Jump to content

multiple issues, it was suggested I post logs here.

Ridcully
 Share

Recommended Posts

Ridcully

Ridcully

Posted
Posted

Here is my post from the earlier forum, reposted -- the original issues continue, along with the first redirection of a website (as opposed to blocking).

I am rerunning avira, as the log says it was cancelled -- I don't think I cancelled it, but I did click on the 'virus information' button when it saw something, and that attempt to get to the website was blocked. That might have caused the 'cancelled' message.

Thanks for any help you can provide ...

Howdy -- thanks for the help, results inline, below, please bear with all of the long pasted inclusions. I'm not comfortable uploading files for others, given the state of my computer, and I'm not literate enough about this stuff to think I wouldn't leave out something important.

Greetings and Welcome :P .

If you're having trouble getting Malwarebytes' and other tools to update or run please review the following tutorials and see if they are helpful:

  • Total-Security (FakeAlert)
    -> this doesn't look like what I have
  • av360 (Fakealert)
    -> this doesn't look like what I have
  • CLB Rootkit driver=TDSS/Seneka/GAOPDX/UAC/ovfst
    -> I ran this, and got the following results
    ROOTREPEAL © AD, 2007-2008
    ==================================================
    Scan Time: 2009/05/16 22:23
    Program Version: Version 1.2.3.0
    Windows Version: Windows XP SP3
    ==================================================
    Hidden/Locked Files
    -------------------
    Path: C:\hiberfil.sys
    Status: Locked to the Windows API!
    Path: C:\WINDOWS\tiyshc.vot
    Status: Allocation size mismatch (API: 20480, Raw: 24576)
    Path: C:\Documents and Settings\Keith\Local Settings\Temp\etilqs_1DCSyPioaWwrZYavBfwc
    Status: Allocation size mismatch (API: 65536, Raw: 0)
    Path: C:\Documents and Settings\Keith\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϴϱЄϱЃϵϳЅ
    Status: Locked to the Windows API!
    Path: C:\Documents and Settings\Keith\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρЂϻϵЉЃϵϳЅ
    Status: Locked to the Windows API!
    Ok, per google searching ...
    hiberfil.sys is for hibernation
    tiyshc.vot -- the only .vot extension I could find was for recorded video, which doesn't really make sense for me. When I googled for .vot, one of the links somehow got hijacked to zerocleaner.com, a "virus-cleaner" site which symantec notes as putting viruses ONTO computers rather than removing them.
    etilqs_blahblah -- related to firefox, which I run
    SecuROM -- evil copy protection for a couple of games I have. The funky filenames are so you can't delete the DRMware.

If you aren't able to use those instructions or there are other issues then please follow the instructions here:

I'm infected - What do I do now?

-> I was able to d/l and run the MBAM program last night. The update was blocked. Tonight, it got partway through the run and stopped (4% complete with files, had completed the first couple of categories, finding nothing.)

-> avira d/l and installation successful, update failed -- logfile of attempted update:

Avira AntiVir Personal - Free Antivirus Updater

Creation time: Sat May 16 22:38:29 2009

Operating system:

Windows XP (Service Pack 3) [5.1.2600]

Product information:

Product version: 9.0.0.394

Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46

Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 9.0.0.6

Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\

Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\

Installation Directory: C:\Program Files\Avira\AntiVir Desktop\

Updater folder: C:\Program Files\Avira\AntiVir Desktop\

AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\

[uPD] [iNFO] Checking whether newer files are available.

[uPD] [iNFO] Select update server 'http://62.146.66.178/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.183/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.239/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.179/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.181/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.236/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.184/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.182/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.235/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.230/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.181/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.181/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.183/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.183/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.236/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.236/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.236/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.235/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.235/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.235/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.230/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.230/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.230/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.184/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.179/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.179/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.179/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://80.190.143.239/update'.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://80.190.143.239/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://80.190.143.239/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.178/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.178/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.178/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.182/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.182/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://62.146.66.184/update'.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager:HTTP status code 403 was obtained when downloading file 'http://62.146.66.184/update/idx/master.idx'

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Select update server 'http://perspeak.avira-update.com/update'.

[uPD] [iNFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager: The function WinINet::InternetOpenUrl() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager: The function WinINet::InternetOpenUrl() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPD] [iNFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.

[uPDLIB] [ERROR] Download manager: The function WinINet::InternetOpenUrl() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved

[uPDLIB] [ERROR] Download manager: An error occurred inside the WinINet library.

[uPDLIB] [ERROR] No other server available.

[uPD] [ERROR] Generation of update structure failed. UpdateLib delivers error 8.

Summary:

********

0 Files downloaded

0 Files installed

22:38:45 The update failed!

Avira AntiVir Personal

Report file date: Saturday, May 16, 2009 22:40

Scanning for 1284893 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : VAIO

Version information:

BUILD.DAT : 9.0.0.394 17962 Bytes 4/17/2009 11:20:00

AVSCAN.EXE : 9.0.3.5 466689 Bytes 4/17/2009 16:57:30

AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 18:58:24

LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 19:35:49

LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 18:58:52

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 20:30:36

ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 04:33:26

ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 3/3/2009 15:41:14

ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 3/5/2009 22:58:20

Engineversion : 8.2.0.100

AEVDF.DLL : 8.1.1.0 106868 Bytes 1/28/2009 01:36:42

AESCRIPT.DLL : 8.1.1.56 352634 Bytes 2/27/2009 04:01:56

AESCN.DLL : 8.1.1.7 127347 Bytes 2/12/2009 19:44:25

AERDL.DLL : 8.1.1.3 438645 Bytes 10/30/2008 02:24:41

AEPACK.DLL : 8.1.3.10 397686 Bytes 3/4/2009 21:06:10

AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/27/2009 04:01:56

AEHEUR.DLL : 8.1.0.100 1618295 Bytes 2/25/2009 23:49:16

AEHELP.DLL : 8.1.2.2 119158 Bytes 2/27/2009 04:01:56

AEGEN.DLL : 8.1.1.24 336244 Bytes 3/4/2009 21:06:10

AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 22:32:40

AECORE.DLL : 8.1.6.6 176501 Bytes 2/17/2009 22:22:44

AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 22:32:40

AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 16:47:59

AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 18:32:15

AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 22:34:28

AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 18:32:09

AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 23:05:41

AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 18:37:08

SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 23:03:49

SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 16:21:33

NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 18:32:10

RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 2/9/2009 19:45:45

RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 18:19:48

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: Saturday, May 16, 2009 22:40

Starting search for hidden objects.

'115250' objects were checked, '0' hidden objects were found.

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'notepad.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'firefox.exe' - '1' Module(s) have been scanned

Scan process 'WINWORD.EXE' - '1' Module(s) have been scanned

Scan process 'taskmgr.exe' - '1' Module(s) have been scanned

Scan process 'AAWTray.exe' - '1' Module(s) have been scanned

Scan process 'unsecapp.exe' - '1' Module(s) have been scanned

Scan process 'AAWService.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'regsvr32.exe' - '1' Module(s) have been scanned

Scan process 'regsvr32.exe' - '1' Module(s) have been scanned

Scan process 'ctfmon.exe' - '1' Module(s) have been scanned

Scan process 'ApntEx.exe' - '1' Module(s) have been scanned

Scan process 'Apoint.exe' - '1' Module(s) have been scanned

Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned

Scan process 'alg.exe' - '1' Module(s) have been scanned

Scan process 'VzFw.exe' - '1' Module(s) have been scanned

Scan process 'VzCdbSvc.exe' - '1' Module(s) have been scanned

Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned

Scan process 'SpySweeper.exe' - '1' Module(s) have been scanned

Scan process 'VCSW.exe' - '1' Module(s) have been scanned

Scan process 'VESMgr.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned

Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned

Scan process 'sqlservr.exe' - '1' Module(s) have been scanned

Scan process 'MDM.EXE' - '1' Module(s) have been scanned

Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned

Scan process 'jqs.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'cvpnd.exe' - '1' Module(s) have been scanned

Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned

Scan process 'a2service.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned

Scan process 'EvtEng.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'WRConsumerService.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

54 processes with 54 modules were scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '79' files ).

Starting the file scan:

Begin scan in 'C:\'

C:\hiberfil.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

C:\pagefile.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

C:\Documents and Settings\Keith\Local Settings\Temp\is-QI5CJ.tmp\askBarSetup.exe

[DETECTION] Contains recognition pattern of the APPL/AdInstaller.E application

Beginning disinfection:

C:\Documents and Settings\Keith\Local Settings\Temp\is-QI5CJ.tmp\askBarSetup.exe

[DETECTION] Contains recognition pattern of the APPL/AdInstaller.E application

[NOTE] The file was moved to '4a7aa965.qua'!

End of the scan: Saturday, May 16, 2009 23:04

Used time: 24:14 Minute(s)

The scan has been canceled!

5649 Scanned directories

70304 Files were scanned

1 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

1 Files were moved to quarantine

0 Files were renamed

2 Files cannot be scanned

70301 Files not concerned

1241 Archives were scanned

2 Warnings

3 Notes

115250 Objects were scanned with rootkit scan

0 Hidden objects were found

-> one thing, though -- even though it says that it finished, it only scanned 41.8%, 70304 files, and I know that there are a -lot- more files than that on my C drive....

And post your logs in a new topic here:

Malware Removal - HijackThis Logs

-> Hijack this log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:09:47 PM, on 5/16/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\a-squared Free\a2service.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Apoint\Apntex.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\regsvr32.exe

C:\WINDOWS\system32\regsvr32.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.anderson.ucla.edu/proxy/proxy.pac

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"

O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"

O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"

O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"

O4 - HKLM\..\Run: [sonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"

O4 - HKLM\..\Run: [switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"

O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [ssAAD.exe] "C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe"

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Ad-Watch] "C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe"

O4 - HKLM\..\Run: [setDefPrt] "C:\Program Files\Brother\Brmfl06c\BrStDvPt.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1152933854\ee\AOLHostManager.exe"

O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat\AdobeUpdateManager.exe" AcStd7_0_9 -reboot 1

O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [iETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [iETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')

O4 - Startup: World Community Grid - BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: UCLA Cisco VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/i...GenXInstall.cab

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.