avira premium security suite

Z MWAV potrebujeme log z poľa "Informace o nalezených hrozbách"

ComboFix 07-08-09.3 - "peter" 2007-08-12 15:46:32.1 - NTFSx86
Syst‚m Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.136 [GMT 2:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\peter\Desktop\internet.lnk
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com


((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))


2007-08-12 15:43 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-12 14:43 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-08-12 13:35 <DIR> d-------- C:\Program Files\Servant Salamander 2.0
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-08-12 12:59 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-08-12 12:57 146,432 --a------ C:\WINDOWS\R.COM
2007-08-12 12:57 135,680 --a------ C:\WINDOWS\system32\T.COM
2007-08-12 12:51 <DIR> d-------- C:\Program Files\CCleaner
2007-08-11 22:50 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-11 22:10 <DIR> d-------- C:\Program Files\Trend Micro
2007-08-11 20:07 <DIR> d-------- C:\DOCUME~1\peter\APPLIC~1\Avira Premium Security Suite
2007-08-11 20:04 57,344 --a------ C:\WINDOWS\system32\drivers\avfwot.sys
2007-08-11 20:04 53,504 --a------ C:\WINDOWS\system32\drivers\avfwim.sys
2007-08-11 20:04 <DIR> d-------- C:\Program Files\Avira Premium Security Suite
2007-08-11 20:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira Premium Security Suite
2007-08-11 16:04 127 --a------ C:\WINDOWS\system32\papanoah.exe.bat
2007-08-10 17:17 <DIR> d-------- C:\DOCUME~1\peter\APPLIC~1\Media Player Classic
2007-08-10 17:10 <DIR> d-------- C:\DOCUME~1\peter\Incomplete
2007-08-10 17:10 <DIR> d-------- C:\DOCUME~1\peter\APPLIC~1\LimeWire
2007-08-10 17:01 <DIR> d--hs---- C:\RECYCLER
2007-08-09 19:36 <DIR> d-------- C:\Program Files\nLite
2007-08-09 19:24 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-08-09 19:19 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-08-09 19:18 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-08-09 19:17 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-08-09 19:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-08-09 19:05 36,352 --------- C:\WINDOWS\system32\tsgqec.dll
2007-08-09 19:05 288,768 --------- C:\WINDOWS\system32\rhttpaa.dll
2007-08-09 19:05 116,736 --------- C:\WINDOWS\system32\aaclient.dll
2007-08-09 18:48 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-08-09 18:17 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-08-09 18:17 <DIR> d-------- C:\WINDOWS\$hf_mig$
2007-08-09 18:14 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-08-09 18:14 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-08-09 18:14 <DIR> d-------- C:\DOCUME~1\peter\UserData
2007-08-09 17:38 72,462 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\firstlsp.reg.dat
2007-08-09 16:44 1,156 --a------ C:\WINDOWS\mozver.dat
2007-08-09 16:40 0 --a------ C:\WINDOWS\nsreg.dat
2007-08-09 16:06 <DIR> d-------- C:\Downloads
2007-08-09 16:05 <DIR> d-------- C:\Program Files\BitComet
2007-08-09 15:59 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-08-09 15:57 <DIR> d-------- C:\Program Files\MSBuild
2007-08-09 15:57 <DIR> d-------- C:\Program Files\Microsoft Works
2007-08-09 15:53 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-08-09 15:52 <DIR> d-------- C:\MSOCache
2007-08-09 15:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2007-08-09 15:44 2,536,845 -r-h----- C:\WINDOWS\DosEditorHost.exe
2007-08-09 15:44 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-08-09 15:44 <DIR> d-------- C:\Program Files\LimeWire
2007-08-09 15:38 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-08-09 15:37 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-08-09 15:35 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-08-09 15:35 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-08-09 15:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-08-09 15:33 <DIR> d-------- C:\Program Files\Disk Cleaner
2007-08-09 15:32 <DIR> d-------- C:\DOCUME~1\peter\APPLIC~1\ICQ
2007-08-09 15:31 <DIR> d-------- C:\Program Files\ICQ6
2007-08-09 15:29 <DIR> d-------- C:\DOCUME~1\peter\APPLIC~1\Ahead
2007-08-09 15:28 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
2007-08-09 15:26 <DIR> d-------- C:\Program Files\Nero
2007-08-09 15:26 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-08-09 15:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-08-09 15:25 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-08-09 15:25 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-08-09 15:24 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-08-09 15:24 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-08-09 15:24 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-08-09 15:24 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2007-08-09 15:24 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2007-08-09 15:24 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-08-09 15:22 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-08-09 15:22 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-08-09 15:22 85,020 --a--c--- C:\WINDOWS\system32\dllcache\dgsetup.dll
2007-08-09 15:22 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-08-09 15:22 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-08-09 15:22 8,704 --a--c--- C:\WINDOWS\system32\dllcache\batt.dll
2007-08-09 15:22 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-08-09 15:22 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-08-09 15:22 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdhept.dll
2007-08-09 15:22 774,144 --a--c--- C:\WINDOWS\system32\dllcache\spttseng.dll
2007-08-09 15:22 77,824 --a--c--- C:\WINDOWS\system32\dllcache\spcommon.dll
2007-08-09 15:22 741,376 --a--c--- C:\WINDOWS\system32\dllcache\sapi.dll
2007-08-09 15:22 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-08-09 15:22 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-08-09 15:22 7,168 --a--c--- C:\WINDOWS\system32\dllcache\kbdcz.dll
2007-08-09 15:22 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-08-09 15:22 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-08-09 15:22 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-08-09 15:22 61,440 --a--c--- C:\WINDOWS\system32\dllcache\spcplui.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-08-09 15:22 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-09 20:33 359808 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2007-08-09 20:33 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-08-09 16:06 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2007-05-16 09:42 972336 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2007-05-15 09:45 972336 --a------ C:\WINDOWS\UNNeroVision.exe
2001-08-23 12:00:00 295,247 --sh--w C:\WINDOWS\system32\papanoah.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 09:34 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 C:\WINDOWS\Alcmtr.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-06-01 07:57]
"avgnt"="C:\Program Files\Avira Premium Security Suite\avgnt.exe" [2007-04-02 10:35]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"Windows Update"="C:\WINDOWS\system32\papanoah.exe" [2001-08-23 14:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=1 (0x1)
"NoThumbnailCache"=1 (0x1)

R0 risdptsk;risdptsk;C:\WINDOWS\system32\DRIVERS\risdptsk.sys
R1 avfwot;avfwot;\??\C:\WINDOWS\system32\drivers\avfwot.sys
R1 avgio;avgio;\??\C:\Program Files\Avira Premium Security Suite\avgio.sys
R1 avipbb;avipbb;C:\WINDOWS\system32\DRIVERS\avipbb.sys
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;C:\Program Files\Avira Premium Security Suite\avfwsvc.exe
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;"C:\Program Files\Avira Premium Security Suite\avmailc.exe"
R2 AntiVirScheduler;Avira Premium Security Suite Scheduler;"C:\Program Files\Avira Premium Security Suite\sched.exe"
R2 AVEService;Avira Premium Security Suite MailGuard helper service;"C:\Program Files\Avira Premium Security Suite\avesvc.exe"
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys
R3 avgntflt;avgntflt;\??\C:\Program Files\Avira Premium Security Suite\avgntflt.sys
R3 MTsensor;ATK0100 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 rimsptsk;rimsptsk;C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver;C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
R3 smserial;smserial;C:\WINDOWS\system32\DRIVERS\smserial.sys
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
S3 ssmdrv;ssmdrv;C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
UxTuneUp


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A00200FD-FFE0-F387-DE1C-D0060A450903}]
C:\WINDOWS\system32\papanoah.exe

Contents of the 'Scheduled Tasks' folder
2007-08-10 15:18:43 C:\WINDOWS\Tasks\1-Click Maintenance.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 15:47:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\D\n\21]
"DisplayName"="\xb973\x7792"
"DeviceDesc"="\xb973\x7792"
"ProviderName"="\x27fc\21\xee18\x7c90\x286c\21\b"
"MFG"="\xc1bf\b\xe12b\x1803\x49c"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=str(7):"e:\smbus\smbus\smbusati.inf"

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AntiVirScheduler]
"ImagePath"="\"C:\Program Files\Avira Premium Security Suite\sched.exe\""

Completion time: 2007-08-12 15:48:55
C:\ComboFix-quarantined-files.txt ... 2007-08-12 15:48

--- E O F ---

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\mwkyifab

*******************

Script file located at: \??\C:\Documents and Settings\owxavpss.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\papanoah.exe.bat deleted successfully.
File C:\WINDOWS\system32\papanoah.exe deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:05:18, on 12.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira Premium Security Suite\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Avira Premium Security Suite\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Avira Premium Security Suite\avmailc.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [DSS] C:\WINDOWS\doseditorhost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows Update] C:\WINDOWS\system32\papanoah.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6676065984
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira Premium Security Suite\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira Premium Security Suite\avesvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 5745 bytes