bankerfox.A and Win32/nugel.E

i was surfing the web and got them it keeps saying ANTIVIRUS SYSTEM PRO AND THEM IT SAYS IM BEING ATTACKED.

HOW DO I REMOVE IT?
THX,
DONNA

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:02:01 PM, on 6/18/2009
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\sysguard.exe
C:\WINDOWS\system32\wscntfy.exe
C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Flock\flock.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netins.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: C:\WINDOWS\system32\gsf83iujid.dll - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\WINDOWS\system32\gsf83iujid.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld09.exe
O4 - HKLM\..\Run: [sysmstray] c:\windows\mstre19.exe
O4 - HKLM\..\Run: [sysfbtray] c:\windows\freddy46.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe
O4 - HKCU\..\Run: [] C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
O4 - HKCU\..\Run: [hsf7husjnfg98gi498aejhiugjkdg4] C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
O4 - HKCU\..\Run: [Windows System Recover!] C:\DOCUME~1\donna\LOCALS~1\Temp\svchost.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8766BC8E-BA67-4E35-BE14-4B1473EF0941}: NameServer = 167.142.225.3 167.142.225.5
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O22 - SharedTaskScheduler: hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\WINDOWS\system32\gsf83iujid.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 6043 bytes

• Open HijackThis.
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  O2 - BHO: C:\WINDOWS\system32\gsf83iujid.dll - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\WINDOWS\system32\gsf83iujid.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocxO4 - HKLM\..\Run: [sysldtray] C:\windows\ld09.exe
  O4 - HKLM\..\Run: [sysmstray] c:\windows\mstre19.exe
  O4 - HKLM\..\Run: [sysfbtray] c:\windows\freddy46.exe
  O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe
  O4 - HKCU\..\Run: [] C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
  O4 - HKCU\..\Run: [hsf7husjnfg98gi498aejhiugjkdg4] C:\DOCUME~1\donna\LOCALS~1\Temp\yg4i4k0irf.exe
  O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
  O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
  O17 - HKLM\System\CCS\Services\Tcpip\..\{8766BC8E-BA67-4E35-BE14-4B1473EF0941}: NameServer = 167.142.225.3 167.142.225.5
  O22 - SharedTaskScheduler: hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\WINDOWS\system32\gsf83iujid.dll
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV. (Avira/Avast)
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-06-18.02 - donna 06/18/2009 19:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.247.113 [GMT -5:00]
Running from: c:\documents and settings\donna\Desktop\Combo-Fix.exe
AV: avast! antivirus 4.8.1335 [VPS 090618-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\driver
C:\blnqxlg.exe
c:\docume~1\donna\LOCALS~1\Temp\lsass.exe
c:\docume~1\donna\LOCALS~1\Temp\svchost.exe
c:\docume~1\donna\LOCALS~1\Temp\taskmgr.exe
C:\mupwjiav.exe
c:\program files\driver\driver.dll
c:\program files\driver\driver.sys
c:\windows\sysguard.exe
c:\windows\system32\_000110_.tmp.dll
c:\windows\system32\advapi32new.dll
c:\windows\system32\apphelpnew.dll
c:\windows\system32\crypt32new.dll
c:\windows\system32\d3d10core.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\gsf83iujid.dll
c:\windows\system32\kernel32new.dll
c:\windows\system32\msvcrtnew.dll
c:\windows\system32\ntdsapinew.dll
c:\windows\system32\powrprofnew.dll
c:\windows\system32\secur32new.dll
c:\windows\system32\user32new.dll
c:\windows\system32\winstanew.dll
c:\windows\zaponce52597.dat
c:\windows\zaponce52621.dat
c:\windows\zaponce52689.dat
C:\wyhgm.exe

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\system volume information\_restore{7D272F89-2132-4044-9E90-2C12CE5A654E}\RP129\A0085212.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DRIVER
-------\Legacy_DRIVERDRV
-------\Service_driver
-------\Service_driverdrv
-------\Service_glaide32


((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 )))))))))))))))))))))))))))))))
.

2009-06-19 00:20 . 2004-03-12 02:19 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2009-06-19 00:20 . 2004-03-12 02:19 50176 ----a-w- c:\windows\system32\proquota.exe
2009-06-18 22:01 . 2009-06-18 22:01 -------- d-----w- c:\program files\Trend Micro
2009-06-18 20:54 . 2007-02-27 20:18 40000 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-18 20:54 . 2006-11-22 19:30 14848 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-18 20:54 . 2007-03-20 14:55 43584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-18 20:54 . 2009-06-18 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2009-06-17 22:00 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-06-17 21:59 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-06-17 21:59 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-06-17 21:59 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-06-17 21:59 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-06-17 21:59 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-06-17 21:59 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-06-17 21:59 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-06-17 21:59 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-06-17 21:59 . 2003-03-18 19:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-06-17 21:59 . 2009-06-17 21:59 -------- d-----w- c:\program files\Alwil Software
2009-06-17 19:13 . 2009-06-18 19:18 -------- d-----w- c:\program files\Anti-Virus Professional
2009-06-17 18:27 . 2009-06-17 18:27 1 ---h--w- c:\windows\jmmark2.dat
2009-06-17 18:26 . 2009-06-17 18:26 1 ---h--w- c:\windows\bf23567.dat
2009-06-17 18:24 . 2009-06-17 18:29 159744 ----a-w- C:\vopyp.exe
2009-06-17 18:22 . 2009-06-17 18:22 360448 ----a-w- C:\XuA.exe
2009-06-17 14:23 . 2009-06-17 15:39 -------- d-----w- c:\program files\Incomplete
2009-06-15 00:52 . 2009-06-15 00:53 152064 ----a-w- c:\windows\snap.dat
2009-06-14 23:29 . 2003-08-05 16:41 53248 ----a-w- c:\windows\ap561.exe
2009-06-14 23:29 . 2002-11-22 20:56 118784 ----a-w- c:\windows\ShowBmp.exe
2009-06-14 23:29 . 2002-10-01 19:43 119798 ----a-w- c:\windows\system32\drivers\spca561.sys
2009-06-14 23:28 . 2009-06-14 23:29 -------- d-----w- c:\windows\Setup2K

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-18 20:44 . 2009-03-27 04:47 -------- d-----w- c:\program files\Flock
2009-06-17 15:39 . 2009-01-07 12:32 -------- d-----w- c:\documents and settings\donna\Application Data\FrostWire
2009-06-17 15:33 . 2009-01-05 06:26 -------- d-----w- c:\program files\FrostWire
2009-06-16 17:32 . 2009-03-15 00:16 -------- d-----w- c:\program files\Common Files\EPSON
2009-06-14 23:52 . 2009-03-15 00:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 23:10 . 2009-01-15 02:42 12720 ----a-w- c:\documents and settings\donna\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-14 22:59 . 2009-05-12 22:23 -------- d-----w- c:\program files\AVS4YOU
2009-06-14 22:59 . 2009-05-12 22:23 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-05-19 05:24 . 2009-05-12 22:30 -------- d-----w- c:\documents and settings\donna\Application Data\dvdcss
2009-05-12 22:32 . 2009-05-12 22:30 -------- d-----w- c:\documents and settings\donna\Application Data\vlc
2009-05-12 22:27 . 2009-05-12 22:27 -------- d-----w- c:\program files\VideoLAN
2009-05-12 22:24 . 2009-05-12 22:24 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-05-12 04:57 . 2009-01-07 10:20 -------- d-----w- c:\documents and settings\donna\Application Data\Apple Computer
2009-05-10 02:35 . 2009-05-10 02:34 -------- d-----w- c:\program files\iTunes
2009-05-10 02:34 . 2009-05-10 02:34 -------- d-----w- c:\program files\iPod
2009-05-10 02:34 . 2009-01-05 04:33 -------- d-----w- c:\program files\Common Files\Apple
2009-05-08 00:37 . 2009-05-08 00:36 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-08 00:36 . 2009-05-08 00:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-05-08 00:36 . 2009-05-08 00:36 -------- d-----w- c:\program files\Bonjour
2009-05-08 00:35 . 2009-01-05 04:33 -------- d-----w- c:\program files\QuickTime
2009-05-08 00:21 . 2009-05-08 00:21 -------- d-----w- c:\documents and settings\All Users\Application Data\336B
2009-04-09 03:10 . 2009-04-06 21:01 3218 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-04-02 21:29 . 2009-04-02 21:29 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-26 02:15 . 2009-03-26 02:15 8464 ----a-w- c:\windows\system32\sporder.dll
2008-03-09 13:25 . 2009-01-05 04:27 236 ---ha-w- c:\program files\Common Files\dx.reg
2009-03-19 11:03 . 2009-03-19 11:03 132 --sha-r- c:\windows\Regbak.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-03-12 14336]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-03-12 1679360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-05 136600]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 327720]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LegacyDrive"= d0725d9e84c45eedde233ab4b2677144a2f5e8beda9d3c1bfec3556f61bd3e6e787d342f8e70fd30b9a57a9a0c3280c70ed4e4026bd5d58eea336fe99ffe8c516202de887fa63bd5af14374bed489af84db050465217fce2e6663219f172c0983c76488231c02fc0e2aab6984ecc6782df70b3373646d90a2b59097b1042ca0a369c9949b3b8d3356291d5c62a0261c5843643de376035f6669fad01becd77e58948bc3b5a95ce59425a4cb7e96a504f6a44ea4a64dcced84d9f49600ab17ad9bd79be77df5f6c8b8ed4c3a4289320fb1827740ef0aef68ab8dc156e8643b16e4fd18a95fd9acbf92fc2d7dee6ab2fd92b7836bdd8ab344113df27f9755b0b856be75808dddecddc0e856c85c49bc5e3a83278abefbcf6173a6987ddbbb1915e9a2c172197aa807ff0809aa08520dea63aedf6aa279d4d7ce1c8ff05a989ae5ea5c1c715bb0a883b499d5a691772610189a851b61a28834f058648a745277df9c0a9605ac07fa187a2dcbce1d2d387b6f7bc07c26ad988f6ed39ed779add44eadc191a9def163e1debf2764e0bb9f0b986553cb72201f884f9ffac957d8ef32cba17dc29dba78f23f0a134b7eeb51020f70cf108dcc5cd9ee1a5a6e9c00ab05cf021b6aa2659badb1c18dca092f6ac7ce49384a3a3faa09fff3446ee9148f75efd14a171c9d916066ffabd36b000877d2ce2251a308379b8cf7d4a4d341d3b4336aefed52dfbc5bd040ff90c903f2f59206b581d5680375e3541b1188b7a48c0a73047a0aa7f944d25c5e53524e7578a58e9b68376bdf8c4da590a1a700cd06cd41266efb866ad9886d703d7475e5182c4af4b0feb0ef30774645fb7c392bd2911059453c78b4ce08d2a65f1483d9d34fee399b36545f17ae8737ec9574eb317dea53158349e957c14589538f1ce4b08e6ffd075eb4b0d934f21cecf62d718e772d9bd3afa062d4215578f5f39c211d6215e7c19f40bc70b4924c47df941276935cff5d2c20dc7fba878707cee87e096a59948c4272c7f92a14fa5b2cf5a064d07dc419779d5a9a6b526eb846d45f1837d3507d028b63d4ba5b80c96da163c6c67e5810435e6ba74d7710510ce65dabd7f66dde2c9a410c7de5c484051a1dd906f5ca688d39225ef35e5fe26835eae0c33697920d721a4e5f2cee58b0aac18cbfeee33139a037ce36918fa77cade9829a6468df10a2129d9612f047833e9842db5c02610eeb1c329181a12df49cc6fb35361db2ee8d04317023e05ea8118b086165e0b2661425a9256f1dc96e5b198b4da2c5916020bf8c68fc7d9b921bdbcb889b680a65bb3724e2165967d0893a0e294044e11929ffbce4fd17189072f0025a05dccfd982e6b293c0cb0fd1c9bc1d3bb99700b8b08c84f1890e51c831f097e32d2ed1bc6185572f94d14e765b9443df59161394ee78699038a93cb9a7cd4024ba7de8905cbba57b2bb46e4bcc9d73cd07f2352e2905f96710da4ca0cdc971115674949c5915c9a70ee684f0a339ce5eaeba962cfdd6cdbe8210a898a798ab05e62d9dbd461fe4646344e42d058dfdb61cd3fb9121d6544b79be70bb4e96e6712bd675bd3e4fcbf8287439e0dadb5dcd701e11c0ad561e02a680ef2f064700355aba97893ed53721076ef3542b1119de6700c3b9af1ff4af96a0fe506e5f378ce4eb67549cbb848824bf68cf7628c7f435478b3fa6fa107d59f18d60f3c9d6e0e2665c446141a655b2924b085c827f04339aacdb3062ec580bcf00c48d49c6b3a0c0540ce527182b3e3370009b48de9d1119b91a284d3729df88571a21eae63c41011d0fb348af719649e12004c56db11134e4ee73d09b146d087d2dd4eb51a90f562759cb4b606817f2486e2fb14ce03ec86ec8becf97689638b1eb4b36187f7b349572d5f9e8d28cd6c15f963d59a6b48b49cd1187fc202dc7271a139ea9da2e70fe00965b5c9f5f4ec8476dea157651b0ee387a7d399962499cda920481706987afa37ba2fc360efc2b4cf191b62d519275cd495850d9af883e4edba48b167e1525384c82490fa1f384449333bbe926f7967ac23c596a4758580fe66f5a1806b865961f1b9abe3408b377b0bb368324525ee4b37da6f26d0d379643c5cbc4cb78e766ea4172e86d93da5a33e210a8896416d529c41765b52eb575f9674ffddf601f390c0c569143f6e3d6b02090688862ccdddc204e1140ba4d400359cc7d3fbcee791a07d38c5d7a79172e095e84cf5b0d028e49640b2fd6d965e2e77dca16de7496056f40ba8162b43a187095297bd9cc95335007be8b6fa563a57944f3bcffcea2ee52a516a27c3a35bdf3e8ec94345205dec5eda618aca07c7d5ad4b6dc6707f9f0864bcdda9a8b6df164c4cd746b65cf63545dc3194352745ebbfc394f9ef914da3b14b5fed978b0dd92dfa6a032eb82726f8ffa9e23e035ebdfd1c5267b126fd42c8285f2157354f500c9011d5631326f61dd268fceefb56367700ac4073f936843543e702d1526e254d9b5668d64e8f036d8c0741050ee6b4b814b9ca0a9fd0a172e0e41d17f0fd37d7c193988d55f466942ee55e87058c234bbf8ed5509c74e613b25329e89aac2cf66991c883e109f671d3e9b6e4093bb549f85dc6f597d2adac7091d734fdb641adb27896213e5b975c0fa6c0fe141829cec6d7aa5169a9429b8f66ba66dfad856114d7ebca4829663f734e4dd22f04af5bbe1582124dde89fd5d7a1a42e615e840f1236ed8ec29b53e48a7c7a388e2671198e6ff965fccdaa4973993b8dd27ce3a04e825a4af6765e71fb2fb0a49b5a9152c487d2d616d0400f4d2bb64729ec63a4369b1e5993a8ca3286b9cd0cc3d313284bfec789040b86fd9194f798dce003a0a56b094fdb620d6cbd56d30308bdd6a25fbd8d608233584f7b1b7b47c18d89170e4c51c194aa96696042e027d5b41adbac2861681db326da9216213567a79ab333595ae63351fb1ba52a0e72efcd7e6882108ae5f5196e74721d46a46cd19038721127553995dbf3cc7539e9cf525533e0b2aa65ab4772bc7bdb1c4ce6cbd1f67f7fb0322d28c2b5c53bcc35d34af6d1042489308594afcc28fbe9e2ab094b460eb8d10bbca57b10e67fa982bdd74d8a6fea0eddc445d4e3309eb45a2fa98ff75c99ddf4a22431860bde14a7b11828a8d9cd8dbdd28023395069b0e4e373213292efaf41bd6c29688d727721415083ab57a3ac00df67d14f8c4afed61ee404b5913e65a6a68929828fda23a0a4258cc78c98b19254d999c4a9ff4ac5224d10c89b8adf59674077a932159ba6c069d5a88fd1033accc36471cb31efa0342e77e146d839072e2bb62cd9a73d8ceaf30f6b66dd79942abb766d15cca01c861387f36a11db91db45c8c328fbcd4622aae02159defa727a26adbe1b2c181296b2acdf5357c0405258983d221af03c246aa1b9d86ac064496b0a7a1070bcadab244adca5a25bfb18d12a72acb9a885eea4c84f278b9cc7f58e425258c18612e7c6757e0e4edc5d688b49f0122d5a6eca0e03b448c7e7697cc55735c8b2cec3477500d6f2d3683d2f161d797a386fab6eeef2063c31dd2d806b13f54878cd4649633360c618b7c883a565e62739328bf6eb2dea3ea04dd09c96fc034166681404618e0fcbee809fc961e71e99ddc011c9d53766be0360843f26f49f7a9125158638f18868f2b23056fb163141bd9645a3aca397f214d43e4a7dc6f16331571444542fea452db3c13ce4b77fb8af7157a407dccc16c3912ba5e0ed5ed8e636da42f6bcf4d07aa03217db5d803f439d6ab573e7403f5ad8bd19010c50b97b09aecb73d6768db4d0468943b323c41f9e78e33a796990f64b09673646b77dc42c2d8c798bd3316cef253b62f4c0b7f420b275b570ca3ab604b1be602a68383ece4181a68f596c62f7bddaccd828aad8376ac886b9029faa09185027393499656550694f8d498fbb21ba85b225b748a153ed399ab797306b5a06633623fdd171b263334ab042dc9a3388048fde3930aff428742623b74ba30b435f697fb2de9709b0670e07a213c68612e0b5ba5426e960829d06bdafdb4de63f73e148686f5089e9ec780ac534d3fb4a6517d649f8e94f79cb6fc59e8ba798c8f45934a718947ec963fb7fc8ac1e9b864485b948022796e954242dd28230e6af5a513fd90172e954c95e03c5c94973a38bb308a42f4b98aaac47bf68fd7381767e0b138a09f6b5a8743b3296af3e02ef9a8d845f23dd6c452fec96a30d52cc0eaa9e8262ec232c9fe6549bfa9fb074bfa6fb65cafd824562c58fa157144492f4a85667ac53ef8cfe9ae4f0da558f86007628ec3ae3cd2c38281fe86a222570d9ec102b6d4e75b1805842afca306caeda7bd9ad7152c656fa4bb427ec5acb87de0502663e17b62bbf335a1f98bb2970ea984de3a5a109c22823f6122d8754ee432c77c3203699b082265daeecd930784edecc5f85f9b422913e476a691c9e72cb48a6b8b1625984e28197d9e826f8f6477fbe6aeede0aa546b52c8db74a0e9991471a41ab84df2c34260e3b55d7b90f40e5c51c98c2f306552549dc67263b762df2c6edaf3bf865e427f8001e728f87d0172976c11e692bca3ef735d31341c3c44250975dcd4d5c41207003dfc8bef3ed1cb34a14da01036576b3670e262d25e1127cadd9e9f440d7c0168c801bb2d67bbac40bc574765b186c9ed263ea1a38eb08d593a7b01c7da1fc89641b4edb768dbdcf9b6f6c5db7e94419ec92f389f571a02e4e0b5ccf59fe33eed11be5ad0fb89a81faae590aa7ee84807a6aaac6dff3584b6ef44f4c9d09c41252f6387ca2126aa57da208e707bba8b622c4e1b0a6b30d6f2a3efa1be01d822c783bc760552f3273251a1582cf638439c583fe6d58a51f8fe2868d222742f5b6c6a12a6f5d20a6ae881adb4ab8ec2025afb54047397059fd322a537e1b3032e095703a86cfbf192d58c15e2ef5c8820b6c845252c1783224da643e544422558dfd67f4b4146b073c0d69ab2b28c5fef98414a562a771fade34fd129f9b5eb3ce1d82eae15dd7cef15d4f4acaceb5fa074e1cbad9cbe752be9c2ed7ffb9b74f0d2daa9b790a8655581b5e32a58722442bc80917203af68e2a43d8c406f745da6eb32cf8dc3440ac88bbe63ad543f8a757e7605e5cee5dd2ec0e597131feb6549d2099e23f9b86c6e39d4c49a53e89c1bfcac580fe8cc852129ebc9adb7e81a255060ff2fb38274342005ccc2f44fdb0edf63656157ea3fc88384560c5860f3e4010a3e6a858500cca49aad44016fa14a875baa0705f9c70e1b7c2f475a42952ba7abab37e02be59ac29e7f310bdcc1f0b6db8e82356040ebbfb2b67d61fc845557ddd9af7e0e9caa0844ba4a7358bec3bca5a2f5d0b1e4334310dd4844864ebcd16c3c532755ffd77df09517f1303c30c3ab3f0bc140102702fd9799d6d740ca51ff1c7e9e1afe7cf46090d8ed93dd7e8f32b60ecdf055ea5064418c7702711e9c4ab444993f503c8a1bea2ad541a6ad68738eb64245389a35d2a366eaad6372251afe394a7f956720b915c734d6e3d2f144edfbe072a930495eb2edcafac05cef75d8c002bbc013253fb6ee9df861aa71a908c5346602871f546ee562b023a5bc13eac34af4eb149c6e66290e43a47656222cb35925963983439e6c54d613bf860287bacfb7fbe9def7358d3e2fc0927ec734c18ff8b7376ddec41601ce2b7a46e95aafacf1daa1b95c1c93f6a7761409ed692f1fb825e38d174fd2b6f1013d2f9813ce3021a199faeff4ace0191f6e1360ef48de2c4276242a17c60a39e79cf187383aa7f76f3edec7e66cdd6f3eae75ccf759377d3db2e48d05b1255359057c97f0577bf602d334885ae5f0bfad40b423932a25a0dc52e20aff0a998bccef42c8a7e9f314e6035fe37b7a9d82d3132b06fdb233820f290d7ec64e04a46c505dbbff4b95da8f19ebd5e86b1efc7119780554b70b46df693b272af87d9bd8fb255d3fe63dc635b9ed7ef11758f0c462672e07de60365214bb74ef7530898f40154b3ba6e70d8d2b27201f4f6799446ea455f6e5d63b1076c6c1bded20b23104c92e978572f24aae6ed9ae47d9c0a3e25c79f6b9af41a2e7cc33297adcee7f260fe80e3acc06fdd40a6ab251fd8c9608f68d183884c7f43ee0a9b50c88c278d6291bf40ec2cab79307c4b22603f3f81d0289c35bae93b8fb7f78d16c5c3ac526a91a0ae6fab1e7a7ef6c24e2ac331c53894914ff0a74cb76115d525652391e1008a95cefe6df845651033148ccd5302eb493d7d52d1d98b75c57d57bd6cff6bf59a0ba14b9ba95ca4a1f9294ee6e30561206a8794cacf22101c82e02e4d14275b906c5cb5f5f1be10dc3e2f4dc7b8db786e74fa36d6f3b8fdfbda9809829dbc28875e138d7bbb9f027a3bbfa19d9347b12b1bf52fd3f5e4009d6a391f89fc8e206b310bba884b7b71f1e29e54ead726dc93ef6772eca6248b870e2ae1102949f68c33d1dc46f3c5c987cbc2797a02d80c993f487df16619cc334e2c874c8d97759113f66cd339f30f280c8c34a7efaf1b4a4982149b72c458554aa0ca7c8f9585a28aff2949e1c7cbf028ba817aac4a85382d6e5875f13f449905bc612b69e1fe8d69c493aadef090c444c99d253c30639a38ad3a9077ed35830a1ce79d3e6bdb34c438dd387071fbe206e93a9c973c68cede519d392bd755784af8b8eb0ff61fece960af84355b48245a9e99540600e8978bb30cdf0c4ffe5db8be11b6b72aa8fe7b5f89b20353eb73fc11dd4fe7f32e5188e339efde93a7ccb8f60057ae18e51564b90c9b3266b2fdcddf1de4c4f9254217575edcd45c7f10fd653d121c454ae33d6871bda19de842441e14d8fe77828618c76aaa4a4cb15688fa8e308cae4a3af679f041aba25309f56155b6e37c29b1741d9fa4ce944c9e8324f3831dc0a245ad8ee304cfec317a602c04003a5f5947bef28e68c6c06798e7ae21279d4bffc7eb96f0b333b4e7fe244302c27d697d8ba9729e5898c622f0a258738cf7adb835ad4143d346f1022397ec59f36707634b6722d1d18356531e5f1070a61aacd986660b1b0cd5b6fae74c35eaa629558abd12f141ad762ed7746c8e64bd058ec5e6f375a2903d1c38e3d29ebc7bd6d169d77ce86da5b8e3f00355b0d3bd2dbc8956488d76927bef31a45122dba04f7e633b3ee3acf53f1c5b068c7456dbf5713c7a50efa2e56814987b854272d4a5a273657fd1cf76fe12fca17c42f0ec0a92770f6353669da599b08d23110f27f2c59a7f06e1c071572f314a976f4c0f9240e404bf0a1e490dcf6dcfecfa574848db6a30fe507e1062ced3a16eb1ea135d5cf86e1fc19aaa944a133ef1778fbec5a402ef4a09114fc9e9a2b59df0c79cab93320b9806633bed3f9a2c86512724f31d01222e188d35cf152c1ef64bb84f1c1ba84375ce55025d6e541c4e7285a155bd573a65b059762ee30aaadbfe54fb121bf08f250949f29faefc64ffec1faf87353ade2ecdf7fa3cefa209d8ef3c73560f2af097a1ff41be631ff78903045189e803106ff1b5ec0471e0ae1ba87c8fda63d74cdf6506c8c0583fda0b0081c7daf8a57c725700ab67561d6bf58034f712c09ecf59d8f6c66b92df8d186d60baef1d49aad377b74ec4d01cb6c7f90f0c6579a5e1ac06dfa496b079964722bc3633cb4b61ba02aae6a4d9364b5698cd594789844cb80b7827d6a3b6d9cacd7b7e7a425f9e9894859a7ed7dd23597c4713a219cccc4f023968d697e707c627b016fd7754838df7831e5dea66745fbda6aa7d58ae1e571f231a2776f4ecf9f29d17466f44cad0578daf2a390fa9cb1caf19da5180c7db03735b1490e047e6d39fc714db76aaa4fe3907b56a6033243ea5232bb52e8492b28343d0a9606a85e1a3d0682349f0d2661083c974dc7b74145455272ebe7ec602d36fe6e9a783e73ab2833bb9c445b1b3b6827473f02a3329ec11125514bd10e572f851bfc1a71885b4d28b5224e657c95de37c1d62c614b634800d2e0da6e59171467bd3de56a8f7670621f9cbc86d93cfead7ed5e233c7a997c15882a7018673a8c5250cb741f02f05782a1f92f586da39bb45a9ed7e9ef54214625c2f26e004122b062ff497ca100f4fc8dd8d612d2693f2d3657e77add66c286689ff8bb245b55d2d544f7c4dc1db9cdc848315684266523972321e85bef51ee7ac309f0e7d2d92b25593d5cd9d38b507a636b0728f417f776838531097f960387b7a98a05015b9a45324897d26ce60c7b87520e8e7da602196fe9ea881018b38031d8e71d28615d8ea942920c72346a7d73a69442fec6a407d7c8ca23ec453b031d896b20be6d4f96c61cb20125e47924c3e394cb28d08e4142a2ccbcfb0a8f8cfa8f5b7e4b339fb2312013213c59d7a2800c6b689d984e216434fa3aa3f75239d51bb1b8e3147315fc4be85804aa98771d91d0b820a9b9fddf2351cc754f27b231474ea38efd81fb4df6adeedf0084a1575c08a5ebfae98e8420922bdab55e8a968da664b6a54b46d2aecaa91ea6747cc3d9e54d8c92e44644c705faeddac20547489db67adc8a2c2c9326a9af6cf6a55d059c4a0279bf067bc030f3418e5bf5f25500b196688b36cc69a24662f9ca8795836db22df615ec9976fcfe8234cf870c40346686f847dd823a4abe579655a3d7c780ab6bc00df319e9996c5f699bd1ad895a92412aa278faf7eefad319fd84e7e6a9dd0c7608bda6978884d11ba547824090f8b5e41fc4fb882841490ca7eea04caad149ef28ab937cf44dd159606905701786593598826bdd46ac64b22ddd8979643b1bd849b86e36448d62c19b3366d7b65d899fa1d557c841fa9ada9ce7fbefe7dafb5bf8306c0b88d452465386c7758e0380fdbb2eabad7094aaff4f7ecc50221b2e397d192b8fa469999ac404e3016b5179faf7e43cf467c3a54b672c4aa166bd7bf2f56adb233f41adbabf41d0bb25bb515612af68d8a3b5bcfa96d5e43170046e0814241ef996cb2120bc7cc84b31360a20d28f3abe5edde14c4702bec3f328b171cc1a5b2d0522bb646b302842481a3c04f9bc163b1d62b0c3af3f59724ced2f17cd7c52bdec6f9cd7f8bec6c7184d37f23f33a6e27afecec391912877c529f7d06caacebd29f5e9d9fc67bcfadf5256d4227fdde3b96dfe75bc9cccce3ce28b863c4265ecf9d80e1d5226bf16e38ca37b461a2f4f386cee502f3f469d4a3b7e54abe2e684b60958b179c439cd8c1b2dcfb7adbc8c3bd7de4ad89be7732818267f0dafbad4f6e6e06640c3beb161318c47f3f9d5994c205890997333e6f13f3a09fbd83895c5f5139345d074ca746c5e88ca9ad3baf2aa525bfd458963168b17ecabc985eacd7479198c3b1084c999950b2e96015585c1ce62098e937386484ac4d0d1695fc084db48ad8b147d432364289600ddd96e3c04ee25c7ed83cadb304915bdc2e63369a44eb763d05cbcdbc4223d4b7580bdf8b3f67d3d33a412389670fff6d9534c7ab55c9c6b8549c1d7de879fdb7e8a91a9ec1b95cc4c67cd741c853fd0de7ac12ada7c9e11246c3aebe4ece6b2866bee82e626dcae3f9ca913e1cfd5af4017aa02b85b8ce2f13854766c69ca986d2795305206c25d138ed8642642fac4d12f717fa7baf5f1882b6302fdffb93b67cca6f861fe54f8f4ad765ca5f85cfb86e08061a67d6b50504288487f04f931363f0011a99a901d184f73136bd57284dc1ab4eb05ae0f1465bce9553905f8bb1f5f4c55c2604e8341706a3ff05923faeadc378e1bbdf8cad853a919c9bf9570bf5d451be3e1579c100b241d4ca8959f37899172bb5721cadbfea35216a127f3d6869cf95c74f50b5bbbc6e6d9e31f36c35ef70103567df7d06f386edc6c31e46911a35f200bad1ebefb09c561584e5aad16c1696cf688370230906f79cb7f47e51f8504d7cef3f448c23bcc175828dc44ba676510f57ac16c8508c4ed6468de5842674dddc9ec7f0bfe0837735a3118a016a77697808aacb1a9464ee54457a769c07a2ecaeb915381eadad593ffcec5a441c4081a5b485c9c4aecc92d18e5b98eb03f42288bc5b7b167d12a6e272674e3ac3b0fcce68d68c5c3f10e28d5cf1d919a0a5fa7c328d7779205897d229401bd6b31f4350ac3f01fe2a6eb9454f55452270053c6476d374198466c546d90e10dbf95780e507df100676644e22e0215e5c365b41411a37574289ce2368bd834fae435294f023a7f00a8b874957e30969446db4c93d7ae7602ade78b93aa19c48dff707fe1973541bf877a6445cef90d5003f3278b779a5f6f5d4994e905a3d04c8e05fbc853bd507e1b11b7de6b2ae3d0c99b8f88f37a51ca3be0c34b6aff9696013e5a4f7bce5f35ecd212e1d7c88dab717c24d374566130d8f6e91181fe7e804c7ed1cd644d776c5c5af274ca7e52d7d83447b986a2454dc6fd8e2f89d668d8297ece21182a77b26e6cf434d31ee2d0007e426c8d92d47a5b96750b06d0e52ffc28babc9226d37ca69f6c5e9f5d9c819fc424f7d231738cf4c7da002af9f9d262caa308ddf1cc5752cf63f1d43bff01e4005a5a9e19daf5d9a3cbbba368b9fd8c07e5459a4e13e9c1233b433a3b8bc983fca161b3e707d1fcd322986942b986a955f8e0e584f5a1445cb5cf05108c49cddf29cb08ddac309e632d5ceed63b411bb6d786237ef52f9458d643f3a94d69093e12640e7ffbfdc1b8fceb2d5ed5193331070d7bcb211a297b1a766fab64aa9e6140d0912f38c7d24adc4dd277828a5e53a46f0f585e9b5dd727b3bd819fd8d96fb3e50fff4fe51746b546058cc4d61cf38d6a0c57adc65323eb1c89d7db2c7df3c27962a766a364a574b492aaab425999589274e84d24a2a631cf8bef5101c1f0d10968893807d65864f5c285babf49c8cb9272e9989158b4c49847142b985bea7de54ce41fb8103b000

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8085:TCP"= 8085:TCP:driver

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/17/2009 4:59 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/17/2009 4:59 PM 20560]
R3 crtaud;Conexant Riptide WDM Audio Driver;c:\windows\system32\drivers\crtaud.sys [1/4/2009 4:21 PM 42112]
R3 rpfun;Conexant Riptide Dummy Driver;c:\windows\system32\drivers\rpfun.sys [1/4/2009 4:21 PM 3840]
R3 rthwcls;Conexant Riptide Bus / Firmware Downloader;c:\windows\system32\drivers\rthwcls.sys [1/4/2009 4:21 PM 30720]

it will not let me post the rest, it says its to big..

and the in the tast bar the ANTIVIRUS SYSTEM PRO is not there anymore and i have no pop up from it.

Hello.
Please upload it the log at rapidshare.com, in the mean time, lets get an uninstall log before we remove the leftovers.

• Open HijackThis.
  
• When Hijack This opens, click "Open the Misc Tools section"
  
• Then select "Open Uninstall Manager"
  
• Click on "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.