart?
  10. 2011-05-18, 10:04 #10
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Lets try this

    Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

    Link 1
    Link 2







    * IMPORTANT !!! Save ComboFix.exe to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules