Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC infected ?


  • This topic is locked This topic is locked
14 replies to this topic

#1 accacca

accacca

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 27 March 2011 - 11:02 PM

Hi,

I have this problem.
My PC us e AVIRA free antivirus and after download update the PC fail to install
I suspect virus action.

I have removed and reinstalled the AVIRA antivirus. After installation do a small system scan
IT found virus crypt.xpack.gen in file NISVCLOC
Avira say "Repair system..." and work for few minutes on smss.exe and termintate scan correctly
But can't show the log automatically because is locked from another user
If I close the scan windows and I search log I can view and contain 4 hidden objects

I have run the programs for creat this log
Gmer scan my PC for few hours and at end I can save the gmer log but I have also found
two windows error msgs like "error at address 0x...memory can't be read"
And on the bottom right cornere a small triangle with ! and the message
"windows can't write /$Mft ... not found /$Directory".
DDS (Ver_11-03-05.01) - NTFSx86
Run by Compaq_Proprietario at 5.36.35,17 on 28/03/2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1023.350 [GMT 2:00]
.
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860555CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861103FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861B3264-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615AB64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610F41C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614F054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85C833E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860DF52C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613F054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000010-0000-0000-0000-0000D8023D00}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86112554-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F7A24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861738A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615D214-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8617750C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615ADDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610F054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861478D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612C054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610EB6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861529D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861702FC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860A4054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610453C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860AA054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86106DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860BBB64-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614DDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860B51D4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860ED054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616F8D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610A054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Disabled/Updated* {00000010-0000-0000-0000-0000D802A600}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612F054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86170B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861536A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860744C4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616BA2C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610C8F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86163B64-FFA4-00EE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86121D9C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614DA2C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861882F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861E9824-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86174B6C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F43FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861256CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86123A34-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613681C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610B19C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86100924-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86110DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D83FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615A334-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86139DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86151A2C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86154054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E78E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86107654-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86199BCC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860DC63C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86126754-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861793FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86113794-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860CCDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {861546A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861455BC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86137DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861584F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86059DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861076CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F1054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D1054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615744C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610B054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861D6B64-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86215DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FC84C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613CD44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86139674-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F965C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {860E9C3C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86178C44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D041C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FDDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86151054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86158054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0012-0014-00EC-FD7F00000802}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FDDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615B61C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86192B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860C6DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E8B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86112CA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612B6EC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86121A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86116DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86155914-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8608F834-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86128B5C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612DA24-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610B8EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {86131B6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E7054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86157674-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {86102B6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861778BC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861694DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861069E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615533C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86179A8C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E83BC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861003B4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613A054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861E7054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861AC684-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FF89C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86317054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861547C4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613F814-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86155CA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615DB6C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85E7B814-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8621B9CC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861663F4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {0012F2B4-5C49-7C92-0300-000000000000}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861095CC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860DFAE4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8609FBFC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8619AB3C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86165DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610278C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860A416C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614ECA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F1374-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86155DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F883C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86164DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86121DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86174DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Disabled/Updated* {00000010-0000-0000-0000-0000D8023E00}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860DE2EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615B91C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85DBDDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860A1DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86104DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861F7DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8622F9D4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616531C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86170694-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E6DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86103444-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861BA054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8611BDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8609E674-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616B1E4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86109DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613211C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861535EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614EA4C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615F41C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615C5C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615C4E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86193B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86104A24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86142AB4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8618FB3C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {86114054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86163DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8618873C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86133054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861535B4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615137C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613D834-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0000-0000-1200-140000ECFD7F}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615F40C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F5054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613E8EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86159834-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85E17B64-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F22A4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616D46C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860C9DDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8607F054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86124054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861BBB8C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86106474-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613F814-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir Desktop *Disabled/Outdated* {00000002-0002-0000-6C25-9E7C08000A00}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86122A34-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613128C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86156DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615C734-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861089E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861216B4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613BB04-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614DD04-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86150DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86115274-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {860F0D74-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614F61C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613AA7C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8609EDAC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86091DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86118DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615685C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86166594-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {860666BC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86110C44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0000-0000-1200-140000FCFD7F}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E3DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616268C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FB674-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {86157CA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616D3B4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861269B4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613D62C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {85EAD5CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8619647C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86159DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86112054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861648E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8611C594-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86142DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612E5BC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86113B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86106B6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860CFB8C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610B194-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8611F054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8617FA7C-FFA4-00CC-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000002-0002-0000-7C25-9E7C08000A00}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861212FC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861CEDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613CA2C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861AE38C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86109854-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86128674-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861088EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616A054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616541C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85FE5A34-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861AC7C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FC8EC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860F3DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86070054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85ECD054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615F2E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85EAAA74-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {865AAB6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86156554-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8618D054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8611F9A4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8619994C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86162DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86134554-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860E9B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612B174-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8608A824-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86118764-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8656C8FC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FEB64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861748E4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86210054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86116A1C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86166DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8617C8DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86127D3C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8618244C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {86110494-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861898F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861704A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615FB6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861A97AC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8608E66C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861199CC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86163914-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86135A2C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615DB0C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612BDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614BDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861597A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85FE7CA4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0012-0014-00DC-FD7F00000802}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614D054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860842E4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615EC44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FE054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613154C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860BF834-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D71F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D6854-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86157DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8617D724-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FC3C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86100944-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86155DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861089D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615C054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86115494-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612FBDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861BCB6C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610B31C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86183534-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0012-0014-00FC-FD7F00000802}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8619E644-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861926A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86115DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616431C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612A9B4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86158054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86137054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {806E5106-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8605E594-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861336EC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613145C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {8615841C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615A28C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861B6A34-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860635AC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613F2FC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8617878C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86173AE4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860D029C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {00000246-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8611672C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614B054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615C304-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir Desktop *Enabled/Updated* {00000000-0000-0000-1200-140000DCFD7F}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616FC44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8614F5D4-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8610077C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86193054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860EA054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85F0FDDC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86161DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860FF7E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86151DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {860AA9DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861369FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8621E63C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86152284-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86113054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8608B68C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615FB64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85EAEB64-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861AA394-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616D8FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8607C8B4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861788EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Disabled/Updated* {85EA1B54-FFA4-00F2-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8612E54C-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8613F6FC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {86158A34-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861664FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861544FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861513FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8618966C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {85E1B054-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8615CBEC-FFA4-00CC-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {8616E054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Updated* {861669CC-FFA4-00DE-0D24-347CA8A3377C}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Programmi\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmi\file comuni\logishrd\lvmvfm\LVPrcSrv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
c:\Programmi\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
c:\Programmi\Bonjour\mDNSResponder.exe
c:\Programmi\IVT Corporation\BlueSoleil\BsMobileCS.exe
c:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Ns\MAX\nimxs.exe
C:\Programmi\National Instruments\Shared\Security\nidmsrv.exe
C:\Programmi\National Instruments\Shared\Tagger\tagsrv.exe
C:\Programmi\File comuni\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Installer\MSI10C5.tmp
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Programmi\IVT Corporation\BlueSoleil\BtTray.exe
c:\Programmi\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Skype\Toolbars\Shared\SkypeNames2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Proprietario\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\programmi\crawler\ctbr.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programmi\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmi\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmi\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Toolbar &Crawler: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\programmi\crawler\ctbr.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [SpybotSD TeaTimer] c:\programmi\spybot - search & destroy\TeaTimer.exe
uRun: [Skype] "c:\programmi\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SpywareTerminator] "c:\programmi\spyware terminator\SpywareTerminatorShield.exe"
mRun: [LogitechCommunicationsManager] "c:\programmi\file comuni\logishrd\lcommgr\Communications_Helper.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Acrobat Assistant 7.0] "c:\programmi\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
mRun: [pdfFactory Pro Dispatcher v2] "c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe" /source=HKLM
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [BtTray] c:\programmi\ivt corporation\bluesoleil\BtTray.exe
mRun: [COMODO Internet Security] "c:\programmi\comodo\comodo internet security\cfp.exe" -h
mRun: [PCSuiteTrayApplication] c:\programmi\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [avgnt] "c:\programmi\avira\antivir desktop\avgnt.exe" /min
dRun: [Nokia.PCSync] c:\programmi\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
IE: Converti destinazione link in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Crawler Search
IE: Invia tramite Bluetooth - c:\programmi\ivt corporation\bluesoleil\transsend\ie\tsinfo.htm
IE: Invia usando Messaggio(&M)... - c:\programmi\ivt corporation\bluesoleil\transsend\ie\tssms.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmi\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\programmi\java\jre6\bin\jp2iexp.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\programmi\bonjour\ExplorerPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163273656812
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163316193640
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - hxxp://www.trendmicro.com/spyware-scan/as4web.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {C018C927-0B1C-43CC-A13C-AA2262B5D2A8} = 208.67.222.222,208.67.220.220
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\skype4com.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\programmi\crawler\ctbr.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\compaq~1\datiap~1\mozilla\firefox\profiles\touhl0x2.default\
FF - prefs.js: browser.startup.homepage -
FF - component: c:\documents and settings\compaq_proprietario\dati applicazioni\mozilla\firefox\profiles\touhl0x2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\compaq_proprietario\dati applicazioni\mozilla\firefox\profiles\touhl0x2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\documents and settings\compaq_proprietario\dati applicazioni\mozilla\firefox\profiles\touhl0x2.default\extensions\{7378b8c2-fc38-41b8-a8c9-875d1f5b0a24}\components\NativeComponent.dll
FF - component: c:\documents and settings\compaq_proprietario\dati applicazioni\mozilla\firefox\profiles\touhl0x2.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\programmi\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\programmi\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\programmi\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\NPLV80Win32.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\nplv85win32.dll
FF - plugin: c:\programmi\mozilla firefox\plugins\nplv86win32.dll
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - %profile%\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: POW: {5776FCEA-FDBF-11DA-A132-001321F5C1D9} - %profile%\extensions\{5776FCEA-FDBF-11DA-A132-001321F5C1D9}
FF - Ext: ImageShack® Toolbar: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} - %profile%\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: infoRSS: {f65bf62a-5ffc-4317-9612-38907a779583} - %profile%\extensions\{f65bf62a-5ffc-4317-9612-38907a779583}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Gmail Space: {B9C8BE50-7105-4ec6-8FB4-4935C0671648} - %profile%\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: Shop to Win4: {6cbc25b0-0a52-11df-8a39-0800200c9a66} - %profile%\extensions\{6cbc25b0-0a52-11df-8a39-0800200c9a66}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programmi\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\programmi\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\programmi\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmi\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-7-31 20744]
R1 avgio;avgio;c:\programmi\avira\antivir desktop\avgio.sys [2011-3-26 11608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-9-11 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-9-11 27576]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2007-11-9 141312]
R2 altio;altio;c:\windows\system32\altio.sys [2007-6-15 3200]
R2 AntiVirScheduler;Avira AntiVir Scheduler;c:\programmi\avira\antivir desktop\sched.exe [2011-3-26 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\programmi\avira\antivir desktop\avguard.exe [2011-3-26 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-3-26 61960]
R2 bh560eth;Blackhawk 560 Ethernet JTAG Emulator Driver;c:\windows\system32\drivers\bh560eth.sys [2009-1-15 97704]
R2 BsMobileCS;BsMobileCS;c:\programmi\ivt corporation\bluesoleil\BsMobileCS.exe [2009-2-27 143467]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\programmi\comodo\comodo internet security\cmdagent.exe [2010-9-11 1803224]
R2 DriverX;DriverX;c:\windows\system32\drivers\DRIVERX.SYS [2008-6-12 234140]
R2 Parspi;Parspi;c:\windows\system32\drivers\parspi.sys [2009-5-13 7572]
R2 PEPNT;PEPNT;c:\windows\system32\drivers\PEPNT.SYS [2007-3-23 3360]
R2 RA ARMD Wiggler 1.15;Wiggler ARM Debug Interface 1.15;c:\windows\system32\drivers\RA_ARMD_Wiggler_1_15.sys [2008-12-10 16384]
R2 RA MSP430 FET 1.1;MSP430 FET Debug Interface 1.1;c:\windows\system32\drivers\RA_MSPFETP430IF_1_1.sys [2008-2-5 8704]
R2 sdiont;sdiont;c:\windows\system32\drivers\sdiont.sys [2010-6-15 4576]
R3 ausbmon;Advanced USB Port Monitor Filter Driver;c:\windows\system32\ausbmon.sys [2007-2-25 14848]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-7 30088]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2010-12-13 70656]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
S2 EFAINIT2;EFAINIT2;c:\windows\system32\drivers\efainit2.sys [2007-1-27 12334]
S2 EFAW;EFAW;c:\windows\system32\drivers\EFAW.sys [2007-1-27 16680]
S2 glpntdrv;glpntdrv;\??\c:\windows\system32\drivers\glpntdrv.sys --> c:\windows\system32\drivers\glpntdrv.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\programmi\google\update\GoogleUpdate.exe [2009-12-4 135664]
S2 KEILUL;Keil ULINK SERVICE (keilul.sys);c:\windows\system32\drivers\keilul.sys [2007-10-5 35306]
S2 nipxi;nipxi;c:\windows\system32\drivers\nipxi.sys [2006-11-16 32768]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 bh510usb;Blackhawk USB510 JTAG Driver;c:\windows\system32\drivers\bh510usb.sys [2009-3-23 310568]
S3 bh560usb;Blackhawk USB-JTAG 560 Driver;c:\windows\system32\drivers\bh560usb.sys [2009-3-23 318248]
S3 bhpci;Blackhawk PCI-JTAG Driver;c:\windows\system32\drivers\bhpci.sys [2009-3-23 481448]
S3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.SYS [2008-1-20 3584]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2010-12-13 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-12-13 117504]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [2008-11-11 34639]
S3 hcdriver;EHCI;c:\windows\system32\drivers\hcdriver.sys [2007-2-21 50432]
S3 HmseUsb;%HmseUsb.DeviceDesc%;c:\windows\system32\drivers\HmseUsb.sys [2008-9-25 26368]
S3 libusb0;LibUsb-Win32 - Kernel Driver 07/07/2009, 0.1.12.2;c:\windows\system32\drivers\libusb0.sys [2007-2-5 28160]
S3 NDMSHLP;Device Monitor Helper Driver;c:\programmi\file comuni\hhd software\device monitor\NDMSHLP.sys [2005-5-25 7632]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 pbfilter;pbfilter;c:\programmi\peerblock\pbfilter.sys [2010-11-23 19056]
S3 s7oefs_x;SIMATIC MPI/EFS Driver;c:\windows\system32\drivers\s7oefs_x.sys [2007-3-11 30704]
S3 SerMon;Serial Monitor Filter Driver;c:\programmi\hhd software\free serial port monitor\sermon.sys [2005-5-25 18432]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2010-4-28 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2010-4-28 61696]
S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [2007-2-13 11264]
S3 tap0801co;TAP-Win32 Adapter V8 (coLinux);c:\windows\system32\drivers\tap0801co.sys [2006-8-31 25856]
S3 umpusbvista;Texas Instruments USB Serial Driver;c:\windows\system32\drivers\umpusbvista.sys [2011-3-20 47744]
S3 USBSPI;CSR USB<>SPI converter driver;c:\windows\system32\drivers\usbspi.sys [2009-6-26 14336]
S3 XDS560;Texas Instruments XDS560 Device Driver;c:\windows\system32\drivers\xds560.sys [2010-6-15 31472]
S4 DCService.exe;DCService.exe;c:\documents and settings\all users\dati applicazioni\datacardservice\DCService.exe [2010-5-8 229376]
S4 iComment Upgrade Service;iComment Upgrade Service;c:\programmi\icomment 2.1.4\UpgradeService.exe [2010-7-7 122368]
S4 s7osmcax;s7osmcax;c:\windows\system32\drivers\s7osmcax.sys [2007-3-11 174080]
S4 usbsnoop;USB Snoopy Filter Driver Service;c:\windows\system32\drivers\USBSnoop.sys [2007-2-25 23972]
S4 usbsnpys;USB Snoopy Driver Exposer Service;c:\windows\system32\drivers\USBSnpys.sys [2007-2-25 92544]
.
=============== Created Last 30 ================
.
2011-03-26 15:25:44 -------- d-----w- c:\docume~1\compaq~1\datiap~1\Avira
2011-03-26 15:11:10 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-03-26 15:11:07 -------- d-----w- c:\programmi\Avira
2011-03-26 15:11:07 -------- d-----w- c:\docume~1\alluse~1\datiap~1\Avira
2011-03-20 15:49:01 -------- d-----w- c:\programmi\AVAST Software
2011-03-20 14:40:09 -------- d-----w- c:\docume~1\compaq~1\datiap~1\Malwarebytes
2011-03-20 14:40:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 14:40:02 -------- d-----w- c:\docume~1\alluse~1\datiap~1\Malwarebytes
2011-03-20 14:39:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 14:39:59 -------- d-----w- c:\programmi\Malwarebytes' Anti-Malware
2011-03-20 13:38:53 -------- d-----w- c:\programmi\AV
2011-03-20 13:38:53 -------- d-----w- c:\docume~1\alluse~1\datiap~1\AVAST Software
2011-03-19 23:10:04 47744 ----a-r- c:\windows\system32\drivers\umpusbvista.sys
2011-03-18 18:54:27 38400 ----a-w- c:\temp\WPA_Kill.exe
2011-03-03 19:09:40 -------- d-----w- c:\docume~1\compaq~1\datiap~1\Sammsoft
2011-03-03 19:09:28 -------- d-----w- c:\programmi\iComment 2.1.4
2011-03-03 19:09:27 -------- d-----w- c:\docume~1\compaq~1\datiap~1\iComment
2011-03-03 19:09:15 -------- d-----w- c:\docume~1\alluse~1\datiap~1\iComment
2011-03-03 19:08:49 -------- d-----w- c:\docume~1\compaq~1\datiap~1\Rubar-Toolbar
2011-03-03 19:05:47 -------- d-----w- c:\programmi\The Weather Channel FW
2011-03-03 14:11:47 -------- d-----w- c:\docume~1\compaq~1\datiap~1\energymicro
2011-03-03 14:11:04 -------- d-----w- c:\programmi\Energy Micro
.
==================== Find3M ====================
.
2011-02-23 08:17:04 1024 ----a-w- c:\windows\system32\fm98uxf.dll
2011-02-23 08:17:00 1024 ----a-w- c:\windows\system32\grcauth2.dll
2011-02-23 08:17:00 1024 ----a-w- c:\windows\system32\grcauth1.dll
2011-02-09 13:54:04 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54:04 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 16:54:17 73728 ----a-w- c:\windows\ALCFDRTM.VER
2011-02-02 07:58:58 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:08 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-19 14:54:24 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04:16 1854976 ----a-w- c:\windows\system32\win32k.sys
2006-01-13 11:15:44 14848 --sha-w- c:\windows\system32\ausbmon.sys
.
============= FINISH: 5.38.58,89 ===============


When I shut down my pc windows inform me for new components to install and I skip always this task


Below the request logs

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 03 April 2011 - 08:47 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 03 April 2011 - 01:33 PM

Hi myrti
(sorry for my english I use google translator..)
First of all thanks for the reply
Do not worry about the delay I see no lack of work in this forum
My problem is unfortunately not yet solved
These days I have done several tests with different software, but without getting anything.
I promise that from now on I will not change a bit without your approval.
I do not have the original windows CD for this machine but I have the recovery CD created in 2005.
PC can be started in normal and safe mode

My problem
pc slow to boot the hard work for a long time at startup and before he did not
I can not run some antivirus programs (Main problem)

While waiting for an answer as you will see from the logs I removed avira because I did not trust most of the installation. I connected the disk to a clean PC via USB and doing a scan with AVIRA free I found viruses JAVA/C-2009-3867.EH and JAVA/C-2009-3867.EH avira claims to have them removed.
(if you want I can post the log)
However, restarting the PC with the infected disk, the system is unstable (random restart) and can not run some antivirus programs.
Today I updated spybot with no problems but it is stuck at 1/10 of the scan
I tried to run a tool from esage to search for TDSS but the service does not start.
I replaced AVIRA with an Italian antivirus VirIT The update procedure start but terminate quickly without update nothing.
when the antivirus automatically scans incoming e-mail sometimes the computer resets

Below my logs I have execute the scan whit antivirus disabled ( VirIT + comodo firewall + spywareterminator)
and disconnected from the network
The logs files are very big I attach to post I hope is correct
Thanks a lot for help
regards
Diego

Attached Files



#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 03 April 2011 - 02:54 PM

Hi,

may I ask where you are from, I might be able to find someone that speaks your native language. This might be easier for communication.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 03 April 2011 - 03:22 PM

I am italian but no problem to read in English
writing is more difficult and I use google translator....

thanks Diego

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 03 April 2011 - 03:44 PM

Hi,

ok, we'll try to do it this way. :)

Please run a scan with RkU next:
Please download Rootkit Unhooker from one of the following links and save it to your desktop. Link 1 (.exe file) Link 2 (zipped file) Link 3 (.rar file) In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.
  • Double-click on RKUnhookerLE.exe to start the program. Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 04 April 2011 - 02:17 AM

Hi myrti,

sorry for reply delay (now I will work with your time zone)
Below the Rku report (No warning while scan)

Diego



RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 3977216 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 71.84 )
0xF6ECB000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3457024 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 71.84 )
0xF4334000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 2523136 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2158592 bytes (Microsoft Corporation, Sistema e kernel NT)
0x804D7000 PnpManager 2158592 bytes
0x804D7000 RAW 2158592 bytes
0x804D7000 WMIxWDM 2158592 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Driver Win32 multiutente)
0xF6D52000 C:\WINDOWS\system32\DRIVERS\AGRSM.sys 1150976 bytes (Agere Systems, SoftModem Device Driver)
0xF72BC000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF6B1C000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0xF3FB5000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6BCD000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF415B000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xF214C000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xBF3DD000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xF109E000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF41E7000 C:\WINDOWS\System32\DRIVERS\cmdguard.sys 233472 bytes (COMODO, COMODO Internet Security Sandbox Driver)
0xF1A04000 C:\Programmi\VirITeXp\VIRITTDI.SYS 200704 bytes (TG Soft S.a.s., VirIT Scan Mail)
0xF73ED000 ACPI.sys 188416 bytes (Microsoft Corporation, Driver ACPI per NT)
0xF6B9F000 C:\WINDOWS\system32\drivers\windrvr6.sys 188416 bytes (Jungo, WinDriver Device Driver 7.00)
0xF230C000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7279000 C:\WINDOWS\System32\DRIVERS\NDIS.SYS 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF4075000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF6E8F000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF410B000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF40E5000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF3F91000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF42E8000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6E6B000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6D2F000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF40A0000 C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 143360 bytes (-, -)
0xF40C3000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xF1A85000 C:\Programmi\VirITeXp\VIRITMON.SYS 139264 bytes (TG Soft S.a.s., VirIT Security Monitor)
0x806E6000 ACPI_HAL 134400 bytes
0x806E6000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7373000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF73BD000 ftdisk.sys 126976 bytes (Microsoft Corporation, Driver FT del disco)
0xF725F000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF7393000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF3F79000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF2E81000 C:\WINDOWS\System32\Drivers\bh560eth.sys 94208 bytes (Blackhawk, Blackhawk 560 Ethernet JTAG Emulator Driver)
0xF735C000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6CDC000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xF72A6000 inspect.sys 90112 bytes (COMODO, COMODO Internet Security Firewall Driver)
0xF1D9F000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6D1B000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Driver della porta parallela)
0xF6EB7000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF41B4000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF7349000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF6B8D000 C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys 73728 bytes (Huawei Technologies Co., Ltd., ew_jubusenum Driver)
0xF73AB000 VIRAGT.SYS 73728 bytes (TG Soft S.a.s., VirIT Agent System)
0xF73DC000 pci.sys 69632 bytes (Microsoft Corporation, Enumeratore PCI Plug and Play per NT)
0xF6C2B000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF06DE000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF762C000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF75FC000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF752C000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF6C9C000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF23A9000 C:\WINDOWS\system32\Drivers\DgiVecp.sys 61440 bytes (Samsung Electronics Co., Ltd., Windows 2k,XP IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes)
0xF764C000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF763C000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Driver del filtro audio Redbook)
0xF1F74000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF769C000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF753C000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF755C000 VolSnap.sys 57344 bytes (Microsoft Corporation, Driver copia replicata del volume)
0xF771C000 C:\WINDOWS\system32\DRIVERS\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0xF757C000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF2399000 C:\WINDOWS\System32\Drivers\driverx.sys 53248 bytes (Tetradyne Software, Inc., DriverX NT Driver)
0xF761C000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, Driver della porta i8042)
0xF76BC000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF75EC000 C:\WINDOWS\system32\ausbmon.sys 49152 bytes (AGG Software (http://www.aggsoft.com), Advanced USB Monitor filter driver)
0xF76FC000 C:\WINDOWS\System32\Drivers\pcouffin.sys 49152 bytes (VSO Software, low level access layer for CD/DVD/BD devices)
0xF760C000 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 49152 bytes (Realtek Semiconductor Corporation , Realtek RTL8139/810x Family NDIS 5.1 Drv)
0xF76DC000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF6C4C000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF754C000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF76CC000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF75DC000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Driver di periferica processore)
0xF751C000 isapnp.sys 40960 bytes (Microsoft Corporation, Driver bus PNP ISA)
0xF775C000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF770C000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF76AC000 C:\WINDOWS\system32\DRIVERS\1UnHooker.sys 36864 bytes
0xF756C000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF1964000 C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 36864 bytes (Microsoft Corporation, IP FILTER DRIVER)
0xF76EC000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF6C8C000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xEF231000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF758C000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF6CAC000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF7834000 C:\WINDOWS\system32\drivers\Afc.sys 32768 bytes (Arcsoft, Inc., Arcsoft® ASPI Shell)
0xF780C000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Driver del modem)
0xF7804000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF789C000 C:\WINDOWS\system32\drivers\RA_ARMD_Wiggler_1_15.sys 32768 bytes (Rowley Associates Limited, ARMD Wiggler NT Driver)
0xF77FC000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7824000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 28672 bytes (Microsoft Corporation, Driver classe tastiera)
0xF11A7000 C:\Programmi\PeerBlock\pbfilter.sys 28672 bytes
0xF779C000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7914000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF7864000 C:\WINDOWS\System32\Drivers\VcommMgr.sys 28672 bytes (IVT Corporation., Bluetooth VcommMgr Driver)
0xF7854000 C:\WINDOWS\System32\Drivers\btnetBus.sys 24576 bytes
0xF783C000 C:\WINDOWS\System32\DRIVERS\cmdhlp.sys 24576 bytes (COMODO, COMODO Internet Security Helper Driver)
0xF7844000 C:\WINDOWS\system32\drivers\iviaspi.sys 24576 bytes (InterVideo, Inc., InterVideo ASPI Shell)
0xF782C000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Driver Mouse Class)
0xF781C000 C:\WINDOWS\system32\DRIVERS\PS2.sys 24576 bytes (Hewlett-Packard Company, PS2 SYS)
0xF78AC000 C:\WINDOWS\system32\drivers\RA_MSPFETP430IF_1_1.sys 24576 bytes (Rowley Associates Limited, MSP430-FETP430IF Driver)
0xF786C000 C:\WINDOWS\System32\Drivers\StarOpen.SYS 24576 bytes
0xF77F4000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7904000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7884000 C:\WINDOWS\system32\ckldrv.sys 20480 bytes
0xF7874000 C:\WINDOWS\System32\Drivers\IvtBtBus.sys 20480 bytes (IVT Corporation., IVT Bluetooth Bus Device Driver)
0xF788C000 C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 20480 bytes (-, -)
0xF77BC000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF77A4000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7894000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF78A4000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF77AC000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF78BC000 C:\WINDOWS\system32\DRIVERS\vsb.sys 20480 bytes (ELTIMA Software, Virtual Serial Bus)
0xF78DC000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7930000 BtHidBus.sys 16384 bytes (IVT Corporation., Bluetooth HID BUS Driver)
0xF7A04000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xF1CE3000 C:\WINDOWS\System32\drivers\XPC4DRVR.SYS 16384 bytes (Xilinx, Inc., Xilinx PC4 Driver)
0xF792C000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF42D0000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF79F0000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF79E0000 C:\WINDOWS\system32\drivers\pfc.sys 12288 bytes (Padus, Inc., Padus® ASPI Shell)
0xF6CF7000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7A3C000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7A4E000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7A38000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7A20000 intelide.sys 8192 bytes (Microsoft Corporation, Driver PCI IDE Intel)
0xF7A1C000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7A40000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7A72000 C:\WINDOWS\System32\Drivers\Parspi.SYS 8192 bytes
0xF7A44000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7A2A000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7A24000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7A1E000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7B5D000 C:\WINDOWS\system32\altio.sys 4096 bytes (Altium Limited, Direct Port IO Access)
0xF7BE3000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7B6E000 C:\WINDOWS\System32\Drivers\cvintdrv.SYS 4096 bytes
0xF7BAE000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7B4D000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7B73000 C:\WINDOWS\System32\Drivers\PEPNT.SYS 4096 bytes
0xF7B98000 C:\WINDOWS\system32\drivers\sdiont.sys 4096 bytes (Spectrum Digital Inc., Driver for Spectrum Digital Emulators)
==============================================
>Stealth
==============================================

Edited by accacca, 04 April 2011 - 02:19 AM.


#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 04 April 2011 - 09:26 AM

hi,

that log is loooking clean. What exactly are you current problems? That Avira fails to update?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 04 April 2011 - 11:16 AM

Uhm I am confused
Today I turned on the computer and this message appeared whithout any reason

http://rapidshare.com/files/455865495/startup.JPG

The message transaltion is:
"You are about to view pages over a secure connection.
The information exchange with this site may not be visible to other users of the web "

I think it is a notice of internet explorer but I use firefox only

Another problem the TDSS remover tool from eSage Lab can't start
http://rapidshare.com/files/455865494/tdssremover.JPG

I do not know what to say
The disk will operate 12 hours a day for six years
I formatted only once in six years I had already planned to replace the disk
I would like to retrieve only the data but to do that I must be sure not to transmit a virus to new disk

thanks again for the help
Diego

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 04 April 2011 - 01:57 PM

Hi,

If you transfer the files from a live-cd for exmaple, there is little chance to transfer an infection.

Make sure you don't copy any executable files.

Does this mean you want to reformat?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 04 April 2011 - 03:08 PM

Hi
I replace the disk because this works for too long
But I would not reformat
I can transfer files with a Linux live CD but I did not understand what happened and this does not make me feel comfortable I would at least identify the problem.

But it appears from the logs it seems there is nothing
Maybe it's just a problem of instability of Windows. Avira removed and quarantined the files and maybe the cleaning was not perfect.

If there are other tests I can do ?

I ask an info Looking the active process I see these
NclIVTBTSrv.exe
NclMSBTSrv.exe
NclRSSrv.exe
NclUSBSrv.exe

I don't remember seeing these names first

Edited by accacca, 04 April 2011 - 03:10 PM.


#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 05 April 2011 - 06:01 AM

Hi,

I would run a scan with Eset just to be safe:
ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

The files you listed are part of Nokia Connectivity. It should be related to your mobile phone?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 accacca

accacca
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 05 April 2011 - 06:33 PM

Hi myrti
I have a headache
Summary of the last 24 hours

Last night I wanted to begin copying the files using a ubuntu live cd
But before I did a scan with avast for linux
Result 4 infected files: Java.jade.c and one pagefile.sys I/O error
I deleted (...) all suspicious files.

Today I had a scan as requested and again other files infected
Here's the report:


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=5525a60d5c2a0a428c261381af99a39b
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-04-05 08:50:42
# local_time=2011-04-05 10:50:42 (+0100, ora legale Europa occidentale)
# country="Italy"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 3570557 3570557 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=3073 16777213 80 75 2973514 19020053 0 0
# compatibility_mode=8192 67108863 100 0 338 338 0 0
# scanned=364276
# found=3
# cleaned=0
# scan_time=17427
C:\diego\emule\bittorrent\MagicISO.Maker+PowerISO+UltraISO+WinISO[All-In-One]-Dr.Upload\MagicISO Maker v5.5 Build 276\Patch.exe probably a variant of Win32/HackTool.Patcher.A application (unable to clean) 00000000000000000000000000000000 I
C:\diego\prj\ub\503\thermo\sw\tftp\tftpd32.exe a variant of Win32/TFTPD32.A application (unable to clean) 00000000000000000000000000000000 I
C:\temp\WPA_Kill.exe a variant of Win32/HackTool.Patcher.O application (unable to clean) 00000000000000000000000000000000 I

The first and the third I have not used on this PC
What worries me most is the second that I used regularly in this period
But is a open source program.


Last after Eset scan and reboot: appear one new window
Title:Skype Message:"Cannot focus a disabled or invisible window" (...sich!)

But the annual convention of the virus they do on my PC this year?

Yesi I have a nokia pohne but I don't remember these processes...

look your last reply because I think there is not much else to do

thanks again
Diego

Edited by accacca, 05 April 2011 - 06:44 PM.


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 05 April 2011 - 07:01 PM

Hi,

the second is a utility that is sometimes usedby malware. Eset tells you "the program is there" and you have to decide whether you installed it there or if it was placed there without your knowledge.

There's nothing wrong with the application, as long as you are the one using it, not malware.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:34 PM

Posted 01 May 2011 - 08:08 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users